On Fri, Feb 01, 2019 at 06:23:27PM +0100, Jann Horn wrote: > > Oh, yuck. Uuuh... can we make "struct files_struct" doubly-refcounted, > > like "struct mm_struct"? One reference type to keep the contents > > intact (the reference type you normally use, and the type used by > > uring when the thread is running), and one reference type to just keep > > the struct itself existing, but without preserving its contents > > (reference held consistently by the uring thread)? > > Something like this (completely untested); and then instead of the > current get_files_struct(), you'd do get_files_struct_weak(), and > while the thread is running, it protects the files_struct from dying > with tryget_weak_files_struct() / put_files_struct(). > > Al, do you have opinions on this? Yes, but they are not fit for polite company. IMO the entire approach is FUBAR; I'll post more detailed review, but what I'd seen so far is a veto fodder.
