* [PATCH] mm/mempool.c: set @elems slots to NULL once freed
@ 2025-12-23 23:10 klourencodev
2025-12-23 23:47 ` Vlastimil Babka
0 siblings, 1 reply; 2+ messages in thread
From: klourencodev @ 2025-12-23 23:10 UTC (permalink / raw)
To: linux-mm; +Cc: akpm, vbabka, Kevin Lourenco
From: Kevin Lourenco <klourencodev@gmail.com>
This is documented in the function comment as "...and sets their
slots in @elems to NULL.", but it was not followed.
We need to follow the NULL assignment, because elements newly returned
to the pool must not be touched under any circumstances by the user.
Signed-off-by: Kevin Lourenco <klourencodev@gmail.com>
---
mm/mempool.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/mm/mempool.c b/mm/mempool.c
index c290e5261b47..1a2060304fd4 100644
--- a/mm/mempool.c
+++ b/mm/mempool.c
@@ -674,7 +674,8 @@ unsigned int mempool_free_bulk(struct mempool *pool, void **elems,
if (unlikely(READ_ONCE(pool->curr_nr) < pool->min_nr)) {
spin_lock_irqsave(&pool->lock, flags);
while (pool->curr_nr < pool->min_nr && freed < count) {
- add_element(pool, elems[freed++]);
+ add_element(pool, elems[freed]);
+ elems[freed++] = NULL;
added = true;
}
spin_unlock_irqrestore(&pool->lock, flags);
@@ -683,7 +684,8 @@ unsigned int mempool_free_bulk(struct mempool *pool, void **elems,
/* Handle the min_nr = 0 edge case: */
spin_lock_irqsave(&pool->lock, flags);
if (likely(pool->curr_nr == 0)) {
- add_element(pool, elems[freed++]);
+ add_element(pool, elems[freed]);
+ elems[freed++] = NULL;
added = true;
}
spin_unlock_irqrestore(&pool->lock, flags);
--
2.47.3
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] mm/mempool.c: set @elems slots to NULL once freed
2025-12-23 23:10 [PATCH] mm/mempool.c: set @elems slots to NULL once freed klourencodev
@ 2025-12-23 23:47 ` Vlastimil Babka
0 siblings, 0 replies; 2+ messages in thread
From: Vlastimil Babka @ 2025-12-23 23:47 UTC (permalink / raw)
To: klourencodev, linux-mm, Christoph Hellwig; +Cc: akpm
+Cc Christoph
On 12/24/25 00:10, klourencodev@gmail.com wrote:
> From: Kevin Lourenco <klourencodev@gmail.com>
>
> This is documented in the function comment as "...and sets their
> slots in @elems to NULL.", but it was not followed.
>
> We need to follow the NULL assignment, because elements newly returned
> to the pool must not be touched under any circumstances by the user.
>
> Signed-off-by: Kevin Lourenco <klourencodev@gmail.com>
> ---
> mm/mempool.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/mm/mempool.c b/mm/mempool.c
> index c290e5261b47..1a2060304fd4 100644
> --- a/mm/mempool.c
> +++ b/mm/mempool.c
> @@ -674,7 +674,8 @@ unsigned int mempool_free_bulk(struct mempool *pool, void **elems,
> if (unlikely(READ_ONCE(pool->curr_nr) < pool->min_nr)) {
> spin_lock_irqsave(&pool->lock, flags);
> while (pool->curr_nr < pool->min_nr && freed < count) {
> - add_element(pool, elems[freed++]);
> + add_element(pool, elems[freed]);
> + elems[freed++] = NULL;
> added = true;
> }
> spin_unlock_irqrestore(&pool->lock, flags);
> @@ -683,7 +684,8 @@ unsigned int mempool_free_bulk(struct mempool *pool, void **elems,
> /* Handle the min_nr = 0 edge case: */
> spin_lock_irqsave(&pool->lock, flags);
> if (likely(pool->curr_nr == 0)) {
> - add_element(pool, elems[freed++]);
> + add_element(pool, elems[freed]);
> + elems[freed++] = NULL;
> added = true;
> }
> spin_unlock_irqrestore(&pool->lock, flags);
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-12-23 23:47 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-12-23 23:10 [PATCH] mm/mempool.c: set @elems slots to NULL once freed klourencodev
2025-12-23 23:47 ` Vlastimil Babka
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox