From patchwork Sun Jun 14 12:39:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Muchun Song X-Patchwork-Id: 11603285 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D8A7860D for ; Sun, 14 Jun 2020 12:39:45 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 97DBC20747 for ; Sun, 14 Jun 2020 12:39:45 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=bytedance-com.20150623.gappssmtp.com header.i=@bytedance-com.20150623.gappssmtp.com header.b="x7gfvf+2" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 97DBC20747 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=bytedance.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id C08086B0026; Sun, 14 Jun 2020 08:39:44 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id BB9E56B0027; Sun, 14 Jun 2020 08:39:44 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A859A6B0028; Sun, 14 Jun 2020 08:39:44 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0043.hostedemail.com [216.40.44.43]) by kanga.kvack.org (Postfix) with ESMTP id 8B0046B0026 for ; Sun, 14 Jun 2020 08:39:44 -0400 (EDT) Received: from smtpin06.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id 43E471EE6 for ; Sun, 14 Jun 2020 12:39:44 +0000 (UTC) X-FDA: 76927773888.06.vest10_31151a526ded Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin06.hostedemail.com (Postfix) with ESMTP id 1C2E71003EE0C for ; Sun, 14 Jun 2020 12:39:44 +0000 (UTC) X-Spam-Summary: 2,0,0,4875adb050be85d8,d41d8cd98f00b204,songmuchun@bytedance.com,,RULES_HIT:2:41:69:355:379:541:800:960:966:968:973:988:989:1260:1311:1314:1345:1359:1437:1515:1535:1605:1606:1730:1747:1777:1792:2196:2198:2199:2200:2393:2553:2559:2562:2693:2731:3138:3139:3140:3141:3142:3865:3866:3867:3868:3870:3871:3872:3873:3874:4119:4321:4385:4605:5007:6261:6653:7903:7974:9592:10004:11026:11473:11658:11914:12043:12048:12291:12296:12297:12438:12517:12519:12555:12683:12895:12986:13161:13229:13255:13894:14096:14394:21080:21433:21444:21450:21451:21627:21939:21966:21990:30012:30034:30054:30070:30090,0,RBL:209.85.216.65:@bytedance.com:.lbl8.mailshell.net-66.100.201.201 62.2.0.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:fp,MSBL:0,DNSBL:neutral,Custom_rules:0:0:0,LFtime:24,LUA_SUMMARY:none X-HE-Tag: vest10_31151a526ded X-Filterd-Recvd-Size: 8400 Received: from mail-pj1-f65.google.com (mail-pj1-f65.google.com [209.85.216.65]) by imf48.hostedemail.com (Postfix) with ESMTP for ; Sun, 14 Jun 2020 12:39:43 +0000 (UTC) Received: by mail-pj1-f65.google.com with SMTP id ne5so5579204pjb.5 for ; Sun, 14 Jun 2020 05:39:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=l67osNkqzsUW+dZnlugsZ85KWtdqaVq9bkvvCdirhlY=; b=x7gfvf+24TATO2r4VlHMg25pPbiicqdLFSV97yRYsBjuL5hhZ6VsEiy7CrTMsQ1wQQ PBd4iWRe9i6yLhvg8wgKH4i0l331phWmXcoe+Rgy4DBu4sXaccj44z5AyvyOKiil+q8y r+mZTRjQPzm+BuHj3ydV8Ke9WA/EN9M157UgUvDDbfkxUnSGO8icyoyqRrYeAItc6Z73 YeuOMVyFY7dr9q+64IMHla9ksEN5bJpsEuXoClHZN5LFJi3+cEIjzITRcjqyJsdMoH9C M8wMKDxqOs8OgMOVdN5DrnUUfXBrLeAu1PLl5LVU0BIdPOWVFP2DLxog1eldKJdcPQ5i lNcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=l67osNkqzsUW+dZnlugsZ85KWtdqaVq9bkvvCdirhlY=; b=WcxJB1OD0E8UyWYQGa80B3jydNfdyaYSf6ggLVCKK2sb0N4Y6t4WZ5Mq0X/CijW+4a No2AjOA5jGm1H7XrddKNoLDoDeyEkJhVsrSSwyd0vKe7Lq0fQb+wVf7VARQbQGDs25ZH 