2 * SLUB: A slab allocator that limits cache line use instead of queuing
3 * objects in per cpu and per node lists.
5 * The allocator synchronizes using per slab locks and only
6 * uses a centralized lock to manage a pool of partial slabs.
8 * (C) 2007 SGI, Christoph Lameter <clameter@sgi.com>
12 #include <linux/module.h>
13 #include <linux/bit_spinlock.h>
14 #include <linux/interrupt.h>
15 #include <linux/bitops.h>
16 #include <linux/slab.h>
17 #include <linux/seq_file.h>
18 #include <linux/cpu.h>
19 #include <linux/cpuset.h>
20 #include <linux/mempolicy.h>
21 #include <linux/ctype.h>
22 #include <linux/kallsyms.h>
29 * The slab_lock protects operations on the object of a particular
30 * slab and its metadata in the page struct. If the slab lock
31 * has been taken then no allocations nor frees can be performed
32 * on the objects in the slab nor can the slab be added or removed
33 * from the partial or full lists since this would mean modifying
34 * the page_struct of the slab.
36 * The list_lock protects the partial and full list on each node and
37 * the partial slab counter. If taken then no new slabs may be added or
38 * removed from the lists nor make the number of partial slabs be modified.
39 * (Note that the total number of slabs is an atomic value that may be
40 * modified without taking the list lock).
42 * The list_lock is a centralized lock and thus we avoid taking it as
43 * much as possible. As long as SLUB does not have to handle partial
44 * slabs, operations can continue without any centralized lock. F.e.
45 * allocating a long series of objects that fill up slabs does not require
48 * The lock order is sometimes inverted when we are trying to get a slab
49 * off a list. We take the list_lock and then look for a page on the list
50 * to use. While we do that objects in the slabs may be freed. We can
51 * only operate on the slab if we have also taken the slab_lock. So we use
52 * a slab_trylock() on the slab. If trylock was successful then no frees
53 * can occur anymore and we can use the slab for allocations etc. If the
54 * slab_trylock() does not succeed then frees are in progress in the slab and
55 * we must stay away from it for a while since we may cause a bouncing
56 * cacheline if we try to acquire the lock. So go onto the next slab.
57 * If all pages are busy then we may allocate a new slab instead of reusing
58 * a partial slab. A new slab has noone operating on it and thus there is
59 * no danger of cacheline contention.
61 * Interrupts are disabled during allocation and deallocation in order to
62 * make the slab allocator safe to use in the context of an irq. In addition
63 * interrupts are disabled to ensure that the processor does not change
64 * while handling per_cpu slabs, due to kernel preemption.
66 * SLUB assigns one slab for allocation to each processor.
67 * Allocations only occur from these slabs called cpu slabs.
69 * Slabs with free elements are kept on a partial list and during regular
70 * operations no list for full slabs is used. If an object in a full slab is
71 * freed then the slab will show up again on the partial lists.
72 * We track full slabs for debugging purposes though because otherwise we
73 * cannot scan all objects.
75 * Slabs are freed when they become empty. Teardown and setup is
76 * minimal so we rely on the page allocators per cpu caches for
77 * fast frees and allocs.
79 * Overloading of page flags that are otherwise used for LRU management.
81 * PageActive The slab is used as a cpu cache. Allocations
82 * may be performed from the slab. The slab is not
83 * on any slab list and cannot be moved onto one.
85 * PageError Slab requires special handling due to debug
86 * options set. This moves slab handling out of
91 * Issues still to be resolved:
93 * - The per cpu array is updated for each new slab and and is a remote
94 * cacheline for most nodes. This could become a bouncing cacheline given
95 * enough frequent updates. There are 16 pointers in a cacheline, so at
96 * max 16 cpus could compete for the cacheline which may be okay.
98 * - Support PAGE_ALLOC_DEBUG. Should be easy to do.
100 * - Variable sizing of the per node arrays
103 /* Enable to test recovery from slab corruption on boot */
104 #undef SLUB_RESILIENCY_TEST
109 * Small page size. Make sure that we do not fragment memory
111 #define DEFAULT_MAX_ORDER 1
112 #define DEFAULT_MIN_OBJECTS 4
117 * Large page machines are customarily able to handle larger
120 #define DEFAULT_MAX_ORDER 2
121 #define DEFAULT_MIN_OBJECTS 8
126 * Mininum number of partial slabs. These will be left on the partial
127 * lists even if they are empty. kmem_cache_shrink may reclaim them.
129 #define MIN_PARTIAL 2
132 * Maximum number of desirable partial slabs.
133 * The existence of more partial slabs makes kmem_cache_shrink
134 * sort the partial list by the number of objects in the.
136 #define MAX_PARTIAL 10
138 #define DEBUG_DEFAULT_FLAGS (SLAB_DEBUG_FREE | SLAB_RED_ZONE | \
139 SLAB_POISON | SLAB_STORE_USER)
142 * Set of flags that will prevent slab merging
144 #define SLUB_NEVER_MERGE (SLAB_RED_ZONE | SLAB_POISON | SLAB_STORE_USER | \
145 SLAB_TRACE | SLAB_DESTROY_BY_RCU)
147 #define SLUB_MERGE_SAME (SLAB_DEBUG_FREE | SLAB_RECLAIM_ACCOUNT | \
150 #ifndef ARCH_KMALLOC_MINALIGN
151 #define ARCH_KMALLOC_MINALIGN __alignof__(unsigned long long)
154 #ifndef ARCH_SLAB_MINALIGN
155 #define ARCH_SLAB_MINALIGN __alignof__(unsigned long long)
158 /* Internal SLUB flags */
159 #define __OBJECT_POISON 0x80000000 /* Poison object */
161 /* Not all arches define cache_line_size */
162 #ifndef cache_line_size
163 #define cache_line_size() L1_CACHE_BYTES
166 static int kmem_size = sizeof(struct kmem_cache);
169 static struct notifier_block slab_notifier;
173 DOWN, /* No slab functionality available */
174 PARTIAL, /* kmem_cache_open() works but kmalloc does not */
175 UP, /* Everything works but does not show up in sysfs */
179 /* A list of all slab caches on the system */
180 static DECLARE_RWSEM(slub_lock);
181 LIST_HEAD(slab_caches);
184 static int sysfs_slab_add(struct kmem_cache *);
185 static int sysfs_slab_alias(struct kmem_cache *, const char *);
186 static void sysfs_slab_remove(struct kmem_cache *);
188 static int sysfs_slab_add(struct kmem_cache *s) { return 0; }
189 static int sysfs_slab_alias(struct kmem_cache *s, const char *p) { return 0; }
190 static void sysfs_slab_remove(struct kmem_cache *s) {}
193 /********************************************************************
194 * Core slab cache functions
195 *******************************************************************/
197 int slab_is_available(void)
199 return slab_state >= UP;
202 static inline struct kmem_cache_node *get_node(struct kmem_cache *s, int node)
205 return s->node[node];
207 return &s->local_node;
214 static void print_section(char *text, u8 *addr, unsigned int length)
222 for (i = 0; i < length; i++) {
224 printk(KERN_ERR "%10s 0x%p: ", text, addr + i);
227 printk(" %02x", addr[i]);
229 ascii[offset] = isgraph(addr[i]) ? addr[i] : '.';
231 printk(" %s\n",ascii);
242 printk(" %s\n", ascii);
247 * Slow version of get and set free pointer.
249 * This version requires touching the cache lines of kmem_cache which
250 * we avoid to do in the fast alloc free paths. There we obtain the offset
251 * from the page struct.
253 static void *get_freepointer(struct kmem_cache *s, void *object)
255 return *(void **)(object + s->offset);
258 static void set_freepointer(struct kmem_cache *s, void *object, void *fp)
260 *(void **)(object + s->offset) = fp;
264 * Tracking user of a slab.
267 void *addr; /* Called from address */
268 int cpu; /* Was running on cpu */
269 int pid; /* Pid context */
270 unsigned long when; /* When did the operation occur */
273 enum track_item { TRACK_ALLOC, TRACK_FREE };
275 static struct track *get_track(struct kmem_cache *s, void *object,
276 enum track_item alloc)
281 p = object + s->offset + sizeof(void *);
283 p = object + s->inuse;
288 static void set_track(struct kmem_cache *s, void *object,
289 enum track_item alloc, void *addr)
294 p = object + s->offset + sizeof(void *);
296 p = object + s->inuse;
301 p->cpu = smp_processor_id();
302 p->pid = current ? current->pid : -1;
305 memset(p, 0, sizeof(struct track));
308 static void init_tracking(struct kmem_cache *s, void *object)
310 if (s->flags & SLAB_STORE_USER) {
311 set_track(s, object, TRACK_FREE, NULL);
312 set_track(s, object, TRACK_ALLOC, NULL);
316 static void print_track(const char *s, struct track *t)
321 printk(KERN_ERR "%s: ", s);
322 __print_symbol("%s", (unsigned long)t->addr);
323 printk(" jiffies_ago=%lu cpu=%u pid=%d\n", jiffies - t->when, t->cpu, t->pid);
326 static void print_trailer(struct kmem_cache *s, u8 *p)
328 unsigned int off; /* Offset of last byte */
330 if (s->flags & SLAB_RED_ZONE)
331 print_section("Redzone", p + s->objsize,
332 s->inuse - s->objsize);
334 printk(KERN_ERR "FreePointer 0x%p -> 0x%p\n",
336 get_freepointer(s, p));
339 off = s->offset + sizeof(void *);
343 if (s->flags & SLAB_STORE_USER) {
344 print_track("Last alloc", get_track(s, p, TRACK_ALLOC));
345 print_track("Last free ", get_track(s, p, TRACK_FREE));
346 off += 2 * sizeof(struct track);
350 /* Beginning of the filler is the free pointer */
351 print_section("Filler", p + off, s->size - off);
354 static void object_err(struct kmem_cache *s, struct page *page,
355 u8 *object, char *reason)
357 u8 *addr = page_address(page);
359 printk(KERN_ERR "*** SLUB %s: %s@0x%p slab 0x%p\n",
360 s->name, reason, object, page);
361 printk(KERN_ERR " offset=%tu flags=0x%04lx inuse=%u freelist=0x%p\n",
362 object - addr, page->flags, page->inuse, page->freelist);
363 if (object > addr + 16)
364 print_section("Bytes b4", object - 16, 16);
365 print_section("Object", object, min(s->objsize, 128));
366 print_trailer(s, object);
370 static void slab_err(struct kmem_cache *s, struct page *page, char *reason, ...)
