stuartl/linux-stable
1
0
Fork 0
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux-stable.git synced 2025-09-13 11:07:46 +10:00
Code Issues Releases Wiki Activity
v6.6.105
linux-stable/mm
History
yangshiguang 522ffe2986 mm: slub: avoid wake up kswapd in set_track_prepare 
[ Upstream commit 850470a841 ]

set_track_prepare() can incur lock recursion.
The issue is that it is called from hrtimer_start_range_ns
holding the per_cpu(hrtimer_bases)[n].lock, but when enabled
CONFIG_DEBUG_OBJECTS_TIMERS, may wake up kswapd in set_track_prepare,
and try to hold the per_cpu(hrtimer_bases)[n].lock.

Avoid deadlock caused by implicitly waking up kswapd by passing in
allocation flags, which do not contain __GFP_KSWAPD_RECLAIM in the
debug_objects_fill_pool() case. Inside stack depot they are processed by
gfp_nested_mask().
Since ___slab_alloc() has preemption disabled, we mask out
__GFP_DIRECT_RECLAIM from the flags there.

The oops looks something like:

BUG: spinlock recursion on CPU#3, swapper/3/0
 lock: 0xffffff8a4bf29c80, .magic: dead4ead, .owner: swapper/3/0, .owner_cpu: 3
Hardware name: Qualcomm Technologies, Inc. Popsicle based on SM8850 (DT)
Call trace:
spin_bug+0x0
_raw_spin_lock_irqsave+0x80
hrtimer_try_to_cancel+0x94
task_contending+0x10c
enqueue_dl_entity+0x2a4
dl_server_start+0x74
enqueue_task_fair+0x568
enqueue_task+0xac
do_activate_task+0x14c
ttwu_do_activate+0xcc
try_to_wake_up+0x6c8
default_wake_function+0x20
autoremove_wake_function+0x1c
__wake_up+0xac
wakeup_kswapd+0x19c
wake_all_kswapds+0x78
__alloc_pages_slowpath+0x1ac
__alloc_pages_noprof+0x298
stack_depot_save_flags+0x6b0
stack_depot_save+0x14
set_track_prepare+0x5c
___slab_alloc+0xccc
__kmalloc_cache_noprof+0x470
__set_page_owner+0x2bc
post_alloc_hook[jt]+0x1b8
prep_new_page+0x28
get_page_from_freelist+0x1edc
__alloc_pages_noprof+0x13c
alloc_slab_page+0x244
allocate_slab+0x7c
___slab_alloc+0x8e8
kmem_cache_alloc_noprof+0x450
debug_objects_fill_pool+0x22c
debug_object_activate+0x40
enqueue_hrtimer[jt]+0xdc
hrtimer_start_range_ns+0x5f8
...

