2 * SLUB: A slab allocator that limits cache line use instead of queuing
3 * objects in per cpu and per node lists.
5 * The allocator synchronizes using per slab locks and only
6 * uses a centralized lock to manage a pool of partial slabs.
8 * (C) 2007 SGI, Christoph Lameter
12 #include <linux/swap.h> /* struct reclaim_state */
13 #include <linux/module.h>
14 #include <linux/bit_spinlock.h>
15 #include <linux/interrupt.h>
16 #include <linux/bitops.h>
17 #include <linux/slab.h>
18 #include <linux/proc_fs.h>
19 #include <linux/seq_file.h>
20 #include <linux/kmemtrace.h>
21 #include <linux/kmemcheck.h>
22 #include <linux/cpu.h>
23 #include <linux/cpuset.h>
24 #include <linux/mempolicy.h>
25 #include <linux/ctype.h>
26 #include <linux/debugobjects.h>
27 #include <linux/kallsyms.h>
28 #include <linux/memory.h>
29 #include <linux/math64.h>
30 #include <linux/fault-inject.h>
39 * The slab_lock protects operations on the object of a particular
40 * slab and its metadata in the page struct. If the slab lock
41 * has been taken then no allocations nor frees can be performed
42 * on the objects in the slab nor can the slab be added or removed
43 * from the partial or full lists since this would mean modifying
44 * the page_struct of the slab.
46 * The list_lock protects the partial and full list on each node and
47 * the partial slab counter. If taken then no new slabs may be added or
48 * removed from the lists nor make the number of partial slabs be modified.
49 * (Note that the total number of slabs is an atomic value that may be
50 * modified without taking the list lock).
52 * The list_lock is a centralized lock and thus we avoid taking it as
53 * much as possible. As long as SLUB does not have to handle partial
54 * slabs, operations can continue without any centralized lock. F.e.
55 * allocating a long series of objects that fill up slabs does not require
58 * The lock order is sometimes inverted when we are trying to get a slab
59 * off a list. We take the list_lock and then look for a page on the list
60 * to use. While we do that objects in the slabs may be freed. We can
61 * only operate on the slab if we have also taken the slab_lock. So we use
62 * a slab_trylock() on the slab. If trylock was successful then no frees
63 * can occur anymore and we can use the slab for allocations etc. If the
64 * slab_trylock() does not succeed then frees are in progress in the slab and
65 * we must stay away from it for a while since we may cause a bouncing
66 * cacheline if we try to acquire the lock. So go onto the next slab.
67 * If all pages are busy then we may allocate a new slab instead of reusing
68 * a partial slab. A new slab has noone operating on it and thus there is
69 * no danger of cacheline contention.
71 * Interrupts are disabled during allocation and deallocation in order to
72 * make the slab allocator safe to use in the context of an irq. In addition
73 * interrupts are disabled to ensure that the processor does not change
74 * while handling per_cpu slabs, due to kernel preemption.
76 * SLUB assigns one slab for allocation to each processor.
77 * Allocations only occur from these slabs called cpu slabs.
79 * Slabs with free elements are kept on a partial list and during regular
80 * operations no list for full slabs is used. If an object in a full slab is
81 * freed then the slab will show up again on the partial lists.
82 * We track full slabs for debugging purposes though because otherwise we
83 * cannot scan all objects.
85 * Slabs are freed when they become empty. Teardown and setup is
86 * minimal so we rely on the page allocators per cpu caches for
87 * fast frees and allocs.
89 * Overloading of page flags that are otherwise used for LRU management.
91 * PageActive The slab is frozen and exempt from list processing.
92 * This means that the slab is dedicated to a purpose
93 * such as satisfying allocations for a specific
94 * processor. Objects may be freed in the slab while
95 * it is frozen but slab_free will then skip the usual
96 * list operations. It is up to the processor holding
97 * the slab to integrate the slab into the slab lists
98 * when the slab is no longer needed.
100 * One use of this flag is to mark slabs that are
101 * used for allocations. Then such a slab becomes a cpu
102 * slab. The cpu slab may be equipped with an additional
103 * freelist that allows lockless access to
104 * free objects in addition to the regular freelist
105 * that requires the slab lock.
107 * PageError Slab requires special handling due to debug
108 * options set. This moves slab handling out of
109 * the fast path and disables lockless freelists.
112 #ifdef CONFIG_SLUB_DEBUG
119 * Issues still to be resolved:
121 * - Support PAGE_ALLOC_DEBUG. Should be easy to do.
123 * - Variable sizing of the per node arrays
126 /* Enable to test recovery from slab corruption on boot */
127 #undef SLUB_RESILIENCY_TEST
130 * Mininum number of partial slabs. These will be left on the partial
131 * lists even if they are empty. kmem_cache_shrink may reclaim them.
133 #define MIN_PARTIAL 5
136 * Maximum number of desirable partial slabs.
137 * The existence of more partial slabs makes kmem_cache_shrink
138 * sort the partial list by the number of objects in the.
140 #define MAX_PARTIAL 10
142 #define DEBUG_DEFAULT_FLAGS (SLAB_DEBUG_FREE | SLAB_RED_ZONE | \
143 SLAB_POISON | SLAB_STORE_USER)
146 * Debugging flags that require metadata to be stored in the slab. These get
147 * disabled when slub_debug=O is used and a cache's min order increases with
150 #define DEBUG_METADATA_FLAGS (SLAB_RED_ZONE | SLAB_POISON | SLAB_STORE_USER)
153 * Set of flags that will prevent slab merging
155 #define SLUB_NEVER_MERGE (SLAB_RED_ZONE | SLAB_POISON | SLAB_STORE_USER | \
156 SLAB_TRACE | SLAB_DESTROY_BY_RCU | SLAB_NOLEAKTRACE)
158 #define SLUB_MERGE_SAME (SLAB_DEBUG_FREE | SLAB_RECLAIM_ACCOUNT | \
159 SLAB_CACHE_DMA | SLAB_NOTRACK)
161 #ifndef ARCH_KMALLOC_MINALIGN
162 #define ARCH_KMALLOC_MINALIGN __alignof__(unsigned long long)
165 #ifndef ARCH_SLAB_MINALIGN
166 #define ARCH_SLAB_MINALIGN __alignof__(unsigned long long)
170 #define OO_MASK ((1 << OO_SHIFT) - 1)
171 #define MAX_OBJS_PER_PAGE 65535 /* since page.objects is u16 */
173 /* Internal SLUB flags */
174 #define __OBJECT_POISON 0x80000000 /* Poison object */
175 #define __SYSFS_ADD_DEFERRED 0x40000000 /* Not yet visible via sysfs */
177 static int kmem_size = sizeof(struct kmem_cache);
180 static struct notifier_block slab_notifier;
184 DOWN, /* No slab functionality available */
185 PARTIAL, /* kmem_cache_open() works but kmalloc does not */
186 UP, /* Everything works but does not show up in sysfs */
190 /* A list of all slab caches on the system */
191 static DECLARE_RWSEM(slub_lock);
192 static LIST_HEAD(slab_caches);
195 * Tracking user of a slab.
198 unsigned long addr; /* Called from address */
199 int cpu; /* Was running on cpu */
200 int pid; /* Pid context */
201 unsigned long when; /* When did the operation occur */
204 enum track_item { TRACK_ALLOC, TRACK_FREE };
206 #ifdef CONFIG_SLUB_DEBUG
207 static int sysfs_slab_add(struct kmem_cache *);
208 static int sysfs_slab_alias(struct kmem_cache *, const char *);
209 static void sysfs_slab_remove(struct kmem_cache *);
212 static inline int sysfs_slab_add(struct kmem_cache *s) { return 0; }
213 static inline int sysfs_slab_alias(struct kmem_cache *s, const char *p)
215 static inline void sysfs_slab_remove(struct kmem_cache *s)
222 static inline void stat(struct kmem_cache_cpu *c, enum stat_item si)
224 #ifdef CONFIG_SLUB_STATS
229 /********************************************************************
230 * Core slab cache functions
231 *******************************************************************/
233 int slab_is_available(void)
235 return slab_state >= UP;
238 static inline struct kmem_cache_node *get_node(struct kmem_cache *s, int node)
241 return s->node[node];
243 return &s->local_node;
247 static inline struct kmem_cache_cpu *get_cpu_slab(struct kmem_cache *s, int cpu)
250 return s->cpu_slab[cpu];
256 /* Verify that a pointer has an address that is valid within a slab page */
257 static inline int check_valid_pointer(struct kmem_cache *s,
258 struct page *page, const void *object)
265 base = page_address(page);
266 if (object < base || object >= base + page->objects * s->size ||
267 (object - base) % s->size) {
275 * Slow version of get and set free pointer.
277 * This version requires touching the cache lines of kmem_cache which
278 * we avoid to do in the fast alloc free paths. There we obtain the offset
279 * from the page struct.
281 static inline void *get_freepointer(struct kmem_cache *s, void *object)
283 return *(void **)(object + s->offset);
286 static inline void set_freepointer(struct kmem_cache *s, void *object, void *fp)
288 *(void **)(object + s->offset) = fp;
291 /* Loop over all objects in a slab */
292 #define for_each_object(__p, __s, __addr, __objects) \
293 for (__p = (__addr); __p < (__addr) + (__objects) * (__s)->size;\
297 #define for_each_free_object(__p, __s, __free) \
298 for (__p = (__free); __p; __p = get_freepointer((__s), __p))
300 /* Determine object index from a given position */
301 static inline int slab_index(void *p, struct kmem_cache *s, void *addr)
303 return (p - addr) / s->size;
306 static inline struct kmem_cache_order_objects oo_make(int order,
309 struct kmem_cache_order_objects x = {
310 (order << OO_SHIFT) + (PAGE_SIZE << order) / size
316 static inline int oo_order(struct kmem_cache_order_objects x)
318 return x.x >> OO_SHIFT;
321 static inline int oo_objects(struct kmem_cache_order_objects x)
323 return x.x & OO_MASK;
326 #ifdef CONFIG_SLUB_DEBUG
330 #ifdef CONFIG_SLUB_DEBUG_ON
331 static int slub_debug = DEBUG_DEFAULT_FLAGS;
333 static int slub_debug;
336 static char *slub_debug_slabs;
337 static int disable_higher_order_debug;
342 static void print_section(char *text, u8 *addr, unsigned int length)
350 for (i = 0; i < length; i++) {
352 printk(KERN_ERR "%8s 0x%p: ", text, addr + i);
355 printk(KERN_CONT " %02x", addr[i]);
357 ascii[offset] = isgraph(addr[i]) ? addr[i] : '.';
359 printk(KERN_CONT " %s\n", ascii);
366 printk(KERN_CONT " ");
370 printk(KERN_CONT " %s\n", ascii);
374 static struct track *get_track(struct kmem_cache *s, void *object,
375 enum track_item alloc)
380 p = object + s->offset + sizeof(void *);
382 p = object + s->inuse;
387 static void set_track(struct kmem_cache *s, void *object,
388 enum track_item alloc, unsigned long addr)
390 struct track *p = get_track(s, object, alloc);
394 p->cpu = smp_processor_id();
395 p->pid = current->pid;
398 memset(p, 0, sizeof(struct track));
401 static void init_tracking(struct kmem_cache *s, void *object)
403 if (!(s->flags & SLAB_STORE_USER))
406 set_track(s, object, TRACK_FREE, 0UL);
407 set_track(s, object, TRACK_ALLOC, 0UL);
410 static void print_track(const char *s, struct track *t)
415 printk(KERN_ERR "INFO: %s in %pS age=%lu cpu=%u pid=%d\n",
416 s, (void *)t->addr, jiffies - t->when, t->cpu, t->pid);
419 static void print_tracking(struct kmem_cache *s, void *object)
421 if (!(s->flags & SLAB_STORE_USER))
424 print_track("Allocated", get_track(s, object, TRACK_ALLOC));
425 print_track("Freed", get_track(s, object, TRACK_FREE));
428 static void print_page_info(struct page *page)
430 printk(KERN_ERR "INFO: Slab 0x%p objects=%u used=%u fp=0x%p flags=0x%04lx\n",
431 page, page->objects, page->inuse, page->freelist, page->flags);
435 static void slab_bug(struct kmem_cache *s, char *fmt, ...)
441 vsnprintf(buf, sizeof(buf), fmt, args);
443 printk(KERN_ERR "========================================"
444 "=====================================\n");
445 printk(KERN_ERR "BUG %s: %s\n", s->name, buf);
446 printk(KERN_ERR "----------------------------------------"
447 "-------------------------------------\n\n");
450 static void slab_fix(struct kmem_cache *s, char *fmt, ...)
456 vsnprintf(buf, sizeof(buf), fmt, args);
458 printk(KERN_ERR "FIX %s: %s\n", s->name, buf);
461 static void print_trailer(struct kmem_cache *s, struct page *page, u8 *p)
463 unsigned int off; /* Offset of last byte */
464 u8 *addr = page_address(page);
466 print_tracking(s, p);
468 print_page_info(page);
470 printk(KERN_ERR "INFO: Object 0x%p @offset=%tu fp=0x%p\n\n",
471 p, p - addr, get_freepointer(s, p));
474 print_section("Bytes b4", p - 16, 16);
476 print_section("Object", p, min_t(unsigned long, s->objsize, PAGE_SIZE));
478 if (s->flags & SLAB_RED_ZONE)
479 print_section("Redzone", p + s->objsize,
480 s->inuse - s->objsize);
483 off = s->offset + sizeof(void *);
487 if (s->flags & SLAB_STORE_USER)
488 off += 2 * sizeof(struct track);
491 /* Beginning of the filler is the free pointer */
492 print_section("Padding", p + off, s->size - off);
497 static void object_err(struct kmem_cache *s, struct page *page,
498 u8 *object, char *reason)
500 slab_bug(s, "%s", reason);
501 print_trailer(s, page, object);
504 static void slab_err(struct kmem_cache *s, struct page *page, char *fmt, ...)
510 vsnprintf(buf, sizeof(buf), fmt, args);
512 slab_bug(s, "%s", buf);
513 print_page_info(page);
517 static void init_object(struct kmem_cache *s, void *object, int active)
521 if (s->flags & __OBJECT_POISON) {
522 memset(p, POISON_FREE, s->objsize - 1);
523 p[s->objsize - 1] = POISON_END;
526 if (s->flags & SLAB_RED_ZONE)
527 memset(p + s->objsize,
528 active ? SLUB_RED_ACTIVE : SLUB_RED_INACTIVE,
529 s->inuse - s->objsize);
532 static u8 *check_bytes(u8 *start, unsigned int value, unsigned int bytes)
535 if (*start != (u8)value)
543 static void restore_bytes(struct kmem_cache *s, char *message, u8 data,
544 void *from, void *to)
546 slab_fix(s, "Restoring 0x%p-0x%p=0x%x\n", from, to - 1, data);
547 memset(from, data, to - from);
550 static int check_bytes_and_report(struct kmem_cache *s, struct page *page,
551 u8 *object, char *what,
552 u8 *start, unsigned int value, unsigned int bytes)
557 fault = check_bytes(start, value, bytes);
562 while (end > fault && end[-1] == value)
565 slab_bug(s, "%s overwritten", what);
566 printk(KERN_ERR "INFO: 0x%p-0x%p. First byte 0x%x instead of 0x%x\n",
567 fault, end - 1, fault[0], value);
568 print_trailer(s, page, object);
570 restore_bytes(s, what, value, fault, end);
578 * Bytes of the object to be managed.
579 * If the freepointer may overlay the object then the free
580 * pointer is the first word of the object.
582 * Poisoning uses 0x6b (POISON_FREE) and the last byte is
585 * object + s->objsize
586 * Padding to reach word boundary. This is also used for Redzoning.
587 * Padding is extended by another word if Redzoning is enabled and
590 * We fill with 0xbb (RED_INACTIVE) for inactive objects and with
591 * 0xcc (RED_ACTIVE) for objects in use.
594 * Meta data starts here.