0SBr/68g9gLNG9FyU5swfazal5li36tlxLHtm6J3RM6ofFsWrBs9P9IYHX0zSNaxJLhb nr0eCGqT19f5uOHgfmD5J4MZ3mm7ga3NydQRFTrkCGYeXa7i6ZodQSzGN3TSomZ4clcI FDjUBKvTHm4i49PmJGv3vdA+eyhFdS6b0qXsnG85ejtwaisBV1u/UgeXoKoqkBefPoIi k69w== X-Gm-Message-State: AOAM5308RqqFQ/xkRZPj85FUlbBOnA459k9Hal+snI3p8/ybC0DqxHRs hCI+3iVzfclWjQ95LEl8OVyKxA== X-Google-Smtp-Source: ABdhPJyjPDOmLDAj6OUIcPkaRSCju58kvlR9FSXWqBXpqs7gJuvRxpVVPCgrs34tyn+wVW/p1POqyw== X-Received: by 2002:a17:90a:d086:: with SMTP id k6mr6737953pju.133.1592138382436; Sun, 14 Jun 2020 05:39:42 -0700 (PDT) Received: from Smcdef-MBP.lan ([103.136.221.68]) by smtp.gmail.com with ESMTPSA id hi19sm9776606pjb.49.2020.06.14.05.39.39 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 14 Jun 2020 05:39:42 -0700 (PDT) From: Muchun Song To: cl@linux.com, penberg@kernel.org, rientjes@google.com, iamjoonsoo.kim@lge.com, akpm@linux-foundation.org Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Muchun Song Subject: [PATCH 1/3] mm/slub: Fix slabs_node return value when CONFIG_SLUB_DEBUG disabled Date: Sun, 14 Jun 2020 20:39:21 +0800 Message-Id: <20200614123923.99189-2-songmuchun@bytedance.com> X-Mailer: git-send-email 2.21.0 (Apple Git-122) In-Reply-To: <20200614123923.99189-1-songmuchun@bytedance.com> References: <20200614123923.99189-1-songmuchun@bytedance.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 1C2E71003EE0C X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam04 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: The slabs_node() always return zero when CONFIG_SLUB_DEBUG is disabled. But some codes determine whether slab is empty by checking the return value of slabs_node(). As you know, the result is not correct. This problem can be reproduce by the follow code(and boot system with the cmdline of "slub_nomerge"): void *objs[32]; struct kmem_cache *cache = kmem_cache_create("kmem-test", 128, 0, 0, 0); if (cache) { int i; /* Make a full slab */ for (i = 0; i < ARRAY_SIZE(objs); i++) objs[i] = kmem_cache_alloc(cache, GFP_KERNEL_ACCOUNT); /* * This really should fail because the slab cache still has * objects. But we did destroy the @cache because of zero * returned by slabs_node(). */ kmem_cache_destroy(cache); } To fix it, we can move the nr_slabs of kmem_cache_node out of the CONFIG_SLUB_DEBUG. So we can get the corrent value returned by the slabs_node(). With this patch applied, we will get a warning message and stack trace in the dmesg. Signed-off-by: Muchun Song --- mm/slab.h | 2 +- mm/slub.c | 80 +++++++++++++++++++++++++++++++++------------------------------ 2 files changed, 43 insertions(+), 39 deletions(-) diff --git a/mm/slab.h b/mm/slab.h index 0b91f2a7b033..062d4542b7e2 100644 --- a/mm/slab.h +++ b/mm/slab.h @@ -619,8 +619,8 @@ struct kmem_cache_node { #ifdef CONFIG_SLUB unsigned long nr_partial; struct list_head partial; -#ifdef CONFIG_SLUB_DEBUG atomic_long_t nr_slabs; +#ifdef CONFIG_SLUB_DEBUG atomic_long_t total_objects; struct list_head full; #endif diff --git a/mm/slub.c b/mm/slub.c index 49b5cb7da318..1a3e6a5b7287 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -1070,39 +1070,14 @@ static void remove_full(struct kmem_cache *s, struct kmem_cache_node *n, struct list_del(&page->slab_list); } -/* Tracking of the number