Signed-off-by: yangshiguang <yangshiguang@xiaomi.com>
Fixes: 5cf909c553 ("mm/slub: use stackdepot to save stack trace in objects")
Cc: stable@vger.kernel.org
Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2025-09-09 18:56:34 +02:00
..
damon mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write 2025-07-06 11:00:11 +02:00
kasan kasan: use vmalloc_dump_obj() for vmalloc error reports 2025-08-01 09:47:30 +01:00
kfence kfence: skip __GFP_THISNODE allocations on NUMA systems 2025-02-17 09:40:32 +01:00
kmsan dma: kmsan: export kmsan_handle_dma() for modules 2025-03-13 12:58:27 +01:00
backing-dev.c
balloon_compaction.c
bootmem_info.c
cma_debug.c
cma_sysfs.c
cma.c
cma.h
compaction.c NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback 2025-03-13 12:58:27 +01:00
debug_page_alloc.c
debug_page_ref.c
debug_vm_pgtable.c mm/debug_vm_pgtable: clear page table entries at destroy_args() 2025-08-28 16:28:43 +02:00
debug.c
dmapool_test.c
dmapool.c
early_ioremap.c
fadvise.c
fail_page_alloc.c
failslab.c
filemap.c mm: drop the assumption that VM_SHARED always implies writable 2025-08-28 16:28:39 +02:00
folio-compat.c
gup_test.c
gup_test.h
gup.c mm/gup: fix wrongly calculated returned value in fault_in_safe_writeable() 2025-04-25 10:45:48 +02:00
highmem.c
hmm.c mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery 2025-08-15 12:09:08 +02:00
huge_memory.c mm/huge_memory: fix dereferencing invalid pmd migration entry 2025-06-27 11:09:00 +01:00
hugetlb_cgroup.c
hugetlb_vmemmap.c
hugetlb_vmemmap.h
hugetlb.c mm/hugetlb: unshare page tables during VMA split, not before 2025-06-27 11:09:00 +01:00
hwpoison-inject.c
init-mm.c
internal.h Rename .data.once to .data..once to fix resetting WARN*_ONCE 2024-12-09 10:32:59 +01:00
interval_tree.c
io-mapping.c
ioremap.c
Kconfig
Kconfig.debug
khugepaged.c mm: khugepaged: fix call hpage_collapse_scan_file() for anonymous vma 2025-08-01 09:47:31 +01:00
kmemleak.c mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock 2025-08-28 16:28:32 +02:00
ksm.c
list_lru.c
maccess.c
madvise.c mm: drop the assumption that VM_SHARED always implies writable 2025-08-28 16:28:39 +02:00
Makefile
mapping_dirty_helpers.c
memblock.c memblock: Accept allocated memory before use in memblock_double_array() 2025-05-22 14:12:25 +02:00
memcontrol.c memcg: always call cond_resched() after fn() 2025-06-04 14:42:20 +02:00
memfd.c mm: reinstate ability to map write-sealed memfd mappings read-only 2025-08-28 16:28:39 +02:00
memory_hotplug.c hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio 2025-05-22 14:12:25 +02:00
memory-failure.c mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn 2025-08-28 16:28:43 +02:00
memory-tiers.c
memory.c mm: fix apply_to_existing_page_range() 2025-04-25 10:45:48 +02:00
mempolicy.c mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM 2024-12-14 20:00:18 +01:00
mempool.c
memremap.c
memtest.c
migrate_device.c
migrate.c mm/migrate: correct nr_failed in migrate_pages_sync() 2025-05-22 14:12:25 +02:00
mincore.c
mlock.c
mm_init.c
mm_slot.h
mmap_lock.c
mmap.c mm: reinstate ability to map write-sealed memfd mappings read-only 2025-08-28 16:28:39 +02:00
mmu_gather.c
mmu_notifier.c
mmzone.c
mprotect.c mm: refactor map_deny_write_exec() 2024-11-22 15:38:37 +01:00
mremap.c mm/mremap: correctly handle partial mremap() of VMA starting at 0 2025-04-25 10:45:31 +02:00
msync.c
nommu.c mm: add nommu variant of vm_insert_pages() 2025-03-22 12:50:44 -07:00
oom_kill.c memcg: fix soft lockup in the OOM process 2025-02-27 04:10:45 -08:00
page_alloc.c mm/page_alloc.c: avoid infinite retries caused by cpuset race 2025-06-04 14:42:20 +02:00
page_counter.c
page_ext.c
page_idle.c
page_io.c
page_isolation.c
page_owner.c
page_poison.c
page_reporting.c
page_reporting.h
page_table_check.c
page_vma_mapped.c mm: make page_mapped_in_vma() hugetlb walk aware 2025-04-25 10:45:31 +02:00
page-writeback.c mm: fix ratelimit_pages update error in dirty_ratio_handler() 2025-06-27 11:08:49 +01:00
pagewalk.c
percpu-internal.h
percpu-km.c
percpu-stats.c
percpu-vm.c
percpu.c
pgalloc-track.h
pgtable-generic.c
process_vm_access.c
ptdump.c mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() 2025-08-28 16:28:42 +02:00
readahead.c mm/readahead: fix large folio support in async readahead 2025-01-09 13:32:08 +01:00
rmap.c mm/rmap: reject hugetlb folios in folio_make_device_exclusive() 2025-04-25 10:45:31 +02:00
rodata_test.c
secretmem.c fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass 2025-07-10 16:03:18 +02:00
shmem_quota.c
shmem.c mm: update memfd seal write check to include F_SEAL_WRITE 2025-08-28 16:28:39 +02:00
show_mem.c
shrinker_debug.c
shuffle.c
shuffle.h
slab_common.c mm: krealloc: Fix MTE false alarm in __do_krealloc 2024-11-17 15:08:58 +01:00
slab.c
slab.h mm/slub: Avoid list corruption when removing a slab from the full list 2024-12-09 10:33:06 +01:00
slub.c mm: slub: avoid wake up kswapd in set_track_prepare 2025-09-09 18:56:34 +02:00
sparse-vmemmap.c
sparse.c
swap_cgroup.c
swap_slots.c
swap_state.c
swap.c mm: page_alloc: move mlocked flag clearance into free_pages_prepare() 2024-12-14 19:59:51 +01:00
swap.h
swapfile.c mm/swapfile: skip HugeTLB pages for unuse_vma 2024-10-22 15:46:21 +02:00
truncate.c
usercopy.c
userfaultfd.c
util.c
vmalloc.c mm/vmalloc: leave lazy MMU mode on PTE mapping error 2025-07-17 18:35:15 +02:00
vmpressure.c
vmscan.c mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock 2025-04-25 10:45:31 +02:00
vmstat.c vmstat: call fold_vm_zone_numa_events() before show per zone NUMA event 2024-12-09 10:33:05 +01:00
workingset.c
z3fold.c
zbud.c
zpool.c
zsmalloc.c mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n 2025-08-01 09:47:31 +01:00
zswap.c