On Tue, 23 Nov 2021, Wonhyuk Yang wrote: > Do you mean that without TID, multiple cpu can race on one > cpu_slab->freelist? > > How is it possible? As you know, cpu_slab is per-cpu variable and > cpu_slab->freelist is accessed via "this_cpu_cmpxchg" in the area > where preemption is enabled. That is the problem. Preemption is enabled. This means that slab_alloc can be preempted at any time and continue to run on an arbitrary other processor and also continue at an arbitrary time. It may also be rescheduled on the processor it ran before after executing just one instruction or so on another processor. Yes another thread may therefore also start to execute slab_alloc() on the same cpu, get the same per cpu pointer and perform some ops. Somewhere in the middle of this another processor may continue the first thread that was preempted earlier.
