Hello, Bart.
On Fri, Sep 21, 2018 at 01:31:19PM -0700, Bart Van Assche wrote:
> +void percpu_ref_resurrect(struct percpu_ref *ref)
> +{
> + unsigned long __percpu *percpu_count;
> unsigned long flags;
>
> spin_lock_irqsave(&percpu_ref_switch_lock, flags);
>
> - WARN_ON_ONCE(!percpu_ref_is_zero(ref));
> + WARN_ON_ONCE(!(ref->percpu_count_ptr & __PERCPU_REF_DEAD));
> + WARN_ON_ONCE(__ref_is_percpu(ref, &percpu_count));
So, this in itself is fine but I'm a bit worried that this might it
easier to abuse percpu_ref's dying mode. More specifically, it isn't
a good idea to depend on percpu_ref's implementation details from
outside - ie. the only guarantee there ever is that percpu_ref won't
give out new refs after ->percpu_ref is called - e.g. users can't
piggy back on implied rcu grace period.
Can you please note that in the function comment? Provided that,
Acked-by: Tejun Heo <[email protected]>
Thanks.
--
tejun
