[IPV4]: Fix BUG() in 2.6.x, udp_poll(), fragments + CONFIG_HIGHMEM
authorHerbert Xu <herbert@gondor.apana.org.au>
Mon, 30 May 2005 22:50:15 +0000 (15:50 -0700)
committerDavid S. Miller <davem@davemloft.net>
Mon, 30 May 2005 22:50:15 +0000 (15:50 -0700)
Steven Hand <Steven.Hand@cl.cam.ac.uk> wrote:
>
> Reconstructed forward trace:
>
>   net/ipv4/udp.c:1334   spin_lock_irq()
>   net/ipv4/udp.c:1336   udp_checksum_complete()
> net/core/skbuff.c:1069   skb_shinfo(skb)->nr_frags > 1
> net/core/skbuff.c:1086   kunmap_skb_frag()
> net/core/skbuff.h:1087   local_bh_enable()
> kernel/softirq.c:0140   WARN_ON(irqs_disabled());

The receive queue lock is never taken in IRQs (and should never be) so
we can simply substitute bh for irq.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/udp.c

index 4a6952e3fee95d35d6477c82aff274b3b2bdf4da..7c24e64b443f80eae0c5a3663caff46f37011f69 100644 (file)
@@ -738,7 +738,7 @@ int udp_ioctl(struct sock *sk, int cmd, unsigned long arg)
                        unsigned long amount;
 
                        amount = 0;
-                       spin_lock_irq(&sk->sk_receive_queue.lock);
+                       spin_lock_bh(&sk->sk_receive_queue.lock);
                        skb = skb_peek(&sk->sk_receive_queue);
                        if (skb != NULL) {
                                /*
@@ -748,7 +748,7 @@ int udp_ioctl(struct sock *sk, int cmd, unsigned long arg)
                                 */
                                amount = skb->len - sizeof(struct udphdr);
                        }
-                       spin_unlock_irq(&sk->sk_receive_queue.lock);
+                       spin_unlock_bh(&sk->sk_receive_queue.lock);
                        return put_user(amount, (int __user *)arg);
                }
 
@@ -848,12 +848,12 @@ csum_copy_err:
        /* Clear queue. */
        if (flags&MSG_PEEK) {
                int clear = 0;
-               spin_lock_irq(&sk->sk_receive_queue.lock);
+               spin_lock_bh(&sk->sk_receive_queue.lock);
                if (skb == skb_peek(&sk->sk_receive_queue)) {
                        __skb_unlink(skb, &sk->sk_receive_queue);
                        clear = 1;
                }
-               spin_unlock_irq(&sk->sk_receive_queue.lock);
+               spin_unlock_bh(&sk->sk_receive_queue.lock);
                if (clear)
                        kfree_skb(skb);
        }
@@ -1334,7 +1334,7 @@ unsigned int udp_poll(struct file *file, struct socket *sock, poll_table *wait)
                struct sk_buff_head *rcvq = &sk->sk_receive_queue;
                struct sk_buff *skb;
 
-               spin_lock_irq(&rcvq->lock);
+               spin_lock_bh(&rcvq->lock);
                while ((skb = skb_peek(rcvq)) != NULL) {
                        if (udp_checksum_complete(skb)) {
                                UDP_INC_STATS_BH(UDP_MIB_INERRORS);
@@ -1345,7 +1345,7 @@ unsigned int udp_poll(struct file *file, struct socket *sock, poll_table *wait)
                                break;
                        }
                }
-               spin_unlock_irq(&rcvq->lock);
+               spin_unlock_bh(&rcvq->lock);
 
                /* nothing to see, move along */
                if (skb == NULL)