batman-adv: handle hash_add() return value in the TT code
Commit Message
hash_add() can fail and for this reason its return value has to be
correctly interpreted to avoid memory leaks.
Signed-off-by: Antonio Quartulli <ordex@autistici.org>
---
This patch needs
"[PATCH] batman-adv: hash_add() has to discriminate on the return value"
to work
translation-table.c | 27 +++++++++++++++++++++------
1 files changed, 21 insertions(+), 6 deletions(-)
Comments
On Sunday, July 10, 2011 01:50:57 Antonio Quartulli wrote:
> @@ -220,8 +221,14 @@ void tt_local_add(struct net_device *soft_iface, const
> uint8_t *addr) * (consistency check) */
> tt_local_entry->flags |= TT_CLIENT_NEW;
>
> - hash_add(bat_priv->tt_local_hash, compare_ltt, choose_orig,
> - tt_local_entry, &tt_local_entry->hash_entry);
> + hash_added = hash_add(bat_priv->tt_local_hash, compare_ltt,
> + choose_orig, tt_local_entry,
> + &tt_local_entry->hash_entry);
> + if (hash_added != 0)
> + tt_local_entry_free_ref(tt_local_entry);
> +
> + if (hash_added < 0)
> + goto out;
No matter whether we add a new element to the tt hash or not we always
generate a log message and throw a tt_local_event(). Is that what we want ?
> @@ -519,10 +527,17 @@ int tt_global_add(struct bat_priv *bat_priv, struct
> orig_node *orig_node, tt_global_entry->roam_at = 0;
> atomic_set(&tt_global_entry->refcount, 2);
>
> - hash_add(bat_priv->tt_global_hash, compare_gtt,
> - choose_orig, tt_global_entry,
> - &tt_global_entry->hash_entry);
> - atomic_inc(&orig_node->tt_size);
> + hash_added = hash_add(bat_priv->tt_global_hash, compare_gtt,
> + choose_orig, tt_global_entry,
> + &tt_global_entry->hash_entry);
> + if (hash_added != 0)
> + tt_global_entry_free_ref(tt_global_entry);
> +
> + if (hash_added < 0)
> + goto out;
> +
> + if (!hash_added)
> + atomic_inc(&orig_node->tt_size);
Here we only generate a log message when the element has been added or already
exists. Do we want that too ?
Regards,
Marek
On Sat, Jul 23, 2011 at 11:17:22 +0200, Marek Lindner wrote:
> On Sunday, July 10, 2011 01:50:57 Antonio Quartulli wrote:
> > @@ -220,8 +221,14 @@ void tt_local_add(struct net_device *soft_iface, const
> > uint8_t *addr) * (consistency check) */
> > tt_local_entry->flags |= TT_CLIENT_NEW;
> >
> > - hash_add(bat_priv->tt_local_hash, compare_ltt, choose_orig,
> > - tt_local_entry, &tt_local_entry->hash_entry);
> > + hash_added = hash_add(bat_priv->tt_local_hash, compare_ltt,
> > + choose_orig, tt_local_entry,
> > + &tt_local_entry->hash_entry);
> > + if (hash_added != 0)
> > + tt_local_entry_free_ref(tt_local_entry);
> > +
> > + if (hash_added < 0)
> > + goto out;
>
> No matter whether we add a new element to the tt hash or not we always
> generate a log message and throw a tt_local_event(). Is that what we want ?
What about going to 'out' in case of hash_added != 0? In both cases (<0 or >0)
we cannot go ahead with the function as the entry has already been added or it
is not possible to add it.
>
>
> > @@ -519,10 +527,17 @@ int tt_global_add(struct bat_priv *bat_priv, struct
> > orig_node *orig_node, tt_global_entry->roam_at = 0;
> > atomic_set(&tt_global_entry->refcount, 2);
> >
> > - hash_add(bat_priv->tt_global_hash, compare_gtt,
> > - choose_orig, tt_global_entry,
> > - &tt_global_entry->hash_entry);
> > - atomic_inc(&orig_node->tt_size);
> > + hash_added = hash_add(bat_priv->tt_global_hash, compare_gtt,
> > + choose_orig, tt_global_entry,
> > + &tt_global_entry->hash_entry);
> > + if (hash_added != 0)
> > + tt_global_entry_free_ref(tt_global_entry);
> > +
> > + if (hash_added < 0)
> > + goto out;
> > +
> > + if (!hash_added)
> > + atomic_inc(&orig_node->tt_size);
>
> Here we only generate a log message when the element has been added or already
> exists. Do we want that too ?