375 va_start(args, reason);
376 vsnprintf(buf, sizeof(buf), reason, args);
378 printk(KERN_ERR "*** SLUB %s: %s in slab @0x%p\n", s->name, buf,
383 static void init_object(struct kmem_cache *s, void *object, int active)
387 if (s->flags & __OBJECT_POISON) {
388 memset(p, POISON_FREE, s->objsize - 1);
389 p[s->objsize -1] = POISON_END;
392 if (s->flags & SLAB_RED_ZONE)
393 memset(p + s->objsize,
394 active ? SLUB_RED_ACTIVE : SLUB_RED_INACTIVE,
395 s->inuse - s->objsize);
398 static int check_bytes(u8 *start, unsigned int value, unsigned int bytes)
401 if (*start != (u8)value)
409 static inline int check_valid_pointer(struct kmem_cache *s,
410 struct page *page, const void *object)
417 base = page_address(page);
418 if (object < base || object >= base + s->objects * s->size ||
419 (object - base) % s->size) {
430 * Bytes of the object to be managed.
431 * If the freepointer may overlay the object then the free
432 * pointer is the first word of the object.
434 * Poisoning uses 0x6b (POISON_FREE) and the last byte is
437 * object + s->objsize
438 * Padding to reach word boundary. This is also used for Redzoning.
439 * Padding is extended by another word if Redzoning is enabled and
442 * We fill with 0xbb (RED_INACTIVE) for inactive objects and with
443 * 0xcc (RED_ACTIVE) for objects in use.
446 * Meta data starts here.
448 * A. Free pointer (if we cannot overwrite object on free)
449 * B. Tracking data for SLAB_STORE_USER
450 * C. Padding to reach required alignment boundary or at mininum
451 * one word if debuggin is on to be able to detect writes
452 * before the word boundary.
454 * Padding is done using 0x5a (POISON_INUSE)
457 * Nothing is used beyond s->size.
459 * If slabcaches are merged then the objsize and inuse boundaries are mostly
460 * ignored. And therefore no slab options that rely on these boundaries
461 * may be used with merged slabcaches.
464 static void restore_bytes(struct kmem_cache *s, char *message, u8 data,
465 void *from, void *to)
467 printk(KERN_ERR "@@@ SLUB %s: Restoring %s (0x%x) from 0x%p-0x%p\n",
468 s->name, message, data, from, to - 1);
469 memset(from, data, to - from);
472 static int check_pad_bytes(struct kmem_cache *s, struct page *page, u8 *p)
474 unsigned long off = s->inuse; /* The end of info */
477 /* Freepointer is placed after the object. */
478 off += sizeof(void *);
480 if (s->flags & SLAB_STORE_USER)
481 /* We also have user information there */
482 off += 2 * sizeof(struct track);
487 if (check_bytes(p + off, POISON_INUSE, s->size - off))
490 object_err(s, page, p, "Object padding check fails");
495 restore_bytes(s, "object padding", POISON_INUSE, p + off, p + s->size);
499 static int slab_pad_check(struct kmem_cache *s, struct page *page)
502 int length, remainder;
504 if (!(s->flags & SLAB_POISON))
507 p = page_address(page);
508 length = s->objects * s->size;
509 remainder = (PAGE_SIZE << s->order) - length;
513 if (!check_bytes(p + length, POISON_INUSE, remainder)) {
514 slab_err(s, page, "Padding check failed");
515 restore_bytes(s, "slab padding", POISON_INUSE, p + length,
516 p + length + remainder);
522 static int check_object(struct kmem_cache *s, struct page *page,
523 void *object, int active)
526 u8 *endobject = object + s->objsize;
528 if (s->flags & SLAB_RED_ZONE) {
530 active ? SLUB_RED_ACTIVE : SLUB_RED_INACTIVE;
532 if (!check_bytes(endobject, red, s->inuse - s->objsize)) {
533 object_err(s, page, object,
534 active ? "Redzone Active" : "Redzone Inactive");
535 restore_bytes(s, "redzone", red,
536 endobject, object + s->inuse);
540 if ((s->flags & SLAB_POISON) && s->objsize < s->inuse &&
541 !check_bytes(endobject, POISON_INUSE,
542 s->inuse - s->objsize)) {
543 object_err(s, page, p, "Alignment padding check fails");
545 * Fix it so that there will not be another report.
547 * Hmmm... We may be corrupting an object that now expects
548 * to be longer than allowed.
550 restore_bytes(s, "alignment padding", POISON_INUSE,
551 endobject, object + s->inuse);
555 if (s->flags & SLAB_POISON) {
556 if (!active && (s->flags & __OBJECT_POISON) &&
557 (!check_bytes(p, POISON_FREE, s->objsize - 1) ||
558 p[s->objsize - 1] != POISON_END)) {
560 object_err(s, page, p, "Poison check failed");
561 restore_bytes(s, "Poison", POISON_FREE,
562 p, p + s->objsize -1);
563 restore_bytes(s, "Poison", POISON_END,
564 p + s->objsize - 1, p + s->objsize);
568 * check_pad_bytes cleans up on its own.
570 check_pad_bytes(s, page, p);
573 if (!s->offset && active)
575 * Object and freepointer overlap. Cannot check
576 * freepointer while object is allocated.
580 /* Check free pointer validity */
581 if (!check_valid_pointer(s, page, get_freepointer(s, p))) {
582 object_err(s, page, p, "Freepointer corrupt");
584 * No choice but to zap it and thus loose the remainder
585 * of the free objects in this slab. May cause
586 * another error because the object count is now wrong.
588 set_freepointer(s, p, NULL);
594 static int check_slab(struct kmem_cache *s, struct page *page)
596 VM_BUG_ON(!irqs_disabled());
598 if (!PageSlab(page)) {
599 slab_err(s, page, "Not a valid slab page flags=%lx "
600 "mapping=0x%p count=%d", page->flags, page->mapping,
604 if (page->offset * sizeof(void *) != s->offset) {
605 slab_err(s, page, "Corrupted offset %lu flags=0x%lx "
606 "mapping=0x%p count=%d",
607 (unsigned long)(page->offset * sizeof(void *)),
613 if (page->inuse > s->objects) {
614 slab_err(s, page, "inuse %u > max %u @0x%p flags=%lx "
615 "mapping=0x%p count=%d",
616 s->name, page->inuse, s->objects, page->flags,
617 page->mapping, page_count(page));
620 /* Slab_pad_check fixes things up after itself */
621 slab_pad_check(s, page);
626 * Determine if a certain object on a page is on the freelist. Must hold the
627 * slab lock to guarantee that the chains are in a consistent state.
629 static int on_freelist(struct kmem_cache *s, struct page *page, void *search)
632 void *fp = page->freelist;
635 while (fp && nr <= s->objects) {
638 if (!check_valid_pointer(s, page, fp)) {
640 object_err(s, page, object,
641 "Freechain corrupt");
642 set_freepointer(s, object, NULL);
645 slab_err(s, page, "Freepointer 0x%p corrupt",
647 page->freelist = NULL;
648 page->inuse = s->objects;
649 printk(KERN_ERR "@@@ SLUB %s: Freelist "
650 "cleared. Slab 0x%p\n",
657 fp = get_freepointer(s, object);
661 if (page->inuse != s->objects - nr) {
662 slab_err(s, page, "Wrong object count. Counter is %d but "
663 "counted were %d", s, page, page->inuse,
665 page->inuse = s->objects - nr;
666 printk(KERN_ERR "@@@ SLUB %s: Object count adjusted. "
667 "Slab @0x%p\n", s->name, page);
669 return search == NULL;
673 * Tracking of fully allocated slabs for debugging purposes.
675 static void add_full(struct kmem_cache_node *n, struct page *page)
677 spin_lock(&n->list_lock);
678 list_add(&page->lru, &n->full);
679 spin_unlock(&n->list_lock);
682 static void remove_full(struct kmem_cache *s, struct page *page)
684 struct kmem_cache_node *n;
686 if (!(s->flags & SLAB_STORE_USER))
689 n = get_node(s, page_to_nid(page));
691 spin_lock(&n->list_lock);
692 list_del(&page->lru);
693 spin_unlock(&n->list_lock);
696 static int alloc_object_checks(struct kmem_cache *s, struct page *page,
699 if (!check_slab(s, page))
702 if (object && !on_freelist(s, page, object)) {
703 slab_err(s, page, "Object 0x%p already allocated", object);
707 if (!check_valid_pointer(s, page, object)) {
708 object_err(s, page, object, "Freelist Pointer check fails");
715 if (!check_object(s, page, object, 0))
720 if (PageSlab(page)) {
722 * If this is a slab page then lets do the best we can
723 * to avoid issues in the future. Marking all objects
724 * as used avoids touching the remaining objects.
726 printk(KERN_ERR "@@@ SLUB: %s slab 0x%p. Marking all objects used.\n",
728 page->inuse = s->objects;
729 page->freelist = NULL;
730 /* Fix up fields that may be corrupted */
731 page->offset = s->offset / sizeof(void *);
736 static int free_object_checks(struct kmem_cache *s, struct page *page,
739 if (!check_slab(s, page))
742 if (!check_valid_pointer(s, page, object)) {
743 slab_err(s, page, "Invalid object pointer 0x%p", object);
747 if (on_freelist(s, page, object)) {
748 slab_err(s, page, "Object 0x%p already free", object);
752 if (!check_object(s, page, object, 1))
755 if (unlikely(s != page->slab)) {
757 slab_err(s, page, "Attempt to free object(0x%p) "
758 "outside of slab", object);
762 "SLUB <none>: no slab for object 0x%p.\n",
767 slab_err(s, page, "object at 0x%p belongs "
768 "to slab %s", object, page->slab->name);
773 printk(KERN_ERR "@@@ SLUB: %s slab 0x%p object at 0x%p not freed.\n",
774 s->name, page, object);
779 * Slab allocation and freeing
781 static struct page *allocate_slab(struct kmem_cache *s, gfp_t flags, int node)
784 int pages = 1 << s->order;
789 if (s->flags & SLAB_CACHE_DMA)
793 page = alloc_pages(flags, s->order);
795 page = alloc_pages_node(node, flags, s->order);
800 mod_zone_page_state(page_zone(page),
801 (s->flags & SLAB_RECLAIM_ACCOUNT) ?