596 * A. Free pointer (if we cannot overwrite object on free)
597 * B. Tracking data for SLAB_STORE_USER
598 * C. Padding to reach required alignment boundary or at mininum
599 * one word if debugging is on to be able to detect writes
600 * before the word boundary.
602 * Padding is done using 0x5a (POISON_INUSE)
605 * Nothing is used beyond s->size.
607 * If slabcaches are merged then the objsize and inuse boundaries are mostly
608 * ignored. And therefore no slab options that rely on these boundaries
609 * may be used with merged slabcaches.
612 static int check_pad_bytes(struct kmem_cache *s, struct page *page, u8 *p)
614 unsigned long off = s->inuse; /* The end of info */
617 /* Freepointer is placed after the object. */
618 off += sizeof(void *);
620 if (s->flags & SLAB_STORE_USER)
621 /* We also have user information there */
622 off += 2 * sizeof(struct track);
627 return check_bytes_and_report(s, page, p, "Object padding",
628 p + off, POISON_INUSE, s->size - off);
631 /* Check the pad bytes at the end of a slab page */
632 static int slab_pad_check(struct kmem_cache *s, struct page *page)
640 if (!(s->flags & SLAB_POISON))
643 start = page_address(page);
644 length = (PAGE_SIZE << compound_order(page));
645 end = start + length;
646 remainder = length % s->size;
650 fault = check_bytes(end - remainder, POISON_INUSE, remainder);
653 while (end > fault && end[-1] == POISON_INUSE)
656 slab_err(s, page, "Padding overwritten. 0x%p-0x%p", fault, end - 1);
657 print_section("Padding", end - remainder, remainder);
659 restore_bytes(s, "slab padding", POISON_INUSE, end - remainder, end);
663 static int check_object(struct kmem_cache *s, struct page *page,
664 void *object, int active)
667 u8 *endobject = object + s->objsize;
669 if (s->flags & SLAB_RED_ZONE) {
671 active ? SLUB_RED_ACTIVE : SLUB_RED_INACTIVE;
673 if (!check_bytes_and_report(s, page, object, "Redzone",
674 endobject, red, s->inuse - s->objsize))
677 if ((s->flags & SLAB_POISON) && s->objsize < s->inuse) {
678 check_bytes_and_report(s, page, p, "Alignment padding",
679 endobject, POISON_INUSE, s->inuse - s->objsize);
683 if (s->flags & SLAB_POISON) {
684 if (!active && (s->flags & __OBJECT_POISON) &&
685 (!check_bytes_and_report(s, page, p, "Poison", p,
686 POISON_FREE, s->objsize - 1) ||
687 !check_bytes_and_report(s, page, p, "Poison",
688 p + s->objsize - 1, POISON_END, 1)))
691 * check_pad_bytes cleans up on its own.
693 check_pad_bytes(s, page, p);
696 if (!s->offset && active)
698 * Object and freepointer overlap. Cannot check
699 * freepointer while object is allocated.
703 /* Check free pointer validity */
704 if (!check_valid_pointer(s, page, get_freepointer(s, p))) {
705 object_err(s, page, p, "Freepointer corrupt");
707 * No choice but to zap it and thus lose the remainder
708 * of the free objects in this slab. May cause
709 * another error because the object count is now wrong.
711 set_freepointer(s, p, NULL);
717 static int check_slab(struct kmem_cache *s, struct page *page)
721 VM_BUG_ON(!irqs_disabled());
723 if (!PageSlab(page)) {
724 slab_err(s, page, "Not a valid slab page");
728 maxobj = (PAGE_SIZE << compound_order(page)) / s->size;
729 if (page->objects > maxobj) {
730 slab_err(s, page, "objects %u > max %u",
731 s->name, page->objects, maxobj);
734 if (page->inuse > page->objects) {
735 slab_err(s, page, "inuse %u > max %u",
736 s->name, page->inuse, page->objects);
739 /* Slab_pad_check fixes things up after itself */
740 slab_pad_check(s, page);
745 * Determine if a certain object on a page is on the freelist. Must hold the
746 * slab lock to guarantee that the chains are in a consistent state.
748 static int on_freelist(struct kmem_cache *s, struct page *page, void *search)
751 void *fp = page->freelist;
753 unsigned long max_objects;
755 while (fp && nr <= page->objects) {
758 if (!check_valid_pointer(s, page, fp)) {
760 object_err(s, page, object,
761 "Freechain corrupt");
762 set_freepointer(s, object, NULL);
765 slab_err(s, page, "Freepointer corrupt");
766 page->freelist = NULL;
767 page->inuse = page->objects;
768 slab_fix(s, "Freelist cleared");
774 fp = get_freepointer(s, object);
778 max_objects = (PAGE_SIZE << compound_order(page)) / s->size;
779 if (max_objects > MAX_OBJS_PER_PAGE)
780 max_objects = MAX_OBJS_PER_PAGE;
782 if (page->objects != max_objects) {
783 slab_err(s, page, "Wrong number of objects. Found %d but "
784 "should be %d", page->objects, max_objects);
785 page->objects = max_objects;
786 slab_fix(s, "Number of objects adjusted.");
788 if (page->inuse != page->objects - nr) {
789 slab_err(s, page, "Wrong object count. Counter is %d but "
790 "counted were %d", page->inuse, page->objects - nr);
791 page->inuse = page->objects - nr;
792 slab_fix(s, "Object count adjusted.");
794 return search == NULL;
797 static void trace(struct kmem_cache *s, struct page *page, void *object,
800 if (s->flags & SLAB_TRACE) {
801 printk(KERN_INFO "TRACE %s %s 0x%p inuse=%d fp=0x%p\n",
803 alloc ? "alloc" : "free",
808 print_section("Object", (void *)object, s->objsize);
815 * Tracking of fully allocated slabs for debugging purposes.
817 static void add_full(struct kmem_cache_node *n, struct page *page)
819 spin_lock(&n->list_lock);
820 list_add(&page->lru, &n->full);
821 spin_unlock(&n->list_lock);
824 static void remove_full(struct kmem_cache *s, struct page *page)
826 struct kmem_cache_node *n;
828 if (!(s->flags & SLAB_STORE_USER))
831 n = get_node(s, page_to_nid(page));
833 spin_lock(&n->list_lock);
834 list_del(&page->lru);
835 spin_unlock(&n->list_lock);
838 /* Tracking of the number of slabs for debugging purposes */
839 static inline unsigned long slabs_node(struct kmem_cache *s, int node)
841 struct kmem_cache_node *n = get_node(s, node);
843 return atomic_long_read(&n->nr_slabs);
846 static inline unsigned long node_nr_slabs(struct kmem_cache_node *n)
848 return atomic_long_read(&n->nr_slabs);
851 static inline void inc_slabs_node(struct kmem_cache *s, int node, int objects)
853 struct kmem_cache_node *n = get_node(s, node);
856 * May be called early in order to allocate a slab for the
857 * kmem_cache_node structure. Solve the chicken-egg
858 * dilemma by deferring the increment of the count during
859 * bootstrap (see early_kmem_cache_node_alloc).
861 if (!NUMA_BUILD || n) {
862 atomic_long_inc(&n->nr_slabs);
863 atomic_long_add(objects, &n->total_objects);
866 static inline void dec_slabs_node(struct kmem_cache *s, int node, int objects)
868 struct kmem_cache_node *n = get_node(s, node);
870 atomic_long_dec(&n->nr_slabs);
871 atomic_long_sub(objects, &n->total_objects);
874 /* Object debug checks for alloc/free paths */
875 static void setup_object_debug(struct kmem_cache *s, struct page *page,
878 if (!(s->flags & (SLAB_STORE_USER|SLAB_RED_ZONE|__OBJECT_POISON)))
881 init_object(s, object, 0);
882 init_tracking(s, object);
885 static int alloc_debug_processing(struct kmem_cache *s, struct page *page,
886 void *object, unsigned long addr)
888 if (!check_slab(s, page))
891 if (!on_freelist(s, page, object)) {
892 object_err(s, page, object, "Object already allocated");
896 if (!check_valid_pointer(s, page, object)) {
897 object_err(s, page, object, "Freelist Pointer check fails");
901 if (!check_object(s, page, object, 0))
904 /* Success perform special debug activities for allocs */
905 if (s->flags & SLAB_STORE_USER)
906 set_track(s, object, TRACK_ALLOC, addr);
907 trace(s, page, object, 1);
908 init_object(s, object, 1);
912 if (PageSlab(page)) {
914 * If this is a slab page then lets do the best we can
915 * to avoid issues in the future. Marking all objects
916 * as used avoids touching the remaining objects.
918 slab_fix(s, "Marking all objects used");
919 page->inuse = page->objects;
920 page->freelist = NULL;
925 static int free_debug_processing(struct kmem_cache *s, struct page *page,
926 void *object, unsigned long addr)
928 if (!check_slab(s, page))
931 if (!check_valid_pointer(s, page, object)) {
932 slab_err(s, page, "Invalid object pointer 0x%p", object);
936 if (on_freelist(s, page, object)) {
937 object_err(s, page, object, "Object already free");
941 if (!check_object(s, page, object, 1))
944 if (unlikely(s != page->slab)) {
945 if (!PageSlab(page)) {
946 slab_err(s, page, "Attempt to free object(0x%p) "
947 "outside of slab", object);
948 } else if (!page->slab) {
950 "SLUB <none>: no slab for object 0x%p.\n",
954 object_err(s, page, object,
955 "page slab pointer corrupt.");
959 /* Special debug activities for freeing objects */
960 if (!PageSlubFrozen(page) && !page->freelist)
961 remove_full(s, page);
962 if (s->flags & SLAB_STORE_USER)
963 set_track(s, object, TRACK_FREE, addr);
964 trace(s, page, object, 0);
965 init_object(s, object, 0);
969 slab_fix(s, "Object at 0x%p not freed", object);
973 static int __init setup_slub_debug(char *str)
975 slub_debug = DEBUG_DEFAULT_FLAGS;
976 if (*str++ != '=' || !*str)
978 * No options specified. Switch on full debugging.
984 * No options but restriction on slabs. This means full
985 * debugging for slabs matching a pattern.
989 if (tolower(*str) == 'o') {
991 * Avoid enabling debugging on caches if its minimum order
992 * would increase as a result.
994 disable_higher_order_debug = 1;
1001 * Switch off all debugging measures.
1006 * Determine which debug features should be switched on
1008 for (; *str && *str != ','; str++) {
1009 switch (tolower(*str)) {
1011 slub_debug |= SLAB_DEBUG_FREE;
1014 slub_debug |= SLAB_RED_ZONE;
1017 slub_debug |= SLAB_POISON;
1020 slub_debug |= SLAB_STORE_USER;
1023 slub_debug |= SLAB_TRACE;
1026 printk(KERN_ERR "slub_debug option '%c' "
1027 "unknown. skipped\n", *str);
1033 slub_debug_slabs = str + 1;
1038 __setup("slub_debug", setup_slub_debug);
1040 static unsigned long kmem_cache_flags(unsigned long objsize,
1041 unsigned long flags, const char *name,
1042 void (*ctor)(void *))
1045 * Enable debugging if selected on the kernel commandline.
1047 if (slub_debug && (!slub_debug_slabs ||
1048 !strncmp(slub_debug_slabs, name, strlen(slub_debug_slabs))))
1049 flags |= slub_debug;
1054 static inline void setup_object_debug(struct kmem_cache *s,
1055 struct page *page, void *object) {}
1057 static inline int alloc_debug_processing(struct kmem_cache *s,
1058 struct page *page, void *object, unsigned long addr) { return 0; }
1060 static inline int free_debug_processing(struct kmem_cache *s,
1061 struct page *page, void *object, unsigned long addr) { return 0; }
1063 static inline int slab_pad_check(struct kmem_cache *s, struct page *page)
1065 static inline int check_object(struct kmem_cache *s, struct page *page,
1066 void *object, int active) { return 1; }
1067 static inline void add_full(struct kmem_cache_node *n, struct page *page) {}
1068 static inline unsigned long kmem_cache_flags(unsigned long objsize,
1069 unsigned long flags, const char *name,
1070 void (*ctor)(void *))
1074 #define slub_debug 0
1076 #define disable_higher_order_debug 0
1078 static inline unsigned long slabs_node(struct kmem_cache *s, int node)
1080 static inline unsigned long node_nr_slabs(struct kmem_cache_node *n)
1082 static inline void inc_slabs_node(struct kmem_cache *s, int node,
1084 static inline void dec_slabs_node(struct kmem_cache *s, int node,
1089 * Slab allocation and freeing
1091 static inline struct page *alloc_slab_page(gfp_t flags, int node,
1092 struct kmem_cache_order_objects oo)
1094 int order = oo_order(oo);
1096 flags |= __GFP_NOTRACK;
1099 return alloc_pages(flags, order);
1101 return alloc_pages_node(node, flags, order);
1104 static struct page *allocate_slab(struct kmem_cache *s, gfp_t flags, int node)
1107 struct kmem_cache_order_objects oo = s->oo;
1110 flags |= s->allocflags;
1113 * Let the initial higher-order allocation fail under memory pressure
1114 * so we fall-back to the minimum order allocation.
1116 alloc_gfp = (flags | __GFP_NOWARN | __GFP_NORETRY) & ~__GFP_NOFAIL;
1118 page = alloc_slab_page(alloc_gfp, node, oo);
1119 if (unlikely(!page)) {
1122 * Allocation may have failed due to fragmentation.
1123 * Try a lower order alloc if possible
1125 page = alloc_slab_page(flags, node, oo);
1129 stat(get_cpu_slab(s, raw_smp_processor_id()), ORDER_FALLBACK);
1132 if (kmemcheck_enabled
1133 && !(s->flags & (SLAB_NOTRACK | DEBUG_DEFAULT_FLAGS))) {
1134 int pages = 1 << oo_order(oo);
1136 kmemcheck_alloc_shadow(page, oo_order(oo), flags, node);
1139 * Objects from caches that have a constructor don't get
1140 * cleared when they're allocated, so we need to do it here.
1143 kmemcheck_mark_uninitialized_pages(page, pages);
1145 kmemcheck_mark_unallocated_pages(page, pages);
1148 page->objects = oo_objects(oo);
1149 mod_zone_page_state(page_zone(page),
1150 (s->flags & SLAB_RECLAIM_ACCOUNT) ?
1151 NR_SLAB_RECLAIMABLE : NR_SLAB_UNRECLAIMABLE,
1157 static void setup_object(struct kmem_cache *s, struct page *page,
1160 setup_object_debug(s, page, object);
1161 if (unlikely(s->ctor))
1166 struct page *new_slab(struct kmem_cache *s, gfp_t flags, int node, int *reserve)
1173 BUG_ON(flags & GFP_SLAB_BUG_MASK);
1175 page = allocate_slab(s,
1176 flags & (GFP_RECLAIM_MASK | GFP_CONSTRAINT_MASK), node);
1180 *reserve = page->reserve;
1182 inc_slabs_node(s, page_to_nid(page), page->objects);
1184 page->flags |= 1 << PG_slab;
1185 if (s->flags & (SLAB_DEBUG_FREE | SLAB_RED_ZONE | SLAB_POISON |
1186 SLAB_STORE_USER | SLAB_TRACE))
1187 __SetPageSlubDebug(page);
1189 start = page_address(page);
1191 if (unlikely(s->flags & SLAB_POISON))
1192 memset(start, POISON_INUSE, PAGE_SIZE << compound_order(page));
1195 for_each_object(p, s, start, page->objects) {
1196 setup_object(s, page, last);
1197 set_freepointer(s, last, p);
1200 setup_object(s, page, last);
1201 set_freepointer(s, last, NULL);
1203 page->freelist = start;
1209 static void __free_slab(struct kmem_cache *s, struct page *page)
1211 int order = compound_order(page);
1212 int pages = 1 << order;
1214 if (unlikely(SLABDEBUG && PageSlubDebug(page))) {
1217 slab_pad_check(s, page);
1218 for_each_object(p, s, page_address(page),
1220 check_object(s, page, p, 0);
1221 __ClearPageSlubDebug(page);
1224 kmemcheck_free_shadow(page, compound_order(page));
1226 mod_zone_page_state(page_zone(page),
1227 (s->flags & SLAB_RECLAIM_ACCOUNT) ?
1228 NR_SLAB_RECLAIMABLE : NR_SLAB_UNRECLAIMABLE,
1231 __ClearPageSlab(page);
1232 reset_page_mapcount(page);
1233 if (current->reclaim_state)
1234 current->reclaim_state->reclaimed_slab += pages;
1235 __free_pages(page, order);
1238 static void rcu_free_slab(struct rcu_head *h)
1242 page = container_of((struct list_head *)h, struct page, lru);
1243 __free_slab(page->slab, page);
1246 static void free_slab(struct kmem_cache *s, struct page *page)
1248 if (unlikely(s->flags & SLAB_DESTROY_BY_RCU)) {
1250 * RCU free overloads the RCU head over the LRU
1252 struct rcu_head *head = (void *)&page->lru;
1254 call_rcu(head, rcu_free_slab);
1256 __free_slab(s, page);
1259 static void discard_slab(struct kmem_cache *s, struct page *page)
1261 dec_slabs_node(s, page_to_nid(page), page->objects);
1266 * Per slab locking using the pagelock
1268 static __always_inline void slab_lock(struct page *page)
1270 bit_spin_lock(PG_locked, &page->flags);
1273 static __always_inline void slab_unlock(struct page *page)
1275 __bit_spin_unlock(PG_locked, &page->flags);
1278 static __always_inline int slab_trylock(struct page *page)
1282 rc = bit_spin_trylock(PG_locked, &page->flags);
1287 * Management of partially allocated slabs
1289 static void add_partial(struct kmem_cache_node *n,
1290 struct page *page, int tail)
1292 spin_lock(&n->list_lock);
1295 list_add_tail(&page->lru, &n->partial);
1297 list_add(&page->lru, &n->partial);
1298 spin_unlock(&n->list_lock);
1301 static void remove_partial(struct kmem_cache *s, struct page *page)
1303 struct kmem_cache_node *n = get_node(s, page_to_nid(page));
1305 spin_lock(&n->list_lock);
1306 list_del(&page->lru);
1308 spin_unlock(&n->list_lock);
1312 * Lock slab and remove from the partial list.
1314 * Must hold list_lock.
1316 static inline int lock_and_freeze_slab(struct kmem_cache_node *n,
1319 if (slab_trylock(page)) {
1320 list_del(&page->lru);
1322 __SetPageSlubFrozen(page);
1329 * Try to allocate a partial slab from a specific node.
1331 static struct page *get_partial_node(struct kmem_cache_node *n)
1336 * Racy check. If we mistakenly see no partial slabs then we
1337 * just allocate an empty slab. If we mistakenly try to get a
1338 * partial slab and there is none available then get_partials()
1341 if (!n || !n->nr_partial)
1344 spin_lock(&n->list_lock);
1345 list_for_each_entry(page, &n->partial, lru)
1346 if (lock_and_freeze_slab(n, page))
1350 spin_unlock(&n->list_lock);
1355 * Get a page from somewhere. Search in increasing NUMA distances.
1357 static struct page *get_any_partial(struct kmem_cache *s, gfp_t flags)
1360 struct zonelist *zonelist;
1363 enum zone_type high_zoneidx = gfp_zone(flags);
1367 * The defrag ratio allows a configuration of the tradeoffs between
1368 * inter node defragmentation and node local allocations. A lower
1369 * defrag_ratio increases the tendency to do local allocations
1370 * instead of attempting to obtain partial slabs from other nodes.
1372 * If the defrag_ratio is set to 0 then kmalloc() always
1373 * returns node local objects. If the ratio is higher then kmalloc()
1374 * may return off node objects because partial slabs are obtained
1375 * from other nodes and filled up.
1377 * If /sys/kernel/slab/xx/defrag_ratio is set to 100 (which makes
1378 * defrag_ratio = 1000) then every (well almost) allocation will
1379 * first attempt to defrag slab caches on other nodes. This means
1380 * scanning over all nodes to look for partial slabs which may be
1381 * expensive if we do it every time we are trying to find a slab
1382 * with available objects.
1384 if (!s->remote_node_defrag_ratio ||
1385 get_cycles() % 1024 > s->remote_node_defrag_ratio)
1388 zonelist = node_zonelist(slab_node(current->mempolicy), flags);
1389 for_each_zone_zonelist(zone, z, zonelist, high_zoneidx) {
1390 struct kmem_cache_node *n;
1392 n = get_node(s, zone_to_nid(zone));
1394 if (n && cpuset_zone_allowed_hardwall(zone, flags) &&
1395 n->nr_partial > s->min_partial) {
1396 page = get_partial_node(n);
1406 * Get a partial page, lock it and return it.
1408 static struct page *get_partial(struct kmem_cache *s, gfp_t flags, int node)
1411 int searchnode = (node == -1) ? numa_node_id() : node;
1413 page = get_partial_node(get_node(s, searchnode));
1414 if (page || (flags & __GFP_THISNODE))
1417 return get_any_partial(s, flags);
1421 * Move a page back to the lists.
1423 * Must be called with the slab lock held.
1425 * On exit the slab lock will have been dropped.
1427 static void unfreeze_slab(struct kmem_cache *s, struct page *page, int tail)
1429 struct kmem_cache_node *n = get_node(s, page_to_nid(page));
1430 struct kmem_cache_cpu *c = get_cpu_slab(s, smp_processor_id());
1432 __ClearPageSlubFrozen(page);
1435 if (page->freelist) {
1436 add_partial(n, page, tail);
1437 stat(c, tail ? DEACTIVATE_TO_TAIL : DEACTIVATE_TO_HEAD);
1439 stat(c, DEACTIVATE_FULL);
1440 if (SLABDEBUG && PageSlubDebug(page) &&
1441 (s->flags & SLAB_STORE_USER))
1446 stat(c, DEACTIVATE_EMPTY);
1447 if (n->nr_partial < s->min_partial) {
1449 * Adding an empty slab to the partial slabs in order
1450 * to avoid page allocator overhead. This slab needs
1451 * to come after the other slabs with objects in
1452 * so that the others get filled first. That way the
1453 * size of the partial list stays small.
1455 * kmem_cache_shrink can reclaim any empty slabs from
1458 add_partial(n, page, 1);
1462 stat(get_cpu_slab(s, raw_smp_processor_id()), FREE_SLAB);
1463 discard_slab(s, page);
1469 * Remove the cpu slab
1471 static void deactivate_slab(struct kmem_cache *s, struct kmem_cache_cpu *c)
1473 struct page *page = c->page;
1477 stat(c, DEACTIVATE_REMOTE_FREES);
1479 * Merge cpu freelist into slab freelist. Typically we get here
1480 * because both freelists are empty. So this is unlikely
1483 while (unlikely(c->freelist)) {
1486 tail = 0; /* Hot objects. Put the slab first */
1488 /* Retrieve object from cpu_freelist */
1489 object = c->freelist;
1490 c->freelist = c->freelist[c->offset];
1492 /* And put onto the regular freelist */
1493 object[c->offset] = page->freelist;
1494 page->freelist = object;
1498 unfreeze_slab(s, page, tail);
1501 static inline void flush_slab(struct kmem_cache *s, struct kmem_cache_cpu *c)
1503 stat(c, CPUSLAB_FLUSH);
1505 deactivate_slab(s, c);
1511 * Called from IPI handler with interrupts disabled.
1513 static inline void __flush_cpu_slab(struct kmem_cache *s, int cpu)
1515 struct kmem_cache_cpu *c = get_cpu_slab(s, cpu);
1517 if (likely(c && c->page))
1521 static void flush_cpu_slab(void *d)
1523 struct kmem_cache *s = d;
1525 __flush_cpu_slab(s, smp_processor_id());
1528 static void flush_all(struct kmem_cache *s)
1530 on_each_cpu(flush_cpu_slab, s, 1);
1534 * Check if the objects in a per cpu structure fit numa
1535 * locality expectations.
1537 static inline int node_match(struct kmem_cache_cpu *c, int node)
1540 if (node != -1 && c->node != node)
1546 static int count_free(struct page *page)
1548 return page->objects - page->inuse;
1551 static unsigned long count_partial(struct kmem_cache_node *n,
1552 int (*get_count)(struct page *))
1554 unsigned long flags;
1555 unsigned long x = 0;
1558 spin_lock_irqsave(&n->list_lock, flags);
1559 list_for_each_entry(page, &n->partial, lru)
1560 x += get_count(page);
1561 spin_unlock_irqrestore(&n->list_lock, flags);
1565 static inline unsigned long node_nr_objs(struct kmem_cache_node *n)
1567 #ifdef CONFIG_SLUB_DEBUG
1568 return atomic_long_read(&n->total_objects);
1574 static noinline void
1575 slab_out_of_memory(struct kmem_cache *s, gfp_t gfpflags, int nid)
1580 "SLUB: Unable to allocate memory on node %d (gfp=0x%x)\n",
1582 printk(KERN_WARNING " cache: %s, object size: %d, buffer size: %d, "
1583 "default order: %d, min order: %d\n", s->name, s->objsize,
1584 s->size, oo_order(s->oo), oo_order(s->min));
1586 if (oo_order(s->min) > get_order(s->objsize))
1587 printk(KERN_WARNING " %s debugging increased min order, use "
1588 "slub_debug=O to disable.\n", s->name);
1590 for_each_online_node(node) {
1591 struct kmem_cache_node *n = get_node(s, node);
1592 unsigned long nr_slabs;
1593 unsigned long nr_objs;
1594 unsigned long nr_free;
1599 nr_free = count_partial(n, count_free);
1600 nr_slabs = node_nr_slabs(n);
1601 nr_objs = node_nr_objs(n);
1604 " node %d: slabs: %ld, objs: %ld, free: %ld\n",
1605 node, nr_slabs, nr_objs, nr_free);
1610 * Slow path. The lockless freelist is empty or we need to perform
1613 * Interrupts are disabled.
1615 * Processing is still very fast if new objects have been freed to the
1616 * regular freelist. In that case we simply take over the regular freelist
1617 * as the lockless freelist and zap the regular freelist.
1619 * If that is not working then we fall back to the partial lists. We take the
1620 * first element of the freelist as the object to allocate now and move the
1621 * rest of the freelist to the lockless freelist.
1623 * And if we were unable to get a new slab from the partial slab lists then
1624 * we need to allocate a new slab. This is the slowest path since it involves
1625 * a call to the page allocator and the setup of a new slab.
1627 static void *__slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
1628 unsigned long addr, struct kmem_cache_cpu *c)
1634 /* We handle __GFP_ZERO in the caller */
1635 gfpflags &= ~__GFP_ZERO;
1637 if (unlikely(c->reserve)) {
1639 * If the current slab is a reserve slab and the current
1640 * allocation context does not allow access to the reserves we
1641 * must force an allocation to test the current levels.
1643 if (!(gfp_to_alloc_flags(gfpflags) & ALLOC_NO_WATERMARKS))
1650 if (unlikely(!node_match(c, node)))
1653 stat(c, ALLOC_REFILL);
1656 object = c->page->freelist;
1657 if (unlikely(!object))
1659 if (unlikely(PageSlubDebug(c->page) || c->reserve))
1662 c->freelist = object[c->offset];
1663 c->page->inuse = c->page->objects;
1664 c->page->freelist = NULL;
1665 c->node = page_to_nid(c->page);
1667 slab_unlock(c->page);
1668 stat(c, ALLOC_SLOWPATH);
1672 deactivate_slab(s, c);
1675 new = get_partial(s, gfpflags, node);
1678 stat(c, ALLOC_FROM_PARTIAL);
1683 if (gfpflags & __GFP_WAIT)
1686 new = new_slab(s, gfpflags, node, &reserve);
1688 if (gfpflags & __GFP_WAIT)
1689 local_irq_disable();
1692 c = get_cpu_slab(s, smp_processor_id());
1693 c->reserve = reserve;
1694 stat(c, ALLOC_SLAB);
1698 __SetPageSlubFrozen(new);
1702 if (!(gfpflags & __GFP_NOWARN) && printk_ratelimit())
1703 slab_out_of_memory(s, gfpflags, node);
1707 if (PageSlubDebug(c->page) &&
1708 !alloc_debug_processing(s, c->page, object, addr))
1712 * Avoid the slub fast path in slab_alloc() by not setting
1713 * c->freelist and the fast path in slab_free() by making
1714 * node_match() fail by setting c->node to -1.
1716 * We use this for for debug and reserve checks which need
1717 * to be done for each allocation.
1721 c->page->freelist = object[c->offset];
1727 * Inlined fastpath so that allocation functions (kmalloc, kmem_cache_alloc)
1728 * have the fastpath folded into their functions. So no function call
1729 * overhead for requests that can be satisfied on the fastpath.
1731 * The fastpath works by first checking if the lockless freelist can be used.
1732 * If not then __slab_alloc is called for slow processing.
1734 * Otherwise we can simply pick the next object from the lockless free list.
1736 static __always_inline void *slab_alloc(struct kmem_cache *s,
1737 gfp_t gfpflags, int node, unsigned long addr)
1740 struct kmem_cache_cpu *c;
1741 unsigned long flags;
1742 unsigned int objsize;
1744 gfpflags &= gfp_allowed_mask;
1746 lockdep_trace_alloc(gfpflags);
1747 might_sleep_if(gfpflags & __GFP_WAIT);
1749 if (should_failslab(s->objsize, gfpflags))
1752 local_irq_save(flags);
1753 c = get_cpu_slab(s, smp_processor_id());
1754 objsize = c->objsize;
1755 if (unlikely(!c->freelist || !node_match(c, node)))
1757 object = __slab_alloc(s, gfpflags, node, addr, c);
1760 object = c->freelist;
1761 c->freelist = object[c->offset];
1762 stat(c, ALLOC_FASTPATH);
1764 local_irq_restore(flags);
1766 if (unlikely(gfpflags & __GFP_ZERO) && object)
1767 memset(object, 0, objsize);
1769 kmemcheck_slab_alloc(s, gfpflags, object, c->objsize);
1770 kmemleak_alloc_recursive(object, objsize, 1, s->flags, gfpflags);
1775 void *kmem_cache_alloc(struct kmem_cache *s, gfp_t gfpflags)
1777 void *ret = slab_alloc(s, gfpflags, -1, _RET_IP_);
1779 trace_kmem_cache_alloc(_RET_IP_, ret, s->objsize, s->size, gfpflags);
1783 EXPORT_SYMBOL(kmem_cache_alloc);
1785 #ifdef CONFIG_TRACING
1786 void *kmem_cache_alloc_notrace(struct kmem_cache *s, gfp_t gfpflags)
1788 return slab_alloc(s, gfpflags, -1, _RET_IP_);
1790 EXPORT_SYMBOL(kmem_cache_alloc_notrace);
1794 void *kmem_cache_alloc_node(struct kmem_cache *s, gfp_t gfpflags, int node)
1796 void *ret = slab_alloc(s, gfpflags, node, _RET_IP_);
1798 trace_kmem_cache_alloc_node(_RET_IP_, ret,
1799 s->objsize, s->size, gfpflags, node);
1803 EXPORT_SYMBOL(kmem_cache_alloc_node);
1806 #ifdef CONFIG_TRACING
1807 void *kmem_cache_alloc_node_notrace(struct kmem_cache *s,
1811 return slab_alloc(s, gfpflags, node, _RET_IP_);
1813 EXPORT_SYMBOL(kmem_cache_alloc_node_notrace);
1817 * Slow patch handling. This may still be called frequently since objects
1818 * have a longer lifetime than the cpu slabs in most processing loads.
1820 * So we still attempt to reduce cache line usage. Just take the slab
1821 * lock and free the item. If there is no additional partial page
1822 * handling required then we can return immediately.
