On Mon, 28 Sep 2015 11:30:00 -0500 (CDT) Christoph Lameter <cl@xxxxxxxxx> wrote: > On Mon, 28 Sep 2015, Jesper Dangaard Brouer wrote: > > > Not knowing SLUB as well as you, it took me several hours to realize > > init_object() didn't overwrite the freepointer in the object. Thus, I > > think these comments make the reader aware of not-so-obvious > > side-effects of SLAB_POISON and SLAB_RED_ZONE. > > From the source: > > /* > * Object layout: > * > * object address > * Bytes of the object to be managed. > * If the freepointer may overlay the object then the free > * pointer is the first word of the object. > * > * Poisoning uses 0x6b (POISON_FREE) and the last byte is > * 0xa5 (POISON_END) > * > * object + s->object_size > * Padding to reach word boundary. This is also used for Redzoning. > * Padding is extended by another word if Redzoning is enabled and > * object_size == inuse. > * > * We fill with 0xbb (RED_INACTIVE) for inactive objects and with > * 0xcc (RED_ACTIVE) for objects in use. > * > * object + s->inuse > * Meta data starts here. > * > * A. Free pointer (if we cannot overwrite object on free) > * B. Tracking data for SLAB_STORE_USER > * C. Padding to reach required alignment boundary or at mininum > * one word if debugging is on to be able to detect writes > * before the word boundary. Okay, I will remove the comment. The best doc on SLUB and SLAB layout comes from your slides titled: "Slab allocators in the Linux Kernel: SLAB, SLOB, SLUB" Lets gracefully add a link to the slides here: http://events.linuxfoundation.org/sites/events/files/slides/slaballocators.pdf -- Best regards, Jesper Dangaard Brouer MSc.CS, Principal Kernel Engineer at Red Hat Author of http://www.iptv-analyzer.org LinkedIn: http://www.linkedin.com/in/brouer -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>