802 NR_SLAB_RECLAIMABLE : NR_SLAB_UNRECLAIMABLE,
808 static void setup_object(struct kmem_cache *s, struct page *page,
811 if (PageError(page)) {
812 init_object(s, object, 0);
813 init_tracking(s, object);
816 if (unlikely(s->ctor))
817 s->ctor(object, s, SLAB_CTOR_CONSTRUCTOR);
820 static struct page *new_slab(struct kmem_cache *s, gfp_t flags, int node)
823 struct kmem_cache_node *n;
829 BUG_ON(flags & ~(GFP_DMA | GFP_LEVEL_MASK));
831 if (flags & __GFP_WAIT)
834 page = allocate_slab(s, flags & GFP_LEVEL_MASK, node);
838 n = get_node(s, page_to_nid(page));
840 atomic_long_inc(&n->nr_slabs);
841 page->offset = s->offset / sizeof(void *);
843 page->flags |= 1 << PG_slab;
844 if (s->flags & (SLAB_DEBUG_FREE | SLAB_RED_ZONE | SLAB_POISON |
845 SLAB_STORE_USER | SLAB_TRACE))
846 page->flags |= 1 << PG_error;
848 start = page_address(page);
849 end = start + s->objects * s->size;
851 if (unlikely(s->flags & SLAB_POISON))
852 memset(start, POISON_INUSE, PAGE_SIZE << s->order);
855 for (p = start + s->size; p < end; p += s->size) {
856 setup_object(s, page, last);
857 set_freepointer(s, last, p);
860 setup_object(s, page, last);
861 set_freepointer(s, last, NULL);
863 page->freelist = start;
866 if (flags & __GFP_WAIT)
871 static void __free_slab(struct kmem_cache *s, struct page *page)
873 int pages = 1 << s->order;
875 if (unlikely(PageError(page) || s->dtor)) {
876 void *start = page_address(page);
877 void *end = start + (pages << PAGE_SHIFT);
880 slab_pad_check(s, page);
881 for (p = start; p <= end - s->size; p += s->size) {
884 check_object(s, page, p, 0);
888 mod_zone_page_state(page_zone(page),
889 (s->flags & SLAB_RECLAIM_ACCOUNT) ?
890 NR_SLAB_RECLAIMABLE : NR_SLAB_UNRECLAIMABLE,
893 page->mapping = NULL;
894 __free_pages(page, s->order);
897 static void rcu_free_slab(struct rcu_head *h)
901 page = container_of((struct list_head *)h, struct page, lru);
902 __free_slab(page->slab, page);
905 static void free_slab(struct kmem_cache *s, struct page *page)
907 if (unlikely(s->flags & SLAB_DESTROY_BY_RCU)) {
909 * RCU free overloads the RCU head over the LRU
911 struct rcu_head *head = (void *)&page->lru;
913 call_rcu(head, rcu_free_slab);
915 __free_slab(s, page);
918 static void discard_slab(struct kmem_cache *s, struct page *page)
920 struct kmem_cache_node *n = get_node(s, page_to_nid(page));
922 atomic_long_dec(&n->nr_slabs);
923 reset_page_mapcount(page);
924 page->flags &= ~(1 << PG_slab | 1 << PG_error);
929 * Per slab locking using the pagelock
931 static __always_inline void slab_lock(struct page *page)
933 bit_spin_lock(PG_locked, &page->flags);
936 static __always_inline void slab_unlock(struct page *page)
938 bit_spin_unlock(PG_locked, &page->flags);
941 static __always_inline int slab_trylock(struct page *page)
945 rc = bit_spin_trylock(PG_locked, &page->flags);
950 * Management of partially allocated slabs
952 static void add_partial_tail(struct kmem_cache_node *n, struct page *page)
954 spin_lock(&n->list_lock);
956 list_add_tail(&page->lru, &n->partial);
957 spin_unlock(&n->list_lock);
960 static void add_partial(struct kmem_cache_node *n, struct page *page)
962 spin_lock(&n->list_lock);
964 list_add(&page->lru, &n->partial);
965 spin_unlock(&n->list_lock);
968 static void remove_partial(struct kmem_cache *s,
971 struct kmem_cache_node *n = get_node(s, page_to_nid(page));
973 spin_lock(&n->list_lock);
974 list_del(&page->lru);
976 spin_unlock(&n->list_lock);
980 * Lock slab and remove from the partial list.
982 * Must hold list_lock.
984 static int lock_and_del_slab(struct kmem_cache_node *n, struct page *page)
986 if (slab_trylock(page)) {
987 list_del(&page->lru);
995 * Try to allocate a partial slab from a specific node.
997 static struct page *get_partial_node(struct kmem_cache_node *n)
1002 * Racy check. If we mistakenly see no partial slabs then we
1003 * just allocate an empty slab. If we mistakenly try to get a
1004 * partial slab and there is none available then get_partials()
1007 if (!n || !n->nr_partial)
1010 spin_lock(&n->list_lock);
1011 list_for_each_entry(page, &n->partial, lru)
1012 if (lock_and_del_slab(n, page))
1016 spin_unlock(&n->list_lock);
1021 * Get a page from somewhere. Search in increasing NUMA distances.
1023 static struct page *get_any_partial(struct kmem_cache *s, gfp_t flags)
1026 struct zonelist *zonelist;
1031 * The defrag ratio allows a configuration of the tradeoffs between
1032 * inter node defragmentation and node local allocations. A lower
1033 * defrag_ratio increases the tendency to do local allocations
1034 * instead of attempting to obtain partial slabs from other nodes.
1036 * If the defrag_ratio is set to 0 then kmalloc() always
1037 * returns node local objects. If the ratio is higher then kmalloc()
1038 * may return off node objects because partial slabs are obtained
1039 * from other nodes and filled up.
1041 * If /sys/slab/xx/defrag_ratio is set to 100 (which makes
1042 * defrag_ratio = 1000) then every (well almost) allocation will
1043 * first attempt to defrag slab caches on other nodes. This means
1044 * scanning over all nodes to look for partial slabs which may be
1045 * expensive if we do it every time we are trying to find a slab
1046 * with available objects.
1048 if (!s->defrag_ratio || get_cycles() % 1024 > s->defrag_ratio)
1051 zonelist = &NODE_DATA(slab_node(current->mempolicy))
1052 ->node_zonelists[gfp_zone(flags)];
1053 for (z = zonelist->zones; *z; z++) {
1054 struct kmem_cache_node *n;
1056 n = get_node(s, zone_to_nid(*z));
1058 if (n && cpuset_zone_allowed_hardwall(*z, flags) &&
1059 n->nr_partial > MIN_PARTIAL) {
1060 page = get_partial_node(n);
1070 * Get a partial page, lock it and return it.
1072 static struct page *get_partial(struct kmem_cache *s, gfp_t flags, int node)
1075 int searchnode = (node == -1) ? numa_node_id() : node;
1077 page = get_partial_node(get_node(s, searchnode));
1078 if (page || (flags & __GFP_THISNODE))
1081 return get_any_partial(s, flags);
1085 * Move a page back to the lists.
1087 * Must be called with the slab lock held.
1089 * On exit the slab lock will have been dropped.
1091 static void putback_slab(struct kmem_cache *s, struct page *page)
1093 struct kmem_cache_node *n = get_node(s, page_to_nid(page));
1098 add_partial(n, page);
1099 else if (PageError(page) && (s->flags & SLAB_STORE_USER))
1104 if (n->nr_partial < MIN_PARTIAL) {
1106 * Adding an empty slab to the partial slabs in order
1107 * to avoid page allocator overhead. This slab needs
1108 * to come after the other slabs with objects in
1109 * order to fill them up. That way the size of the
1110 * partial list stays small. kmem_cache_shrink can
1111 * reclaim empty slabs from the partial list.
1113 add_partial_tail(n, page);
1117 discard_slab(s, page);
1123 * Remove the cpu slab
1125 static void deactivate_slab(struct kmem_cache *s, struct page *page, int cpu)
1127 s->cpu_slab[cpu] = NULL;
1128 ClearPageActive(page);
1130 putback_slab(s, page);
1133 static void flush_slab(struct kmem_cache *s, struct page *page, int cpu)
1136 deactivate_slab(s, page, cpu);
1141 * Called from IPI handler with interrupts disabled.
1143 static void __flush_cpu_slab(struct kmem_cache *s, int cpu)
1145 struct page *page = s->cpu_slab[cpu];
1148 flush_slab(s, page, cpu);
1151 static void flush_cpu_slab(void *d)
1153 struct kmem_cache *s = d;
1154 int cpu = smp_processor_id();
1156 __flush_cpu_slab(s, cpu);
1159 static void flush_all(struct kmem_cache *s)
1162 on_each_cpu(flush_cpu_slab, s, 1, 1);
1164 unsigned long flags;
1166 local_irq_save(flags);
1168 local_irq_restore(flags);
1173 * slab_alloc is optimized to only modify two cachelines on the fast path
1174 * (aside from the stack):
1176 * 1. The page struct
1177 * 2. The first cacheline of the object to be allocated.
1179 * The only other cache lines that are read (apart from code) is the
1180 * per cpu array in the kmem_cache struct.
1182 * Fastpath is not possible if we need to get a new slab or have
1183 * debugging enabled (which means all slabs are marked with PageError)
1185 static void *slab_alloc(struct kmem_cache *s,
1186 gfp_t gfpflags, int node, void *addr)
1190 unsigned long flags;
1193 local_irq_save(flags);
1194 cpu = smp_processor_id();
1195 page = s->cpu_slab[cpu];
1200 if (unlikely(node != -1 && page_to_nid(page) != node))
1203 object = page->freelist;
1204 if (unlikely(!object))
1206 if (unlikely(PageError(page)))
1211 page->freelist = object[page->offset];
1213 local_irq_restore(flags);
1217 deactivate_slab(s, page, cpu);
1220 page = get_partial(s, gfpflags, node);
1223 s->cpu_slab[cpu] = page;
1224 SetPageActive(page);
1228 page = new_slab(s, gfpflags, node);
1230 cpu = smp_processor_id();
1231 if (s->cpu_slab[cpu]) {
1233 * Someone else populated the cpu_slab while we
1234 * enabled interrupts, or we have gotten scheduled
1235 * on another cpu. The page may not be on the
1236 * requested node even if __GFP_THISNODE was
1237 * specified. So we need to recheck.
1240 page_to_nid(s->cpu_slab[cpu]) == node) {
1242 * Current cpuslab is acceptable and we
1243 * want the current one since its cache hot
1245 discard_slab(s, page);
1246 page = s->cpu_slab[cpu];
1250 /* New slab does not fit our expectations */
1251 flush_slab(s, s->cpu_slab[cpu], cpu);
1256 local_irq_restore(flags);
1259 if (!alloc_object_checks(s, page, object))
1261 if (s->flags & SLAB_STORE_USER)
1262 set_track(s, object, TRACK_ALLOC, addr);
1263 if (s->flags & SLAB_TRACE) {
1264 printk(KERN_INFO "TRACE %s alloc 0x%p inuse=%d fp=0x%p\n",
1265 s->name, object, page->inuse,
1269 init_object(s, object, 1);
1273 void *kmem_cache_alloc(struct kmem_cache *s, gfp_t gfpflags)
1275 return slab_alloc(s, gfpflags, -1, __builtin_return_address(0));
1277 EXPORT_SYMBOL(kmem_cache_alloc);
1280 void *kmem_cache_alloc_node(struct kmem_cache *s, gfp_t gfpflags, int node)
1282 return slab_alloc(s, gfpflags, node, __builtin_return_address(0));
1284 EXPORT_SYMBOL(kmem_cache_alloc_node);
1288 * The fastpath only writes the cacheline of the page struct and the first
1289 * cacheline of the object.
