+4 -4

include/linux/slub_def.h

reviewed

··· 37 37 38 38 struct kmem_cache_cpu { 39 39 void **freelist; /* Pointer to next available object */ 40 40 - #ifdef CONFIG_CMPXCHG_LOCAL 41 40 unsigned long tid; /* Globally unique transaction id */ 42 42 - #endif 43 41 struct page *page; /* The slab from which we are allocating */ 44 42 int node; /* The node of the page (or -1 for debug) */ 45 43 #ifdef CONFIG_SLUB_STATS ··· 177 179 if (size <= 4 * 1024) return 12; 178 180 /* 179 181 * The following is only needed to support architectures with a larger page 180 180 - * size than 4k. 182 182 + * size than 4k. We need to support 2 * PAGE_SIZE here. So for a 64k page 183 183 + * size we would have to go up to 128k. 181 184 */ 182 185 if (size <= 8 * 1024) return 13; 183 186 if (size <= 16 * 1024) return 14; ··· 189 190 if (size <= 512 * 1024) return 19; 190 191 if (size <= 1024 * 1024) return 20; 191 192 if (size <= 2 * 1024 * 1024) return 21; 192 192 - return -1; 193 193 + BUG(); 194 194 + return -1; /* Will never be reached */ 193 195 194 196 /* 195 197 * What we really wanted to do and cannot do because of compiler issues is:

