On Fri, Nov 18, 2016 at 12:37:18PM +0100, Peter Zijlstra wrote:
[snip]
> +
> +/*
> + * Similar to atomic_inc(), will saturate at UINT_MAX and WARN.
> + *
> + * Provides no memory ordering, it is assumed the caller already has a
> + * reference on the object, will WARN when this is not so.
> + */
> +static inline void refcount_inc(refcount_t *r)
> +{
> +     unsigned int old, new, val = atomic_read(&r->refs);
> +
> +     for (;;) {
> +             WARN(!val, "refcount_t: increment on 0; use-after-free.\n");
> +

Do we want to put the address of @r into the WARN information? Which
could help us locate the problematic object quickly.

Regards,
Boqun

> +             if (unlikely(val == UINT_MAX))
> +                     return;
> +
> +             new = val + 1;
> +             old = atomic_cmpxchg_relaxed(&r->refs, val, new);
> +             if (old == val)
> +                     break;
> +
> +             val = old;
> +     }
> +
> +     WARN(new == UINT_MAX, "refcount_t: saturated; leaking memory.\n");
> +}
[...]

Attachment: signature.asc
Description: PGP signature

Reply via email to