1291 * We read the cpu_slab cacheline to check if the slab is the per cpu
1292 * slab for this processor.
1294 static void slab_free(struct kmem_cache *s, struct page *page,
1295 void *x, void *addr)
1298 void **object = (void *)x;
1299 unsigned long flags;
1301 local_irq_save(flags);
1304 if (unlikely(PageError(page)))
1307 prior = object[page->offset] = page->freelist;
1308 page->freelist = object;
1311 if (unlikely(PageActive(page)))
1313 * Cpu slabs are never on partial lists and are
1318 if (unlikely(!page->inuse))
1322 * Objects left in the slab. If it
1323 * was not on the partial list before
1326 if (unlikely(!prior))
1327 add_partial(get_node(s, page_to_nid(page)), page);
1331 local_irq_restore(flags);
1337 * Slab still on the partial list.
1339 remove_partial(s, page);
1342 discard_slab(s, page);
1343 local_irq_restore(flags);
1347 if (!free_object_checks(s, page, x))
1349 if (!PageActive(page) && !page->freelist)
1350 remove_full(s, page);
1351 if (s->flags & SLAB_STORE_USER)
1352 set_track(s, x, TRACK_FREE, addr);
1353 if (s->flags & SLAB_TRACE) {
1354 printk(KERN_INFO "TRACE %s free 0x%p inuse=%d fp=0x%p\n",
1355 s->name, object, page->inuse,
1357 print_section("Object", (void *)object, s->objsize);
1360 init_object(s, object, 0);
1364 void kmem_cache_free(struct kmem_cache *s, void *x)
1368 page = virt_to_head_page(x);
1370 slab_free(s, page, x, __builtin_return_address(0));
1372 EXPORT_SYMBOL(kmem_cache_free);
1374 /* Figure out on which slab object the object resides */
1375 static struct page *get_object_page(const void *x)
1377 struct page *page = virt_to_head_page(x);
1379 if (!PageSlab(page))
1386 * Object placement in a slab is made very easy because we always start at
1387 * offset 0. If we tune the size of the object to the alignment then we can
1388 * get the required alignment by putting one properly sized object after
1391 * Notice that the allocation order determines the sizes of the per cpu
1392 * caches. Each processor has always one slab available for allocations.
1393 * Increasing the allocation order reduces the number of times that slabs
1394 * must be moved on and off the partial lists and is therefore a factor in
1399 * Mininum / Maximum order of slab pages. This influences locking overhead
1400 * and slab fragmentation. A higher order reduces the number of partial slabs
1401 * and increases the number of allocations possible without having to
1402 * take the list_lock.
1404 static int slub_min_order;
1405 static int slub_max_order = DEFAULT_MAX_ORDER;
1406 static int slub_min_objects = DEFAULT_MIN_OBJECTS;
1409 * Merge control. If this is set then no merging of slab caches will occur.
1410 * (Could be removed. This was introduced to pacify the merge skeptics.)
1412 static int slub_nomerge;
1417 static int slub_debug;
1419 static char *slub_debug_slabs;
1422 * Calculate the order of allocation given an slab object size.
1424 * The order of allocation has significant impact on performance and other
1425 * system components. Generally order 0 allocations should be preferred since
1426 * order 0 does not cause fragmentation in the page allocator. Larger objects
1427 * be problematic to put into order 0 slabs because there may be too much
1428 * unused space left. We go to a higher order if more than 1/8th of the slab
1431 * In order to reach satisfactory performance we must ensure that a minimum
1432 * number of objects is in one slab. Otherwise we may generate too much
1433 * activity on the partial lists which requires taking the list_lock. This is
1434 * less a concern for large slabs though which are rarely used.
1436 * slub_max_order specifies the order where we begin to stop considering the
1437 * number of objects in a slab as critical. If we reach slub_max_order then
1438 * we try to keep the page order as low as possible. So we accept more waste
1439 * of space in favor of a small page order.
1441 * Higher order allocations also allow the placement of more objects in a
1442 * slab and thereby reduce object handling overhead. If the user has
1443 * requested a higher mininum order then we start with that one instead of
1444 * the smallest order which will fit the object.
1446 static int calculate_order(int size)
1451 for (order = max(slub_min_order, fls(size - 1) - PAGE_SHIFT);
1452 order < MAX_ORDER; order++) {
1453 unsigned long slab_size = PAGE_SIZE << order;
1455 if (slub_max_order > order &&
1456 slab_size < slub_min_objects * size)
1459 if (slab_size < size)
1462 rem = slab_size % size;
1464 if (rem <= slab_size / 8)
1468 if (order >= MAX_ORDER)
1475 * Figure out what the alignment of the objects will be.
1477 static unsigned long calculate_alignment(unsigned long flags,
1478 unsigned long align, unsigned long size)
1481 * If the user wants hardware cache aligned objects then
1482 * follow that suggestion if the object is sufficiently
1485 * The hardware cache alignment cannot override the
1486 * specified alignment though. If that is greater
1489 if ((flags & SLAB_HWCACHE_ALIGN) &&
1490 size > cache_line_size() / 2)
1491 return max_t(unsigned long, align, cache_line_size());
1493 if (align < ARCH_SLAB_MINALIGN)
1494 return ARCH_SLAB_MINALIGN;
1496 return ALIGN(align, sizeof(void *));
1499 static void init_kmem_cache_node(struct kmem_cache_node *n)
1502 atomic_long_set(&n->nr_slabs, 0);
1503 spin_lock_init(&n->list_lock);
1504 INIT_LIST_HEAD(&n->partial);
1505 INIT_LIST_HEAD(&n->full);
1510 * No kmalloc_node yet so do it by hand. We know that this is the first
1511 * slab on the node for this slabcache. There are no concurrent accesses
1514 * Note that this function only works on the kmalloc_node_cache
1515 * when allocating for the kmalloc_node_cache.
1517 static struct kmem_cache_node * __init early_kmem_cache_node_alloc(gfp_t gfpflags,
1521 struct kmem_cache_node *n;
1523 BUG_ON(kmalloc_caches->size < sizeof(struct kmem_cache_node));
1525 page = new_slab(kmalloc_caches, gfpflags | GFP_THISNODE, node);
1526 /* new_slab() disables interupts */
1532 page->freelist = get_freepointer(kmalloc_caches, n);
1534 kmalloc_caches->node[node] = n;
1535 init_object(kmalloc_caches, n, 1);
1536 init_kmem_cache_node(n);
1537 atomic_long_inc(&n->nr_slabs);
1538 add_partial(n, page);
1542 static void free_kmem_cache_nodes(struct kmem_cache *s)
1546 for_each_online_node(node) {
1547 struct kmem_cache_node *n = s->node[node];
1548 if (n && n != &s->local_node)
1549 kmem_cache_free(kmalloc_caches, n);
1550 s->node[node] = NULL;
1554 static int init_kmem_cache_nodes(struct kmem_cache *s, gfp_t gfpflags)
1559 if (slab_state >= UP)
1560 local_node = page_to_nid(virt_to_page(s));
1564 for_each_online_node(node) {
1565 struct kmem_cache_node *n;
1567 if (local_node == node)
1570 if (slab_state == DOWN) {
1571 n = early_kmem_cache_node_alloc(gfpflags,
1575 n = kmem_cache_alloc_node(kmalloc_caches,
1579 free_kmem_cache_nodes(s);
1585 init_kmem_cache_node(n);
1590 static void free_kmem_cache_nodes(struct kmem_cache *s)
1594 static int init_kmem_cache_nodes(struct kmem_cache *s, gfp_t gfpflags)
1596 init_kmem_cache_node(&s->local_node);
1602 * calculate_sizes() determines the order and the distribution of data within
1605 static int calculate_sizes(struct kmem_cache *s)
1607 unsigned long flags = s->flags;
1608 unsigned long size = s->objsize;
1609 unsigned long align = s->align;
1612 * Determine if we can poison the object itself. If the user of
1613 * the slab may touch the object after free or before allocation
1614 * then we should never poison the object itself.
1616 if ((flags & SLAB_POISON) && !(flags & SLAB_DESTROY_BY_RCU) &&
1617 !s->ctor && !s->dtor)
1618 s->flags |= __OBJECT_POISON;
1620 s->flags &= ~__OBJECT_POISON;
1623 * Round up object size to the next word boundary. We can only
1624 * place the free pointer at word boundaries and this determines
1625 * the possible location of the free pointer.
1627 size = ALIGN(size, sizeof(void *));
1630 * If we are Redzoning then check if there is some space between the
1631 * end of the object and the free pointer. If not then add an
1632 * additional word to have some bytes to store Redzone information.
1634 if ((flags & SLAB_RED_ZONE) && size == s->objsize)
1635 size += sizeof(void *);
1638 * With that we have determined the number of bytes in actual use
1639 * by the object. This is the potential offset to the free pointer.
1643 if (((flags & (SLAB_DESTROY_BY_RCU | SLAB_POISON)) ||
1644 s->ctor || s->dtor)) {
1646 * Relocate free pointer after the object if it is not
1647 * permitted to overwrite the first word of the object on
1650 * This is the case if we do RCU, have a constructor or
1651 * destructor or are poisoning the objects.
1654 size += sizeof(void *);
1657 if (flags & SLAB_STORE_USER)
1659 * Need to store information about allocs and frees after
1662 size += 2 * sizeof(struct track);
1664 if (flags & SLAB_RED_ZONE)
1666 * Add some empty padding so that we can catch
1667 * overwrites from earlier objects rather than let
1668 * tracking information or the free pointer be
1669 * corrupted if an user writes before the start
1672 size += sizeof(void *);
1675 * Determine the alignment based on various parameters that the
1676 * user specified and the dynamic determination of cache line size
1679 align = calculate_alignment(flags, align, s->objsize);
1682 * SLUB stores one object immediately after another beginning from
1683 * offset 0. In order to align the objects we have to simply size
1684 * each object to conform to the alignment.
1686 size = ALIGN(size, align);
1689 s->order = calculate_order(size);
1694 * Determine the number of objects per slab
1696 s->objects = (PAGE_SIZE << s->order) / size;
1699 * Verify that the number of objects is within permitted limits.
1700 * The page->inuse field is only 16 bit wide! So we cannot have
1701 * more than 64k objects per slab.
1703 if (!s->objects || s->objects > 65535)
1709 static int kmem_cache_open(struct kmem_cache *s, gfp_t gfpflags,
1710 const char *name, size_t size,
1711 size_t align, unsigned long flags,
1712 void (*ctor)(void *, struct kmem_cache *, unsigned long),
1713 void (*dtor)(void *, struct kmem_cache *, unsigned long))
1715 memset(s, 0, kmem_size);
1724 * The page->offset field is only 16 bit wide. This is an offset
1725 * in units of words from the beginning of an object. If the slab
1726 * size is bigger then we cannot move the free pointer behind the
1729 * On 32 bit platforms the limit is 256k. On 64bit platforms
1730 * the limit is 512k.