+65 -100

mm/slub.c

reviewed

··· 261 261 return *(void **)(object + s->offset); 262 262 } 263 263 264 264 + static inline void *get_freepointer_safe(struct kmem_cache *s, void *object) 265 265 + { 266 266 + void *p; 267 267 + 268 268 + #ifdef CONFIG_DEBUG_PAGEALLOC 269 269 + probe_kernel_read(&p, (void **)(object + s->offset), sizeof(p)); 270 270 + #else 271 271 + p = get_freepointer(s, object); 272 272 + #endif 273 273 + return p; 274 274 + } 275 275 + 264 276 static inline void set_freepointer(struct kmem_cache *s, void *object, void *fp) 265 277 { 266 278 *(void **)(object + s->offset) = fp; ··· 282 270 #define for_each_object(__p, __s, __addr, __objects) \ 283 271 for (__p = (__addr); __p < (__addr) + (__objects) * (__s)->size;\ 284 272 __p += (__s)->size) 285 285 - 286 286 - /* Scan freelist */ 287 287 - #define for_each_free_object(__p, __s, __free) \ 288 288 - for (__p = (__free); __p; __p = get_freepointer((__s), __p)) 289 273 290 274 /* Determine object index from a given position */ 291 275 static inline int slab_index(void *p, struct kmem_cache *s, void *addr) ··· 339 331 } 340 332 341 333 #ifdef CONFIG_SLUB_DEBUG 334 334 + /* 335 335 + * Determine a map of object in use on a page. 336 336 + * 337 337 + * Slab lock or node listlock must be held to guarantee that the page does 338 338 + * not vanish from under us. 339 339 + */ 340 340 + static void get_map(struct kmem_cache *s, struct page *page, unsigned long *map) 341 341 + { 342 342 + void *p; 343 343 + void *addr = page_address(page); 344 344 + 345 345 + for (p = page->freelist; p; p = get_freepointer(s, p)) 346 346 + set_bit(slab_index(p, s, addr), map); 347 347 + } 348 348 + 342 349 /* 343 350 * Debug settings: 344 351 */ ··· 1510 1487 int searchnode = (node == NUMA_NO_NODE) ? numa_node_id() : node; 1511 1488 1512 1489 page = get_partial_node(get_node(s, searchnode)); 1513 1513 - if (page || node != -1) 1490 1490 + if (page || node != NUMA_NO_NODE) 1514 1491 return page; 1515 1492 1516 1493 return get_any_partial(s, flags); ··· 1563 1540 } 1564 1541 } 1565 1542 1566 1566 - #ifdef CONFIG_CMPXCHG_LOCAL 1567 1543 #ifdef CONFIG_PREEMPT 1568 1544 /* 1569 1545 * Calculate the next globally unique transaction for disambiguiation ··· 1622 1600 stat(s, CMPXCHG_DOUBLE_CPU_FAIL); 1623 1601 } 1624 1602 1625 1625 - #endif 1626 1626 - 1627 1603 void init_kmem_cache_cpus(struct kmem_cache *s) 1628 1604 { 1629 1629 - #ifdef CONFIG_CMPXCHG_LOCAL 1630 1605 int cpu; 1631 1606 1632 1607 for_each_possible_cpu(cpu) 1633 1608 per_cpu_ptr(s->cpu_slab, cpu)->tid = init_tid(cpu); 1634 1634 - #endif 1635 1635 - 1636 1609 } 1637 1610 /* 1638 1611 * Remove the cpu slab ··· 1660 1643 page->inuse--; 1661 1644 } 1662 1645 c->page = NULL; 1663 1663 - #ifdef CONFIG_CMPXCHG_LOCAL 1664 1646 c->tid = next_tid(c->tid); 1665 1665 - #endif 1666 1647 unfreeze_slab(s, page, tail); 1667 1648 } 1668 1649 ··· 1794 1779 unsigned long addr, struct kmem_cache_cpu *c) 1795 1780 { 1796 1781 void **object; 1797 1797 - struct page *new; 1798 1798 - #ifdef CONFIG_CMPXCHG_LOCAL 1782 1782 + struct page *page; 1799 1783 unsigned long flags; 1800 1784 1801 1785 local_irq_save(flags); ··· 1806 1792 */ 1807 1793 c = this_cpu_ptr(s->cpu_slab); 1808 1794 #endif 1809 1809 - #endif 1810 1795 1811 1796 /* We handle __GFP_ZERO in the caller */ 1812 1797 gfpflags &= ~__GFP_ZERO; 1813 1798 1814 1814 - if (!c->page) 1799 1799 + page = c->page; 1800 1800 + if (!page) 1815 1801 goto new_slab; 1816 1802 1817 1817 - slab_lock(c->page); 1803 1803 + slab_lock(page); 1818 1804 if (unlikely(!node_match(c, node))) 1819 1805 goto another_slab; 1820 1806 1821 1807 stat(s, ALLOC_REFILL); 1822 1808 1823 1809 load_freelist: 1824 1824 - object = c->page->freelist; 1810 1810 + object = page->freelist; 1825 1811 if (unlikely(!object)) 1826 1812 goto another_slab; 1827 1813 if (kmem_cache_debug(s)) 1828 1814 goto debug; 1829 1815 1830 1816 c->freelist = get_freepointer(s, object); 1831 1831 - c->page->inuse = c->page->objects; 1832 1832 - c->page->freelist = NULL; 1833 1833 - c->node = page_to_nid(c->page); 1817 1817 + page->inuse = page->objects; 1818 1818 + page->freelist = NULL; 1819 1819 + 1834 1820 unlock_out: 1835 1835 - slab_unlock(c->page); 1836 1836 - #ifdef CONFIG_CMPXCHG_LOCAL 1821 1821 + slab_unlock(page); 1837 1822 c->tid = next_tid(c->tid); 1838 1823 local_irq_restore(flags); 1839 1839 - #endif 1840 1824 stat(s, ALLOC_SLOWPATH); 1841 1825 return object; 1842 1826 ··· 1842 1830 deactivate_slab(s, c); 1843 1831 1844 1832 new_slab: 1845 1845 - new = get_partial(s, gfpflags, node); 1846 1846 - if (new) { 1847 1847 - c->page = new; 1833 1833 + page = get_partial(s, gfpflags, node); 1834 1834 + if (page) { 1848 1835 stat(s, ALLOC_FROM_PARTIAL); 1836 1836 + c->node = page_to_nid(page); 1837 1837 + c->page = page; 1849 1838 goto load_freelist; 1850 1839 } 1851 1840 ··· 1854 1841 if (gfpflags & __GFP_WAIT) 1855 1842 local_irq_enable(); 1856 1843 1857 1857 - new = new_slab(s, gfpflags, node); 1844 1844 + page = new_slab(s, gfpflags, node); 1858 1845 1859 1846 if (gfpflags & __GFP_WAIT) 1860 1847 local_irq_disable(); 1861 1848 1862 1862 - if (new) { 1849 1849 + if (page) { 1863 1850 c = __this_cpu_ptr(s->cpu_slab); 1864 1851 stat(s, ALLOC_SLAB); 1865 1852 if (c->page) 1866 1853 flush_slab(s, c); 1867 1867 - slab_lock(new); 1868 1868 - __SetPageSlubFrozen(new); 1869 1869 - c->page = new; 1854 1854 + 1855 1855 + slab_lock(page); 1856 1856 + __SetPageSlubFrozen(page); 1857 1857 + c->node = page_to_nid(page); 1858 1858 + c->page = page; 1870 1859 goto load_freelist; 1871 1860 } 1872 1861 if (!(gfpflags & __GFP_NOWARN) && printk_ratelimit()) 1873 1862 slab_out_of_memory(s, gfpflags, node); 1874 1874 - #ifdef CONFIG_CMPXCHG_LOCAL 1875 1863 local_irq_restore(flags); 1876 1876 - #endif 1877 1864 return NULL; 1878 1865 debug: 1879 1879 - if (!alloc_debug_processing(s, c->page, object, addr)) 1866 1866 + if (!alloc_debug_processing(s, page, object, addr)) 1880 1867 goto another_slab; 1881 1868 1882 1882 - c->page->inuse++; 1883 1883 - c->page->freelist = get_freepointer(s, object); 1869 1869 + page->inuse++; 1870 1870 + page->freelist = get_freepointer(s, object); 1871 1871 + deactivate_slab(s, c); 1872 1872 + c->page = NULL; 1884 1873 c->node = NUMA_NO_NODE; 1885 1874 goto unlock_out; 1886 1875 } ··· 1902 1887 { 1903 1888 void **object; 1904 1889 struct kmem_cache_cpu *c; 1905 1905 - #ifdef CONFIG_CMPXCHG_LOCAL 1906 1890 unsigned long tid; 1907 1907 - #else 1908 1908 - unsigned long flags; 1909 1909 - #endif 1910 1891 1911 1892 if (slab_pre_alloc_hook(s, gfpflags)) 1912 1893 return NULL; 1913 1894 1914 1914 - #ifndef CONFIG_CMPXCHG_LOCAL 1915 1915 - local_irq_save(flags); 1916 1916 - #else 1917 1895 redo: 1918 1918 - #endif 1919 1896 1920 1897 /* 1921 1898 * Must read kmem_cache cpu data via this cpu ptr. Preemption is ··· 1917 1910 */ 1918 1911 c = __this_cpu_ptr(s->cpu_slab); 1919 1912 1920 1920 - #ifdef CONFIG_CMPXCHG_LOCAL 1921 1913 /* 1922 1914 * The transaction ids are globally unique per cpu and per operation on 1923 1915 * a per cpu queue. Thus they can be guarantee that the cmpxchg_double ··· 1925 1919 */ 1926 1920 tid = c->tid; 1927 1921 barrier(); 1928 1928 - #endif 1929 1922 1930 1923 object = c->freelist; 1931 1924 if (unlikely(!object || !node_match(c, node))) ··· 1932 1927 object = __slab_alloc(s, gfpflags, node, addr, c); 1933 1928 1934 1929 else { 1935 1935 - #ifdef CONFIG_CMPXCHG_LOCAL 1936 1930 /* 1937 1931 * The cmpxchg will only match if there was no additional 1938 1932 * operation and if we are on the right processor. ··· 1947 1943 if (unlikely(!irqsafe_cpu_cmpxchg_double( 1948 1944 s->cpu_slab->freelist, s->cpu_slab->tid, 1949 1945 object, tid, 1950 1950 - get_freepointer(s, object), next_tid(tid)))) { 1946 1946 + get_freepointer_safe(s, object), next_tid(tid)))) { 1951 1947 1952 1948 note_cmpxchg_failure("slab_alloc", s, tid); 1953 1949 goto redo; 1954 1950 } 1955 1955 - #else 1956 1956 - c->freelist = get_freepointer(s, object); 1957 1957 - #endif 1958 1951 stat(s, ALLOC_FASTPATH); 1959 1952 } 1960 1960 - 1961 1961 - #ifndef CONFIG_CMPXCHG_LOCAL 1962 1962 - local_irq_restore(flags); 1963 1963 - #endif 1964 1953 1965 1954 if (unlikely(gfpflags & __GFP_ZERO) && object) 1966 1955 memset(object, 0, s->objsize); ··· 2031 2034 { 2032 2035 void *prior; 2033 2036 void **object = (void *)x; 2034 2034 - #ifdef CONFIG_CMPXCHG_LOCAL 2035 2037 unsigned long flags; 2036 2038 2037 2039 local_irq_save(flags); 2038 2038 - #endif 2039 2040 slab_lock(page); 2040 2041 stat(s, FREE_SLOWPATH); 2041 2042 2042 2042 - if (kmem_cache_debug(s)) 2043 2043 - goto debug; 2043 2043 + if (kmem_cache_debug(s) && !free_debug_processing(s, page, x, addr)) 2044 2044 + goto out_unlock; 2044 2045 2045 2045 - checks_ok: 2046 2046 prior = page->freelist; 2047 2047 set_freepointer(s, object, prior); 2048 2048 page->freelist = object; ··· 2064 2070 2065 2071 out_unlock: 2066 2072 slab_unlock(page); 2067 2067 - #ifdef CONFIG_CMPXCHG_LOCAL 2068 2073 local_irq_restore(flags); 2069 2069 - #endif 2070 2074 return; 2071 2075 2072 2076 slab_empty: ··· 2076 2084 stat(s, FREE_REMOVE_PARTIAL); 2077 2085 } 2078 2086 slab_unlock(page); 2079 2079 - #ifdef CONFIG_CMPXCHG_LOCAL 2080 2087 local_irq_restore(flags); 2081 2081 - #endif 2082 2088 stat(s, FREE_SLAB); 2083 2089 discard_slab(s, page); 2084 2084 - return; 2085 2085 - 2086 2086 - debug: 2087 2087 - if (!free_debug_processing(s, page, x, addr)) 2088 2088 - goto out_unlock; 2089 2089 - goto checks_ok; 2090 2090 } 2091 2091 2092 2092 /* ··· 2097 2113 { 2098 2114 void **object = (void *)x; 2099 2115 struct kmem_cache_cpu *c; 2100 2100 - #ifdef CONFIG_CMPXCHG_LOCAL 2101 2116 unsigned long tid; 2102 2102 - #else 2103 2103 - unsigned long flags; 2104 2104 - #endif 2105 2117 2106 2118 slab_free_hook(s, x); 2107 2119 2108 2108 - #ifndef CONFIG_CMPXCHG_LOCAL 2109 2109 - local_irq_save(flags); 2110 2110 - 2111 2111 - #else 2112 2120 redo: 2113 2113 - #endif 2114 2121 2115 2122 /* 2116 2123 * Determine the currently cpus per cpu slab. ··· 2111 2136 */ 2112 2137 c = __this_cpu_ptr(s->cpu_slab); 2113 2138 2114 2114 - #ifdef CONFIG_CMPXCHG_LOCAL 2115 2139 tid = c->tid; 2116 2140 barrier(); 2117 2117 - #endif 2118 2141 2119 2119 - if (likely(page == c->page && c->node != NUMA_NO_NODE)) { 2142 2142 + if (likely(page == c->page)) { 2120 2143 set_freepointer(s, object, c->freelist); 2121 2144 2122 2122 - #ifdef CONFIG_CMPXCHG_LOCAL 2123 2145 if (unlikely(!irqsafe_cpu_cmpxchg_double( 2124 2146 s->cpu_slab->freelist, s->cpu_slab->tid, 2125 2147 c->freelist, tid, ··· 2125 2153 note_cmpxchg_failure("slab_free", s, tid); 2126 2154 goto redo; 2127 2155 } 2128 2128 - #else 2129 2129 - c->freelist = object; 2130 2130 - #endif 2131 2156 stat(s, FREE_FASTPATH); 2132 2157 } else 2133 2158 __slab_free(s, page, x, addr); 2134 2159 2135 2135 - #ifndef CONFIG_CMPXCHG_LOCAL 2136 2136 - local_irq_restore(flags); 2137 2137 - #endif 2138 2160 } 2139 2161 2140 2162 void kmem_cache_free(struct kmem_cache *s, void *x) ··· 2639 2673 return; 2640 2674 slab_err(s, page, "%s", text); 2641 2675 slab_lock(page); 2642 2642 - for_each_free_object(p, s, page->freelist) 2643 2643 - set_bit(slab_index(p, s, addr), map); 2644 2676 2677 2677 + get_map(s, page, map); 2645 2678 for_each_object(p, s, addr, page->objects) { 2646 2679 2647 2680 if (!test_bit(slab_index(p, s, addr), map)) { ··· 3168 3203 list_for_each_entry(p, &n->partial, lru) 3169 3204 p->slab = s; 3170 3205 3171 3171 - #ifdef CONFIG_SLAB_DEBUG 3206 3206 + #ifdef CONFIG_SLUB_DEBUG 3172 3207 list_for_each_entry(p, &n->full, lru) 3173 3208 p->slab = s; 3174 3209 #endif ··· 3575 3610 /* Now we know that a valid freelist exists */ 3576 3611 bitmap_zero(map, page->objects); 3577 3612 3578 3578 - for_each_free_object(p, s, page->freelist) { 3579 3579 - set_bit(slab_index(p, s, addr), map); 3580 3580 - if (!check_object(s, page, p, SLUB_RED_INACTIVE)) 3581 3581 - return 0; 3613 3613 + get_map(s, page, map); 3614 3614 + for_each_object(p, s, addr, page->objects) { 3615 3615 + if (test_bit(slab_index(p, s, addr), map)) 3616 3616 + if (!check_object(s, page, p, SLUB_RED_INACTIVE)) 3617 3617 + return 0; 3582 3618 } 3583 3619 3584 3620 for_each_object(p, s, addr, page->objects) ··· 3787 3821 void *p; 3788 3822 3789 3823 bitmap_zero(map, page->objects); 3790 3790 - for_each_free_object(p, s, page->freelist) 3791 3791 - set_bit(slab_index(p, s, addr), map); 3824 3824 + get_map(s, page, map); 3792 3825 3793 3826 for_each_object(p, s, addr, page->objects) 3794 3827 if (!test_bit(slab_index(p, s, addr), map))