| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Z7ySPC32oKBccunx@kbusch-mbp> Date: Mon, 24 Feb 2025 08:37:32 -0700 From: Keith Busch <kbusch@...nel.org> To: Uladzislau Rezki <urezki@...il.com> Cc: Vlastimil Babka <vbabka@...e.cz>, "Paul E. McKenney" <paulmck@...nel.org>, Joel Fernandes <joel@...lfernandes.org>, Josh Triplett <josh@...htriplett.org>, Boqun Feng <boqun.feng@...il.com>, Christoph Lameter <cl@...ux.com>, David Rientjes <rientjes@...gle.com>, Steven Rostedt <rostedt@...dmis.org>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, Lai Jiangshan <jiangshanlai@...il.com>, Zqiang <qiang.zhang1211@...il.com>, Julia Lawall <Julia.Lawall@...ia.fr>, Jakub Kicinski <kuba@...nel.org>, "Jason A. Donenfeld" <Jason@...c4.com>, Andrew Morton <akpm@...ux-foundation.org>, Roman Gushchin <roman.gushchin@...ux.dev>, Hyeonggon Yoo <42.hyeyoo@...il.com>, linux-mm@...ck.org, linux-kernel@...r.kernel.org, rcu@...r.kernel.org, Alexander Potapenko <glider@...gle.com>, Marco Elver <elver@...gle.com>, Dmitry Vyukov <dvyukov@...gle.com>, kasan-dev@...glegroups.com, Jann Horn <jannh@...gle.com>, Mateusz Guzik <mjguzik@...il.com>, linux-nvme@...ts.infradead.org, leitao@...ian.org Subject: Re: [PATCH v2 6/7] mm, slab: call kvfree_rcu_barrier() from kmem_cache_destroy() On Mon, Feb 24, 2025 at 12:44:46PM +0100, Uladzislau Rezki wrote: > On Fri, Feb 21, 2025 at 06:28:49PM +0100, Vlastimil Babka wrote: > > > > > > The warning indicates that this shouldn't be called from a > > > WQ_MEM_RECLAIM workqueue. This workqueue is responsible for bringing up > > > and tearing down block devices, so this is a memory reclaim use AIUI. > > > I'm a bit confused why we can't tear down a disk from within a memory > > > reclaim workqueue. Is the recommended solution to simply remove the WQ > > > flag when creating the workqueue? > > > > I think it's reasonable to expect a memory reclaim related action would > > destroy a kmem cache. Mateusz's suggestion would work around the issue, but > > then we could get another surprising warning elsewhere. Also making the > > kmem_cache destroys async can be tricky when a recreation happens > > immediately under the same name (implications with sysfs/debugfs etc). We > > managed to make the destroying synchronous as part of this series and it > > would be great to keep it that way. > > > > > ------------[ cut here ]------------ > > > workqueue: WQ_MEM_RECLAIM nvme-wq:nvme_scan_work is flushing !WQ_MEM_RECLAIM events_unbound:kfree_rcu_work > > > > Maybe instead kfree_rcu_work should be using a WQ_MEM_RECLAIM workqueue? It > > is after all freeing memory. Ulad, what do you think? > > > We reclaim memory, therefore WQ_MEM_RECLAIM seems what we need. > AFAIR, there is an extra rescue worker, which can really help > under a low memory condition in a way that we do a progress. > > Do we have a reproducer of mentioned splat? We're observing this happen in production, and I'm trying to get more details on what is going on there. The stack trace says that the nvme controller deleted a namespace, and it happens to also be the last disk that drops the slab's final ref, which deletes the kmem_cache. I think this must be part of some automated reimaging process, as the disk is immediately recreated followed by a kexec. Trying to manually recreate this hasn't been successful so far because it's never the last disk on my test machines, so I'm always seeing a non-zero ref when deleting namespaces from this nvme workqueue.
Powered by blists - more mailing lists