1824 static void __slab_free(struct kmem_cache *s, struct page *page,
1825 void *x, unsigned long addr, unsigned int offset)
1828 void **object = (void *)x;
1829 struct kmem_cache_cpu *c;
1831 c = get_cpu_slab(s, raw_smp_processor_id());
1832 stat(c, FREE_SLOWPATH);
1835 if (unlikely(SLABDEBUG && PageSlubDebug(page)))
1839 prior = object[offset] = page->freelist;
1840 page->freelist = object;
1843 if (unlikely(PageSlubFrozen(page))) {
1844 stat(c, FREE_FROZEN);
1848 if (unlikely(!page->inuse))
1852 * Objects left in the slab. If it was not on the partial list before
1855 if (unlikely(!prior)) {
1856 add_partial(get_node(s, page_to_nid(page)), page, 1);
1857 stat(c, FREE_ADD_PARTIAL);
1867 * Slab still on the partial list.
1869 remove_partial(s, page);
1870 stat(c, FREE_REMOVE_PARTIAL);
1874 discard_slab(s, page);
1878 if (!free_debug_processing(s, page, x, addr))
1884 * Fastpath with forced inlining to produce a kfree and kmem_cache_free that
1885 * can perform fastpath freeing without additional function calls.
1887 * The fastpath is only possible if we are freeing to the current cpu slab
1888 * of this processor. This typically the case if we have just allocated
1891 * If fastpath is not possible then fall back to __slab_free where we deal
1892 * with all sorts of special processing.
1894 static __always_inline void slab_free(struct kmem_cache *s,
1895 struct page *page, void *x, unsigned long addr)
1897 void **object = (void *)x;
1898 struct kmem_cache_cpu *c;
1899 unsigned long flags;
1901 kmemleak_free_recursive(x, s->flags);
1902 local_irq_save(flags);
1903 c = get_cpu_slab(s, smp_processor_id());
1904 kmemcheck_slab_free(s, object, c->objsize);
1905 debug_check_no_locks_freed(object, c->objsize);
1906 if (!(s->flags & SLAB_DEBUG_OBJECTS))
1907 debug_check_no_obj_freed(object, c->objsize);
1908 if (likely(page == c->page && c->node >= 0)) {
1909 object[c->offset] = c->freelist;
1910 c->freelist = object;
1911 stat(c, FREE_FASTPATH);
1913 __slab_free(s, page, x, addr, c->offset);
1915 local_irq_restore(flags);
1918 void kmem_cache_free(struct kmem_cache *s, void *x)
1922 page = virt_to_head_page(x);
1924 slab_free(s, page, x, _RET_IP_);
1926 trace_kmem_cache_free(_RET_IP_, x);
1928 EXPORT_SYMBOL(kmem_cache_free);
1930 /* Figure out on which slab page the object resides */
1931 static struct page *get_object_page(const void *x)
1933 struct page *page = virt_to_head_page(x);
1935 if (!PageSlab(page))
1942 * Object placement in a slab is made very easy because we always start at
1943 * offset 0. If we tune the size of the object to the alignment then we can
1944 * get the required alignment by putting one properly sized object after
1947 * Notice that the allocation order determines the sizes of the per cpu
1948 * caches. Each processor has always one slab available for allocations.
1949 * Increasing the allocation order reduces the number of times that slabs
1950 * must be moved on and off the partial lists and is therefore a factor in
1955 * Mininum / Maximum order of slab pages. This influences locking overhead
1956 * and slab fragmentation. A higher order reduces the number of partial slabs
1957 * and increases the number of allocations possible without having to
1958 * take the list_lock.
1960 static int slub_min_order;
1961 static int slub_max_order = PAGE_ALLOC_COSTLY_ORDER;
1962 static int slub_min_objects;
1965 * Merge control. If this is set then no merging of slab caches will occur.
1966 * (Could be removed. This was introduced to pacify the merge skeptics.)
1968 static int slub_nomerge;
1971 * Calculate the order of allocation given an slab object size.
1973 * The order of allocation has significant impact on performance and other
1974 * system components. Generally order 0 allocations should be preferred since
1975 * order 0 does not cause fragmentation in the page allocator. Larger objects
1976 * be problematic to put into order 0 slabs because there may be too much
1977 * unused space left. We go to a higher order if more than 1/16th of the slab
1980 * In order to reach satisfactory performance we must ensure that a minimum
1981 * number of objects is in one slab. Otherwise we may generate too much
1982 * activity on the partial lists which requires taking the list_lock. This is
1983 * less a concern for large slabs though which are rarely used.
1985 * slub_max_order specifies the order where we begin to stop considering the
1986 * number of objects in a slab as critical. If we reach slub_max_order then
1987 * we try to keep the page order as low as possible. So we accept more waste
1988 * of space in favor of a small page order.
1990 * Higher order allocations also allow the placement of more objects in a
1991 * slab and thereby reduce object handling overhead. If the user has
1992 * requested a higher mininum order then we start with that one instead of
1993 * the smallest order which will fit the object.
1995 static inline int slab_order(int size, int min_objects,
1996 int max_order, int fract_leftover)
2000 int min_order = slub_min_order;
2002 if ((PAGE_SIZE << min_order) / size > MAX_OBJS_PER_PAGE)
2003 return get_order(size * MAX_OBJS_PER_PAGE) - 1;
2005 for (order = max(min_order,
2006 fls(min_objects * size - 1) - PAGE_SHIFT);
2007 order <= max_order; order++) {
2009 unsigned long slab_size = PAGE_SIZE << order;
2011 if (slab_size < min_objects * size)
2014 rem = slab_size % size;
2016 if (rem <= slab_size / fract_leftover)
2024 static inline int calculate_order(int size)
2032 * Attempt to find best configuration for a slab. This
2033 * works by first attempting to generate a layout with
2034 * the best configuration and backing off gradually.
2036 * First we reduce the acceptable waste in a slab. Then
2037 * we reduce the minimum objects required in a slab.
2039 min_objects = slub_min_objects;
2041 min_objects = 4 * (fls(nr_cpu_ids) + 1);
2042 max_objects = (PAGE_SIZE << slub_max_order)/size;
2043 min_objects = min(min_objects, max_objects);
2045 while (min_objects > 1) {
2047 while (fraction >= 4) {
2048 order = slab_order(size, min_objects,
2049 slub_max_order, fraction);
2050 if (order <= slub_max_order)
2058 * We were unable to place multiple objects in a slab. Now
2059 * lets see if we can place a single object there.
2061 order = slab_order(size, 1, slub_max_order, 1);
2062 if (order <= slub_max_order)
2066 * Doh this slab cannot be placed using slub_max_order.
2068 order = slab_order(size, 1, MAX_ORDER, 1);
2069 if (order < MAX_ORDER)
2075 * Figure out what the alignment of the objects will be.
2077 static unsigned long calculate_alignment(unsigned long flags,
2078 unsigned long align, unsigned long size)
2081 * If the user wants hardware cache aligned objects then follow that
2082 * suggestion if the object is sufficiently large.
2084 * The hardware cache alignment cannot override the specified
2085 * alignment though. If that is greater then use it.
2087 if (flags & SLAB_HWCACHE_ALIGN) {
2088 unsigned long ralign = cache_line_size();
2089 while (size <= ralign / 2)
2091 align = max(align, ralign);
2094 if (align < ARCH_SLAB_MINALIGN)
2095 align = ARCH_SLAB_MINALIGN;
2097 return ALIGN(align, sizeof(void *));
2100 static void init_kmem_cache_cpu(struct kmem_cache *s,
2101 struct kmem_cache_cpu *c)
2106 c->offset = s->offset / sizeof(void *);
2107 c->objsize = s->objsize;
2108 #ifdef CONFIG_SLUB_STATS
2109 memset(c->stat, 0, NR_SLUB_STAT_ITEMS * sizeof(unsigned));
2114 init_kmem_cache_node(struct kmem_cache_node *n, struct kmem_cache *s)
2117 spin_lock_init(&n->list_lock);
2118 INIT_LIST_HEAD(&n->partial);
2119 #ifdef CONFIG_SLUB_DEBUG
2120 atomic_long_set(&n->nr_slabs, 0);
2121 atomic_long_set(&n->total_objects, 0);
2122 INIT_LIST_HEAD(&n->full);
2128 * Per cpu array for per cpu structures.
2130 * The per cpu array places all kmem_cache_cpu structures from one processor
2131 * close together meaning that it becomes possible that multiple per cpu
2132 * structures are contained in one cacheline. This may be particularly
2133 * beneficial for the kmalloc caches.
2135 * A desktop system typically has around 60-80 slabs. With 100 here we are
2136 * likely able to get per cpu structures for all caches from the array defined
2137 * here. We must be able to cover all kmalloc caches during bootstrap.
2139 * If the per cpu array is exhausted then fall back to kmalloc
2140 * of individual cachelines. No sharing is possible then.
2142 #define NR_KMEM_CACHE_CPU 100
2144 static DEFINE_PER_CPU(struct kmem_cache_cpu [NR_KMEM_CACHE_CPU],
2147 static DEFINE_PER_CPU(struct kmem_cache_cpu *, kmem_cache_cpu_free);
2148 static DECLARE_BITMAP(kmem_cach_cpu_free_init_once, CONFIG_NR_CPUS);
2150 static struct kmem_cache_cpu *alloc_kmem_cache_cpu(struct kmem_cache *s,
2151 int cpu, gfp_t flags)
2153 struct kmem_cache_cpu *c = per_cpu(kmem_cache_cpu_free, cpu);
2156 per_cpu(kmem_cache_cpu_free, cpu) =
2157 (void *)c->freelist;
2159 /* Table overflow: So allocate ourselves */
2161 ALIGN(sizeof(struct kmem_cache_cpu), cache_line_size()),
2162 flags, cpu_to_node(cpu));
2167 init_kmem_cache_cpu(s, c);
2171 static void free_kmem_cache_cpu(struct kmem_cache_cpu *c, int cpu)
2173 if (c < per_cpu(kmem_cache_cpu, cpu) ||
2174 c >= per_cpu(kmem_cache_cpu, cpu) + NR_KMEM_CACHE_CPU) {
2178 c->freelist = (void *)per_cpu(kmem_cache_cpu_free, cpu);
2179 per_cpu(kmem_cache_cpu_free, cpu) = c;
2182 static void free_kmem_cache_cpus(struct kmem_cache *s)
2186 for_each_online_cpu(cpu) {
2187 struct kmem_cache_cpu *c = get_cpu_slab(s, cpu);
2190 s->cpu_slab[cpu] = NULL;
2191 free_kmem_cache_cpu(c, cpu);
2196 static int alloc_kmem_cache_cpus(struct kmem_cache *s, gfp_t flags)
2200 for_each_online_cpu(cpu) {
2201 struct kmem_cache_cpu *c = get_cpu_slab(s, cpu);
2206 c = alloc_kmem_cache_cpu(s, cpu, flags);
2208 free_kmem_cache_cpus(s);
2211 s->cpu_slab[cpu] = c;
2217 * Initialize the per cpu array.
2219 static void init_alloc_cpu_cpu(int cpu)
2223 if (cpumask_test_cpu(cpu, to_cpumask(kmem_cach_cpu_free_init_once)))
2226 for (i = NR_KMEM_CACHE_CPU - 1; i >= 0; i--)
2227 free_kmem_cache_cpu(&per_cpu(kmem_cache_cpu, cpu)[i], cpu);
2229 cpumask_set_cpu(cpu, to_cpumask(kmem_cach_cpu_free_init_once));
2232 static void __init init_alloc_cpu(void)
2236 for_each_online_cpu(cpu)
2237 init_alloc_cpu_cpu(cpu);
2241 static inline void free_kmem_cache_cpus(struct kmem_cache *s) {}
2242 static inline void init_alloc_cpu(void) {}
2244 static inline int alloc_kmem_cache_cpus(struct kmem_cache *s, gfp_t flags)
2246 init_kmem_cache_cpu(s, &s->cpu_slab);
2253 * No kmalloc_node yet so do it by hand. We know that this is the first
2254 * slab on the node for this slabcache. There are no concurrent accesses
2257 * Note that this function only works on the kmalloc_node_cache
2258 * when allocating for the kmalloc_node_cache. This is used for bootstrapping
2259 * memory on a fresh node that has no slab structures yet.
2261 static void early_kmem_cache_node_alloc(gfp_t gfpflags, int node)
2264 struct kmem_cache_node *n;
2265 unsigned long flags;
2268 BUG_ON(kmalloc_caches->size < sizeof(struct kmem_cache_node));
2270 page = new_slab(kmalloc_caches, gfpflags, node, &reserve);
2273 if (page_to_nid(page) != node) {
2274 printk(KERN_ERR "SLUB: Unable to allocate memory from "
2276 printk(KERN_ERR "SLUB: Allocating a useless per node structure "
2277 "in order to be able to continue\n");
2282 page->freelist = get_freepointer(kmalloc_caches, n);
2284 kmalloc_caches->node[node] = n;
2285 #ifdef CONFIG_SLUB_DEBUG
2286 init_object(kmalloc_caches, n, 1);
2287 init_tracking(kmalloc_caches, n);
2289 init_kmem_cache_node(n, kmalloc_caches);
2290 inc_slabs_node(kmalloc_caches, node, page->objects);
2293 * lockdep requires consistent irq usage for each lock
2294 * so even though there cannot be a race this early in
2295 * the boot sequence, we still disable irqs.
2297 local_irq_save(flags);
2298 add_partial(n, page, 0);
2299 local_irq_restore(flags);
2302 static void free_kmem_cache_nodes(struct kmem_cache *s)
2306 for_each_node_state(node, N_NORMAL_MEMORY) {
2307 struct kmem_cache_node *n = s->node[node];
2308 if (n && n != &s->local_node)
2309 kmem_cache_free(kmalloc_caches, n);
2310 s->node[node] = NULL;
2314 static int init_kmem_cache_nodes(struct kmem_cache *s, gfp_t gfpflags)
2319 if (slab_state >= UP)
2320 local_node = page_to_nid(virt_to_page(s));
2324 for_each_node_state(node, N_NORMAL_MEMORY) {
2325 struct kmem_cache_node *n;
2327 if (local_node == node)
2330 if (slab_state == DOWN) {
2331 early_kmem_cache_node_alloc(gfpflags, node);
2334 n = kmem_cache_alloc_node(kmalloc_caches,
2338 free_kmem_cache_nodes(s);
2344 init_kmem_cache_node(n, s);
2349 static void free_kmem_cache_nodes(struct kmem_cache *s)
2353 static int init_kmem_cache_nodes(struct kmem_cache *s, gfp_t gfpflags)
2355 init_kmem_cache_node(&s->local_node, s);
2360 static void set_min_partial(struct kmem_cache *s, unsigned long min)
2362 if (min < MIN_PARTIAL)
2364 else if (min > MAX_PARTIAL)
2366 s->min_partial = min;
2370 * calculate_sizes() determines the order and the distribution of data within
2373 static int calculate_sizes(struct kmem_cache *s, int forced_order)
2375 unsigned long flags = s->flags;
2376 unsigned long size = s->objsize;
2377 unsigned long align = s->align;
2381 * Round up object size to the next word boundary. We can only
2382 * place the free pointer at word boundaries and this determines
2383 * the possible location of the free pointer.
2385 size = ALIGN(size, sizeof(void *));
2387 #ifdef CONFIG_SLUB_DEBUG
2389 * Determine if we can poison the object itself. If the user of
2390 * the slab may touch the object after free or before allocation
2391 * then we should never poison the object itself.
2393 if ((flags & SLAB_POISON) && !(flags & SLAB_DESTROY_BY_RCU) &&
2395 s->flags |= __OBJECT_POISON;
2397 s->flags &= ~__OBJECT_POISON;
2401 * If we are Redzoning then check if there is some space between the
2402 * end of the object and the free pointer. If not then add an
2403 * additional word to have some bytes to store Redzone information.
2405 if ((flags & SLAB_RED_ZONE) && size == s->objsize)
2406 size += sizeof(void *);
2410 * With that we have determined the number of bytes in actual use
2411 * by the object. This is the potential offset to the free pointer.
2415 if (((flags & (SLAB_DESTROY_BY_RCU | SLAB_POISON)) ||
2418 * Relocate free pointer after the object if it is not
2419 * permitted to overwrite the first word of the object on
2422 * This is the case if we do RCU, have a constructor or
2423 * destructor or are poisoning the objects.
