On Tue, Apr 23, 2024 at 01:43:49PM +0100, Bryan O'Donoghue wrote: > On 15/04/2024 20:34, Ricardo Ribalda wrote: > > Use an API that resembles more the actual use of num_channels. > > > > Found by cocci: > > drivers/media/usb/s2255/s2255drv.c:2362:5-24: WARNING: atomic_dec_and_test variation before object free at line 2363. > > drivers/media/usb/s2255/s2255drv.c:1557:5-24: WARNING: atomic_dec_and_test variation before object free at line 1558. > > Hmm, that commit log needs more detail. > > "Convert from atomic_t to refcount_t because refcount_t has memory ordering > guarantees which atomic does not, hence the WARNING for the free after the > atomic dec." > The memory ordering rules are the same. They're basically identical. The difference is that if you decrement a refcount_t past zero it will trigger an error and refuse but atomic_t will merrily keep decrementing forever. With refcount_t you can still have a use after free bug but afterward the double free will trigger a warning. There are time where people use atomic_t to get unique number and don't care about wrapping so that's fine. But if it's reference counting then use refcount_t. There wouldn't be a Fixes tag in this case, because hopefully it's just hardenning and not a bugfix. regards, dan carpenter
