On Mon, Mar 15, 2021 at 03:19:17PM -0700, Linus Torvalds wrote: > It just saturates, and doesn't have the "don't do this" case, which > the ucounts case *DOES* have. Right -- I saw that when digging through the thread. I'm honestly curious, though, why did the 0-day bot find a boot crash? (I can't imagine ucounts wrapped in 0.4 seconds.) So it looked like an increment-from-zero case, which seems like it would be a bug? > I know you are attached to refcounts, but really: they are not only > more expensive, THEY LITERALLY DO THE WRONG THING. Heh, right -- I'm not arguing that refcount_t MUST be used, I just didn't see the code path that made them unsuitable: hitting INT_MAX - 128 seems very hard to do. Anyway, I'll go study it more to try to understand what I'm missing. -- Kees Cook
