From: Eric Dumazet <eduma...@google.com>
Date: Thu, 18 Feb 2016 05:39:18 -0800
> Ilya reported following lockdep splat:
...
> To properly fix this issue, inet_csk_reqsk_queue_add() needs
> to return to its callers if the child as been queued
> into accept queue.
>
> We also need to make sure listener is still there before
> calling sk->sk_data_ready(), by holding a reference on it,
> since the reference carried by the child can disappear as
> soon as the child is put on accept queue.
>
> Reported-by: Ilya Dryomov <idryo...@gmail.com>
> Fixes: ebb516af60e1 ("tcp/dccp: fix race at listener dismantle phase")
> Signed-off-by: Eric Dumazet <eduma...@google.com>
Applied and queued up for -stable.
Although if I were writing this myself I would probably make
inet_csk_reqsk_queue_add() return bool since the pointer isn't
used in any way other than as a NULL vs. non-NULL test.