2426 size += sizeof(void *);
2429 #ifdef CONFIG_SLUB_DEBUG
2430 if (flags & SLAB_STORE_USER)
2432 * Need to store information about allocs and frees after
2435 size += 2 * sizeof(struct track);
2437 if (flags & SLAB_RED_ZONE)
2439 * Add some empty padding so that we can catch
2440 * overwrites from earlier objects rather than let
2441 * tracking information or the free pointer be
2442 * corrupted if a user writes before the start
2445 size += sizeof(void *);
2449 * Determine the alignment based on various parameters that the
2450 * user specified and the dynamic determination of cache line size
2453 align = calculate_alignment(flags, align, s->objsize);
2457 * SLUB stores one object immediately after another beginning from
2458 * offset 0. In order to align the objects we have to simply size
2459 * each object to conform to the alignment.
2461 size = ALIGN(size, align);
2463 if (forced_order >= 0)
2464 order = forced_order;
2466 order = calculate_order(size);
2473 s->allocflags |= __GFP_COMP;
2475 if (s->flags & SLAB_CACHE_DMA)
2476 s->allocflags |= SLUB_DMA;
2478 if (s->flags & SLAB_RECLAIM_ACCOUNT)
2479 s->allocflags |= __GFP_RECLAIMABLE;
2482 * Determine the number of objects per slab
2484 s->oo = oo_make(order, size);
2485 s->min = oo_make(get_order(size), size);
2486 if (oo_objects(s->oo) > oo_objects(s->max))
2489 return !!oo_objects(s->oo);
2493 static int kmem_cache_open(struct kmem_cache *s, gfp_t gfpflags,
2494 const char *name, size_t size,
2495 size_t align, unsigned long flags,
2496 void (*ctor)(void *))
2498 memset(s, 0, kmem_size);
2503 s->flags = kmem_cache_flags(size, flags, name, ctor);
2505 if (!calculate_sizes(s, -1))
2507 if (disable_higher_order_debug) {
2509 * Disable debugging flags that store metadata if the min slab
2512 if (get_order(s->size) > get_order(s->objsize)) {
2513 s->flags &= ~DEBUG_METADATA_FLAGS;
2515 if (!calculate_sizes(s, -1))
2521 * The larger the object size is, the more pages we want on the partial
2522 * list to avoid pounding the page allocator excessively.
2524 set_min_partial(s, ilog2(s->size));
2527 s->remote_node_defrag_ratio = 1000;
2529 if (!init_kmem_cache_nodes(s, gfpflags & ~SLUB_DMA))
2532 if (alloc_kmem_cache_cpus(s, gfpflags & ~SLUB_DMA))
2534 free_kmem_cache_nodes(s);
2536 if (flags & SLAB_PANIC)
2537 panic("Cannot create slab %s size=%lu realsize=%u "
2538 "order=%u offset=%u flags=%lx\n",
2539 s->name, (unsigned long)size, s->size, oo_order(s->oo),
2545 * Check if a given pointer is valid
2547 int kmem_ptr_validate(struct kmem_cache *s, const void *object)
2551 page = get_object_page(object);
2553 if (!page || s != page->slab)
2554 /* No slab or wrong slab */
2557 if (!check_valid_pointer(s, page, object))
2561 * We could also check if the object is on the slabs freelist.
2562 * But this would be too expensive and it seems that the main
2563 * purpose of kmem_ptr_valid() is to check if the object belongs
2564 * to a certain slab.
2568 EXPORT_SYMBOL(kmem_ptr_validate);
2571 * Determine the size of a slab object
2573 unsigned int kmem_cache_size(struct kmem_cache *s)
2577 EXPORT_SYMBOL(kmem_cache_size);
2579 const char *kmem_cache_name(struct kmem_cache *s)
2583 EXPORT_SYMBOL(kmem_cache_name);
2586 * Calculate the upper bound of pages required to sequentially allocate
2587 * @objects objects from @cachep.
2589 * We should use s->min_objects because those are the least efficient.
2591 unsigned kmem_alloc_estimate(struct kmem_cache *s, gfp_t flags, int objects)
2593 unsigned long pages;
2594 struct kmem_cache_order_objects x;
2596 if (WARN_ON(!s) || WARN_ON(!oo_objects(s->min)))
2600 pages = DIV_ROUND_UP(objects, oo_objects(x)) << oo_order(x);
2603 * Account the possible additional overhead if the slab holds more that
2604 * one object. Use s->max_objects because that's the worst case.
2607 if (oo_objects(x) > 1) {
2609 * Account the possible additional overhead if per cpu slabs
2610 * are currently empty and have to be allocated. This is very
2611 * unlikely but a possible scenario immediately after
2612 * kmem_cache_shrink.
2614 pages += num_possible_cpus() << oo_order(x);
2619 EXPORT_SYMBOL_GPL(kmem_alloc_estimate);
2621 static void list_slab_objects(struct kmem_cache *s, struct page *page,
2624 #ifdef CONFIG_SLUB_DEBUG
2625 void *addr = page_address(page);
2627 DECLARE_BITMAP(map, page->objects);
2629 bitmap_zero(map, page->objects);
2630 slab_err(s, page, "%s", text);
2632 for_each_free_object(p, s, page->freelist)
2633 set_bit(slab_index(p, s, addr), map);
2635 for_each_object(p, s, addr, page->objects) {
2637 if (!test_bit(slab_index(p, s, addr), map)) {
2638 printk(KERN_ERR "INFO: Object 0x%p @offset=%tu\n",
2640 print_tracking(s, p);
2648 * Attempt to free all partial slabs on a node.
2650 static void free_partial(struct kmem_cache *s, struct kmem_cache_node *n)
2652 unsigned long flags;
2653 struct page *page, *h;
2655 spin_lock_irqsave(&n->list_lock, flags);
2656 list_for_each_entry_safe(page, h, &n->partial, lru) {
2658 list_del(&page->lru);
2659 discard_slab(s, page);
2662 list_slab_objects(s, page,
2663 "Objects remaining on kmem_cache_close()");
2666 spin_unlock_irqrestore(&n->list_lock, flags);
2670 * Release all resources used by a slab cache.
2672 static inline int kmem_cache_close(struct kmem_cache *s)
2678 /* Attempt to free all objects */
2679 free_kmem_cache_cpus(s);
2680 for_each_node_state(node, N_NORMAL_MEMORY) {
2681 struct kmem_cache_node *n = get_node(s, node);
2684 if (n->nr_partial || slabs_node(s, node))
2687 free_kmem_cache_nodes(s);
2692 * Close a cache and release the kmem_cache structure
2693 * (must be used for caches created using kmem_cache_create)
2695 void kmem_cache_destroy(struct kmem_cache *s)
2697 down_write(&slub_lock);
2701 up_write(&slub_lock);
2702 if (kmem_cache_close(s)) {
2703 printk(KERN_ERR "SLUB %s: %s called for cache that "
2704 "still has objects.\n", s->name, __func__);
2707 if (s->flags & SLAB_DESTROY_BY_RCU)
2709 sysfs_slab_remove(s);
2711 up_write(&slub_lock);
2713 EXPORT_SYMBOL(kmem_cache_destroy);
2715 /********************************************************************
2717 *******************************************************************/
2719 struct kmem_cache kmalloc_caches[SLUB_PAGE_SHIFT] __cacheline_aligned;
2720 EXPORT_SYMBOL(kmalloc_caches);
2722 static int __init setup_slub_min_order(char *str)
2724 get_option(&str, &slub_min_order);
2729 __setup("slub_min_order=", setup_slub_min_order);
2731 static int __init setup_slub_max_order(char *str)
2733 get_option(&str, &slub_max_order);
2734 slub_max_order = min(slub_max_order, MAX_ORDER - 1);
2739 __setup("slub_max_order=", setup_slub_max_order);
2741 static int __init setup_slub_min_objects(char *str)
2743 get_option(&str, &slub_min_objects);
2748 __setup("slub_min_objects=", setup_slub_min_objects);
2750 static int __init setup_slub_nomerge(char *str)
2756 __setup("slub_nomerge", setup_slub_nomerge);
2758 static struct kmem_cache *create_kmalloc_cache(struct kmem_cache *s,
2759 const char *name, int size, gfp_t gfp_flags)
2761 unsigned int flags = 0;
2763 if (gfp_flags & SLUB_DMA)
2764 flags = SLAB_CACHE_DMA;
2767 * This function is called with IRQs disabled during early-boot on
2768 * single CPU so there's no need to take slub_lock here.
2770 if (!kmem_cache_open(s, gfp_flags, name, size, ARCH_KMALLOC_MINALIGN,
2774 list_add(&s->list, &slab_caches);
2776 if (sysfs_slab_add(s))
2781 panic("Creation of kmalloc slab %s size=%d failed.\n", name, size);
2784 #ifdef CONFIG_ZONE_DMA
2785 static struct kmem_cache *kmalloc_caches_dma[SLUB_PAGE_SHIFT];
2787 static void sysfs_add_func(struct work_struct *w)
2789 struct kmem_cache *s;
2791 down_write(&slub_lock);
2792 list_for_each_entry(s, &slab_caches, list) {
2793 if (s->flags & __SYSFS_ADD_DEFERRED) {
2794 s->flags &= ~__SYSFS_ADD_DEFERRED;
2798 up_write(&slub_lock);
2801 static DECLARE_WORK(sysfs_add_work, sysfs_add_func);
2803 static noinline struct kmem_cache *dma_kmalloc_cache(int index, gfp_t flags)
2805 struct kmem_cache *s;
2808 unsigned long slabflags;
2810 s = kmalloc_caches_dma[index];
2814 /* Dynamically create dma cache */
2815 if (flags & __GFP_WAIT)
2816 down_write(&slub_lock);
2818 if (!down_write_trylock(&slub_lock))
2822 if (kmalloc_caches_dma[index])
2825 realsize = kmalloc_caches[index].objsize;
2826 text = kasprintf(flags & ~SLUB_DMA, "kmalloc_dma-%d",
2827 (unsigned int)realsize);
2828 s = kmalloc(kmem_size, flags & ~SLUB_DMA);
2831 * Must defer sysfs creation to a workqueue because we don't know
2832 * what context we are called from. Before sysfs comes up, we don't
2833 * need to do anything because our sysfs initcall will start by
2834 * adding all existing slabs to sysfs.
2836 slabflags = SLAB_CACHE_DMA|SLAB_NOTRACK;
2837 if (slab_state >= SYSFS)
2838 slabflags |= __SYSFS_ADD_DEFERRED;
2840 if (!s || !text || !kmem_cache_open(s, flags, text,
2841 realsize, ARCH_KMALLOC_MINALIGN, slabflags, NULL)) {
2847 list_add(&s->list, &slab_caches);
2848 kmalloc_caches_dma[index] = s;
2850 if (slab_state >= SYSFS)
2851 schedule_work(&sysfs_add_work);
2854 up_write(&slub_lock);
2856 return kmalloc_caches_dma[index];
2861 * Conversion table for small slabs sizes / 8 to the index in the
2862 * kmalloc array. This is necessary for slabs < 192 since we have non power
2863 * of two cache sizes there. The size of larger slabs can be determined using
2866 static s8 size_index[24] = {
2893 static inline int size_index_elem(size_t bytes)
2895 return (bytes - 1) / 8;
2898 static struct kmem_cache *get_slab(size_t size, gfp_t flags)
2904 return ZERO_SIZE_PTR;
2906 index = size_index[size_index_elem(size)];
2908 index = fls(size - 1);
2910 #ifdef CONFIG_ZONE_DMA
2911 if (unlikely((flags & SLUB_DMA)))
2912 return dma_kmalloc_cache(index, flags);
2915 return &kmalloc_caches[index];
2918 void *__kmalloc(size_t size, gfp_t flags)
2920 struct kmem_cache *s;
2923 if (unlikely(size > SLUB_MAX_SIZE))
2924 return kmalloc_large(size, flags);
2926 s = get_slab(size, flags);
2928 if (unlikely(ZERO_OR_NULL_PTR(s)))
2931 ret = slab_alloc(s, flags, -1, _RET_IP_);
2933 trace_kmalloc(_RET_IP_, ret, size, s->size, flags);
2937 EXPORT_SYMBOL(__kmalloc);
2940 static void *kmalloc_large_node(size_t size, gfp_t flags, int node)
2945 flags |= __GFP_COMP | __GFP_NOTRACK;
2946 page = alloc_pages_node(node, flags, get_order(size));
2948 ptr = page_address(page);
2950 kmemleak_alloc(ptr, size, 1, flags);
2954 void *__kmalloc_node(size_t size, gfp_t flags, int node)
2956 struct kmem_cache *s;
2959 if (unlikely(size > SLUB_MAX_SIZE)) {
2960 ret = kmalloc_large_node(size, flags, node);
2962 trace_kmalloc_node(_RET_IP_, ret,
2963 size, PAGE_SIZE << get_order(size),
2969 s = get_slab(size, flags);
2971 if (unlikely(ZERO_OR_NULL_PTR(s)))
2974 ret = slab_alloc(s, flags, node, _RET_IP_);
2976 trace_kmalloc_node(_RET_IP_, ret, size, s->size, flags, node);
2980 EXPORT_SYMBOL(__kmalloc_node);
2983 size_t ksize(const void *object)
2986 struct kmem_cache *s;
2988 if (unlikely(object == ZERO_SIZE_PTR))
2991 page = virt_to_head_page(object);
2993 if (unlikely(!PageSlab(page))) {
2994 WARN_ON(!PageCompound(page));
2995 return PAGE_SIZE << compound_order(page);
2999 #ifdef CONFIG_SLUB_DEBUG
3001 * Debugging requires use of the padding between object
3002 * and whatever may come after it.
3004 if (s->flags & (SLAB_RED_ZONE | SLAB_POISON))
3009 * If we have the need to store the freelist pointer
3010 * back there or track user information then we can
3011 * only use the space before that information.
3013 if (s->flags & (SLAB_DESTROY_BY_RCU | SLAB_STORE_USER))
3016 * Else we can use all the padding etc for the allocation
3020 EXPORT_SYMBOL(ksize);
3022 void kfree(const void *x)
3025 void *object = (void *)x;
3027 trace_kfree(_RET_IP_, x);
3029 if (unlikely(ZERO_OR_NULL_PTR(x)))
3032 page = virt_to_head_page(x);
3033 if (unlikely(!PageSlab(page))) {
3034 BUG_ON(!PageCompound(page));
3039 slab_free(page->slab, page, object, _RET_IP_);
3041 EXPORT_SYMBOL(kfree);
3044 * Calculate the upper bound of pages required to sequentially allocate
3045 * @count objects of @size bytes from kmalloc given @flags.
3047 unsigned kmalloc_estimate_objs(size_t size, gfp_t flags, int count)
3049 struct kmem_cache *s = get_slab(size, flags);
3053 return kmem_alloc_estimate(s, flags, count);
3056 EXPORT_SYMBOL_GPL(kmalloc_estimate_objs);
3059 * Calculate the upper bound of pages requires to sequentially allocate @bytes
3060 * from kmalloc in an unspecified number of allocations of nonuniform size.
3062 unsigned kmalloc_estimate_bytes(gfp_t flags, size_t bytes)
3065 unsigned long pages;
3068 * multiply by two, in order to account the worst case slack space
3069 * due to the power-of-two allocation sizes.
3071 pages = DIV_ROUND_UP(2 * bytes, PAGE_SIZE);
3074 * add the kmem_cache overhead of each possible kmalloc cache
3076 for (i = 1; i < PAGE_SHIFT; i++) {
3077 struct kmem_cache *s;
3079 #ifdef CONFIG_ZONE_DMA
3080 if (unlikely(flags & SLUB_DMA))
3081 s = dma_kmalloc_cache(i, flags);
3084 s = &kmalloc_caches[i];
3087 pages += kmem_alloc_estimate(s, flags, 0);
3092 EXPORT_SYMBOL_GPL(kmalloc_estimate_bytes);
3095 * kmem_cache_shrink removes empty slabs from the partial lists and sorts
3096 * the remaining slabs by the number of items in use. The slabs with the
3097 * most items in use come first. New allocations will then fill those up
3098 * and thus they can be removed from the partial lists.
