Hi On Fri, Apr 19, 2013 at 7:24 PM, Greg KH <gre...@linuxfoundation.org> wrote: > On Fri, Apr 19, 2013 at 06:33:54PM -0700, Anatol Pomozov wrote: >> Follow-up for https://lkml.org/lkml/2013/4/12/391 >> >> * make warning smp-safe >> * result of atomic _unless_zero functions should be checked by caller >> to avoid use-after-free error >> >> Signed-off-by: Anatol Pomozov <anatol.pomo...@gmail.com> >> --- >> include/linux/kref.h | 9 ++++++--- >> lib/kobject.c | 3 ++- >> 2 files changed, 8 insertions(+), 4 deletions(-) >> >> diff --git a/include/linux/kref.h b/include/linux/kref.h >> index 4972e6e..092529a 100644 >> --- a/include/linux/kref.h >> +++ b/include/linux/kref.h >> @@ -39,8 +39,11 @@ static inline void kref_init(struct kref *kref) >> */ >> static inline void kref_get(struct kref *kref) >> { >> - WARN_ON(!atomic_read(&kref->refcount)); >> - atomic_inc(&kref->refcount); >> + /* If refcount was 0 before incrementing then we have a race >> + * condition when this kref is freing by some other thread right now. >> + * In this case one should use kref_get_unless_zero() >> + */ >> + WARN_ON(atomic_inc_return(&kref->refcount) < 2); > > What happens if you disable WARN_ON(), does the atomic_inc_return() go > away as well? Or did we fix that?
If we disable warnings then expression still evaluated, this is true for BUG_ON as well. It is how the functions are implemented now. Tejun Heo once mentioned that such behavior is specification of the functions. So I believe it is safe to execute code inside WARN_ON. >> /** >> @@ -100,7 +103,7 @@ static inline int kref_put_mutex(struct kref *kref, >> struct mutex *lock) >> { >> WARN_ON(release == NULL); >> - if (unlikely(!atomic_add_unless(&kref->refcount, -1, 1))) { >> + if (unlikely(!atomic_add_unless(&kref->refcount, -1, 1))) { >> mutex_lock(lock); >> if (unlikely(!atomic_dec_and_test(&kref->refcount))) { >> mutex_unlock(lock); >> diff --git a/lib/kobject.c b/lib/kobject.c >> index a654866..bbd7362 100644 >> --- a/lib/kobject.c >> +++ b/lib/kobject.c >> @@ -529,7 +529,8 @@ struct kobject *kobject_get(struct kobject *kobj) >> return kobj; >> } >> >> -static struct kobject *kobject_get_unless_zero(struct kobject *kobj) >> +static struct kobject *__must_check kobject_get_unless_zero( >> + struct kobject *kobj) > > __must_check needs to be in the .h file, not the .c file. This function is static and defined in *.c. But I think the function should be declared in *.h as it might be useful for others. I'll resend patch tomorrow. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/