| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHOvCC695c3fBphYvVz0Gk3H2hR9O2GaQLPvOVSZbUyv5C5rwg@mail.gmail.com>
Date: Wed, 10 Sep 2025 11:31:01 +0900
From: JaeJoon Jung <rgbi3307@...il.com>
To: Harry Yoo <harry.yoo@...cle.com>
Cc: cl@...ux.com, penberg@...nel.org, rientjes@...gle.com,
iamjoonsoo.kim@....com, akpm@...ux-foundation.org, vbabka@...e.cz,
roman.gushchin@...ux.dev, 42.hyeyoo@...il.com, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, rgbi3307@...er.com
Subject: Re: [PATCH] mm/slub: Removing unnecessary variable accesses in the get_freelist()
Hi, Harry Hyeonggon Yoo,
Thank you for your kind and detailed reply.
I hadn't thought of the union data type.
Since the counters, inuse, and frozen members are unioned within the
slab structure,
there is the problem that the above values are not applied to
__slab_update_freelist() and try_cmpxchg_freelist() if the existing
code is not followed.
I canceled my patch request.
I apologized for my inconvenience.
On Wed, 10 Sept 2025 at 10:39, Harry Yoo <harry.yoo@...cle.com> wrote:
>
> Hi Jaejoon,
>
> I updated my email from 42.hyeyoo@...il.com to harry.yoo@...cle.com
> a while ago. Please check up-to-date MAINTAINERS file when sending a patch.
>
> On Wed, Sep 10, 2025 at 09:59:56AM +0900, JaeJoon Jung wrote:
> > It pass a NULL pointer to the freelist_new variable
> > in the __slab_update_freelist() function so that it don't have to re-fetch
> > the variable values inside the while loop.
>
> No, it needs to re-fetch values when cmpxchg fails.
> Otherwise it would fall into an infinite loop, no?
>
> at a high level overview, cmpxchg works like this (atomically, of course):
>
> retry:
> old = var;
> // modify some bits in 'old' and store it to 'new'
> new = old + something;
> if (var == old) { // compare
> var = new; // exchange if the value is expected
> } else {
> // if var != old, someone else updated the variable. retry
> goto retry;
> }
>
> and this retry will certainly fail if you don't you re-fetch the value,
> modify it, and try cmpxchg again. The 'old' value fetched before failing
> cmpxchg will not match anymore because other CPUs already updated that
> variable.
>
> > Removing unnecessary variable accesses as shown below
> > will reduce the code size of the get_freelist() function and make it faster.
> >
> > Signed-off-by: JaeJoon Jung <rgbi3307@...il.com>
> > ---
> > mm/slub.c | 21 ++++-----------------
> > 1 file changed, 4 insertions(+), 17 deletions(-)
> >
> > diff --git a/mm/slub.c b/mm/slub.c
> > index d257141896c9..2e305a17a9d7 100644
> > --- a/mm/slub.c
> > +++ b/mm/slub.c
> > @@ -3654,27 +3654,14 @@ __update_cpu_freelist_fast(struct kmem_cache *s,
> > */
> > static inline void *get_freelist(struct kmem_cache *s, struct slab *slab)
> > {
> > - struct slab new;
> > - unsigned long counters;
> > - void *freelist;
> > -
> > lockdep_assert_held(this_cpu_ptr(&s->cpu_slab->lock));
> >
> > - do {
> > - freelist = slab->freelist;
> > - counters = slab->counters;
> > -
> > - new.counters = counters;
> > -
> > - new.inuse = slab->objects;
> > - new.frozen = freelist != NULL;
>
> ...and the frozen and inuse bits are part of counters field,
> so they are not updated anymore?
>
> > -
> > - } while (!__slab_update_freelist(s, slab,
> > - freelist, counters,
> > - NULL, new.counters,
> > + while (!__slab_update_freelist(s, slab,
> > + slab->freelist, slab->counters,
> > + NULL, slab->counters,
> > "get_freelist"));
> >
> > - return freelist;
> > + return slab->freelist;
> > }
> >
> > /*
> > --
> > 2.43.0
>
> --
> Cheers,
> Harry / Hyeonggon
Powered by blists - more mailing lists