1. Patchew
  2. linux
  3. View series

[PATCH] rust: workqueue: fix SAFETY comment Arc refs in Pin<KBox<T>>

Sagar Taunk posted 1 patch 1 month, 3 weeks ago
There is a newer version of this series
rust/kernel/workqueue.rs | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
[PATCH] rust: workqueue: fix SAFETY comment Arc refs in Pin<KBox<T>>
Posted by Sagar Taunk 1 month, 3 weeks ago 
The `WorkItemPointer` implementation for `Pin<KBox<T>>` contained SAFETY
comments that incorrectly referenced `Arc::into_raw` instead of
`KBox::into_raw`. This implementation uses `KBox`, not `Arc`, so update
the comments to accurately reflect the actual ownership transfer.

Suggested-by: Onur Özkan <contact@onurozkan.dev>
Link: https://github.com/Rust-for-Linux/linux/issues/1233
Signed-off-by: Sagar Taunk <sagartaunk2@gmail.com>
---
 rust/kernel/workqueue.rs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/rust/kernel/workqueue.rs b/rust/kernel/workqueue.rs
index 7e253b6f299c..74c59f2b1c09 100644
--- a/rust/kernel/workqueue.rs
+++ b/rust/kernel/workqueue.rs
@@ -890,9 +890,10 @@ unsafe impl<T, const ID: u64> WorkItemPointer<ID> for Pin<KBox<T>>
     unsafe extern "C" fn run(ptr: *mut bindings::work_struct) {
         // The `__enqueue` method always uses a `work_struct` stored in a `Work<T, ID>`.
         let ptr = ptr.cast::<Work<T, ID>>();
-        // SAFETY: This computes the pointer that `__enqueue` got from `Arc::into_raw`.
+        // SAFETY: This computes the pointer that `__enqueue` got from `KBox::into_raw`.
         let ptr = unsafe { T::work_container_of(ptr) };
-        // SAFETY: This pointer comes from `Arc::into_raw` and we've been given back ownership.
+        // SAFETY: This pointer comes from `KBox::into_raw` and we have been given back ownership,
+        // as the workqueue guarantees `run` is called exactly once.
         let boxed = unsafe { KBox::from_raw(ptr) };
         // SAFETY: The box was already pinned when it was enqueued.
         let pinned = unsafe { Pin::new_unchecked(boxed) };
-- 
2.54.0
Re: [PATCH] rust: workqueue: fix SAFETY comment Arc refs in Pin<KBox<T>>
Posted by Onur Özkan 1 month, 3 weeks ago 
On Sat, 25 Apr 2026 19:27:01 +0530
Sagar Taunk <sagartaunk2@gmail.com> wrote:

> The `WorkItemPointer` implementation for `Pin<KBox<T>>` contained SAFETY
> comments that incorrectly referenced `Arc::into_raw` instead of
> `KBox::into_raw`. This implementation uses `KBox`, not `Arc`, so update
> the comments to accurately reflect the actual ownership transfer.
> 
> Suggested-by: Onur Özkan <contact@onurozkan.dev>
> Link: https://github.com/Rust-for-Linux/linux/issues/1233
> Signed-off-by: Sagar Taunk <sagartaunk2@gmail.com>
> ---
>  rust/kernel/workqueue.rs | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/rust/kernel/workqueue.rs b/rust/kernel/workqueue.rs
> index 7e253b6f299c..74c59f2b1c09 100644
> --- a/rust/kernel/workqueue.rs
> +++ b/rust/kernel/workqueue.rs
> @@ -890,9 +890,10 @@ unsafe impl<T, const ID: u64> WorkItemPointer<ID> for Pin<KBox<T>>
>      unsafe extern "C" fn run(ptr: *mut bindings::work_struct) {
>          // The `__enqueue` method always uses a `work_struct` stored in a `Work<T, ID>`.
>          let ptr = ptr.cast::<Work<T, ID>>();
> -        // SAFETY: This computes the pointer that `__enqueue` got from `Arc::into_raw`.
> +        // SAFETY: This computes the pointer that `__enqueue` got from `KBox::into_raw`.
>          let ptr = unsafe { T::work_container_of(ptr) };
> -        // SAFETY: This pointer comes from `Arc::into_raw` and we've been given back ownership.
> +        // SAFETY: This pointer comes from `KBox::into_raw` and we have been given back ownership,
> +        // as the workqueue guarantees `run` is called exactly once.
>          let boxed = unsafe { KBox::from_raw(ptr) };
>          // SAFETY: The box was already pinned when it was enqueued.
>          let pinned = unsafe { Pin::new_unchecked(boxed) };
> -- 
> 2.54.0
> 

Thank you!

