> On Wed, Mar 8, 2017 at 7:50 AM, Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote:
> >> - ASSERT(atomic_read(&ticket->t_ref) > 0);
> >> - atomic_inc(&ticket->t_ref);
> >> + ASSERT(refcount_read(&ticket->t_ref) > 0);
> >> + refcount_inc(&ticket->t_ref);
> >
> > With strict refcount semantics refcount_inc should check that
> > the count is larger than 0, otherwise we'd need to use
> > recount_inc_not_zero or whatever you're going to call it.
> >
> > Is that something the recount code does / could do?
>
> Yes, refcount_inc() will not increment from 0 and WARNs. It looks like
> xfs's ASSERT is also a warn (though with XFS-specific formatting), so
> perhaps the ASSERT could be dropped? IIUC, Elena's approach to these
> changes was to be conservative about removing the existing checks.
I am removing the existing WARNs now where they are 100% not needed, but leaving the ones like this ASSERT,
because I am thinking that you might have test cases that are dependent on these ASSERTs with specific formatting and I don't want to break them.
If you don't need them, I can remove them also.
Best Regards,
Elena
>
> -Kees
>
> --
> Kees Cook
> Pixel Security
��.n��������+%�������w��{.n�����{�������jg���������ݢj�����G��������j:+v���w�m������w�������h�����٥
