Bug #241
closedBug #235: meta: Missing list checks for *list_add*
batadv_tvlv_handler_register: Missing list checks for *list_add*
0%
Description
Simon debugged the refcnt problem and submitted some patches to fix them. I had a brief look and noticed that there are possible more problems similar to the *list_del*
ones - just with *list_add*
. Basically some functions use some kind of get function, notice that the element does not exist and then create a new one to add to the list. Only the "list_add
" is protected. The result may be that an element in twice in a list when only a single occurrence is allowed.
The problem I saw is that functions adding objects in an RCU protected list are missing an definitive check. They first call some kind of *_get
(rcu_read_lock
only) to check if an object with this value already exists and then uses some kind of *_add
to allocate a new object and add it (which may already be added in by a different context). So it has to be made sure that nothing modifies the list between the check and the add of the new object).