>
The same as before.
Cheers,
Antonio
On Sunday, July 31, 2011 23:53:19 Antonio Quartulli wrote:
> > > + hash_added = hash_add(bat_priv->tt_local_hash, compare_ltt,
> > > + choose_orig, tt_local_entry,
> > > + &tt_local_entry->hash_entry);
> > > + if (hash_added != 0)
> > > + tt_local_entry_free_ref(tt_local_entry);
> > > +
> > > + if (hash_added < 0)
> > > + goto out;
> >
> > No matter whether we add a new element to the tt hash or not we always
> > generate a log message and throw a tt_local_event(). Is that what we want
> > ?
>
> What about going to 'out' in case of hash_added != 0? In both cases (<0 or
> >0) we cannot go ahead with the function as the entry has already been
> added or it is not possible to add it.
If I am not mistaken we should keep the additional "tt_local_entry_free_ref()"
because we initialize the newly allocated struct with 2.
Still, the original problem remains: We generate a log message claiming to
have added a new entry even though it might fail later. You have to move the
log message to the end of the function.
> > > + hash_added = hash_add(bat_priv->tt_global_hash, compare_gtt,
> > > + choose_orig, tt_global_entry,
> > > + &tt_global_entry->hash_entry);
> > > + if (hash_added != 0)
> > > + tt_global_entry_free_ref(tt_global_entry);
> > > +
> > > + if (hash_added < 0)
> > > + goto out;
> > > +
> > > + if (!hash_added)
> > > + atomic_inc(&orig_node->tt_size);
> >
> > Here we only generate a log message when the element has been added or
> > already exists. Do we want that too ?
>
> The same as before.
Yeah, same problem as above. :-)
Cheers,
Marek
@@ -188,6 +188,7 @@ void tt_local_add(struct net_device *soft_iface, const uint8_t *addr)
struct bat_priv *bat_priv = netdev_priv(soft_iface);
struct tt_local_entry *tt_local_entry = NULL;
struct tt_global_entry *tt_global_entry = NULL;
+ int hash_added;
tt_local_entry = tt_local_hash_find(bat_priv, addr);
@@ -220,8 +221,14 @@ void tt_local_add(struct net_device *soft_iface, const uint8_t *addr)
* (consistency check) */
tt_local_entry->flags |= TT_CLIENT_NEW;
- hash_add(bat_priv->tt_local_hash, compare_ltt, choose_orig,
- tt_local_entry, &tt_local_entry->hash_entry);
+ hash_added = hash_add(bat_priv->tt_local_hash, compare_ltt,
+ choose_orig, tt_local_entry,
+ &tt_local_entry->hash_entry);
+ if (hash_added != 0)
+ tt_local_entry_free_ref(tt_local_entry);
+
+ if (hash_added < 0)
+ goto out;
/* remove address from global hash if present */
tt_global_entry = tt_global_hash_find(bat_priv, addr);
@@ -500,6 +507,7 @@ int tt_global_add(struct bat_priv *bat_priv, struct orig_node *orig_node,
struct tt_global_entry *tt_global_entry;
struct orig_node *orig_node_tmp;
int ret = 0;
+ int hash_added;
tt_global_entry = tt_global_hash_find(bat_priv, tt_addr);
@@ -519,10 +527,17 @@ int tt_global_add(struct bat_priv *bat_priv, struct orig_node *orig_node,
tt_global_entry->roam_at = 0;
atomic_set(&tt_global_entry->refcount, 2);
- hash_add(bat_priv->tt_global_hash, compare_gtt,
- choose_orig, tt_global_entry,
- &tt_global_entry->hash_entry);
- atomic_inc(&orig_node->tt_size);
+ hash_added = hash_add(bat_priv->tt_global_hash, compare_gtt,
+ choose_orig, tt_global_entry,
+ &tt_global_entry->hash_entry);
+ if (hash_added != 0)
+ tt_global_entry_free_ref(tt_global_entry);
+
+ if (hash_added < 0)
+ goto out;
+
+ if (!hash_added)
+ atomic_inc(&orig_node->tt_size);
} else {
if (tt_global_entry->orig_node != orig_node) {
atomic_dec(&tt_global_entry->orig_node->tt_size);