* [PATCH] sched: rcu: fix rq->{curr,donor} address space annotations
@ 2026-02-14 10:20 Sun Jian
2026-02-14 19:44 ` kernel test robot
2026-02-20 19:33 ` [PATCH v2] " Sun Jian
0 siblings, 2 replies; 7+ messages in thread
From: Sun Jian @ 2026-02-14 10:20 UTC (permalink / raw)
To: mingo, peterz, juri.lelli, vincent.guittot
Cc: dietmar.eggemann, rostedt, bsegall, mgorman, vschneid, nathan,
nick.desaulniers+lkml, morbo, justinstitt, linux-kernel, llvm,
Sun Jian
With CONFIG_SCHED_PROXY_EXEC, struct rq::curr and rq::donor are
annotated as __rcu. Several call sites access these pointers as
plain struct task_struct * even while the relevant rq lock is held,
which triggers address space warnings from static checkers.
Fix these sites by:
- using rcu_dereference_protected() under rq locks and then reusing a local
pointer; and
- using rcu_access_pointer() for address-only comparisons.
No functional change intended.
Note: the __schedule() prev assignment cleanup is intentionally left out
and will be handled separately.
Build/verify:
make -j$(nproc) O=../out/full-clang-x86_64 LLVM=1 kernel/sched/core.o
make -j$(nproc) O=../out/full-clang-x86_64 LLVM=1 C=2 CHECK=sparse \
kernel/sched/core.o
Signed-off-by: Sun Jian <sun.jian.kdev@gmail.com>
---
kernel/sched/core.c | 73 +++++++++++++++++++++++++++++++-------------
kernel/sched/pelt.h | 5 ++-
kernel/sched/sched.h | 19 ++++++------
3 files changed, 64 insertions(+), 33 deletions(-)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index 759777694c78..a1a3b2816a46 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -330,7 +330,8 @@ void sched_core_dequeue(struct rq *rq, struct task_struct *p, int flags)
* and re-examine whether the core is still in forced idle state.
*/
if (!(flags & DEQUEUE_SAVE) && rq->nr_running == 1 &&
- rq->core->core_forceidle_count && rq->curr == rq->idle)
+ rq->core->core_forceidle_count &&
+ rcu_access_pointer(rq->curr) == rq->idle)
resched_curr(rq);
}
@@ -891,7 +892,12 @@ static enum hrtimer_restart hrtick(struct hrtimer *timer)
rq_lock(rq, &rf);
update_rq_clock(rq);
- rq->donor->sched_class->task_tick(rq, rq->donor, 1);
+ {
+ struct task_struct *donor =
+ rcu_dereference_protected(rq->donor,
+ lockdep_is_held(__rq_lockp(rq)));
+ donor->sched_class->task_tick(rq, donor, 1);
+ }
rq_unlock(rq, &rf);
return HRTIMER_NORESTART;
@@ -1111,7 +1117,9 @@ void wake_up_q(struct wake_q_head *head)
*/
static void __resched_curr(struct rq *rq, int tif)
{
- struct task_struct *curr = rq->curr;
+ struct task_struct *curr =
+ rcu_dereference_protected(rq->curr,
+ lockdep_is_held(__rq_lockp(rq)));
struct thread_info *cti = task_thread_info(curr);
int cpu;
@@ -1218,7 +1226,8 @@ int get_nohz_timer_target(void)
guard(rcu)();
- for_each_domain(cpu, sd) {
+ sd = rcu_dereference(cpu_rq(cpu)->sd);
+ for (; sd; sd = rcu_dereference(sd->parent)) {
for_each_cpu_and(i, sched_domain_span(sd), hk_mask) {
if (cpu == i)
continue;
@@ -2179,12 +2188,15 @@ static void block_task(struct rq *rq, struct task_struct *p, int flags)
*/
inline int task_curr(const struct task_struct *p)
{
- return cpu_curr(task_cpu(p)) == p;
+ return rcu_access_pointer(cpu_curr(task_cpu(p))) == p;
}
void wakeup_preempt(struct rq *rq, struct task_struct *p, int flags)
{
- struct task_struct *donor = rq->donor;
+ struct task_struct *donor =
+ rcu_dereference_protected(rq->donor, lockdep_is_held(__rq_lockp(rq)));
+ struct task_struct *curr =
+ rcu_dereference_protected(rq->curr, lockdep_is_held(__rq_lockp(rq)));
if (p->sched_class == rq->next_class) {
rq->next_class->wakeup_preempt(rq, p, flags);
@@ -2199,7 +2211,7 @@ void wakeup_preempt(struct rq *rq, struct task_struct *p, int flags)
* A queue event has occurred, and we're going to schedule. In
* this case, we can save a useless back to back clock update.
