On Mon, 2018-09-24 at 11:01 -0700, Tejun Heo wrote:
> Hello, Bart.
>
> On Fri, Sep 21, 2018 at 01:31:19PM -0700, Bart Van Assche wrote:
> > +void percpu_ref_resurrect(struct percpu_ref *ref)
> > +{
> > + unsigned long __percpu *percpu_count;
> > unsigned long flags;
> >
> > spin_lock_irqsave(&percpu_ref_switch_lock, flags);
> >
> > - WARN_ON_ONCE(!percpu_ref_is_zero(ref));
> > + WARN_ON_ONCE(!(ref->percpu_count_ptr & __PERCPU_REF_DEAD));
> > + WARN_ON_ONCE(__ref_is_percpu(ref, &percpu_count));
>
> So, this in itself is fine but I'm a bit worried that this might it
> easier to abuse percpu_ref's dying mode. More specifically, it isn't
> a good idea to depend on percpu_ref's implementation details from
> outside - ie. the only guarantee there ever is that percpu_ref won't
> give out new refs after ->percpu_ref is called - e.g. users can't
> piggy back on implied rcu grace period.
>
> Can you please note that in the function comment? Provided that,
>
> Acked-by: Tejun Heo <[email protected]>
Hi Tejun,
Thanks for the review. But could you please clarify what "after ->percpu_ref
is called" refers to?
Thanks,
Bart.
