| Message ID | 20250418061459.3898802-1-quic_zhenhuah@quicinc.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | mm, slab: clean up slab->obj_exts always | expand |
On Fri, Apr 18, 2025 at 02:14:59PM +0800, Zhenhua Huang wrote: > When memory allocation profiling is disabled at runtime or due to an > error, shutdown_mem_profiling() is called: slab->obj_exts which > previously allocated remains. > It won't be cleared by unaccount_slab() because of > mem_alloc_profiling_enabled() not true. It's incorrect, slab->obj_exts > should always be cleaned up in unaccount_slab() to avoid following error: > > [...]BUG: Bad page state in process... > .. > [...]page dumped because: page still charged to cgroup > > Fixes: 21c690a349baa ("mm: introduce slabobj_ext to support slab object extensions") > Signed-off-by: Zhenhua Huang <quic_zhenhuah@quicinc.com> > --- Acked-by: Harry Yoo <harry.yoo@oracle.com> I reproduced the issue locally and confirmed that this patch fixes the issue. Tested-by: Harry Yoo <harry.yoo@oracle.com> By the way, I think this should probably be backported to -stable?
diff --git a/mm/slub.c b/mm/slub.c index dac149df1be1..b42ce3a88806 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -2023,7 +2023,7 @@ int alloc_slab_obj_exts(struct slab *slab, struct kmem_cache *s, return 0; } -/* Should be called only if mem_alloc_profiling_enabled() */ +/* Should be called if slab_obj_exts(slab) */ static noinline void free_slab_obj_exts(struct slab *slab) { struct slabobj_ext *obj_exts; @@ -2592,7 +2592,11 @@ static __always_inline void account_slab(struct slab *slab, int order, static __always_inline void unaccount_slab(struct slab *slab, int order, struct kmem_cache *s) { - if (memcg_kmem_online() || need_slab_obj_ext()) + /* + * The slab object extensions should now be freed regardless of + * whether mem_alloc_profiling_enabled() or not now. + */ + if (memcg_kmem_online() || slab_obj_exts(slab)) free_slab_obj_exts(slab); mod_node_page_state(slab_pgdat(slab), cache_vmstat_idx(s),
When memory allocation profiling is disabled at runtime or due to an error, shutdown_mem_profiling() is called: slab->obj_exts which previously allocated remains. It won't be cleared by unaccount_slab() because of mem_alloc_profiling_enabled() not true. It's incorrect, slab->obj_exts should always be cleaned up in unaccount_slab() to avoid following error: [...]BUG: Bad page state in process... .. [...]page dumped because: page still charged to cgroup Fixes: 21c690a349baa ("mm: introduce slabobj_ext to support slab object extensions") Signed-off-by: Zhenhua Huang <quic_zhenhuah@quicinc.com> --- mm/slub.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-)