*/
- if (task_on_rq_queued(donor) && test_tsk_need_resched(rq->curr))
+ if (task_on_rq_queued(donor) && test_tsk_need_resched(curr))
rq_clock_skip_update(rq);
}
@@ -3604,7 +3616,9 @@ ttwu_stat(struct task_struct *p, int cpu, int wake_flags)
__schedstat_inc(p->stats.nr_wakeups_remote);
guard(rcu)();
- for_each_domain(rq->cpu, sd) {
+
+ sd = rcu_dereference(rq->sd);
+ for (; sd; sd = rcu_dereference(sd->parent)) {
if (cpumask_test_cpu(cpu, sched_domain_span(sd))) {
__schedstat_inc(sd->ttwu_wake_remote);
break;
@@ -3809,7 +3823,8 @@ void wake_up_if_idle(int cpu)
guard(rcu)();
if (is_idle_task(rcu_dereference(rq->curr))) {
guard(rq_lock_irqsave)(rq);
- if (is_idle_task(rq->curr))
+ if (is_idle_task(rcu_dereference_protected(rq->curr,
+ lockdep_is_held(__rq_lockp(rq)))))
resched_curr(rq);
}
}
@@ -5556,7 +5571,8 @@ void sched_tick(void)
sched_clock_tick();
rq_lock(rq, &rf);
- donor = rq->donor;
+ donor = rcu_dereference_protected(rq->donor,
+ lockdep_is_held(__rq_lockp(rq)));
psi_account_irqtime(rq, donor, NULL);
@@ -5644,7 +5660,10 @@ static void sched_tick_remote(struct work_struct *work)
*/
if (tick_nohz_tick_stopped_cpu(cpu)) {
guard(rq_lock_irq)(rq);
- struct task_struct *curr = rq->curr;
+ struct task_struct *curr =
+ rcu_dereference_protected(rq->curr, lockdep_is_held(__rq_lockp(rq)));
+ struct task_struct *donor =
+ rcu_dereference_protected(rq->donor, lockdep_is_held(__rq_lockp(rq)));
if (cpu_online(cpu)) {
/*
@@ -5652,7 +5671,7 @@ static void sched_tick_remote(struct work_struct *work)
* we are always sure that there is no proxy (only a
* single task is running).
*/
- WARN_ON_ONCE(rq->curr != rq->donor);
+ WARN_ON_ONCE(curr != donor);
update_rq_clock(rq);
if (!is_idle_task(curr)) {
@@ -6845,7 +6864,12 @@ static void __sched notrace __schedule(int sched_mode)
}
pick_again:
- next = pick_next_task(rq, rq->donor, &rf);
+ {
+ struct task_struct *donor =
+ rcu_dereference_protected(rq->donor,
+ lockdep_is_held(__rq_lockp(rq)));
+ next = pick_next_task(rq, donor, &rf);
+ }
rq_set_donor(rq, next);
rq->next_class = next->sched_class;
if (unlikely(task_is_blocked(next))) {
@@ -7352,7 +7376,7 @@ void rt_mutex_setprio(struct task_struct *p, struct task_struct *pi_task)
* real need to boost.