3100 * The slabs with the least items are placed last. This results in them
3101 * being allocated from last increasing the chance that the last objects
3102 * are freed in them.
3104 int kmem_cache_shrink(struct kmem_cache *s)
3108 struct kmem_cache_node *n;
3111 int objects = oo_objects(s->max);
3112 struct list_head *slabs_by_inuse =
3113 kmalloc(sizeof(struct list_head) * objects, GFP_KERNEL);
3114 unsigned long flags;
3116 if (!slabs_by_inuse)
3120 for_each_node_state(node, N_NORMAL_MEMORY) {
3121 n = get_node(s, node);
3126 for (i = 0; i < objects; i++)
3127 INIT_LIST_HEAD(slabs_by_inuse + i);
3129 spin_lock_irqsave(&n->list_lock, flags);
3132 * Build lists indexed by the items in use in each slab.
3134 * Note that concurrent frees may occur while we hold the
3135 * list_lock. page->inuse here is the upper limit.
3137 list_for_each_entry_safe(page, t, &n->partial, lru) {
3138 if (!page->inuse && slab_trylock(page)) {
3140 * Must hold slab lock here because slab_free
3141 * may have freed the last object and be
3142 * waiting to release the slab.
3144 list_del(&page->lru);
3147 discard_slab(s, page);
3149 list_move(&page->lru,
3150 slabs_by_inuse + page->inuse);
3155 * Rebuild the partial list with the slabs filled up most
3156 * first and the least used slabs at the end.
3158 for (i = objects - 1; i >= 0; i--)
3159 list_splice(slabs_by_inuse + i, n->partial.prev);
3161 spin_unlock_irqrestore(&n->list_lock, flags);
3164 kfree(slabs_by_inuse);
3167 EXPORT_SYMBOL(kmem_cache_shrink);
3169 #if defined(CONFIG_NUMA) && defined(CONFIG_MEMORY_HOTPLUG)
3170 static int slab_mem_going_offline_callback(void *arg)
3172 struct kmem_cache *s;
3174 down_read(&slub_lock);
3175 list_for_each_entry(s, &slab_caches, list)
3176 kmem_cache_shrink(s);
3177 up_read(&slub_lock);
3182 static void slab_mem_offline_callback(void *arg)
3184 struct kmem_cache_node *n;
3185 struct kmem_cache *s;
3186 struct memory_notify *marg = arg;
3189 offline_node = marg->status_change_nid;
3192 * If the node still has available memory. we need kmem_cache_node
3195 if (offline_node < 0)
3198 down_read(&slub_lock);
3199 list_for_each_entry(s, &slab_caches, list) {
3200 n = get_node(s, offline_node);
3203 * if n->nr_slabs > 0, slabs still exist on the node
3204 * that is going down. We were unable to free them,
3205 * and offline_pages() function shoudn't call this
3206 * callback. So, we must fail.
3208 BUG_ON(slabs_node(s, offline_node));
3210 s->node[offline_node] = NULL;
3211 kmem_cache_free(kmalloc_caches, n);
3214 up_read(&slub_lock);
3217 static int slab_mem_going_online_callback(void *arg)
3219 struct kmem_cache_node *n;
3220 struct kmem_cache *s;
3221 struct memory_notify *marg = arg;
3222 int nid = marg->status_change_nid;
3226 * If the node's memory is already available, then kmem_cache_node is
3227 * already created. Nothing to do.
3233 * We are bringing a node online. No memory is available yet. We must
3234 * allocate a kmem_cache_node structure in order to bring the node
3237 down_read(&slub_lock);
3238 list_for_each_entry(s, &slab_caches, list) {
3240 * XXX: kmem_cache_alloc_node will fallback to other nodes
3241 * since memory is not yet available from the node that
3244 n = kmem_cache_alloc(kmalloc_caches, GFP_KERNEL);
3249 init_kmem_cache_node(n, s);
3253 up_read(&slub_lock);
3257 static int slab_memory_callback(struct notifier_block *self,
3258 unsigned long action, void *arg)
3263 case MEM_GOING_ONLINE:
3264 ret = slab_mem_going_online_callback(arg);
3266 case MEM_GOING_OFFLINE:
3267 ret = slab_mem_going_offline_callback(arg);
3270 case MEM_CANCEL_ONLINE:
3271 slab_mem_offline_callback(arg);
3274 case MEM_CANCEL_OFFLINE:
3278 ret = notifier_from_errno(ret);
3284 #endif /* CONFIG_MEMORY_HOTPLUG */
3286 /********************************************************************
3287 * Basic setup of slabs
3288 *******************************************************************/
3290 void __init kmem_cache_init(void)
3299 * Must first have the slab cache available for the allocations of the
3300 * struct kmem_cache_node's. There is special bootstrap code in
3301 * kmem_cache_open for slab_state == DOWN.
3303 create_kmalloc_cache(&kmalloc_caches[0], "kmem_cache_node",
3304 sizeof(struct kmem_cache_node), GFP_NOWAIT);
3305 kmalloc_caches[0].refcount = -1;
3308 hotplug_memory_notifier(slab_memory_callback, SLAB_CALLBACK_PRI);
3311 /* Able to allocate the per node structures */
3312 slab_state = PARTIAL;
3314 /* Caches that are not of the two-to-the-power-of size */
3315 if (KMALLOC_MIN_SIZE <= 32) {
3316 create_kmalloc_cache(&kmalloc_caches[1],
3317 "kmalloc-96", 96, GFP_NOWAIT);
3320 if (KMALLOC_MIN_SIZE <= 64) {
3321 create_kmalloc_cache(&kmalloc_caches[2],
3322 "kmalloc-192", 192, GFP_NOWAIT);
3326 for (i = KMALLOC_SHIFT_LOW; i < SLUB_PAGE_SHIFT; i++) {
3327 create_kmalloc_cache(&kmalloc_caches[i],
3328 "kmalloc", 1 << i, GFP_NOWAIT);
3334 * Patch up the size_index table if we have strange large alignment
3335 * requirements for the kmalloc array. This is only the case for
3336 * MIPS it seems. The standard arches will not generate any code here.
3338 * Largest permitted alignment is 256 bytes due to the way we
3339 * handle the index determination for the smaller caches.
3341 * Make sure that nothing crazy happens if someone starts tinkering
3342 * around with ARCH_KMALLOC_MINALIGN
3344 BUILD_BUG_ON(KMALLOC_MIN_SIZE > 256 ||
3345 (KMALLOC_MIN_SIZE & (KMALLOC_MIN_SIZE - 1)));
3347 for (i = 8; i < KMALLOC_MIN_SIZE; i += 8) {
3348 int elem = size_index_elem(i);
3349 if (elem >= ARRAY_SIZE(size_index))
3351 size_index[elem] = KMALLOC_SHIFT_LOW;
3354 if (KMALLOC_MIN_SIZE == 64) {
3356 * The 96 byte size cache is not used if the alignment
3359 for (i = 64 + 8; i <= 96; i += 8)
3360 size_index[size_index_elem(i)] = 7;
3361 } else if (KMALLOC_MIN_SIZE == 128) {
3363 * The 192 byte sized cache is not used if the alignment
3364 * is 128 byte. Redirect kmalloc to use the 256 byte cache
3367 for (i = 128 + 8; i <= 192; i += 8)
3368 size_index[size_index_elem(i)] = 8;
3373 /* Provide the correct kmalloc names now that the caches are up */
3374 for (i = KMALLOC_SHIFT_LOW; i < SLUB_PAGE_SHIFT; i++)
3375 kmalloc_caches[i]. name =
3376 kasprintf(GFP_NOWAIT, "kmalloc-%d", 1 << i);
3379 register_cpu_notifier(&slab_notifier);
3380 kmem_size = offsetof(struct kmem_cache, cpu_slab) +
3381 nr_cpu_ids * sizeof(struct kmem_cache_cpu *);
3383 kmem_size = sizeof(struct kmem_cache);
3387 "SLUB: Genslabs=%d, HWalign=%d, Order=%d-%d, MinObjects=%d,"
3388 " CPUs=%d, Nodes=%d\n",
3389 caches, cache_line_size(),
3390 slub_min_order, slub_max_order, slub_min_objects,
3391 nr_cpu_ids, nr_node_ids);
3394 void __init kmem_cache_init_late(void)
3399 * Find a mergeable slab cache
3401 static int slab_unmergeable(struct kmem_cache *s)
3403 if (slub_nomerge || (s->flags & SLUB_NEVER_MERGE))
3410 * We may have set a slab to be unmergeable during bootstrap.
3412 if (s->refcount < 0)
3418 static struct kmem_cache *find_mergeable(size_t size,
3419 size_t align, unsigned long flags, const char *name,
3420 void (*ctor)(void *))
3422 struct kmem_cache *s;
3424 if (slub_nomerge || (flags & SLUB_NEVER_MERGE))
3430 size = ALIGN(size, sizeof(void *));
3431 align = calculate_alignment(flags, align, size);
3432 size = ALIGN(size, align);
3433 flags = kmem_cache_flags(size, flags, name, NULL);
3435 list_for_each_entry(s, &slab_caches, list) {
3436 if (slab_unmergeable(s))
3442 if ((flags & SLUB_MERGE_SAME) != (s->flags & SLUB_MERGE_SAME))
3445 * Check if alignment is compatible.
3446 * Courtesy of Adrian Drzewiecki
3448 if ((s->size & ~(align - 1)) != s->size)
3451 if (s->size - size >= sizeof(void *))
3459 struct kmem_cache *kmem_cache_create(const char *name, size_t size,
3460 size_t align, unsigned long flags, void (*ctor)(void *))
3462 struct kmem_cache *s;
3467 down_write(&slub_lock);
3468 s = find_mergeable(size, align, flags, name, ctor);
3474 * Adjust the object sizes so that we clear
3475 * the complete object on kzalloc.
3477 s->objsize = max(s->objsize, (int)size);
3480 * And then we need to update the object size in the
3481 * per cpu structures
3483 for_each_online_cpu(cpu)
3484 get_cpu_slab(s, cpu)->objsize = s->objsize;
3486 s->inuse = max_t(int, s->inuse, ALIGN(size, sizeof(void *)));
3487 up_write(&slub_lock);
3489 if (sysfs_slab_alias(s, name)) {
3490 down_write(&slub_lock);
3492 up_write(&slub_lock);
3498 s = kmalloc(kmem_size, GFP_KERNEL);
3500 if (kmem_cache_open(s, GFP_KERNEL, name,
3501 size, align, flags, ctor)) {
3502 list_add(&s->list, &slab_caches);
3503 up_write(&slub_lock);
3504 if (sysfs_slab_add(s)) {
3505 down_write(&slub_lock);
3507 up_write(&slub_lock);
3515 up_write(&slub_lock);
3518 if (flags & SLAB_PANIC)
3519 panic("Cannot create slabcache %s\n", name);
3524 EXPORT_SYMBOL(kmem_cache_create);
3528 * Use the cpu notifier to insure that the cpu slabs are flushed when
3531 static int __cpuinit slab_cpuup_callback(struct notifier_block *nfb,
3532 unsigned long action, void *hcpu)
3534 long cpu = (long)hcpu;
3535 struct kmem_cache *s;
3536 unsigned long flags;
3539 case CPU_UP_PREPARE:
3540 case CPU_UP_PREPARE_FROZEN:
3541 init_alloc_cpu_cpu(cpu);
3542 down_read(&slub_lock);
3543 list_for_each_entry(s, &slab_caches, list)
3544 s->cpu_slab[cpu] = alloc_kmem_cache_cpu(s, cpu,
3546 up_read(&slub_lock);
3549 case CPU_UP_CANCELED:
3550 case CPU_UP_CANCELED_FROZEN:
3552 case CPU_DEAD_FROZEN:
3553 down_read(&slub_lock);
3554 list_for_each_entry(s, &slab_caches, list) {
3555 struct kmem_cache_cpu *c = get_cpu_slab(s, cpu);
3557 local_irq_save(flags);
3558 __flush_cpu_slab(s, cpu);
3559 local_irq_restore(flags);
3560 free_kmem_cache_cpu(c, cpu);
3561 s->cpu_slab[cpu] = NULL;
3563 up_read(&slub_lock);
3571 static struct notifier_block __cpuinitdata slab_notifier = {
3572 .notifier_call = slab_cpuup_callback
3577 void *__kmalloc_track_caller(size_t size, gfp_t gfpflags, unsigned long caller)
3579 struct kmem_cache *s;
3582 if (unlikely(size > SLUB_MAX_SIZE))
3583 return kmalloc_large(size, gfpflags);
3585 s = get_slab(size, gfpflags);
3587 if (unlikely(ZERO_OR_NULL_PTR(s)))
3590 ret = slab_alloc(s, gfpflags, -1, caller);
3592 /* Honor the call site pointer we recieved. */
3593 trace_kmalloc(caller, ret, size, s->size, gfpflags);
3598 void *__kmalloc_node_track_caller(size_t size, gfp_t gfpflags,
3599 int node, unsigned long caller)
3601 struct kmem_cache *s;
3604 if (unlikely(size > SLUB_MAX_SIZE))
3605 return kmalloc_large_node(size, gfpflags, node);
3607 s = get_slab(size, gfpflags);
3609 if (unlikely(ZERO_OR_NULL_PTR(s)))
3612 ret = slab_alloc(s, gfpflags, node, caller);
3614 /* Honor the call site pointer we recieved. */
3615 trace_kmalloc_node(caller, ret, size, s->size, gfpflags, node);
3620 #ifdef CONFIG_SLUB_DEBUG
3621 static int count_inuse(struct page *page)
3626 static int count_total(struct page *page)
3628 return page->objects;
3631 static int validate_slab(struct kmem_cache *s, struct page *page,
3635 void *addr = page_address(page);
3637 if (!check_slab(s, page) ||
3638 !on_freelist(s, page, NULL))
3641 /* Now we know that a valid freelist exists */
3642 bitmap_zero(map, page->objects);
3644 for_each_free_object(p, s, page->freelist) {
3645 set_bit(slab_index(p, s, addr), map);
3646 if (!check_object(s, page, p, 0))
3650 for_each_object(p, s, addr, page->objects)
3651 if (!test_bit(slab_index(p, s, addr), map))
3652 if (!check_object(s, page, p, 1))
3657 static void validate_slab_slab(struct kmem_cache *s, struct page *page,
3660 if (slab_trylock(page)) {
3661 validate_slab(s, page, map);
3664 printk(KERN_INFO "SLUB %s: Skipped busy slab 0x%p\n",
3667 if (s->flags & DEBUG_DEFAULT_FLAGS) {
3668 if (!PageSlubDebug(page))
3669 printk(KERN_ERR "SLUB %s: SlubDebug not set "
3670 "on slab 0x%p\n", s->name, page);
3672 if (PageSlubDebug(page))
3673 printk(KERN_ERR "SLUB %s: SlubDebug set on "
3674 "slab 0x%p\n", s->name, page);
3678 static int validate_slab_node(struct kmem_cache *s,
3679 struct kmem_cache_node *n, unsigned long *map)
3681 unsigned long count = 0;
3683 unsigned long flags;
3685 spin_lock_irqsave(&n->list_lock, flags);
3687 list_for_each_entry(page, &n->partial, lru) {
3688 validate_slab_slab(s, page, map);
3691 if (count != n->nr_partial)
3692 printk(KERN_ERR "SLUB %s: %ld partial slabs counted but "
3693 "counter=%ld\n", s->name, count, n->nr_partial);
3695 if (!(s->flags & SLAB_STORE_USER))
3698 list_for_each_entry(page, &n->full, lru) {
3699 validate_slab_slab(s, page, map);
3702 if (count != atomic_long_read(&n->nr_slabs))
3703 printk(KERN_ERR "SLUB: %s %ld slabs counted but "
3704 "counter=%ld\n", s->name, count,
3705 atomic_long_read(&n->nr_slabs));
3708 spin_unlock_irqrestore(&n->list_lock, flags);
3712 static long validate_slab_cache(struct kmem_cache *s)
3715 unsigned long count = 0;
3716 unsigned long *map = kmalloc(BITS_TO_LONGS(oo_objects(s->max)) *
3717 sizeof(unsigned long), GFP_KERNEL);
3723 for_each_node_state(node, N_NORMAL_MEMORY) {
3724 struct kmem_cache_node *n = get_node(s, node);
3726 count += validate_slab_node(s, n, map);
3732 #ifdef SLUB_RESILIENCY_TEST
3733 static void resiliency_test(void)
3737 printk(KERN_ERR "SLUB resiliency testing\n");
3738 printk(KERN_ERR "-----------------------\n");
3739 printk(KERN_ERR "A. Corruption after allocation\n");
3741 p = kzalloc(16, GFP_KERNEL);
3743 printk(KERN_ERR "\n1. kmalloc-16: Clobber Redzone/next pointer"
3744 " 0x12->0x%p\n\n", p + 16);
3746 validate_slab_cache(kmalloc_caches + 4);
3748 /* Hmmm... The next two are dangerous */
3749 p = kzalloc(32, GFP_KERNEL);
3750 p[32 + sizeof(void *)] = 0x34;
3751 printk(KERN_ERR "\n2. kmalloc-32: Clobber next pointer/next slab"
3752 " 0x34 -> -0x%p\n", p);
3754 "If allocated object is overwritten then not detectable\n\n");
3756 validate_slab_cache(kmalloc_caches + 5);
3757 p = kzalloc(64, GFP_KERNEL);
3758 p += 64 + (get_cycles() & 0xff) * sizeof(void *);
3760 printk(KERN_ERR "\n3. kmalloc-64: corrupting random byte 0x56->0x%p\n",
3763 "If allocated object is overwritten then not detectable\n\n");
3764 validate_slab_cache(kmalloc_caches + 6);
3766 printk(KERN_ERR "\nB. Corruption after free\n");
3767 p = kzalloc(128, GFP_KERNEL);
3770 printk(KERN_ERR "1. kmalloc-128: Clobber first word 0x78->0x%p\n\n", p);
3771 validate_slab_cache(kmalloc_caches + 7);
3773 p = kzalloc(256, GFP_KERNEL);
3776 printk(KERN_ERR "\n2. kmalloc-256: Clobber 50th byte 0x9a->0x%p\n\n",
3778 validate_slab_cache(kmalloc_caches + 8);
3780 p = kzalloc(512, GFP_KERNEL);
3783 printk(KERN_ERR "\n3. kmalloc-512: Clobber redzone 0xab->0x%p\n\n", p);
3784 validate_slab_cache(kmalloc_caches + 9);
3787 static void resiliency_test(void) {};
3791 * Generate lists of code addresses where slabcache objects are allocated
3796 unsigned long count;
3803 DECLARE_BITMAP(cpus, NR_CPUS);
3809 unsigned long count;
3810 struct location *loc;
3813 static void free_loc_track(struct loc_track *t)
3816 free_pages((unsigned long)t->loc,
3817 get_order(sizeof(struct location) * t->max));
3820 static int alloc_loc_track(struct loc_track *t, unsigned long max, gfp_t flags)
3825 order = get_order(sizeof(struct location) * max);
3827 l = (void *)__get_free_pages(flags, order);
3832 memcpy(l, t->loc, sizeof(struct location) * t->count);
3840 static int add_location(struct loc_track *t, struct kmem_cache *s,
3841 const struct track *track)
3843 long start, end, pos;
3845 unsigned long caddr;
3846 unsigned long age = jiffies - track->when;
3852 pos = start + (end - start + 1) / 2;
3855 * There is nothing at "end". If we end up there
3856 * we need to add something to before end.