1732 * Debugging or ctor/dtors may create a need to move the free
1733 * pointer. Fail if this happens.
1735 if (s->size >= 65535 * sizeof(void *)) {
1736 BUG_ON(flags & (SLAB_RED_ZONE | SLAB_POISON |
1737 SLAB_STORE_USER | SLAB_DESTROY_BY_RCU));
1738 BUG_ON(ctor || dtor);
1742 * Enable debugging if selected on the kernel commandline.
1744 if (slub_debug && (!slub_debug_slabs ||
1745 strncmp(slub_debug_slabs, name,
1746 strlen(slub_debug_slabs)) == 0))
1747 s->flags |= slub_debug;
1749 if (!calculate_sizes(s))
1754 s->defrag_ratio = 100;
1757 if (init_kmem_cache_nodes(s, gfpflags & ~SLUB_DMA))
1760 if (flags & SLAB_PANIC)
1761 panic("Cannot create slab %s size=%lu realsize=%u "
1762 "order=%u offset=%u flags=%lx\n",
1763 s->name, (unsigned long)size, s->size, s->order,
1767 EXPORT_SYMBOL(kmem_cache_open);
1770 * Check if a given pointer is valid
1772 int kmem_ptr_validate(struct kmem_cache *s, const void *object)
1776 page = get_object_page(object);
1778 if (!page || s != page->slab)
1779 /* No slab or wrong slab */
1782 if (!check_valid_pointer(s, page, object))
1786 * We could also check if the object is on the slabs freelist.
1787 * But this would be too expensive and it seems that the main
1788 * purpose of kmem_ptr_valid is to check if the object belongs
1789 * to a certain slab.
1793 EXPORT_SYMBOL(kmem_ptr_validate);
1796 * Determine the size of a slab object
1798 unsigned int kmem_cache_size(struct kmem_cache *s)
1802 EXPORT_SYMBOL(kmem_cache_size);
1804 const char *kmem_cache_name(struct kmem_cache *s)
1808 EXPORT_SYMBOL(kmem_cache_name);
1811 * Attempt to free all slabs on a node. Return the number of slabs we
1812 * were unable to free.
1814 static int free_list(struct kmem_cache *s, struct kmem_cache_node *n,
1815 struct list_head *list)
1817 int slabs_inuse = 0;
1818 unsigned long flags;
1819 struct page *page, *h;
1821 spin_lock_irqsave(&n->list_lock, flags);
1822 list_for_each_entry_safe(page, h, list, lru)
1824 list_del(&page->lru);
1825 discard_slab(s, page);
1828 spin_unlock_irqrestore(&n->list_lock, flags);
1833 * Release all resources used by a slab cache.
1835 static int kmem_cache_close(struct kmem_cache *s)
1841 /* Attempt to free all objects */
1842 for_each_online_node(node) {
1843 struct kmem_cache_node *n = get_node(s, node);
1845 n->nr_partial -= free_list(s, n, &n->partial);
1846 if (atomic_long_read(&n->nr_slabs))
1849 free_kmem_cache_nodes(s);
1854 * Close a cache and release the kmem_cache structure
1855 * (must be used for caches created using kmem_cache_create)
1857 void kmem_cache_destroy(struct kmem_cache *s)
1859 down_write(&slub_lock);
1863 if (kmem_cache_close(s))
1865 sysfs_slab_remove(s);
1868 up_write(&slub_lock);
1870 EXPORT_SYMBOL(kmem_cache_destroy);
1872 /********************************************************************
1874 *******************************************************************/
1876 struct kmem_cache kmalloc_caches[KMALLOC_SHIFT_HIGH + 1] __cacheline_aligned;
1877 EXPORT_SYMBOL(kmalloc_caches);
1879 #ifdef CONFIG_ZONE_DMA
1880 static struct kmem_cache *kmalloc_caches_dma[KMALLOC_SHIFT_HIGH + 1];
1883 static int __init setup_slub_min_order(char *str)
1885 get_option (&str, &slub_min_order);
1890 __setup("slub_min_order=", setup_slub_min_order);
1892 static int __init setup_slub_max_order(char *str)
1894 get_option (&str, &slub_max_order);
1899 __setup("slub_max_order=", setup_slub_max_order);
1901 static int __init setup_slub_min_objects(char *str)
1903 get_option (&str, &slub_min_objects);
1908 __setup("slub_min_objects=", setup_slub_min_objects);
1910 static int __init setup_slub_nomerge(char *str)
1916 __setup("slub_nomerge", setup_slub_nomerge);
1918 static int __init setup_slub_debug(char *str)
1920 if (!str || *str != '=')
1921 slub_debug = DEBUG_DEFAULT_FLAGS;
1924 if (*str == 0 || *str == ',')
1925 slub_debug = DEBUG_DEFAULT_FLAGS;
1927 for( ;*str && *str != ','; str++)
1929 case 'f' : case 'F' :
1930 slub_debug |= SLAB_DEBUG_FREE;
1932 case 'z' : case 'Z' :
1933 slub_debug |= SLAB_RED_ZONE;
1935 case 'p' : case 'P' :
1936 slub_debug |= SLAB_POISON;
1938 case 'u' : case 'U' :
1939 slub_debug |= SLAB_STORE_USER;
1941 case 't' : case 'T' :
1942 slub_debug |= SLAB_TRACE;
1945 printk(KERN_ERR "slub_debug option '%c' "
1946 "unknown. skipped\n",*str);
1951 slub_debug_slabs = str + 1;
1955 __setup("slub_debug", setup_slub_debug);
1957 static struct kmem_cache *create_kmalloc_cache(struct kmem_cache *s,
1958 const char *name, int size, gfp_t gfp_flags)
1960 unsigned int flags = 0;
1962 if (gfp_flags & SLUB_DMA)
1963 flags = SLAB_CACHE_DMA;
1965 down_write(&slub_lock);
1966 if (!kmem_cache_open(s, gfp_flags, name, size, ARCH_KMALLOC_MINALIGN,
1970 list_add(&s->list, &slab_caches);
1971 up_write(&slub_lock);
1972 if (sysfs_slab_add(s))
1977 panic("Creation of kmalloc slab %s size=%d failed.\n", name, size);
1980 static struct kmem_cache *get_slab(size_t size, gfp_t flags)
1982 int index = kmalloc_index(size);
1987 /* Allocation too large? */
1990 #ifdef CONFIG_ZONE_DMA
1991 if ((flags & SLUB_DMA)) {
1992 struct kmem_cache *s;
1993 struct kmem_cache *x;
1997 s = kmalloc_caches_dma[index];
2001 /* Dynamically create dma cache */
2002 x = kmalloc(kmem_size, flags & ~SLUB_DMA);
2004 panic("Unable to allocate memory for dma cache\n");
2006 if (index <= KMALLOC_SHIFT_HIGH)
2007 realsize = 1 << index;
2015 text = kasprintf(flags & ~SLUB_DMA, "kmalloc_dma-%d",
2016 (unsigned int)realsize);
2017 s = create_kmalloc_cache(x, text, realsize, flags);
2018 kmalloc_caches_dma[index] = s;
2022 return &kmalloc_caches[index];
2025 void *__kmalloc(size_t size, gfp_t flags)
2027 struct kmem_cache *s = get_slab(size, flags);
2030 return slab_alloc(s, flags, -1, __builtin_return_address(0));
2033 EXPORT_SYMBOL(__kmalloc);
2036 void *__kmalloc_node(size_t size, gfp_t flags, int node)
2038 struct kmem_cache *s = get_slab(size, flags);
2041 return slab_alloc(s, flags, node, __builtin_return_address(0));
2044 EXPORT_SYMBOL(__kmalloc_node);
2047 size_t ksize(const void *object)
2049 struct page *page = get_object_page(object);
2050 struct kmem_cache *s;
2057 * Debugging requires use of the padding between object
2058 * and whatever may come after it.
2060 if (s->flags & (SLAB_RED_ZONE | SLAB_POISON))
2064 * If we have the need to store the freelist pointer
2065 * back there or track user information then we can
2066 * only use the space before that information.
2068 if (s->flags & (SLAB_DESTROY_BY_RCU | SLAB_STORE_USER))
2072 * Else we can use all the padding etc for the allocation
2076 EXPORT_SYMBOL(ksize);
2078 void kfree(const void *x)
2080 struct kmem_cache *s;
2086 page = virt_to_head_page(x);
2089 slab_free(s, page, (void *)x, __builtin_return_address(0));
2091 EXPORT_SYMBOL(kfree);
2094 * kmem_cache_shrink removes empty slabs from the partial lists and sorts
2095 * the remaining slabs by the number of items in use. The slabs with the
2096 * most items in use come first. New allocations will then fill those up
2097 * and thus they can be removed from the partial lists.
2099 * The slabs with the least items are placed last. This results in them
2100 * being allocated from last increasing the chance that the last objects
2101 * are freed in them.
2103 int kmem_cache_shrink(struct kmem_cache *s)
2107 struct kmem_cache_node *n;
2110 struct list_head *slabs_by_inuse =
2111 kmalloc(sizeof(struct list_head) * s->objects, GFP_KERNEL);
2112 unsigned long flags;
2114 if (!slabs_by_inuse)
2118 for_each_online_node(node) {
2119 n = get_node(s, node);
2124 for (i = 0; i < s->objects; i++)
2125 INIT_LIST_HEAD(slabs_by_inuse + i);
2127 spin_lock_irqsave(&n->list_lock, flags);
2130 * Build lists indexed by the items in use in each slab.
2132 * Note that concurrent frees may occur while we hold the
2133 * list_lock. page->inuse here is the upper limit.
2135 list_for_each_entry_safe(page, t, &n->partial, lru) {
2136 if (!page->inuse && slab_trylock(page)) {
2138 * Must hold slab lock here because slab_free
2139 * may have freed the last object and be
2140 * waiting to release the slab.
2142 list_del(&page->lru);
2145 discard_slab(s, page);
2147 if (n->nr_partial > MAX_PARTIAL)
2148 list_move(&page->lru,
2149 slabs_by_inuse + page->inuse);
2153 if (n->nr_partial <= MAX_PARTIAL)
2157 * Rebuild the partial list with the slabs filled up most
2158 * first and the least used slabs at the end.
2160 for (i = s->objects - 1; i >= 0; i--)
2161 list_splice(slabs_by_inuse + i, n->partial.prev);
2164 spin_unlock_irqrestore(&n->list_lock, flags);
2167 kfree(slabs_by_inuse);
2170 EXPORT_SYMBOL(kmem_cache_shrink);
2173 * krealloc - reallocate memory. The contents will remain unchanged.
2175 * @p: object to reallocate memory for.
2176 * @new_size: how many bytes of memory are required.
2177 * @flags: the type of memory to allocate.