*/
if (unlikely(p == rq->idle)) {
- WARN_ON(p != rq->curr);
+ WARN_ON(p != rcu_access_pointer(rq->curr));
WARN_ON(p->pi_blocked_on);
goto out_unlock;
}
@@ -8116,7 +8140,9 @@ static DEFINE_PER_CPU(struct cpu_stop_work, push_work);
static void balance_push(struct rq *rq)
__must_hold(__rq_lockp(rq))
{
- struct task_struct *push_task = rq->curr;
+ struct task_struct *push_task =
+ rcu_dereference_protected(rq->curr,
+ lockdep_is_held(__rq_lockp(rq)));
lockdep_assert_rq_held(rq);
@@ -10272,7 +10298,7 @@ void dump_cpu_task(int cpu)
return;
pr_info("Task dump for CPU %d:\n", cpu);
- sched_show_task(cpu_curr(cpu));
+ sched_show_task(rcu_access_pointer(cpu_curr(cpu)));
}
/*
@@ -10583,24 +10609,27 @@ static void mm_cid_fixup_cpus_to_tasks(struct mm_struct *mm)
/* Remote access to mm::mm_cid::pcpu requires rq_lock */
guard(rq_lock_irq)(rq);
+
+ struct task_struct *curr =
+ rcu_dereference_protected(rq->curr, lockdep_is_held(__rq_lockp(rq)));
/* Is the CID still owned by the CPU? */
if (cid_on_cpu(pcp->cid)) {
/*
* If rq->curr has @mm, transfer it with the
* transition bit set. Otherwise drop it.
*/
- if (rq->curr->mm == mm && rq->curr->mm_cid.active)
- mm_cid_transit_to_task(rq->curr, pcp);
+ if (curr->mm == mm && curr->mm_cid.active)
+ mm_cid_transit_to_task(curr, pcp);
else
mm_drop_cid_on_cpu(mm, pcp);
- } else if (rq->curr->mm == mm && rq->curr->mm_cid.active) {
- unsigned int cid = rq->curr->mm_cid.cid;
+ } else if (curr->mm == mm && curr->mm_cid.active) {
+ unsigned int cid = curr->mm_cid.cid;
/* Ensure it has the transition bit set */
if (!cid_in_transit(cid)) {
cid = cid_to_transit_cid(cid);
- rq->curr->mm_cid.cid = cid;
+ curr->mm_cid.cid = cid;
pcp->cid = cid;
}
}
@@ -10625,7 +10654,7 @@ static bool mm_cid_fixup_task_to_cpu(struct task_struct *t, struct mm_struct *mm
return false;
if (cid_on_task(t->mm_cid.cid)) {
/* If running on the CPU, put the CID in transit mode, otherwise drop it */
- if (task_rq(t)->curr == t)
+ if (rcu_access_pointer(task_rq(t)->curr) == t)
mm_cid_transit_to_cpu(t, per_cpu_ptr(mm->mm_cid.pcpu, task_cpu(t)));
else
mm_unset_cid_on_task(t);
diff --git a/kernel/sched/pelt.h b/kernel/sched/pelt.h
index f921302dc40f..eb84e92d717c 100644
--- a/kernel/sched/pelt.h
+++ b/kernel/sched/pelt.h
@@ -99,7 +99,10 @@ static inline void _update_idle_rq_clock_pelt(struct rq *rq)
*/
static inline void update_rq_clock_pelt(struct rq *rq, s64 delta)
{
- if (unlikely(is_idle_task(rq->curr))) {
+ struct task_struct *curr =
+ rcu_dereference_protected(rq->curr,
+ lockdep_is_held(__rq_lockp(rq)));
+ if (unlikely(is_idle_task(curr))) {
_update_idle_rq_clock_pelt(rq);
return;
}
diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h
index b82fb70a9d54..ed0134e2df55 100644
--- a/kernel/sched/sched.h
+++ b/kernel/sched/sched.h
@@ -1387,12 +1387,13 @@ static __always_inline struct rq *__this_rq(void)
#define cpu_rq(cpu) (&per_cpu(runqueues, (cpu)))
#define this_rq() __this_rq()
#define task_rq(p) cpu_rq(task_cpu(p))
-#define cpu_curr(cpu) (cpu_rq(cpu)->curr)
+#define cpu_curr(cpu) ((cpu_rq(cpu)->curr))
#define raw_rq() raw_cpu_ptr(&runqueues)
static inline bool idle_rq(struct rq *rq)
{
- return rq->curr == rq->idle && !rq->nr_running && !rq->ttwu_pending;
+ return rcu_access_pointer(rq->curr) == rq->idle &&
+ !rq->nr_running && !rq->ttwu_pending;
}
/**
@@ -2360,7 +2361,7 @@ static inline u64 global_rt_runtime(void)
*/
static inline int task_current(struct rq *rq, struct task_struct *p)
{
- return rq->curr == p;
+ return rcu_access_pointer(rq->curr) == p;
}
/*
@@ -2371,7 +2372,7 @@ static inline int task_current(struct rq *rq, struct task_struct *p)
*/
static inline int task_current_donor(struct rq *rq, struct task_struct *p)
{
- return rq->donor == p;
+ return rcu_access_pointer(rq->donor) == p;
}
