From: Alan Stern <stern@rowland.harvard.edu>
To: Harry Yoo <harry.yoo@oracle.com>
Cc: linux-mm@kvack.org, Dmitry Vyukov <dvyukov@google.com>,
lkmm@lists.linux.dev, linux-arch@vger.kernel.org,
linux-kernel@vger.kernel.org,
Joel Fernandes <joelagnelf@nvidia.com>,
Daniel Lustig <dlustig@nvidia.com>,
Akira Yokosawa <akiyks@gmail.com>,
"Paul E. McKenney" <paulmck@kernel.org>,
Luc Maranget <luc.maranget@inria.fr>,
Jade Alglave <j.alglave@ucl.ac.uk>,
David Howells <dhowells@redhat.com>,
Nicholas Piggin <npiggin@gmail.com>,
Boqun Feng <boqun@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Will Deacon <will@kernel.org>,
Andrea Parri <parri.andrea@gmail.com>,
Pedro Falcato <pfalcato@suse.de>,
Vlastimil Babka <vbabka@suse.cz>,
Christoph Lameter <cl@gentwo.org>,
David Rientjes <rientjes@google.com>,
Roman Gushchin <roman.gushchin@linux.dev>,
Hao Li <hao.li@linux.dev>, Shakeel Butt <shakeel.butt@linux.dev>,
Venkat Rao Bagalkote <venkat88@linux.ibm.com>,
Mateusz Guzik <mjguzik@gmail.com>,
Suren Baghdasaryan <surenb@google.com>,
Marco Elver <elver@google.com>
Subject: Re: [BUG] Memory ordering between kmalloc() and kfree()? it's confusing!
Date: Fri, 27 Feb 2026 12:00:27 -0500 [thread overview]
Message-ID: <556c5caf-c453-473e-ba92-f49ac34053a0@rowland.harvard.edu> (raw)
In-Reply-To: <aaGP1Se8vkBhn9uj@hyeyoo>
On Fri, Feb 27, 2026 at 09:36:37PM +0900, Harry Yoo wrote:
> > Which is: The same mechanism that the slab allocator uses to ensure that
> > CPU X and CPU Y won't step on each other's toes if they both run
> > kmalloc/kfree at the same time should also be able to guarantee that the
> > metadata changes made by CPU X will be visible to CPU Y if Y manipulates
> > a slab that X just finished with.
>
> Within the slab allocator, I believe there are sufficient mechanisms
> (either spinlock or cmpxchg) to prevent CPUs from interfereing
> with each other.
>
> My earlier statement "Because the slab allocator itself doesn't
> guarantee such barriers are invoked within the allocator, ..." may have
> caused some confusion. To be clarify, the slab allocator of course uses
> proper locks and atomic operations to avoid CPUs interfereing with each
> other, and yes, those mechanisms should guarantee that the metadata changes
> made by CPU X will be visible to CPU Y e.g) when the object is transferred
> from CPU X to Y within the slab allocator.
>
> What I meant by the statement was that the slab allocator doesn't provide
> enough barriers to ensure correctness when a user performs a drive-by
> free on a different CPU w/o proper barriers.
>
> Hopefully I'm not missing your point this time :)
You got it. :-)
But since I don't know anything about the details of how the slab
allocator works, can you explain in more detail what the locks and
atomic operations are and how they prevent CPUs from interfering when an
object is transferred from one CPU to another within the slab allocator?
In particular, which part of the mechanism fails (or doesn't get used)
when the object is transferred by the user with no memory barriers? I'm
trying to learn exactly how these two cases differ, because at first
glance I can't imagine how you could accomplish the first without also
accomplishing the second. It seems that transferring an object from one
CPU to another within the slab allocator should be very much like
transferring it from the slab allocator back to the kmalloc caller.
Alan Stern
next prev parent reply other threads:[~2026-02-27 17:00 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-26 6:35 Harry Yoo
2026-02-26 15:45 ` Alan Stern
2026-02-26 16:17 ` Harry Yoo
2026-02-26 16:42 ` Alan Stern
2026-02-26 17:11 ` Harry Yoo
2026-02-26 18:06 ` Alan Stern
2026-02-27 12:36 ` Harry Yoo
2026-02-27 17:00 ` Alan Stern [this message]
2026-02-26 17:59 ` Christoph Lameter (Ampere)
2026-02-27 8:06 ` Hao Li
2026-02-27 9:03 ` Harry Yoo
2026-02-27 9:14 ` Akira Yokosawa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=556c5caf-c453-473e-ba92-f49ac34053a0@rowland.harvard.edu \
--to=stern@rowland.harvard.edu \
--cc=akiyks@gmail.com \
--cc=boqun@kernel.org \
--cc=cl@gentwo.org \
--cc=dhowells@redhat.com \
--cc=dlustig@nvidia.com \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=hao.li@linux.dev \
--cc=harry.yoo@oracle.com \
--cc=j.alglave@ucl.ac.uk \
--cc=joelagnelf@nvidia.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lkmm@lists.linux.dev \
--cc=luc.maranget@inria.fr \
--cc=mjguzik@gmail.com \
--cc=npiggin@gmail.com \
--cc=parri.andrea@gmail.com \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=pfalcato@suse.de \
--cc=rientjes@google.com \
--cc=roman.gushchin@linux.dev \
--cc=shakeel.butt@linux.dev \
--cc=surenb@google.com \
--cc=vbabka@suse.cz \
--cc=venkat88@linux.ibm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox