Hello, On Wed, Jun 29, 2016 at 10:17:48AM +0200, Petr Mladek wrote: > > Ah, okay, I don't think we need to change this. I was suggesting to > > simplify it by dropping the draining and just do flush from destroy. > > I see. But then it does not address the original concern from Peter > Zijlstra. He did not like that the caller was responsible for blocking > further queueing. It still will be needed. Or did I miss something, > please? You can only protect against so much. Let's say we make the worker struct to be allocated by the user, what then prevents it prematurely from user side? Use-after-free is use-after-free. If we can trivally add some protection against it, great, but no need to contort the design to add marginal protection. Thanks. -- tejun -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>