of slabs for debugging purposes */ -static inline unsigned long slabs_node(struct kmem_cache *s, int node) +/* Tracking of the number of objects for debugging purposes */ +static inline void inc_objects_node(struct kmem_cache_node *n, int objects) { - struct kmem_cache_node *n = get_node(s, node); - - return atomic_long_read(&n->nr_slabs); + atomic_long_add(objects, &n->total_objects); } -static inline unsigned long node_nr_slabs(struct kmem_cache_node *n) +static inline void dec_objects_node(struct kmem_cache_node *n, int objects) { - return atomic_long_read(&n->nr_slabs); -} - -static inline void inc_slabs_node(struct kmem_cache *s, int node, int objects) -{ - struct kmem_cache_node *n = get_node(s, node); - - /* - * May be called early in order to allocate a slab for the - * kmem_cache_node structure. Solve the chicken-egg - * dilemma by deferring the increment of the count during - * bootstrap (see early_kmem_cache_node_alloc). - */ - if (likely(n)) { - atomic_long_inc(&n->nr_slabs); - atomic_long_add(objects, &n->total_objects); - } -} -static inline void dec_slabs_node(struct kmem_cache *s, int node, int objects) -{ - struct kmem_cache_node *n = get_node(s, node); - - atomic_long_dec(&n->nr_slabs); atomic_long_sub(objects, &n->total_objects); } @@ -1413,15 +1388,8 @@ slab_flags_t kmem_cache_flags(unsigned int object_size, #define disable_higher_order_debug 0 -static inline unsigned long slabs_node(struct kmem_cache *s, int node) - { return 0; } -static inline unsigned long node_nr_slabs(struct kmem_cache_node *n) - { return 0; } -static inline void inc_slabs_node(struct kmem_cache *s, int node, - int objects) {} -static inline void dec_slabs_node(struct kmem_cache *s, int node, - int objects) {} - +static inline void inc_objects_node(struct kmem_cache_node *n, int objects) {} +static inline void dec_objects_node(struct kmem_cache_node *n, int objects) {} static bool freelist_corrupted(struct kmem_cache *s, struct page *page, void *freelist, void *nextfree) { @@ -1429,6 +1397,42 @@ static bool freelist_corrupted(struct kmem_cache *s, struct page *page, } #endif /* CONFIG_SLUB_DEBUG */ +static inline unsigned long slabs_node(struct kmem_cache *s, int node) +{ + struct kmem_cache_node *n = get_node(s, node); + + return atomic_long_read(&n->nr_slabs); +} + +static inline unsigned long node_nr_slabs(struct kmem_cache_node *n) +{ + return atomic_long_read(&n->nr_slabs); +} + +static inline void inc_slabs_node(struct kmem_cache *s, int node, int objects) +{ + struct kmem_cache_node *n = get_node(s, node); + + /* + * May be called early in order to allocate a slab for the + * kmem_cache_node structure. Solve the chicken-egg + * dilemma by deferring the increment of the count during + * bootstrap (see early_kmem_cache_node_alloc). + */ + if (likely(n)) { + atomic_long_inc(&n->nr_slabs); + inc_objects_node(n, objects); + } +} + +static inline void dec_slabs_node(struct kmem_cache *s, int node, int objects) +{ + struct kmem_cache_node *n = get_node(s, node); + + atomic_long_dec(&n->nr_slabs); + dec_objects_node(n, objects); +} + /* * Hooks for other subsystems that check memory allocations. In a typical * production configuration these hooks all should produce no code at all.