3861 caddr = t->loc[pos].addr;
3862 if (track->addr == caddr) {
3868 if (age < l->min_time)
3870 if (age > l->max_time)
3873 if (track->pid < l->min_pid)
3874 l->min_pid = track->pid;
3875 if (track->pid > l->max_pid)
3876 l->max_pid = track->pid;
3878 cpumask_set_cpu(track->cpu,
3879 to_cpumask(l->cpus));
3881 node_set(page_to_nid(virt_to_page(track)), l->nodes);
3885 if (track->addr < caddr)
3892 * Not found. Insert new tracking element.
3894 if (t->count >= t->max && !alloc_loc_track(t, 2 * t->max, GFP_ATOMIC))
3900 (t->count - pos) * sizeof(struct location));
3903 l->addr = track->addr;
3907 l->min_pid = track->pid;
3908 l->max_pid = track->pid;
3909 cpumask_clear(to_cpumask(l->cpus));
3910 cpumask_set_cpu(track->cpu, to_cpumask(l->cpus));
3911 nodes_clear(l->nodes);
3912 node_set(page_to_nid(virt_to_page(track)), l->nodes);
3916 static void process_slab(struct loc_track *t, struct kmem_cache *s,
3917 struct page *page, enum track_item alloc)
3919 void *addr = page_address(page);
3920 DECLARE_BITMAP(map, page->objects);
3923 bitmap_zero(map, page->objects);
3924 for_each_free_object(p, s, page->freelist)
3925 set_bit(slab_index(p, s, addr), map);
3927 for_each_object(p, s, addr, page->objects)
3928 if (!test_bit(slab_index(p, s, addr), map))
3929 add_location(t, s, get_track(s, p, alloc));
3932 static int list_locations(struct kmem_cache *s, char *buf,
3933 enum track_item alloc)
3937 struct loc_track t = { 0, 0, NULL };
3940 if (!alloc_loc_track(&t, PAGE_SIZE / sizeof(struct location),
3942 return sprintf(buf, "Out of memory\n");
3944 /* Push back cpu slabs */
3947 for_each_node_state(node, N_NORMAL_MEMORY) {
3948 struct kmem_cache_node *n = get_node(s, node);
3949 unsigned long flags;
3952 if (!atomic_long_read(&n->nr_slabs))
3955 spin_lock_irqsave(&n->list_lock, flags);
3956 list_for_each_entry(page, &n->partial, lru)
3957 process_slab(&t, s, page, alloc);
3958 list_for_each_entry(page, &n->full, lru)
3959 process_slab(&t, s, page, alloc);
3960 spin_unlock_irqrestore(&n->list_lock, flags);
3963 for (i = 0; i < t.count; i++) {
3964 struct location *l = &t.loc[i];
3966 if (len > PAGE_SIZE - KSYM_SYMBOL_LEN - 100)
3968 len += sprintf(buf + len, "%7ld ", l->count);
3971 len += sprint_symbol(buf + len, (unsigned long)l->addr);
3973 len += sprintf(buf + len, "<not-available>");
3975 if (l->sum_time != l->min_time) {
3976 len += sprintf(buf + len, " age=%ld/%ld/%ld",
3978 (long)div_u64(l->sum_time, l->count),
3981 len += sprintf(buf + len, " age=%ld",
3984 if (l->min_pid != l->max_pid)
3985 len += sprintf(buf + len, " pid=%ld-%ld",
3986 l->min_pid, l->max_pid);
3988 len += sprintf(buf + len, " pid=%ld",
3991 if (num_online_cpus() > 1 &&
3992 !cpumask_empty(to_cpumask(l->cpus)) &&
3993 len < PAGE_SIZE - 60) {
3994 len += sprintf(buf + len, " cpus=");
3995 len += cpulist_scnprintf(buf + len, PAGE_SIZE - len - 50,
3996 to_cpumask(l->cpus));
3999 if (nr_online_nodes > 1 && !nodes_empty(l->nodes) &&
4000 len < PAGE_SIZE - 60) {
4001 len += sprintf(buf + len, " nodes=");
4002 len += nodelist_scnprintf(buf + len, PAGE_SIZE - len - 50,
4006 len += sprintf(buf + len, "\n");
4011 len += sprintf(buf, "No data\n");
4015 enum slab_stat_type {
4016 SL_ALL, /* All slabs */
4017 SL_PARTIAL, /* Only partially allocated slabs */
4018 SL_CPU, /* Only slabs used for cpu caches */
4019 SL_OBJECTS, /* Determine allocated objects not slabs */
4020 SL_TOTAL /* Determine object capacity not slabs */
4023 #define SO_ALL (1 << SL_ALL)
4024 #define SO_PARTIAL (1 << SL_PARTIAL)
4025 #define SO_CPU (1 << SL_CPU)
4026 #define SO_OBJECTS (1 << SL_OBJECTS)
4027 #define SO_TOTAL (1 << SL_TOTAL)
4029 static ssize_t show_slab_objects(struct kmem_cache *s,
4030 char *buf, unsigned long flags)
4032 unsigned long total = 0;
4035 unsigned long *nodes;
4036 unsigned long *per_cpu;
4038 nodes = kzalloc(2 * sizeof(unsigned long) * nr_node_ids, GFP_KERNEL);
4041 per_cpu = nodes + nr_node_ids;
4043 if (flags & SO_CPU) {
4046 for_each_possible_cpu(cpu) {
4047 struct kmem_cache_cpu *c = get_cpu_slab(s, cpu);
4049 if (!c || c->node < 0)
4053 if (flags & SO_TOTAL)
4054 x = c->page->objects;
4055 else if (flags & SO_OBJECTS)
4061 nodes[c->node] += x;
4067 if (flags & SO_ALL) {
4068 for_each_node_state(node, N_NORMAL_MEMORY) {
4069 struct kmem_cache_node *n = get_node(s, node);
4071 if (flags & SO_TOTAL)
4072 x = atomic_long_read(&n->total_objects);
4073 else if (flags & SO_OBJECTS)
4074 x = atomic_long_read(&n->total_objects) -
4075 count_partial(n, count_free);
4078 x = atomic_long_read(&n->nr_slabs);
4083 } else if (flags & SO_PARTIAL) {
4084 for_each_node_state(node, N_NORMAL_MEMORY) {
4085 struct kmem_cache_node *n = get_node(s, node);
4087 if (flags & SO_TOTAL)
4088 x = count_partial(n, count_total);
4089 else if (flags & SO_OBJECTS)
4090 x = count_partial(n, count_inuse);
4097 x = sprintf(buf, "%lu", total);
4099 for_each_node_state(node, N_NORMAL_MEMORY)
4101 x += sprintf(buf + x, " N%d=%lu",
4105 return x + sprintf(buf + x, "\n");
4108 static int any_slab_objects(struct kmem_cache *s)
4112 for_each_online_node(node) {
4113 struct kmem_cache_node *n = get_node(s, node);
4118 if (atomic_long_read(&n->total_objects))
4124 #define to_slab_attr(n) container_of(n, struct slab_attribute, attr)
4125 #define to_slab(n) container_of(n, struct kmem_cache, kobj);
4127 struct slab_attribute {
4128 struct attribute attr;
4129 ssize_t (*show)(struct kmem_cache *s, char *buf);
4130 ssize_t (*store)(struct kmem_cache *s, const char *x, size_t count);
4133 #define SLAB_ATTR_RO(_name) \
4134 static struct slab_attribute _name##_attr = __ATTR_RO(_name)
4136 #define SLAB_ATTR(_name) \
4137 static struct slab_attribute _name##_attr = \
4138 __ATTR(_name, 0644, _name##_show, _name##_store)
4140 static ssize_t slab_size_show(struct kmem_cache *s, char *buf)
4142 return sprintf(buf, "%d\n", s->size);
4144 SLAB_ATTR_RO(slab_size);
4146 static ssize_t align_show(struct kmem_cache *s, char *buf)
4148 return sprintf(buf, "%d\n", s->align);
4150 SLAB_ATTR_RO(align);
4152 static ssize_t object_size_show(struct kmem_cache *s, char *buf)
4154 return sprintf(buf, "%d\n", s->objsize);
4156 SLAB_ATTR_RO(object_size);
4158 static ssize_t objs_per_slab_show(struct kmem_cache *s, char *buf)
4160 return sprintf(buf, "%d\n", oo_objects(s->oo));
4162 SLAB_ATTR_RO(objs_per_slab);
4164 static ssize_t order_store(struct kmem_cache *s,
4165 const char *buf, size_t length)
4167 unsigned long order;
4170 err = strict_strtoul(buf, 10, &order);
4174 if (order > slub_max_order || order < slub_min_order)
4177 calculate_sizes(s, order);
4181 static ssize_t order_show(struct kmem_cache *s, char *buf)
4183 return sprintf(buf, "%d\n", oo_order(s->oo));
4187 static ssize_t min_partial_show(struct kmem_cache *s, char *buf)
4189 return sprintf(buf, "%lu\n", s->min_partial);
4192 static ssize_t min_partial_store(struct kmem_cache *s, const char *buf,
4198 err = strict_strtoul(buf, 10, &min);
4202 set_min_partial(s, min);
4205 SLAB_ATTR(min_partial);
4207 static ssize_t ctor_show(struct kmem_cache *s, char *buf)
4210 int n = sprint_symbol(buf, (unsigned long)s->ctor);
4212 return n + sprintf(buf + n, "\n");
4218 static ssize_t aliases_show(struct kmem_cache *s, char *buf)
4220 return sprintf(buf, "%d\n", s->refcount - 1);
4222 SLAB_ATTR_RO(aliases);
4224 static ssize_t slabs_show(struct kmem_cache *s, char *buf)
4226 return show_slab_objects(s, buf, SO_ALL);
4228 SLAB_ATTR_RO(slabs);
4230 static ssize_t partial_show(struct kmem_cache *s, char *buf)
4232 return show_slab_objects(s, buf, SO_PARTIAL);
4234 SLAB_ATTR_RO(partial);
4236 static ssize_t cpu_slabs_show(struct kmem_cache *s, char *buf)
4238 return show_slab_objects(s, buf, SO_CPU);
4240 SLAB_ATTR_RO(cpu_slabs);
4242 static ssize_t objects_show(struct kmem_cache *s, char *buf)
4244 return show_slab_objects(s, buf, SO_ALL|SO_OBJECTS);
4246 SLAB_ATTR_RO(objects);
4248 static ssize_t objects_partial_show(struct kmem_cache *s, char *buf)
4250 return show_slab_objects(s, buf, SO_PARTIAL|SO_OBJECTS);
4252 SLAB_ATTR_RO(objects_partial);
4254 static ssize_t total_objects_show(struct kmem_cache *s, char *buf)
4256 return show_slab_objects(s, buf, SO_ALL|SO_TOTAL);
4258 SLAB_ATTR_RO(total_objects);
4260 static ssize_t sanity_checks_show(struct kmem_cache *s, char *buf)
4262 return sprintf(buf, "%d\n", !!(s->flags & SLAB_DEBUG_FREE));
4265 static ssize_t sanity_checks_store(struct kmem_cache *s,
4266 const char *buf, size_t length)
4268 s->flags &= ~SLAB_DEBUG_FREE;
4270 s->flags |= SLAB_DEBUG_FREE;
4273 SLAB_ATTR(sanity_checks);
4275 static ssize_t trace_show(struct kmem_cache *s, char *buf)
4277 return sprintf(buf, "%d\n", !!(s->flags & SLAB_TRACE));
4280 static ssize_t trace_store(struct kmem_cache *s, const char *buf,
4283 s->flags &= ~SLAB_TRACE;
4285 s->flags |= SLAB_TRACE;
4290 static ssize_t reclaim_account_show(struct kmem_cache *s, char *buf)
4292 return sprintf(buf, "%d\n", !!(s->flags & SLAB_RECLAIM_ACCOUNT));
4295 static ssize_t reclaim_account_store(struct kmem_cache *s,
4296 const char *buf, size_t length)
4298 s->flags &= ~SLAB_RECLAIM_ACCOUNT;
4300 s->flags |= SLAB_RECLAIM_ACCOUNT;
4303 SLAB_ATTR(reclaim_account);
4305 static ssize_t hwcache_align_show(struct kmem_cache *s, char *buf)
4307 return sprintf(buf, "%d\n", !!(s->flags & SLAB_HWCACHE_ALIGN));
4309 SLAB_ATTR_RO(hwcache_align);
4311 #ifdef CONFIG_ZONE_DMA
4312 static ssize_t cache_dma_show(struct kmem_cache *s, char *buf)
4314 return sprintf(buf, "%d\n", !!(s->flags & SLAB_CACHE_DMA));
4316 SLAB_ATTR_RO(cache_dma);
4319 static ssize_t destroy_by_rcu_show(struct kmem_cache *s, char *buf)
4321 return sprintf(buf, "%d\n", !!(s->flags & SLAB_DESTROY_BY_RCU));
4323 SLAB_ATTR_RO(destroy_by_rcu);
4325 static ssize_t red_zone_show(struct kmem_cache *s, char *buf)
4327 return sprintf(buf, "%d\n", !!(s->flags & SLAB_RED_ZONE));
4330 static ssize_t red_zone_store(struct kmem_cache *s,
4331 const char *buf, size_t length)
4333 if (any_slab_objects(s))
4336 s->flags &= ~SLAB_RED_ZONE;
4338 s->flags |= SLAB_RED_ZONE;
4339 calculate_sizes(s, -1);
4342 SLAB_ATTR(red_zone);
4344 static ssize_t poison_show(struct kmem_cache *s, char *buf)
4346 return sprintf(buf, "%d\n", !!(s->flags & SLAB_POISON));
4349 static ssize_t poison_store(struct kmem_cache *s,
4350 const char *buf, size_t length)
4352 if (any_slab_objects(s))
4355 s->flags &= ~SLAB_POISON;
4357 s->flags |= SLAB_POISON;
4358 calculate_sizes(s, -1);
4363 static ssize_t store_user_show(struct kmem_cache *s, char *buf)
4365 return sprintf(buf, "%d\n", !!(s->flags & SLAB_STORE_USER));
4368 static ssize_t store_user_store(struct kmem_cache *s,
4369 const char *buf, size_t length)
4371 if (any_slab_objects(s))
4374 s->flags &= ~SLAB_STORE_USER;
4376 s->flags |= SLAB_STORE_USER;
