Commit 338ad1e8 authored Feb 09, 2026 by Harry Yoo Committed by Andrew Morton Feb 12, 2026

mm/page_alloc: skip debug_check_no_{obj,locks}_freed with FPI_TRYLOCK

When CONFIG_DEBUG_OBJECTS_FREE is enabled,
debug_check_no_{obj,locks}_freed() functions are called.

Since both of them spin on a lock, they are not safe to be called if the
FPI_TRYLOCK flag is specified.  This leads to a lockdep splat:

  ================================
  WARNING: inconsistent lock state
  6.19.0-rc5-slab-for-next+ #326 Tainted: G                 N
  --------------------------------
  inconsistent {INITIAL USE} -> {IN-NMI} usage.
  kunit_try_catch/9046 [HC2[2]:SC0[0]:HE0:SE1] takes:
  ffffffff84ed6bf8 (&obj_hash[i].lock){-.-.}-{2:2}, at: __debug_check_no_obj_freed+0xe0/0x300
  {INITIAL USE} state was registered at:
    lock_acquire+0xd9/0x2f0
    _raw_spin_lock_irqsave+0x4c/0x80
    __debug_object_init+0x9d/0x1f0
    debug_object_init+0x34/0x50
    __init_work+0x28/0x40
    init_cgroup_housekeeping+0x151/0x210
    init_cgroup_root+0x3d/0x140
    cgroup_init_early+0x30/0x240
    start_kernel+0x3e/0xcd0
    x86_64_start_reservations+0x18/0x30
    x86_64_start_kernel+0xf3/0x140
    common_startup_64+0x13e/0x148
  irq event stamp: 2998
  hardirqs last  enabled at (2997): [<ffffffff8298b77a>] exc_nmi+0x11a/0x240
  hardirqs last disabled at (2998): [<ffffffff8298b991>] sysvec_irq_work+0x11/0x110
  softirqs last  enabled at (1416): [<ffffffff813c1f72>] __irq_exit_rcu+0x132/0x1c0
  softirqs last disabled at (1303): [<ffffffff813c1f72>] __irq_exit_rcu+0x132/0x1c0

  other info that might help us debug this:
   Possible unsafe locking scenario:

         CPU0
         ----
    lock(&obj_hash[i].lock);
    <Interrupt>
      lock(&obj_hash[i].lock);

   *** DEADLOCK ***

Rename free_pages_prepare() to __free_pages_prepare(), add an fpi_t
parameter, and skip those checks if FPI_TRYLOCK is set.  To keep the fpi_t
definition in mm/page_alloc.c, add a wrapper function free_pages_prepare()
that always passes FPI_NONE and use it in mm/compaction.c.

Link: https://lkml.kernel.org/r/20260209062639.16577-1-harry.yoo@oracle.com


Fixes: 8c57b687 ("mm, bpf: Introduce free_pages_nolock()")
Signed-off-by: Harry Yoo <harry.yoo@oracle.com>
Reviewed-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Zi Yan <ziy@nvidia.com>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Brendan Jackman <jackmanb@google.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: Shakeel Butt <shakeel.butt@linux.dev>
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

parent 1d3f9bb4

mm/page_alloc.c

+11 −6

Original line number	Diff line number	Diff line
		@@ -1340,8 +1340,8 @@ static inline void pgalloc_tag_sub_pages(struct alloc_tag *tag, unsigned int nr)

		#endif /* CONFIG_MEM_ALLOC_PROFILING */

		__always_inline bool free_pages_prepare(struct page *page,
		unsigned int order)
		__always_inline bool __free_pages_prepare(struct page *page,
		unsigned int order, fpi_t fpi_flags)
		{
		int bad = 0;
		bool skip_kasan_poison = should_skip_kasan_poison(page);
		@@ -1434,7 +1434,7 @@ __always_inline bool free_pages_prepare(struct page *page,
		page_table_check_free(page, order);
		pgalloc_tag_sub(page, 1 << order);

		if (!PageHighMem(page)) {
		if (!PageHighMem(page) && !(fpi_flags & FPI_TRYLOCK)) {
		debug_check_no_locks_freed(page_address(page),
		PAGE_SIZE << order);
		debug_check_no_obj_freed(page_address(page),
		@@ -1473,6 +1473,11 @@ __always_inline bool free_pages_prepare(struct page *page,
		return true;
		}

		bool free_pages_prepare(struct page *page, unsigned int order)
		{
		return __free_pages_prepare(page, order, FPI_NONE);
		}

		/*
		* Frees a number of pages from the PCP lists
		* Assumes all pages on list are in same zone.
		@@ -1606,7 +1611,7 @@ static void __free_pages_ok(struct page *page, unsigned int order,
		unsigned long pfn = page_to_pfn(page);
		struct zone *zone = page_zone(page);

		if (free_pages_prepare(page, order))
		if (__free_pages_prepare(page, order, fpi_flags))
		free_one_page(zone, page, pfn, order, fpi_flags);
		}

		@@ -2970,7 +2975,7 @@ static void __free_frozen_pages(struct page *page, unsigned int order,
		return;
		}

		if (!free_pages_prepare(page, order))
		if (!__free_pages_prepare(page, order, fpi_flags))
		return;

		/*
		@@ -3027,7 +3032,7 @@ void free_unref_folios(struct folio_batch *folios)
		unsigned long pfn = folio_pfn(folio);
		unsigned int order = folio_order(folio);

		if (!free_pages_prepare(&folio->page, order))
		if (!__free_pages_prepare(&folio->page, order, FPI_NONE))
		continue;
		/*
		* Free orders not handled on the PCP directly to the