From nobody Mon Jun 8 04:24:57 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CE2B23EB818 for ; Tue, 2 Jun 2026 14:40:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780411220; cv=none; b=QVYiP3IW+GVSEM2zU5F7ySji6DzpkBzb9JdYSpiLyQNAhjLyVZpsRGLmcDrqotNR3XeEDZ+K3pYrR8qkZUScUnbKcsJIC4X51DZRq81GCrHPy6GORC1r+1cR3IChAtP66XS65bCwGio0l0mlmdwxWZt8zeZyTDtECX2rgZOReoE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780411220; c=relaxed/simple; bh=sBWoZ3SKC/1NkQYLnJVTTxIF18yrNDCqqnXBy6kdNhY=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=knsEQVKDHpURYgHyF7QIhUXbNgX29q+ykUjGUw5xVaE+y1IxCjcG3uo7x8LB//Xa49x17qB8vbVCc84YOLE6mPr3FoJcyrpPHI4lZdKasHJSCjaglBRFgL6gY7D04d5bARlKIODzPpOqfHFpHca9f5nrgIcQwlRT6PZxOdqsFMA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=gPhNMW9T; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="gPhNMW9T" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1780411217; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=nomuFXsH5SpGTaPWbKrodzxBcYP11ZQhOkwNWmKtJAA=; b=gPhNMW9TVFzzbONEY6kcS4dcCVND7/6mL/GwBXlr+WMX27Nl/w6WbaxGw81UZs27hRLGbY iUQBGUvsLJ40n0o64DheG7J4KJ5psTJrRfTZQ0mU2Tbvs3meXlL8gvLWddvpeygPxuM2q7 eIshnvrD4UuLoSyb67yCMSmleA5B1hA= Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-610-9E9xbEyENdmwu_OLwS6hoA-1; Tue, 02 Jun 2026 10:40:14 -0400 X-MC-Unique: 9E9xbEyENdmwu_OLwS6hoA-1 X-Mimecast-MFC-AGG-ID: 9E9xbEyENdmwu_OLwS6hoA_1780411213 Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 97AEF195608B; Tue, 2 Jun 2026 14:40:12 +0000 (UTC) Received: from llong-thinkpadp16vgen1.westford.csb (unknown [10.22.80.32]) by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 9E65C18004A3; Tue, 2 Jun 2026 14:40:09 +0000 (UTC) From: Waiman Long To: Ingo Molnar , Peter Zijlstra , Juri Lelli , Vincent Guittot , Dietmar Eggemann , Steven Rostedt , Ben Segall , Mel Gorman , Valentin Schneider , K Prateek Nayak , Frederic Weisbecker Cc: linux-kernel@vger.kernel.org, Waiman Long Subject: [PATCH v2] sched/isolation: Postpone re-allocation of housekeeping cpumask until initcall Date: Tue, 2 Jun 2026 10:39:51 -0400 Message-ID: <20260602143951.266768-1-longman@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93 Content-Type: text/plain; charset="utf-8" When testing a linux-next kernel with commit 59bd1d914bb5 ("memblock: warn when freeing reserved memory before memory map is initialized"), the following warning was hit when there was a "nohz_full" kernel boot parameter. Cannot free reserved memory because of deferred initialization of the mem= ory map WARNING: mm/memblock.c:904 at __free_reserved_area+0xde/0xf0, CPU#0: swap= per/0/0 : Call Trace: memblock_phys_free+0xcb/0x100 housekeeping_init+0x14c/0x170 start_kernel+0x207/0x450 x86_64_start_reservations+0x24/0x30 x86_64_start_kernel+0xda/0xe0 common_startup_64+0x13e/0x141 IOW, we shouldn't free memblock allocated memory so early in the boot process when memory map isn't fully initialized in deferred_init_memmap(). Fix it by adding a new housekeeping_late_init() helper to defer the re-allocation of the housekeeping cpumasks to when initcall's are being processed. Also change rcu_reference() by rcu_reference_check() to prevent incorrect RCU lockdep splat as RCU will be active in this later boot stage. This commit also depends on the presence of commit 7c2eee9c1367 ("memblock: don't touch memblock arrays when memblock_free() is called late") to prevent a KASAN UAF bug report [1]. [1] https://lore.kernel.org/lkml/20260505051821.1107133-1-longman@redhat.c= om/ Fixes: 27c3a5967f05 ("sched/isolation: Convert housekeeping cpumasks to rcu= pointers") Signed-off-by: Waiman Long --- kernel/sched/isolation.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/kernel/sched/isolation.c b/kernel/sched/isolation.c index ef152d401fe2..a947d75b43f1 100644 --- a/kernel/sched/isolation.c +++ b/kernel/sched/isolation.c @@ -164,8 +164,6 @@ int housekeeping_update(struct cpumask *isol_mask) =20 void __init housekeeping_init(void) { - enum hk_type type; - if (!housekeeping.flags) return; =20 @@ -173,17 +171,27 @@ void __init housekeeping_init(void) =20 if (housekeeping.flags & HK_FLAG_KERNEL_NOISE) sched_tick_offload_init(); +} + +static int __init housekeeping_late_init(void) +{ + enum hk_type type; + + if (!housekeeping.flags) + return 0; + /* * Realloc with a proper allocator so that any cpumask update - * can indifferently free the old version with kfree(). + * can indifferently free the old version with kfree(). This + * should be done after the completion of deferred_init_memmap(). */ for_each_set_bit(type, &housekeeping.flags, HK_TYPE_MAX) { struct cpumask *omask, *nmask =3D kmalloc(cpumask_size(), GFP_KERNEL); =20 if (WARN_ON_ONCE(!nmask)) - return; + return 0; =20 - omask =3D rcu_dereference(housekeeping.cpumasks[type]); + omask =3D rcu_dereference_check(housekeeping.cpumasks[type], 1); =20 /* We need at least one CPU to handle housekeeping work */ WARN_ON_ONCE(cpumask_empty(omask)); @@ -191,7 +199,9 @@ void __init housekeeping_init(void) RCU_INIT_POINTER(housekeeping.cpumasks[type], nmask); memblock_free(omask, cpumask_size()); } + return 0; } +pure_initcall(housekeeping_late_init); =20 static void __init housekeeping_setup_type(enum hk_type type, cpumask_var_t housekeeping_staging) --=20 2.54.0