From 5bac885ace156b5a4c556ca74e6fbc914ced1e30 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ondr=CC=8Cej=20Sury=CC=81?= <ondrej@isc.org>
Date: Mon, 9 Sep 2024 16:03:53 +0200
Subject: [PATCH] Use release memory ordering when incrementing reference
 counter

As the relaxed memory ordering doesn't ensure any memory
synchronization, it is possible that the increment will succeed even
in the case when it should not - there is a race between
atomic_fetch_sub(..., acq_rel) and atomic_fetch_add(..., relaxed).
Only the result is consistent, but the previous value for both calls
could be same when both calls are executed at the same time.

(cherry picked from commit 88227ea6655ec513d555ad0cdb52d22e7f9928a2)
---
 lib/isc/include/isc/refcount.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/isc/include/isc/refcount.h b/lib/isc/include/isc/refcount.h
index 6b1f7cdece..40544d941d 100644
--- a/lib/isc/include/isc/refcount.h
+++ b/lib/isc/include/isc/refcount.h
@@ -79,7 +79,7 @@ isc_refcount_increment0(isc_refcount_t *target) {
 #define isc_refcount_increment0(target)                    \
 	({                                                 \
 		uint_fast32_t __v;                         \
-		__v = atomic_fetch_add_relaxed(target, 1); \
+		__v = atomic_fetch_add_release(target, 1); \
 		INSIST(__v < UINT32_MAX);                  \
 		__v;                                       \
 	})
@@ -102,7 +102,7 @@ isc_refcount_increment(isc_refcount_t *target) {
 #define isc_refcount_increment(target)                     \
 	({                                                 \
 		uint_fast32_t __v;                         \
-		__v = atomic_fetch_add_relaxed(target, 1); \
+		__v = atomic_fetch_add_release(target, 1); \
 		INSIST(__v > 0 && __v < UINT32_MAX);       \
 		__v;                                       \
 	})