From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-alma10-1.taild15c8.ts.net [100.103.45.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E14EE337B81 for ; Thu, 2 Jul 2026 04:09:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=100.103.45.18 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782965382; cv=none; b=BayZHkrroP4iy0l6LRdBfYrc4JgYeeybAksp83n8MAdlPIPsHKRY5AfbZ1baN+NS3ZsJ8HnCym1JgOWHeoIj5db9yA4yX0bc+olV0D+4sthnQQZ2PiCoo4faB7WLLNN8A4pgVATKqhLkT/vcttMTvWKbjVXi94LOu56GuhVgJM0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782965382; c=relaxed/simple; bh=z6xVylOMvQqumqKqaC8vXqujT7NHvwNPi96YjJxwIxc=; h=From:Subject:Date:Message-Id:MIME-Version:Content-Type:To:Cc; b=VL2CMATE1zTNla1TPiGYKkQA9bCjYudH7NX4vQ8BC9cRIpOjgNXPXfRugPeW6W9WedTA81BQhmDPxwvfegNXXYStrS2sxpCX8rZAH+a8FcY6y434Wm9yaxzvaucZrnnxXidpswU6JDVQn3sbwcnU4nvw47o6j1itJBHlDdpW2Ro= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=D9HPnQmm; arc=none smtp.client-ip=100.103.45.18 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="D9HPnQmm" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 313B41F000E9; Thu, 2 Jul 2026 04:09:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel.org; s=k20260515; t=1782965381; bh=Oj7NFQlSbbAZMQoWjaYnY1ATu/1WSHdkKk61vADq3lg=; h=From:Subject:Date:To:Cc; b=D9HPnQmmawuslUQ7TDPLZhALL1EAO3wxuK6n/tLpm8RyY4ZPF1RZsnDxImSkJVanP jQpWwGSKLInFj78BhmWh8TqG4Ch6z5e3h9XAFBKFuO4aUKr2H6nfBGNtKrrISftctj 8ptHtMO/0NXE0tpyP8m2q7XtOH4b/fyzBRESs0J7Hz42BqQ5hamBqBa4HEmfkbaik3 0JCeK5rSmK4tfw99Umz+KCwfJ1ZNKDZFeZmJlCuKUwNPHYr3qBbKLO4EykAtGcuqbM ZpAanyp53c7DW9oVP7NJebg0L/MYrGMUCytNZLeTOd947nVZTOTAz+q5WdGPvuP9xy VVn4Doj7v4gHw== From: "Harry Yoo (Oracle)" Subject: [PATCH RFC hotfixes 0/2] mm/slab: fix unbounded recursion in free path with memalloc profiling Date: Thu, 02 Jul 2026 13:09:23 +0900 Message-Id: <20260702-kmalloc-no-objext-v1-0-167175008538@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-B4-Tracking: v=1; b=H4sIAAAAAAAC/6tWKk4tykwtVrJSqFYqSi3LLM7MzwNyDHUUlJIzE vPSU3UzU4B8JSMDIzMDcwMj3ezcxJyc/GTdvHzd/KSs1IoSXSMzQ8tkw1QDMwMLYyWgvoKi1LT MCrCZ0UpBbs4KGfklEIHY2loAneDau3EAAAA= X-Change-ID: 20260702-kmalloc-no-objext-2619c1e06083 To: Vlastimil Babka , Andrew Morton , Hao Li , Christoph Lameter , David Rientjes , Roman Gushchin , Suren Baghdasaryan , Hao Ge , Kees Cook , Pedro Falcato , Shakeel Butt , Danielle Constantino Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, "Harry Yoo (Oracle)" X-Mailer: b4 0.14.3 This is a follow-up fix after the recent discussion [1]. Based on slab/for-next (b0b6ec46e025f) and available at git.kernel.org [2]. Instead preventing cycles by bumping up the allocation size of obj_exts arrays, it introduces a new kmalloc type called KMALLOC_NO_OBJ_EXT and disallow formation of cycles between kmalloc types when allocating obj_exts arrays. obj_exts arrays of normal kmalloc caches are served from KMALLOC_NO_OBJ_EXT caches (that don't have obj_exts), and all other obj_exts arrays are served from normal kmalloc caches. I tried to reuse SLAB_ALLOC_NO_RECURSE to make kmalloc_slab() select KMALLOC_NO_OBJ_EXT, but it was not great because it does not allow sheaves for those caches. So I introduced a new slab alloc flag SLAB_ALLOC_NO_OBJ_EXT. To avoid huge confusion, I had to decouple "disallowing sheaves" semantics from SLAB_NO_OBJ_EXT and introduced SLAB_NO_SHEAVES. While this cannot be directly backported to v6.18 and v6.12 due to lack of SLAB_ALLOC_* flags and kmalloc_flags(), I don't this will be particularily challenging to backport it. Instead of a new slab alloc flag, we can use __GFP_NO_OBJ_EXT to select KMALLOC_NO_OBJ_EXT as kmalloc caches don't have sheaves in v6.18 anyway. [1] https://lore.kernel.org/linux-mm/9a139365-28e6-4f1e-b35b-7f6091e9aa14@kernel.org [2] https://git.kernel.org/pub/scm/linux/kernel/git/harry/linux.git/log/?h=kmalloc-no-objext-rfc-v1r3 Signed-off-by: Harry Yoo (Oracle) --- Harry Yoo (Oracle) (2): mm/slab: decouple SLAB_NO_SHEAVES from SLAB_NO_OBJ_EXT mm/slab: prevent unbounded recursion in free path with new kmalloc type include/linux/slab.h | 16 +++++++-- mm/slab.h | 17 ++++++++-- mm/slab_common.c | 18 +++++++++- mm/slub.c | 93 ++++++++++++++++++++++------------------------------ 4 files changed, 85 insertions(+), 59 deletions(-) --- base-commit: b0b6ec46e025fd46c344915a42bc535d9b15a1fb change-id: 20260702-kmalloc-no-objext-2619c1e06083 Best regards, -- Harry Yoo (Oracle)