2179 * The contents of the object pointed to are preserved up to the
2180 * lesser of the new and old sizes. If @p is %NULL, krealloc()
2181 * behaves exactly like kmalloc(). If @size is 0 and @p is not a
2182 * %NULL pointer, the object pointed to is freed.
2184 void *krealloc(const void *p, size_t new_size, gfp_t flags)
2190 return kmalloc(new_size, flags);
2192 if (unlikely(!new_size)) {
2201 ret = kmalloc(new_size, flags);
2203 memcpy(ret, p, min(new_size, ks));
2208 EXPORT_SYMBOL(krealloc);
2210 /********************************************************************
2211 * Basic setup of slabs
2212 *******************************************************************/
2214 void __init kmem_cache_init(void)
2220 * Must first have the slab cache available for the allocations of the
2221 * struct kmem_cache_node's. There is special bootstrap code in
2222 * kmem_cache_open for slab_state == DOWN.
2224 create_kmalloc_cache(&kmalloc_caches[0], "kmem_cache_node",
2225 sizeof(struct kmem_cache_node), GFP_KERNEL);
2228 /* Able to allocate the per node structures */
2229 slab_state = PARTIAL;
2231 /* Caches that are not of the two-to-the-power-of size */
2232 create_kmalloc_cache(&kmalloc_caches[1],
2233 "kmalloc-96", 96, GFP_KERNEL);
2234 create_kmalloc_cache(&kmalloc_caches[2],
2235 "kmalloc-192", 192, GFP_KERNEL);
2237 for (i = KMALLOC_SHIFT_LOW; i <= KMALLOC_SHIFT_HIGH; i++)
2238 create_kmalloc_cache(&kmalloc_caches[i],
2239 "kmalloc", 1 << i, GFP_KERNEL);
2243 /* Provide the correct kmalloc names now that the caches are up */
2244 for (i = KMALLOC_SHIFT_LOW; i <= KMALLOC_SHIFT_HIGH; i++)
2245 kmalloc_caches[i]. name =
2246 kasprintf(GFP_KERNEL, "kmalloc-%d", 1 << i);
2249 register_cpu_notifier(&slab_notifier);
2252 if (nr_cpu_ids) /* Remove when nr_cpu_ids is fixed upstream ! */
2253 kmem_size = offsetof(struct kmem_cache, cpu_slab)
2254 + nr_cpu_ids * sizeof(struct page *);
2256 printk(KERN_INFO "SLUB: Genslabs=%d, HWalign=%d, Order=%d-%d, MinObjects=%d,"
2257 " Processors=%d, Nodes=%d\n",
2258 KMALLOC_SHIFT_HIGH, cache_line_size(),
2259 slub_min_order, slub_max_order, slub_min_objects,
2260 nr_cpu_ids, nr_node_ids);
2264 * Find a mergeable slab cache
2266 static int slab_unmergeable(struct kmem_cache *s)
2268 if (slub_nomerge || (s->flags & SLUB_NEVER_MERGE))
2271 if (s->ctor || s->dtor)
2277 static struct kmem_cache *find_mergeable(size_t size,
2278 size_t align, unsigned long flags,
2279 void (*ctor)(void *, struct kmem_cache *, unsigned long),
2280 void (*dtor)(void *, struct kmem_cache *, unsigned long))
2282 struct list_head *h;
2284 if (slub_nomerge || (flags & SLUB_NEVER_MERGE))
2290 size = ALIGN(size, sizeof(void *));
2291 align = calculate_alignment(flags, align, size);
2292 size = ALIGN(size, align);
2294 list_for_each(h, &slab_caches) {
2295 struct kmem_cache *s =
2296 container_of(h, struct kmem_cache, list);
2298 if (slab_unmergeable(s))
2304 if (((flags | slub_debug) & SLUB_MERGE_SAME) !=
2305 (s->flags & SLUB_MERGE_SAME))
2308 * Check if alignment is compatible.
2309 * Courtesy of Adrian Drzewiecki
2311 if ((s->size & ~(align -1)) != s->size)
2314 if (s->size - size >= sizeof(void *))
2322 struct kmem_cache *kmem_cache_create(const char *name, size_t size,
2323 size_t align, unsigned long flags,
2324 void (*ctor)(void *, struct kmem_cache *, unsigned long),
2325 void (*dtor)(void *, struct kmem_cache *, unsigned long))
2327 struct kmem_cache *s;
2329 down_write(&slub_lock);
2330 s = find_mergeable(size, align, flags, dtor, ctor);
2334 * Adjust the object sizes so that we clear
2335 * the complete object on kzalloc.
2337 s->objsize = max(s->objsize, (int)size);
2338 s->inuse = max_t(int, s->inuse, ALIGN(size, sizeof(void *)));
2339 if (sysfs_slab_alias(s, name))
2342 s = kmalloc(kmem_size, GFP_KERNEL);
2343 if (s && kmem_cache_open(s, GFP_KERNEL, name,
2344 size, align, flags, ctor, dtor)) {
2345 if (sysfs_slab_add(s)) {
2349 list_add(&s->list, &slab_caches);
2353 up_write(&slub_lock);
2357 up_write(&slub_lock);
2358 if (flags & SLAB_PANIC)
2359 panic("Cannot create slabcache %s\n", name);
2364 EXPORT_SYMBOL(kmem_cache_create);
2366 void *kmem_cache_zalloc(struct kmem_cache *s, gfp_t flags)
2370 x = slab_alloc(s, flags, -1, __builtin_return_address(0));
2372 memset(x, 0, s->objsize);
2375 EXPORT_SYMBOL(kmem_cache_zalloc);
2378 static void for_all_slabs(void (*func)(struct kmem_cache *, int), int cpu)
2380 struct list_head *h;
2382 down_read(&slub_lock);
2383 list_for_each(h, &slab_caches) {
2384 struct kmem_cache *s =
2385 container_of(h, struct kmem_cache, list);
2389 up_read(&slub_lock);
2393 * Use the cpu notifier to insure that the cpu slabs are flushed when
2396 static int __cpuinit slab_cpuup_callback(struct notifier_block *nfb,
2397 unsigned long action, void *hcpu)
2399 long cpu = (long)hcpu;
2402 case CPU_UP_CANCELED:
2404 for_all_slabs(__flush_cpu_slab, cpu);
2412 static struct notifier_block __cpuinitdata slab_notifier =
2413 { &slab_cpuup_callback, NULL, 0 };
2419 /*****************************************************************
2420 * Generic reaper used to support the page allocator
2421 * (the cpu slabs are reaped by a per slab workqueue).
2423 * Maybe move this to the page allocator?
2424 ****************************************************************/
2426 static DEFINE_PER_CPU(unsigned long, reap_node);
2428 static void init_reap_node(int cpu)
2432 node = next_node(cpu_to_node(cpu), node_online_map);
2433 if (node == MAX_NUMNODES)
2434 node = first_node(node_online_map);
2436 __get_cpu_var(reap_node) = node;
2439 static void next_reap_node(void)
2441 int node = __get_cpu_var(reap_node);
2444 * Also drain per cpu pages on remote zones
2446 if (node != numa_node_id())
2447 drain_node_pages(node);
2449 node = next_node(node, node_online_map);
2450 if (unlikely(node >= MAX_NUMNODES))
2451 node = first_node(node_online_map);
2452 __get_cpu_var(reap_node) = node;
2455 #define init_reap_node(cpu) do { } while (0)
2456 #define next_reap_node(void) do { } while (0)
2459 #define REAPTIMEOUT_CPUC (2*HZ)
2462 static DEFINE_PER_CPU(struct delayed_work, reap_work);
2464 static void cache_reap(struct work_struct *unused)
2467 refresh_cpu_vm_stats(smp_processor_id());
2468 schedule_delayed_work(&__get_cpu_var(reap_work),
2472 static void __devinit start_cpu_timer(int cpu)
2474 struct delayed_work *reap_work = &per_cpu(reap_work, cpu);
2477 * When this gets called from do_initcalls via cpucache_init(),
2478 * init_workqueues() has already run, so keventd will be setup
2481 if (keventd_up() && reap_work->work.func == NULL) {
2482 init_reap_node(cpu);
2483 INIT_DELAYED_WORK(reap_work, cache_reap);
2484 schedule_delayed_work_on(cpu, reap_work, HZ + 3 * cpu);
2488 static int __init cpucache_init(void)
2493 * Register the timers that drain pcp pages and update vm statistics
2495 for_each_online_cpu(cpu)
2496 start_cpu_timer(cpu);
2499 __initcall(cpucache_init);
2502 #ifdef SLUB_RESILIENCY_TEST
2503 static unsigned long validate_slab_cache(struct kmem_cache *s);
2505 static void resiliency_test(void)
2509 printk(KERN_ERR "SLUB resiliency testing\n");
2510 printk(KERN_ERR "-----------------------\n");
2511 printk(KERN_ERR "A. Corruption after allocation\n");
2513 p = kzalloc(16, GFP_KERNEL);
2515 printk(KERN_ERR "\n1. kmalloc-16: Clobber Redzone/next pointer"
2516 " 0x12->0x%p\n\n", p + 16);
2518 validate_slab_cache(kmalloc_caches + 4);
2520 /* Hmmm... The next two are dangerous */
2521 p = kzalloc(32, GFP_KERNEL);
2522 p[32 + sizeof(void *)] = 0x34;
2523 printk(KERN_ERR "\n2. kmalloc-32: Clobber next pointer/next slab"
2524 " 0x34 -> -0x%p\n", p);
2525 printk(KERN_ERR "If allocated object is overwritten then not detectable\n\n");
2527 validate_slab_cache(kmalloc_caches + 5);
2528 p = kzalloc(64, GFP_KERNEL);
2529 p += 64 + (get_cycles() & 0xff) * sizeof(void *);
2531 printk(KERN_ERR "\n3. kmalloc-64: corrupting random byte 0x56->0x%p\n",
2533 printk(KERN_ERR "If allocated object is overwritten then not detectable\n\n");
2534 validate_slab_cache(kmalloc_caches + 6);
2536 printk(KERN_ERR "\nB. Corruption after free\n");
2537 p = kzalloc(128, GFP_KERNEL);
2540 printk(KERN_ERR "1. kmalloc-128: Clobber first word 0x78->0x%p\n\n", p);
2541 validate_slab_cache(kmalloc_caches + 7);
2543 p = kzalloc(256, GFP_KERNEL);
2546 printk(KERN_ERR "\n2. kmalloc-256: Clobber 50th byte 0x9a->0x%p\n\n", p);
2547 validate_slab_cache(kmalloc_caches + 8);
2549 p = kzalloc(512, GFP_KERNEL);
2552 printk(KERN_ERR "\n3. kmalloc-512: Clobber redzone 0xab->0x%p\n\n", p);
