On Tue, Nov 15, 2016 at 09:40:09AM +0100, Ingo Molnar wrote: > > * Peter Zijlstra <pet...@infradead.org> wrote: > > > Provide refcount_t, an atomic_t like primitive built just for > > refcounting. > > > > It provides overflow and underflow checks as well as saturation > > semantics such that when it overflows, we'll never attempt to free it > > again, ever. > > > > Signed-off-by: Peter Zijlstra (Intel) <pet...@infradead.org> > > --- > > include/linux/kref.h | 29 ++---- > > include/linux/refcount.h | 221 > > +++++++++++++++++++++++++++++++++++++++++++++++ > > 2 files changed, 232 insertions(+), 18 deletions(-) > > I'd suggest splitting this patch into two parts: first patch introduces the > refcount.h facility, second patch changes over struct kref to the new > facility.
You're right, I was just really glad I got it to compile and didn't want to prod more at it. Should I also make a CONFIG knob that implements refcount_t with the 'normal' atomic_t primitives? And possibly another knob to toggle the BUG()s into WARN()s. With the full saturation semantics WARN() is a lot safer and will not corrupt kernel state as much.