Re: [PATCH v2] memcg: add charging of already allocated slab objects

[Shakeel Butt]

On Wed, Aug 28, 2024 at 04:25:30PM GMT, Yosry Ahmed wrote:
> On Tue, Aug 27, 2024 at 4:52 PM Shakeel Butt <shakeel.butt@xxxxxxxxx> wrote:
> >
[...]
> > +
> > +       /* Ignore KMALLOC_NORMAL cache to avoid circular dependency. */
> > +       if ((s->flags & KMALLOC_TYPE) == SLAB_KMALLOC)
> > +               return true;
> 
> Taking a step back here, why do we need this? Which circular
> dependency are we avoiding here?

commit 494c1dfe855ec1f70f89552fce5eadf4a1717552
Author: Waiman Long <longman@xxxxxxxxxx>
Date:   Mon Jun 28 19:37:38 2021 -0700

    mm: memcg/slab: create a new set of kmalloc-cg-<n> caches

    There are currently two problems in the way the objcg pointer array
    (memcg_data) in the page structure is being allocated and freed.

    On its allocation, it is possible that the allocated objcg pointer
    array comes from the same slab that requires memory accounting. If this
    happens, the slab will never become empty again as there is at least
    one object left (the obj_cgroup array) in the slab.

    When it is freed, the objcg pointer array object may be the last one
    in its slab and hence causes kfree() to be called again. With the
    right workload, the slab cache may be set up in a way that allows the
    recursive kfree() calling loop to nest deep enough to cause a kernel
    stack overflow and panic the system.
    ...