net: add debug atomic_inc_not_zero() in dst_hold()
authorWei Wang <weiwan@google.com>
Sat, 17 Jun 2017 17:42:44 +0000 (10:42 -0700)
committerDavid S. Miller <davem@davemloft.net>
Sun, 18 Jun 2017 02:54:01 +0000 (22:54 -0400)
This patch is meant to add a debug warning on the situation where dst is
being held during its destroy phase. This could potentially cause double
free issue on the dst.

Signed-off-by: Wei Wang <weiwan@google.com>
Acked-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/net/dst.h

index d912b44d2dcb2d252ee327ca81c5a843515f6100..f73611ec401754d4f52b5310a24da53566dafce6 100644 (file)
@@ -251,7 +251,7 @@ static inline void dst_hold(struct dst_entry *dst)
         * __pad_to_align_refcnt declaration in struct dst_entry
         */
        BUILD_BUG_ON(offsetof(struct dst_entry, __refcnt) & 63);
-       atomic_inc(&dst->__refcnt);
+       WARN_ON(atomic_inc_not_zero(&dst->__refcnt) == 0);
 }
 
 static inline void dst_use(struct dst_entry *dst, unsigned long time)