Re: [PATCH v4 4/4] mm/percpu: Avoid IO/FS reclaim in backing allocations
From: Michal Hocko
Date: Thu Jun 18 2026 - 14:04:31 EST
On Thu 18-06-26 21:04:14, Kaitao Cheng wrote:
> From: Kaitao Cheng <chengkaitao@xxxxxxxxxx>
>
> Commit 9a5b183941b5 ("mm, percpu: do not consider sleepable
> allocations atomic") allows sleepable GFP_NOIO and GFP_NOFS percpu
> allocations to take pcpu_alloc_mutex. This avoids premature allocation
> failures, but it also makes the mutex visible to callers from constrained
> IO/FS contexts.
>
> Thread A calls pcpu_alloc_noprof() with GFP_KERNEL and takes
> pcpu_alloc_mutex. Since the internal allocation is not constrained by
> NOFS, it may enter FS reclaim while still holding pcpu_alloc_mutex,
> creating a dependency like: pcpu_alloc_mutex -> fs_reclaim -> FS lock
>
> At the same time, Thread B may already hold an FS lock and then call
> pcpu_alloc_noprof() with GFP_NOFS. It will try to acquire
> pcpu_alloc_mutex and block, creating the reverse dependency:
> FS lock -> pcpu_alloc_mutex
>
> This can still form a potential deadlock cycle.
>
> Avoid the dependency by restricting percpu backing allocations to GFP_NOIO.
> The public allocation still uses the caller's GFP context to decide whether
> it may block, but the internal memory allocations performed while
> pcpu_alloc_mutex is held cannot recurse into IO or FS reclaim.
>
> Fixes: 9a5b183941b5 ("mm, percpu: do not consider sleepable allocations atomic")
> Signed-off-by: Kaitao Cheng <chengkaitao@xxxxxxxxxx>
This seems like the only viable short term fix but long term it would be
really better to make allocations outside of the lock.
Acked-by: Michal Hocko <mhocko@xxxxxxxx>
Minor nit
> @@ -1749,8 +1748,17 @@ void __percpu *pcpu_alloc_noprof(size_t size, size_t align, bool reserved,
> size_t bits, bit_align;
>
> gfp = current_gfp_context(gfp);
> - /* whitelisted flags that can be passed to the backing allocators */
> - pcpu_gfp = gfp & (GFP_KERNEL | __GFP_NORETRY | __GFP_NOWARN);
> + /*
> + * Allowlisted flags that can be passed to the backing allocators.
> + * Backing allocations under pcpu_alloc_mutex must not recurse into
> + * IO/FS reclaim. Otherwise a GFP_KERNEL caller holding the mutex can
> + * block on reclaim while a GFP_NOIO/NOFS caller holding an IO/FS lock
> + * waits for the same mutex.
> + *
> + * Do not pass __GFP_NOFAIL. A small percpu allocation may need many
> + * backing pages, making nofail reclaim too costly under NOIO/NOFS.
> + */
> + pcpu_gfp = gfp & (GFP_NOIO | __GFP_NORETRY | __GFP_NOWARN);
GFP_NOIO, NOFS are negative masks in the sense that that are lacking
flags so the overal intention would be more readable IMHO in the
following form
pcpu_gfp = gfp & (GFP_KERNEL | __GFP_NORETRY | __GFP_NOWARN)
pcpu_gfp &= ~(__GFP_IO | __GFP_FS)
> is_atomic = !gfpflags_allow_blocking(gfp);
> do_warn = !(gfp & __GFP_NOWARN);
>
> --
> 2.50.1 (Apple Git-155)
--
Michal Hocko
SUSE Labs