On Wed, Nov 11, 2020 at 05:05:11PM +0100, Eric Dumazet wrote: > On Wed, Nov 11, 2020 at 8:35 AM Ricardo Dias <rd...@singlestore.com> wrote: > > ... > > > + * If an existing socket already exists, it returns that socket > > + * through the osk parameter. > > > I think this deserves a third parameter, to avoid confusion.
Yes, I agree. It will make much clearer the semantics of this function. > ... > > > + if > > (unlikely(!refcount_inc_not_zero(&esk->sk_refcnt))) > > Can you explain how this could happen ? > Again, we own the lock here, finding a socket in ehash, with a zero > refcount can not happen. > > Only a true rcu lookup could see a zero refcount. Ah! Now I understand what you are saying. Indeed we just need to increment the ref counter. We don't need to check if it's zero. > ... > > > - inet_ehash_nolisten(sk, (struct sock *)tw); > > + inet_ehash_nolisten(sk, (struct sock **)&tw); > > Why could not we 'find' a prior socket, and since you ignore the result, > leave a refcount increment, and a socket leak ? > > Same remark for all callers. > > > } > > if (tw) > > See the problem here ? > > If tw was initially NULL, then inet_ehash_nolisten() could have overwritten tw > with another socket. > > Surely calling inet_twsk_bind_unhash() could be disastrous. Yes, you're right. I adapted this call to match the new signature assuming `tw` would never be NULL. Shame on me for not noticing the `if (tw)` statement right below :-). I'll check each caller code, to make sure I'm not leaking the socket. Thanks for your reviews. I'm learning more and more with each review iteration.