static inline bool task_is_blocked(struct task_struct *p)
@@ -2659,7 +2660,7 @@ struct sched_class {
static inline void put_prev_task(struct rq *rq, struct task_struct *prev)
{
- WARN_ON_ONCE(rq->donor != prev);
+ WARN_ON_ONCE(rcu_access_pointer(rq->donor) != prev);
prev->sched_class->put_prev_task(rq, prev, NULL);
}
@@ -2670,8 +2671,7 @@ static inline void set_next_task(struct rq *rq, struct task_struct *next)
static inline void
__put_prev_set_next_dl_server(struct rq *rq,
- struct task_struct *prev,
- struct task_struct *next)
+ struct task_struct *prev, struct task_struct *next)
{
prev->dl_server = NULL;
next->dl_server = rq->dl_server;
@@ -2679,10 +2679,9 @@ __put_prev_set_next_dl_server(struct rq *rq,
}
static inline void put_prev_set_next_task(struct rq *rq,
- struct task_struct *prev,
- struct task_struct *next)
+ struct task_struct *prev, struct task_struct *next)
{
- WARN_ON_ONCE(rq->donor != prev);
+ WARN_ON_ONCE(rcu_access_pointer(rq->donor) != prev);
__put_prev_set_next_dl_server(rq, prev, next);
--
2.43.0
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH] sched: rcu: fix rq->{curr,donor} address space annotations
2026-02-14 10:20 [PATCH] sched: rcu: fix rq->{curr,donor} address space annotations Sun Jian
@ 2026-02-14 19:44 ` kernel test robot
2026-02-20 19:33 ` [PATCH v2] " Sun Jian
1 sibling, 0 replies; 7+ messages in thread
From: kernel test robot @ 2026-02-14 19:44 UTC (permalink / raw)
To: Sun Jian, mingo, peterz, juri.lelli, vincent.guittot
Cc: oe-kbuild-all, dietmar.eggemann, rostedt, bsegall, mgorman,
vschneid, nathan, nick.desaulniers+lkml, morbo, justinstitt,
linux-kernel, llvm, Sun Jian
Hi Sun,
kernel test robot noticed the following build warnings:
[auto build test WARNING on peterz-queue/sched/core]
[also build test WARNING on linus/master v6.19 next-20260213]
[cannot apply to tip/sched/core]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Sun-Jian/sched-rcu-fix-rq-curr-donor-address-space-annotations/20260214-182109
base: https://git.kernel.org/pub/scm/linux/kernel/git/peterz/queue.git sched/core
patch link: https://lore.kernel.org/r/20260214102005.1398306-1-sun.jian.kdev%40gmail.com
patch subject: [PATCH] sched: rcu: fix rq->{curr,donor} address space annotations
config: microblaze-randconfig-r131-20260214 (https://download.01.org/0day-ci/archive/20260215/202602150345.VAM4TsvX-lkp@intel.com/config)
compiler: microblaze-linux-gcc (GCC) 12.5.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20260215/202602150345.VAM4TsvX-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202602150345.VAM4TsvX-lkp@intel.com/
sparse warnings: (new ones prefixed by >>)
kernel/sched/rt.c:1493:31: sparse: got struct task_struct [noderef] __rcu *donor
kernel/sched/rt.c:1815:9: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct sched_domain *[assigned] sd @@ got struct sched_domain [noderef] __rcu *parent @@
kernel/sched/rt.c:1815:9: sparse: expected struct sched_domain *[assigned] sd
kernel/sched/rt.c:1815:9: sparse: got struct sched_domain [noderef] __rcu *parent
kernel/sched/rt.c:1512:14: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct *curr @@ got struct task_struct [noderef] __rcu * @@
kernel/sched/rt.c:1512:14: sparse: expected struct task_struct *curr
kernel/sched/rt.c:1512:14: sparse: got struct task_struct [noderef] __rcu *
kernel/sched/rt.c:1513:15: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct *donor @@ got struct task_struct [noderef] __rcu * @@
kernel/sched/rt.c:1513:15: sparse: expected struct task_struct *donor
kernel/sched/rt.c:1513:15: sparse: got struct task_struct [noderef] __rcu *
kernel/sched/rt.c:1574:45: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/rt.c:1574:45: sparse: expected struct task_struct *p
kernel/sched/rt.c:1574:45: sparse: got struct task_struct [noderef] __rcu *donor