Reviewed-by: Onur Özkan <work@onurozkan.dev>
Re: [PATCH] rust: workqueue: fix SAFETY comment Arc refs in Pin<KBox<T>>
Posted by Alice Ryhl 1 month, 3 weeks ago 
On Sat, Apr 25, 2026 at 07:27:01PM +0530, Sagar Taunk wrote:
> The `WorkItemPointer` implementation for `Pin<KBox<T>>` contained SAFETY
> comments that incorrectly referenced `Arc::into_raw` instead of
> `KBox::into_raw`. This implementation uses `KBox`, not `Arc`, so update
> the comments to accurately reflect the actual ownership transfer.
> 
> Suggested-by: Onur Özkan <contact@onurozkan.dev>
> Link: https://github.com/Rust-for-Linux/linux/issues/1233
> Signed-off-by: Sagar Taunk <sagartaunk2@gmail.com>

Thanks!

Reviewed-by: Alice Ryhl <aliceryhl@google.com>
Re: [PATCH] rust: workqueue: fix SAFETY comment Arc refs in Pin<KBox<T>>
Posted by Miguel Ojeda 1 month, 3 weeks ago 
On Sat, Apr 25, 2026 at 3:57 PM Sagar Taunk <sagartaunk2@gmail.com> wrote:
>
> The `WorkItemPointer` implementation for `Pin<KBox<T>>` contained SAFETY
> comments that incorrectly referenced `Arc::into_raw` instead of
> `KBox::into_raw`. This implementation uses `KBox`, not `Arc`, so update
> the comments to accurately reflect the actual ownership transfer.
>
> Suggested-by: Onur Özkan <contact@onurozkan.dev>
> Link: https://github.com/Rust-for-Linux/linux/issues/1233
> Signed-off-by: Sagar Taunk <sagartaunk2@gmail.com>

I am copying a procedural comment since I just wrote it for another patch:

  For this case it doesn't matter too much, but in general, when
  something is a fix, we add a Fixes: tag (and in most cases Cc: stable@
  to accompany it). That helps backporting (when needed), adds context
  e.g. for reviewing (at times), etc.

Thanks!

Cheers,
Miguel
Re: [PATCH] rust: workqueue: fix SAFETY comment Arc refs in Pin<KBox<T>>
Posted by Alexandre Courbot 1 month, 3 weeks ago 
On Sat Apr 25, 2026 at 10:57 PM JST, Sagar Taunk wrote:
> The `WorkItemPointer` implementation for `Pin<KBox<T>>` contained SAFETY
> comments that incorrectly referenced `Arc::into_raw` instead of
> `KBox::into_raw`. This implementation uses `KBox`, not `Arc`, so update
> the comments to accurately reflect the actual ownership transfer.
>
> Suggested-by: Onur Özkan <contact@onurozkan.dev>
> Link: https://github.com/Rust-for-Linux/linux/issues/1233
> Signed-off-by: Sagar Taunk <sagartaunk2@gmail.com>
> ---
>  rust/kernel/workqueue.rs | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/rust/kernel/workqueue.rs b/rust/kernel/workqueue.rs
> index 7e253b6f299c..74c59f2b1c09 100644
> --- a/rust/kernel/workqueue.rs
> +++ b/rust/kernel/workqueue.rs
> @@ -890,9 +890,10 @@ unsafe impl<T, const ID: u64> WorkItemPointer<ID> for Pin<KBox<T>>
>      unsafe extern "C" fn run(ptr: *mut bindings::work_struct) {
>          // The `__enqueue` method always uses a `work_struct` stored in a `Work<T, ID>`.
>          let ptr = ptr.cast::<Work<T, ID>>();
> -        // SAFETY: This computes the pointer that `__enqueue` got from `Arc::into_raw`.
> +        // SAFETY: This computes the pointer that `__enqueue` got from `KBox::into_raw`.
>          let ptr = unsafe { T::work_container_of(ptr) };
> -        // SAFETY: This pointer comes from `Arc::into_raw` and we've been given back ownership.
> +        // SAFETY: This pointer comes from `KBox::into_raw` and we have been given back ownership,
> +        // as the workqueue guarantees `run` is called exactly once.

Not sure if extending the comment is useful, but the comment looks correct.

Reviewed-by: Alexandre Courbot <acourbot@nvidia.com>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.