2553 validate_slab_cache(kmalloc_caches + 9);
2556 static void resiliency_test(void) {};
2559 void *__kmalloc_track_caller(size_t size, gfp_t gfpflags, void *caller)
2561 struct kmem_cache *s = get_slab(size, gfpflags);
2566 return slab_alloc(s, gfpflags, -1, caller);
2569 void *__kmalloc_node_track_caller(size_t size, gfp_t gfpflags,
2570 int node, void *caller)
2572 struct kmem_cache *s = get_slab(size, gfpflags);
2577 return slab_alloc(s, gfpflags, node, caller);
2582 static int validate_slab(struct kmem_cache *s, struct page *page)
2585 void *addr = page_address(page);
2586 unsigned long map[BITS_TO_LONGS(s->objects)];
2588 if (!check_slab(s, page) ||
2589 !on_freelist(s, page, NULL))
2592 /* Now we know that a valid freelist exists */
2593 bitmap_zero(map, s->objects);
2595 for(p = page->freelist; p; p = get_freepointer(s, p)) {
2596 set_bit((p - addr) / s->size, map);
2597 if (!check_object(s, page, p, 0))
2601 for(p = addr; p < addr + s->objects * s->size; p += s->size)
2602 if (!test_bit((p - addr) / s->size, map))
2603 if (!check_object(s, page, p, 1))
2608 static void validate_slab_slab(struct kmem_cache *s, struct page *page)
2610 if (slab_trylock(page)) {
2611 validate_slab(s, page);
2614 printk(KERN_INFO "SLUB %s: Skipped busy slab 0x%p\n",
2617 if (s->flags & DEBUG_DEFAULT_FLAGS) {
2618 if (!PageError(page))
2619 printk(KERN_ERR "SLUB %s: PageError not set "
2620 "on slab 0x%p\n", s->name, page);
2622 if (PageError(page))
2623 printk(KERN_ERR "SLUB %s: PageError set on "
2624 "slab 0x%p\n", s->name, page);
2628 static int validate_slab_node(struct kmem_cache *s, struct kmem_cache_node *n)
2630 unsigned long count = 0;
2632 unsigned long flags;
2634 spin_lock_irqsave(&n->list_lock, flags);
2636 list_for_each_entry(page, &n->partial, lru) {
2637 validate_slab_slab(s, page);
2640 if (count != n->nr_partial)
2641 printk(KERN_ERR "SLUB %s: %ld partial slabs counted but "
2642 "counter=%ld\n", s->name, count, n->nr_partial);
2644 if (!(s->flags & SLAB_STORE_USER))
2647 list_for_each_entry(page, &n->full, lru) {
2648 validate_slab_slab(s, page);
2651 if (count != atomic_long_read(&n->nr_slabs))
2652 printk(KERN_ERR "SLUB: %s %ld slabs counted but "
2653 "counter=%ld\n", s->name, count,
2654 atomic_long_read(&n->nr_slabs));
2657 spin_unlock_irqrestore(&n->list_lock, flags);
2661 static unsigned long validate_slab_cache(struct kmem_cache *s)
2664 unsigned long count = 0;
2667 for_each_online_node(node) {
2668 struct kmem_cache_node *n = get_node(s, node);
2670 count += validate_slab_node(s, n);
2676 * Generate lists of code addresses where slabcache objects are allocated
2681 unsigned long count;
2687 unsigned long count;
2688 struct location *loc;
2691 static void free_loc_track(struct loc_track *t)
2694 free_pages((unsigned long)t->loc,
2695 get_order(sizeof(struct location) * t->max));
2698 static int alloc_loc_track(struct loc_track *t, unsigned long max)
2704 max = PAGE_SIZE / sizeof(struct location);
2706 order = get_order(sizeof(struct location) * max);
2708 l = (void *)__get_free_pages(GFP_KERNEL, order);
2714 memcpy(l, t->loc, sizeof(struct location) * t->count);
2722 static int add_location(struct loc_track *t, struct kmem_cache *s,
2725 long start, end, pos;
2733 pos = start + (end - start + 1) / 2;
2736 * There is nothing at "end". If we end up there
2737 * we need to add something to before end.
2742 caddr = t->loc[pos].addr;
2743 if (addr == caddr) {
2744 t->loc[pos].count++;
2755 * Not found. Insert new tracking element.
2757 if (t->count >= t->max && !alloc_loc_track(t, 2 * t->max))
2763 (t->count - pos) * sizeof(struct location));
2770 static void process_slab(struct loc_track *t, struct kmem_cache *s,
2771 struct page *page, enum track_item alloc)
2773 void *addr = page_address(page);
2774 unsigned long map[BITS_TO_LONGS(s->objects)];
2777 bitmap_zero(map, s->objects);
2778 for (p = page->freelist; p; p = get_freepointer(s, p))
2779 set_bit((p - addr) / s->size, map);
2781 for (p = addr; p < addr + s->objects * s->size; p += s->size)
2782 if (!test_bit((p - addr) / s->size, map)) {
2783 void *addr = get_track(s, p, alloc)->addr;
2785 add_location(t, s, addr);
2789 static int list_locations(struct kmem_cache *s, char *buf,
2790 enum track_item alloc)
2800 /* Push back cpu slabs */
2803 for_each_online_node(node) {
2804 struct kmem_cache_node *n = get_node(s, node);
2805 unsigned long flags;
2808 if (!atomic_read(&n->nr_slabs))
2811 spin_lock_irqsave(&n->list_lock, flags);
2812 list_for_each_entry(page, &n->partial, lru)
2813 process_slab(&t, s, page, alloc);
2814 list_for_each_entry(page, &n->full, lru)
2815 process_slab(&t, s, page, alloc);
2816 spin_unlock_irqrestore(&n->list_lock, flags);
2819 for (i = 0; i < t.count; i++) {
2820 void *addr = t.loc[i].addr;
2822 if (n > PAGE_SIZE - 100)
2824 n += sprintf(buf + n, "%7ld ", t.loc[i].count);
2826 n += sprint_symbol(buf + n, (unsigned long)t.loc[i].addr);
2828 n += sprintf(buf + n, "<not-available>");
2829 n += sprintf(buf + n, "\n");
2834 n += sprintf(buf, "No data\n");
2838 static unsigned long count_partial(struct kmem_cache_node *n)
2840 unsigned long flags;
2841 unsigned long x = 0;
2844 spin_lock_irqsave(&n->list_lock, flags);
2845 list_for_each_entry(page, &n->partial, lru)
2847 spin_unlock_irqrestore(&n->list_lock, flags);
2851 enum slab_stat_type {
2858 #define SO_FULL (1 << SL_FULL)
2859 #define SO_PARTIAL (1 << SL_PARTIAL)
2860 #define SO_CPU (1 << SL_CPU)
2861 #define SO_OBJECTS (1 << SL_OBJECTS)
2863 static unsigned long slab_objects(struct kmem_cache *s,
2864 char *buf, unsigned long flags)
2866 unsigned long total = 0;
2870 unsigned long *nodes;
2871 unsigned long *per_cpu;
2873 nodes = kzalloc(2 * sizeof(unsigned long) * nr_node_ids, GFP_KERNEL);
2874 per_cpu = nodes + nr_node_ids;
2876 for_each_possible_cpu(cpu) {
2877 struct page *page = s->cpu_slab[cpu];
2881 node = page_to_nid(page);
2882 if (flags & SO_CPU) {
2885 if (flags & SO_OBJECTS)
2896 for_each_online_node(node) {
2897 struct kmem_cache_node *n = get_node(s, node);
2899 if (flags & SO_PARTIAL) {
2900 if (flags & SO_OBJECTS)
2901 x = count_partial(n);
2908 if (flags & SO_FULL) {
2909 int full_slabs = atomic_read(&n->nr_slabs)
2913 if (flags & SO_OBJECTS)
2914 x = full_slabs * s->objects;
2922 x = sprintf(buf, "%lu", total);
2924 for_each_online_node(node)
2926 x += sprintf(buf + x, " N%d=%lu",
2930 return x + sprintf(buf + x, "\n");
2933 static int any_slab_objects(struct kmem_cache *s)
2938 for_each_possible_cpu(cpu)
2939 if (s->cpu_slab[cpu])
2942 for_each_node(node) {
2943 struct kmem_cache_node *n = get_node(s, node);
2945 if (n->nr_partial || atomic_read(&n->nr_slabs))
2951 #define to_slab_attr(n) container_of(n, struct slab_attribute, attr)
2952 #define to_slab(n) container_of(n, struct kmem_cache, kobj);
2954 struct slab_attribute {
2955 struct attribute attr;
2956 ssize_t (*show)(struct kmem_cache *s, char *buf);
2957 ssize_t (*store)(struct kmem_cache *s, const char *x, size_t count);
2960 #define SLAB_ATTR_RO(_name) \
2961 static struct slab_attribute _name##_attr = __ATTR_RO(_name)
2963 #define SLAB_ATTR(_name) \
2964 static struct slab_attribute _name##_attr = \
2965 __ATTR(_name, 0644, _name##_show, _name##_store)
2967 static ssize_t slab_size_show(struct kmem_cache *s, char *buf)
2969 return sprintf(buf, "%d\n", s->size);
2971 SLAB_ATTR_RO(slab_size);
2973 static ssize_t align_show(struct kmem_cache *s, char *buf)
2975 return sprintf(buf, "%d\n", s->align);
2977 SLAB_ATTR_RO(align);
2979 static ssize_t object_size_show(struct kmem_cache *s, char *buf)
2981 return sprintf(buf, "%d\n", s->objsize);
2983 SLAB_ATTR_RO(object_size);
2985 static ssize_t objs_per_slab_show(struct kmem_cache *s, char *buf)
2987 return sprintf(buf, "%d\n", s->objects);
2989 SLAB_ATTR_RO(objs_per_slab);
2991 static ssize_t order_show(struct kmem_cache *s, char *buf)
2993 return sprintf(buf, "%d\n", s->order);
2995 SLAB_ATTR_RO(order);
2997 static ssize_t ctor_show(struct kmem_cache *s, char *buf)
3000 int n = sprint_symbol(buf, (unsigned long)s->ctor);
3002 return n + sprintf(buf + n, "\n");
3008 static ssize_t dtor_show(struct kmem_cache *s, char *buf)
3011 int n = sprint_symbol(buf, (unsigned long)s->dtor);
3013 return n + sprintf(buf + n, "\n");
3019 static ssize_t aliases_show(struct kmem_cache *s, char *buf)
3021 return sprintf(buf, "%d\n", s->refcount - 1);
3023 SLAB_ATTR_RO(aliases);
3025 static ssize_t slabs_show(struct kmem_cache *s, char *buf)
3027 return slab_objects(s, buf, SO_FULL|SO_PARTIAL|SO_CPU);
