* [PATCH] mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
@ 2025-07-31 9:57 Breno Leitao
2025-08-04 10:25 ` Catalin Marinas
0 siblings, 1 reply; 2+ messages in thread
From: Breno Leitao @ 2025-07-31 9:57 UTC (permalink / raw)
To: Catalin Marinas, Andrew Morton
Cc: linux-mm, linux-kernel, netdev, kuba, stable, kernel-team,
Breno Leitao
When netpoll is enabled, calling pr_warn_once() while holding
kmemleak_lock in mem_pool_alloc() can cause a deadlock due to lock
inversion with the netconsole subsystem. This occurs because
pr_warn_once() may trigger netpoll, which eventually leads to
__alloc_skb() and back into kmemleak code, attempting to reacquire
kmemleak_lock.
This is the path for the deadlock.
mem_pool_alloc()
-> raw_spin_lock_irqsave(&kmemleak_lock, flags);
-> pr_warn_once()
-> netconsole subsystem
-> netpoll
-> __alloc_skb
-> __create_object
-> raw_spin_lock_irqsave(&kmemleak_lock, flags);
Fix this by setting a flag and issuing the pr_warn_once() after
kmemleak_lock is released.
Reported-by: Jakub Kicinski <kuba@kernel.org>
Fixes: c5665868183fec ("mm: kmemleak: use the memory pool for early allocations")
Signed-off-by: Breno Leitao <leitao@debian.org>
---
mm/kmemleak.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/mm/kmemleak.c b/mm/kmemleak.c
index 8d588e6853110..e0333455c7384 100644
--- a/mm/kmemleak.c
+++ b/mm/kmemleak.c
@@ -470,6 +470,7 @@ static struct kmemleak_object *mem_pool_alloc(gfp_t gfp)
{
unsigned long flags;
struct kmemleak_object *object;
+ bool warn = false;
/* try the slab allocator first */
if (object_cache) {
@@ -488,8 +489,10 @@ static struct kmemleak_object *mem_pool_alloc(gfp_t gfp)
else if (mem_pool_free_count)
object = &mem_pool[--mem_pool_free_count];
else
- pr_warn_once("Memory pool empty, consider increasing CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE\n");
+ warn = true;
raw_spin_unlock_irqrestore(&kmemleak_lock, flags);
+ if (warn)
+ pr_warn_once("Memory pool empty, consider increasing CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE\n");
return object;
}
---
base-commit: 260f6f4fda93c8485c8037865c941b42b9cba5d2
change-id: 20250731-kmemleak_lock-4e04743ea79e
Best regards,
--
Breno Leitao <leitao@debian.org>
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock
2025-07-31 9:57 [PATCH] mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock Breno Leitao
@ 2025-08-04 10:25 ` Catalin Marinas
0 siblings, 0 replies; 2+ messages in thread
From: Catalin Marinas @ 2025-08-04 10:25 UTC (permalink / raw)
To: Breno Leitao
Cc: Andrew Morton, linux-mm, linux-kernel, netdev, kuba, stable,
kernel-team
On Thu, Jul 31, 2025 at 02:57:18AM -0700, Breno Leitao wrote:
> When netpoll is enabled, calling pr_warn_once() while holding
> kmemleak_lock in mem_pool_alloc() can cause a deadlock due to lock
> inversion with the netconsole subsystem. This occurs because
> pr_warn_once() may trigger netpoll, which eventually leads to
> __alloc_skb() and back into kmemleak code, attempting to reacquire
> kmemleak_lock.
>
> This is the path for the deadlock.
>
> mem_pool_alloc()
> -> raw_spin_lock_irqsave(&kmemleak_lock, flags);
> -> pr_warn_once()
> -> netconsole subsystem
> -> netpoll
> -> __alloc_skb
> -> __create_object
> -> raw_spin_lock_irqsave(&kmemleak_lock, flags);
>
> Fix this by setting a flag and issuing the pr_warn_once() after
> kmemleak_lock is released.
>
> Reported-by: Jakub Kicinski <kuba@kernel.org>
> Fixes: c5665868183fec ("mm: kmemleak: use the memory pool for early allocations")
> Signed-off-by: Breno Leitao <leitao@debian.org>
I think Andrew already added this to mm-stable but, for the record:
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-08-04 10:26 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-31 9:57 [PATCH] mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock Breno Leitao
2025-08-04 10:25 ` Catalin Marinas
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).