Alexey Dobriyan <adobri...@gmail.com> writes: > On Mon, Jul 10, 2017 at 11:37 AM, Eric W. Biederman > <ebied...@xmission.com> wrote: >> "Reshetova, Elena" <elena.reshet...@intel.com> writes: >> >> 2>> Elena Reshetova <elena.reshet...@intel.com> writes: >>>> >>>> > refcount_t type and corresponding API should be >>>> > used instead of atomic_t when the variable is used as >>>> > a reference counter. This allows to avoid accidental >>>> > refcounter overflows that might lead to use-after-free >>>> > situations. >>>> >>>> In this patch you can see all of the uses of the count. >>>> What accidental refcount overflows are possible? >>> >>> Even if one can guarantee and prove that in the current implementation >>> there are no overflows possible, we can't say that for >>> sure for any future implementation. Bugs might always happen >>> unfortunately, but if we convert the refcounter to a safer >>> type we can be sure that overflows are not possible. >>> >>> Does it make sense to you? >> >> Not for code that is likely to remain unchanged for a decade no. >> >> This looks like a large set of unautomated changes without any real >> thought put into it. That almost always results in a typo somewhere >> that breaks things. > > This is nonsense. The wrong code would simply emit a warning > which are caught very quickly.
That depends on the typo. Eric