3029 SLAB_ATTR_RO(slabs);
3031 static ssize_t partial_show(struct kmem_cache *s, char *buf)
3033 return slab_objects(s, buf, SO_PARTIAL);
3035 SLAB_ATTR_RO(partial);
3037 static ssize_t cpu_slabs_show(struct kmem_cache *s, char *buf)
3039 return slab_objects(s, buf, SO_CPU);
3041 SLAB_ATTR_RO(cpu_slabs);
3043 static ssize_t objects_show(struct kmem_cache *s, char *buf)
3045 return slab_objects(s, buf, SO_FULL|SO_PARTIAL|SO_CPU|SO_OBJECTS);
3047 SLAB_ATTR_RO(objects);
3049 static ssize_t sanity_checks_show(struct kmem_cache *s, char *buf)
3051 return sprintf(buf, "%d\n", !!(s->flags & SLAB_DEBUG_FREE));
3054 static ssize_t sanity_checks_store(struct kmem_cache *s,
3055 const char *buf, size_t length)
3057 s->flags &= ~SLAB_DEBUG_FREE;
3059 s->flags |= SLAB_DEBUG_FREE;
3062 SLAB_ATTR(sanity_checks);
3064 static ssize_t trace_show(struct kmem_cache *s, char *buf)
3066 return sprintf(buf, "%d\n", !!(s->flags & SLAB_TRACE));
3069 static ssize_t trace_store(struct kmem_cache *s, const char *buf,
3072 s->flags &= ~SLAB_TRACE;
3074 s->flags |= SLAB_TRACE;
3079 static ssize_t reclaim_account_show(struct kmem_cache *s, char *buf)
3081 return sprintf(buf, "%d\n", !!(s->flags & SLAB_RECLAIM_ACCOUNT));
3084 static ssize_t reclaim_account_store(struct kmem_cache *s,
3085 const char *buf, size_t length)
3087 s->flags &= ~SLAB_RECLAIM_ACCOUNT;
3089 s->flags |= SLAB_RECLAIM_ACCOUNT;
3092 SLAB_ATTR(reclaim_account);
3094 static ssize_t hwcache_align_show(struct kmem_cache *s, char *buf)
3096 return sprintf(buf, "%d\n", !!(s->flags & SLAB_HWCACHE_ALIGN));
3098 SLAB_ATTR_RO(hwcache_align);
3100 #ifdef CONFIG_ZONE_DMA
3101 static ssize_t cache_dma_show(struct kmem_cache *s, char *buf)
3103 return sprintf(buf, "%d\n", !!(s->flags & SLAB_CACHE_DMA));
3105 SLAB_ATTR_RO(cache_dma);
3108 static ssize_t destroy_by_rcu_show(struct kmem_cache *s, char *buf)
3110 return sprintf(buf, "%d\n", !!(s->flags & SLAB_DESTROY_BY_RCU));
3112 SLAB_ATTR_RO(destroy_by_rcu);
3114 static ssize_t red_zone_show(struct kmem_cache *s, char *buf)
3116 return sprintf(buf, "%d\n", !!(s->flags & SLAB_RED_ZONE));
3119 static ssize_t red_zone_store(struct kmem_cache *s,
3120 const char *buf, size_t length)
3122 if (any_slab_objects(s))
3125 s->flags &= ~SLAB_RED_ZONE;
3127 s->flags |= SLAB_RED_ZONE;
3131 SLAB_ATTR(red_zone);
3133 static ssize_t poison_show(struct kmem_cache *s, char *buf)
3135 return sprintf(buf, "%d\n", !!(s->flags & SLAB_POISON));
3138 static ssize_t poison_store(struct kmem_cache *s,
3139 const char *buf, size_t length)
3141 if (any_slab_objects(s))
3144 s->flags &= ~SLAB_POISON;
3146 s->flags |= SLAB_POISON;
3152 static ssize_t store_user_show(struct kmem_cache *s, char *buf)
3154 return sprintf(buf, "%d\n", !!(s->flags & SLAB_STORE_USER));
3157 static ssize_t store_user_store(struct kmem_cache *s,
3158 const char *buf, size_t length)
3160 if (any_slab_objects(s))
3163 s->flags &= ~SLAB_STORE_USER;
3165 s->flags |= SLAB_STORE_USER;
3169 SLAB_ATTR(store_user);
3171 static ssize_t validate_show(struct kmem_cache *s, char *buf)
3176 static ssize_t validate_store(struct kmem_cache *s,
3177 const char *buf, size_t length)
3180 validate_slab_cache(s);
3185 SLAB_ATTR(validate);
3187 static ssize_t shrink_show(struct kmem_cache *s, char *buf)
3192 static ssize_t shrink_store(struct kmem_cache *s,
3193 const char *buf, size_t length)
3195 if (buf[0] == '1') {
3196 int rc = kmem_cache_shrink(s);
3206 static ssize_t alloc_calls_show(struct kmem_cache *s, char *buf)
3208 if (!(s->flags & SLAB_STORE_USER))
3210 return list_locations(s, buf, TRACK_ALLOC);
3212 SLAB_ATTR_RO(alloc_calls);
3214 static ssize_t free_calls_show(struct kmem_cache *s, char *buf)
3216 if (!(s->flags & SLAB_STORE_USER))
3218 return list_locations(s, buf, TRACK_FREE);
3220 SLAB_ATTR_RO(free_calls);
3223 static ssize_t defrag_ratio_show(struct kmem_cache *s, char *buf)
3225 return sprintf(buf, "%d\n", s->defrag_ratio / 10);
3228 static ssize_t defrag_ratio_store(struct kmem_cache *s,
3229 const char *buf, size_t length)
3231 int n = simple_strtoul(buf, NULL, 10);
3234 s->defrag_ratio = n * 10;
3237 SLAB_ATTR(defrag_ratio);
3240 static struct attribute * slab_attrs[] = {
3241 &slab_size_attr.attr,
3242 &object_size_attr.attr,
3243 &objs_per_slab_attr.attr,
3248 &cpu_slabs_attr.attr,
3253 &sanity_checks_attr.attr,
3255 &hwcache_align_attr.attr,
3256 &reclaim_account_attr.attr,
3257 &destroy_by_rcu_attr.attr,
3258 &red_zone_attr.attr,
3260 &store_user_attr.attr,
3261 &validate_attr.attr,
3263 &alloc_calls_attr.attr,
3264 &free_calls_attr.attr,
3265 #ifdef CONFIG_ZONE_DMA
3266 &cache_dma_attr.attr,
3269 &defrag_ratio_attr.attr,
3274 static struct attribute_group slab_attr_group = {
3275 .attrs = slab_attrs,
3278 static ssize_t slab_attr_show(struct kobject *kobj,
3279 struct attribute *attr,
3282 struct slab_attribute *attribute;
3283 struct kmem_cache *s;
3286 attribute = to_slab_attr(attr);
3289 if (!attribute->show)
3292 err = attribute->show(s, buf);
3297 static ssize_t slab_attr_store(struct kobject *kobj,
3298 struct attribute *attr,
3299 const char *buf, size_t len)
3301 struct slab_attribute *attribute;
3302 struct kmem_cache *s;
3305 attribute = to_slab_attr(attr);
3308 if (!attribute->store)
3311 err = attribute->store(s, buf, len);
3316 static struct sysfs_ops slab_sysfs_ops = {
3317 .show = slab_attr_show,
3318 .store = slab_attr_store,
3321 static struct kobj_type slab_ktype = {
3322 .sysfs_ops = &slab_sysfs_ops,
3325 static int uevent_filter(struct kset *kset, struct kobject *kobj)
3327 struct kobj_type *ktype = get_ktype(kobj);
3329 if (ktype == &slab_ktype)
3334 static struct kset_uevent_ops slab_uevent_ops = {
3335 .filter = uevent_filter,
3338 decl_subsys(slab, &slab_ktype, &slab_uevent_ops);
3340 #define ID_STR_LENGTH 64
3342 /* Create a unique string id for a slab cache:
3344 * :[flags-]size:[memory address of kmemcache]
3346 static char *create_unique_id(struct kmem_cache *s)
3348 char *name = kmalloc(ID_STR_LENGTH, GFP_KERNEL);
3355 * First flags affecting slabcache operations. We will only
3356 * get here for aliasable slabs so we do not need to support
3357 * too many flags. The flags here must cover all flags that
3358 * are matched during merging to guarantee that the id is
3361 if (s->flags & SLAB_CACHE_DMA)
3363 if (s->flags & SLAB_RECLAIM_ACCOUNT)
3365 if (s->flags & SLAB_DEBUG_FREE)
3369 p += sprintf(p, "%07d", s->size);
3370 BUG_ON(p > name + ID_STR_LENGTH - 1);
3374 static int sysfs_slab_add(struct kmem_cache *s)
3380 if (slab_state < SYSFS)
3381 /* Defer until later */
3384 unmergeable = slab_unmergeable(s);
3387 * Slabcache can never be merged so we can use the name proper.
3388 * This is typically the case for debug situations. In that
3389 * case we can catch duplicate names easily.
3391 sysfs_remove_link(&slab_subsys.kobj, s->name);
3395 * Create a unique name for the slab as a target
3398 name = create_unique_id(s);
3401 kobj_set_kset_s(s, slab_subsys);
3402 kobject_set_name(&s->kobj, name);
3403 kobject_init(&s->kobj);
3404 err = kobject_add(&s->kobj);
3408 err = sysfs_create_group(&s->kobj, &slab_attr_group);
3411 kobject_uevent(&s->kobj, KOBJ_ADD);
3413 /* Setup first alias */
3414 sysfs_slab_alias(s, s->name);
3420 static void sysfs_slab_remove(struct kmem_cache *s)
3422 kobject_uevent(&s->kobj, KOBJ_REMOVE);
3423 kobject_del(&s->kobj);
3427 * Need to buffer aliases during bootup until sysfs becomes
3428 * available lest we loose that information.
3430 struct saved_alias {
3431 struct kmem_cache *s;
3433 struct saved_alias *next;
3436 struct saved_alias *alias_list;
3438 static int sysfs_slab_alias(struct kmem_cache *s, const char *name)
3440 struct saved_alias *al;
3442 if (slab_state == SYSFS) {
3444 * If we have a leftover link then remove it.
3446 sysfs_remove_link(&slab_subsys.kobj, name);
3447 return sysfs_create_link(&slab_subsys.kobj,
3451 al = kmalloc(sizeof(struct saved_alias), GFP_KERNEL);
3457 al->next = alias_list;
3462 static int __init slab_sysfs_init(void)
3464 struct list_head *h;
3467 err = subsystem_register(&slab_subsys);
3469 printk(KERN_ERR "Cannot register slab subsystem.\n");
3475 list_for_each(h, &slab_caches) {
3476 struct kmem_cache *s =
3477 container_of(h, struct kmem_cache, list);
3479 err = sysfs_slab_add(s);
3483 while (alias_list) {
3484 struct saved_alias *al = alias_list;
3486 alias_list = alias_list->next;
3487 err = sysfs_slab_alias(al->s, al->name);
3496 __initcall(slab_sysfs_init);
git.openpandora.org / pandora-kernel.git / blob