4377 calculate_sizes(s, -1);
4380 SLAB_ATTR(store_user);
4382 static ssize_t validate_show(struct kmem_cache *s, char *buf)
4387 static ssize_t validate_store(struct kmem_cache *s,
4388 const char *buf, size_t length)
4392 if (buf[0] == '1') {
4393 ret = validate_slab_cache(s);
4399 SLAB_ATTR(validate);
4401 static ssize_t shrink_show(struct kmem_cache *s, char *buf)
4406 static ssize_t shrink_store(struct kmem_cache *s,
4407 const char *buf, size_t length)
4409 if (buf[0] == '1') {
4410 int rc = kmem_cache_shrink(s);
4420 static ssize_t alloc_calls_show(struct kmem_cache *s, char *buf)
4422 if (!(s->flags & SLAB_STORE_USER))
4424 return list_locations(s, buf, TRACK_ALLOC);
4426 SLAB_ATTR_RO(alloc_calls);
4428 static ssize_t free_calls_show(struct kmem_cache *s, char *buf)
4430 if (!(s->flags & SLAB_STORE_USER))
4432 return list_locations(s, buf, TRACK_FREE);
4434 SLAB_ATTR_RO(free_calls);
4437 static ssize_t remote_node_defrag_ratio_show(struct kmem_cache *s, char *buf)
4439 return sprintf(buf, "%d\n", s->remote_node_defrag_ratio / 10);
4442 static ssize_t remote_node_defrag_ratio_store(struct kmem_cache *s,
4443 const char *buf, size_t length)
4445 unsigned long ratio;
4448 err = strict_strtoul(buf, 10, &ratio);
4453 s->remote_node_defrag_ratio = ratio * 10;
4457 SLAB_ATTR(remote_node_defrag_ratio);
4460 #ifdef CONFIG_SLUB_STATS
4461 static int show_stat(struct kmem_cache *s, char *buf, enum stat_item si)
4463 unsigned long sum = 0;
4466 int *data = kmalloc(nr_cpu_ids * sizeof(int), GFP_KERNEL);
4471 for_each_online_cpu(cpu) {
4472 unsigned x = get_cpu_slab(s, cpu)->stat[si];
4478 len = sprintf(buf, "%lu", sum);
4481 for_each_online_cpu(cpu) {
4482 if (data[cpu] && len < PAGE_SIZE - 20)
4483 len += sprintf(buf + len, " C%d=%u", cpu, data[cpu]);
4487 return len + sprintf(buf + len, "\n");
4490 static void clear_stat(struct kmem_cache *s, enum stat_item si)
4494 for_each_online_cpu(cpu)
4495 get_cpu_slab(s, cpu)->stat[si] = 0;
4498 #define STAT_ATTR(si, text) \
4499 static ssize_t text##_show(struct kmem_cache *s, char *buf) \
4501 return show_stat(s, buf, si); \
4503 static ssize_t text##_store(struct kmem_cache *s, \
4504 const char *buf, size_t length) \
4506 if (buf[0] != '0') \
4508 clear_stat(s, si); \
4513 STAT_ATTR(ALLOC_FASTPATH, alloc_fastpath);
4514 STAT_ATTR(ALLOC_SLOWPATH, alloc_slowpath);
4515 STAT_ATTR(FREE_FASTPATH, free_fastpath);
4516 STAT_ATTR(FREE_SLOWPATH, free_slowpath);
4517 STAT_ATTR(FREE_FROZEN, free_frozen);
4518 STAT_ATTR(FREE_ADD_PARTIAL, free_add_partial);
4519 STAT_ATTR(FREE_REMOVE_PARTIAL, free_remove_partial);
4520 STAT_ATTR(ALLOC_FROM_PARTIAL, alloc_from_partial);
4521 STAT_ATTR(ALLOC_SLAB, alloc_slab);
4522 STAT_ATTR(ALLOC_REFILL, alloc_refill);
4523 STAT_ATTR(FREE_SLAB, free_slab);
4524 STAT_ATTR(CPUSLAB_FLUSH, cpuslab_flush);
4525 STAT_ATTR(DEACTIVATE_FULL, deactivate_full);
4526 STAT_ATTR(DEACTIVATE_EMPTY, deactivate_empty);
4527 STAT_ATTR(DEACTIVATE_TO_HEAD, deactivate_to_head);
4528 STAT_ATTR(DEACTIVATE_TO_TAIL, deactivate_to_tail);
4529 STAT_ATTR(DEACTIVATE_REMOTE_FREES, deactivate_remote_frees);
4530 STAT_ATTR(ORDER_FALLBACK, order_fallback);
4533 static struct attribute *slab_attrs[] = {
4534 &slab_size_attr.attr,
4535 &object_size_attr.attr,
4536 &objs_per_slab_attr.attr,
4538 &min_partial_attr.attr,
4540 &objects_partial_attr.attr,
4541 &total_objects_attr.attr,
4544 &cpu_slabs_attr.attr,
4548 &sanity_checks_attr.attr,
4550 &hwcache_align_attr.attr,
4551 &reclaim_account_attr.attr,
4552 &destroy_by_rcu_attr.attr,
4553 &red_zone_attr.attr,
4555 &store_user_attr.attr,
4556 &validate_attr.attr,
4558 &alloc_calls_attr.attr,
4559 &free_calls_attr.attr,
4560 #ifdef CONFIG_ZONE_DMA
4561 &cache_dma_attr.attr,
4564 &remote_node_defrag_ratio_attr.attr,
4566 #ifdef CONFIG_SLUB_STATS
4567 &alloc_fastpath_attr.attr,
4568 &alloc_slowpath_attr.attr,
4569 &free_fastpath_attr.attr,
4570 &free_slowpath_attr.attr,
4571 &free_frozen_attr.attr,
4572 &free_add_partial_attr.attr,
4573 &free_remove_partial_attr.attr,
4574 &alloc_from_partial_attr.attr,
4575 &alloc_slab_attr.attr,
4576 &alloc_refill_attr.attr,
4577 &free_slab_attr.attr,
4578 &cpuslab_flush_attr.attr,
4579 &deactivate_full_attr.attr,
4580 &deactivate_empty_attr.attr,
4581 &deactivate_to_head_attr.attr,
4582 &deactivate_to_tail_attr.attr,
4583 &deactivate_remote_frees_attr.attr,
4584 &order_fallback_attr.attr,
4589 static struct attribute_group slab_attr_group = {
4590 .attrs = slab_attrs,
4593 static ssize_t slab_attr_show(struct kobject *kobj,
4594 struct attribute *attr,
4597 struct slab_attribute *attribute;
4598 struct kmem_cache *s;
4601 attribute = to_slab_attr(attr);
4604 if (!attribute->show)
4607 err = attribute->show(s, buf);
4612 static ssize_t slab_attr_store(struct kobject *kobj,
4613 struct attribute *attr,
4614 const char *buf, size_t len)
4616 struct slab_attribute *attribute;
4617 struct kmem_cache *s;
4620 attribute = to_slab_attr(attr);
4623 if (!attribute->store)
4626 err = attribute->store(s, buf, len);
4631 static void kmem_cache_release(struct kobject *kobj)
4633 struct kmem_cache *s = to_slab(kobj);
4638 static struct sysfs_ops slab_sysfs_ops = {
4639 .show = slab_attr_show,
4640 .store = slab_attr_store,
4643 static struct kobj_type slab_ktype = {
4644 .sysfs_ops = &slab_sysfs_ops,
4645 .release = kmem_cache_release
4648 static int uevent_filter(struct kset *kset, struct kobject *kobj)
4650 struct kobj_type *ktype = get_ktype(kobj);
4652 if (ktype == &slab_ktype)
4657 static struct kset_uevent_ops slab_uevent_ops = {
4658 .filter = uevent_filter,
4661 static struct kset *slab_kset;
4663 #define ID_STR_LENGTH 64
4665 /* Create a unique string id for a slab cache:
4667 * Format :[flags-]size
4669 static char *create_unique_id(struct kmem_cache *s)
4671 char *name = kmalloc(ID_STR_LENGTH, GFP_KERNEL);
4678 * First flags affecting slabcache operations. We will only
4679 * get here for aliasable slabs so we do not need to support
4680 * too many flags. The flags here must cover all flags that
4681 * are matched during merging to guarantee that the id is
4684 if (s->flags & SLAB_CACHE_DMA)
4686 if (s->flags & SLAB_RECLAIM_ACCOUNT)
4688 if (s->flags & SLAB_DEBUG_FREE)
4690 if (!(s->flags & SLAB_NOTRACK))
4694 p += sprintf(p, "%07d", s->size);
4695 BUG_ON(p > name + ID_STR_LENGTH - 1);
4699 static int sysfs_slab_add(struct kmem_cache *s)
4705 if (slab_state < SYSFS)
4706 /* Defer until later */
4709 unmergeable = slab_unmergeable(s);
4712 * Slabcache can never be merged so we can use the name proper.
4713 * This is typically the case for debug situations. In that
4714 * case we can catch duplicate names easily.
4716 sysfs_remove_link(&slab_kset->kobj, s->name);
4720 * Create a unique name for the slab as a target
4723 name = create_unique_id(s);
4726 s->kobj.kset = slab_kset;
4727 err = kobject_init_and_add(&s->kobj, &slab_ktype, NULL, name);
4729 kobject_put(&s->kobj);
4733 err = sysfs_create_group(&s->kobj, &slab_attr_group);
4735 kobject_del(&s->kobj);
4736 kobject_put(&s->kobj);
4739 kobject_uevent(&s->kobj, KOBJ_ADD);
4741 /* Setup first alias */
4742 sysfs_slab_alias(s, s->name);
4748 static void sysfs_slab_remove(struct kmem_cache *s)
4750 kobject_uevent(&s->kobj, KOBJ_REMOVE);
4751 kobject_del(&s->kobj);
4752 kobject_put(&s->kobj);
4756 * Need to buffer aliases during bootup until sysfs becomes
4757 * available lest we lose that information.
4759 struct saved_alias {
4760 struct kmem_cache *s;
4762 struct saved_alias *next;
4765 static struct saved_alias *alias_list;
4767 static int sysfs_slab_alias(struct kmem_cache *s, const char *name)
4769 struct saved_alias *al;
4771 if (slab_state == SYSFS) {
4773 * If we have a leftover link then remove it.
4775 sysfs_remove_link(&slab_kset->kobj, name);
4776 return sysfs_create_link(&slab_kset->kobj, &s->kobj, name);
4779 al = kmalloc(sizeof(struct saved_alias), GFP_KERNEL);
4785 al->next = alias_list;
4790 static int __init slab_sysfs_init(void)
4792 struct kmem_cache *s;
4795 slab_kset = kset_create_and_add("slab", &slab_uevent_ops, kernel_kobj);
4797 printk(KERN_ERR "Cannot register slab subsystem.\n");
4803 list_for_each_entry(s, &slab_caches, list) {
4804 err = sysfs_slab_add(s);
4806 printk(KERN_ERR "SLUB: Unable to add boot slab %s"
4807 " to sysfs\n", s->name);
4810 while (alias_list) {
4811 struct saved_alias *al = alias_list;
4813 alias_list = alias_list->next;
4814 err = sysfs_slab_alias(al->s, al->name);
4816 printk(KERN_ERR "SLUB: Unable to add boot slab alias"
4817 " %s to sysfs\n", s->name);
4825 __initcall(slab_sysfs_init);
4829 * The /proc/slabinfo ABI
4831 #ifdef CONFIG_SLABINFO
4832 static void print_slabinfo_header(struct seq_file *m)
4834 seq_puts(m, "slabinfo - version: 2.1\n");
4835 seq_puts(m, "# name <active_objs> <num_objs> <objsize> "
4836 "<objperslab> <pagesperslab>");
4837 seq_puts(m, " : tunables <limit> <batchcount> <sharedfactor>");
4838 seq_puts(m, " : slabdata <active_slabs> <num_slabs> <sharedavail>");
4842 static void *s_start(struct seq_file *m, loff_t *pos)
4846 down_read(&slub_lock);
4848 print_slabinfo_header(m);
4850 return seq_list_start(&slab_caches, *pos);
4853 static void *s_next(struct seq_file *m, void *p, loff_t *pos)
4855 return seq_list_next(p, &slab_caches, pos);
4858 static void s_stop(struct seq_file *m, void *p)
4860 up_read(&slub_lock);
4863 static int s_show(struct seq_file *m, void *p)
4865 unsigned long nr_partials = 0;
4866 unsigned long nr_slabs = 0;
4867 unsigned long nr_inuse = 0;
4868 unsigned long nr_objs = 0;
4869 unsigned long nr_free = 0;
4870 struct kmem_cache *s;
4873 s = list_entry(p, struct kmem_cache, list);
4875 for_each_online_node(node) {
4876 struct kmem_cache_node *n = get_node(s, node);
4881 nr_partials += n->nr_partial;
4882 nr_slabs += atomic_long_read(&n->nr_slabs);
4883 nr_objs += atomic_long_read(&n->total_objects);
4884 nr_free += count_partial(n, count_free);
4887 nr_inuse = nr_objs - nr_free;
4889 seq_printf(m, "%-17s %6lu %6lu %6u %4u %4d", s->name, nr_inuse,
4890 nr_objs, s->size, oo_objects(s->oo),
4891 (1 << oo_order(s->oo)));
4892 seq_printf(m, " : tunables %4u %4u %4u", 0, 0, 0);
4893 seq_printf(m, " : slabdata %6lu %6lu %6lu", nr_slabs, nr_slabs,
4899 static const struct seq_operations slabinfo_op = {
4906 static int slabinfo_open(struct inode *inode, struct file *file)
4908 return seq_open(file, &slabinfo_op);
4911 static const struct file_operations proc_slabinfo_operations = {
4912 .open = slabinfo_open,
4914 .llseek = seq_lseek,
4915 .release = seq_release,
4918 static int __init slab_proc_init(void)
4920 proc_create("slabinfo", S_IRUGO, NULL, &proc_slabinfo_operations);
4923 module_init(slab_proc_init);
4924 #endif /* CONFIG_SLABINFO */
projects / linux-flexiantxendom0-3.2.10.git / blob