kernel/sched/rt.c:1616:39: sparse: sparse: incorrect type in initializer (different address spaces) @@ expected struct task_struct *donor @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/rt.c:1616:39: sparse: expected struct task_struct *donor
kernel/sched/rt.c:1616:39: sparse: got struct task_struct [noderef] __rcu *donor
kernel/sched/rt.c:1641:64: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *tsk @@ got struct task_struct [noderef] __rcu *curr @@
kernel/sched/rt.c:1641:64: sparse: expected struct task_struct *tsk
kernel/sched/rt.c:1641:64: sparse: got struct task_struct [noderef] __rcu *curr
kernel/sched/rt.c:1982:40: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *task @@ got struct task_struct [noderef] __rcu *curr @@
kernel/sched/rt.c:1982:40: sparse: expected struct task_struct *task
kernel/sched/rt.c:1982:40: sparse: got struct task_struct [noderef] __rcu *curr
kernel/sched/rt.c:2005:13: sparse: sparse: incompatible types in comparison expression (different address spaces):
kernel/sched/rt.c:2005:13: sparse: struct task_struct *
kernel/sched/rt.c:2005:13: sparse: struct task_struct [noderef] __rcu *
kernel/sched/rt.c:2356:54: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *tsk @@ got struct task_struct [noderef] __rcu *curr @@
kernel/sched/rt.c:2356:54: sparse: expected struct task_struct *tsk
kernel/sched/rt.c:2356:54: sparse: got struct task_struct [noderef] __rcu *curr
kernel/sched/rt.c:2358:40: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/rt.c:2358:40: sparse: expected struct task_struct *p
kernel/sched/rt.c:2358:40: sparse: got struct task_struct [noderef] __rcu *donor
kernel/sched/rt.c:2358:62: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/rt.c:2358:62: sparse: expected struct task_struct *p
kernel/sched/rt.c:2358:62: sparse: got struct task_struct [noderef] __rcu *donor
kernel/sched/build_policy.c: note: in included file:
kernel/sched/deadline.c:2922:23: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/deadline.c:2922:23: sparse: expected struct task_struct *p
kernel/sched/deadline.c:2922:23: sparse: got struct task_struct [noderef] __rcu *donor
kernel/sched/deadline.c:2932:13: sparse: sparse: incompatible types in comparison expression (different address spaces):
kernel/sched/deadline.c:2932:13: sparse: struct task_struct *
kernel/sched/deadline.c:2932:13: sparse: struct task_struct [noderef] __rcu *
kernel/sched/deadline.c:3038:25: sparse: sparse: incompatible types in comparison expression (different address spaces):
kernel/sched/deadline.c:3038:25: sparse: struct task_struct *
kernel/sched/deadline.c:3038:25: sparse: struct task_struct [noderef] __rcu *
kernel/sched/deadline.c:2539:42: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct sched_dl_entity const *b @@ got struct sched_dl_entity [noderef] __rcu * @@
kernel/sched/deadline.c:2539:42: sparse: expected struct sched_dl_entity const *b
kernel/sched/deadline.c:2539:42: sparse: got struct sched_dl_entity [noderef] __rcu *
kernel/sched/deadline.c:2549:38: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *tsk @@ got struct task_struct [noderef] __rcu *curr @@
kernel/sched/deadline.c:2549:38: sparse: expected struct task_struct *tsk
kernel/sched/deadline.c:2549:38: sparse: got struct task_struct [noderef] __rcu *curr
kernel/sched/deadline.c:1198:39: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *curr @@
kernel/sched/deadline.c:1198:39: sparse: expected struct task_struct *p
kernel/sched/deadline.c:1198:39: sparse: got struct task_struct [noderef] __rcu *curr
kernel/sched/deadline.c:1198:85: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct sched_dl_entity const *b @@ got struct sched_dl_entity [noderef] __rcu * @@
kernel/sched/deadline.c:1198:85: sparse: expected struct sched_dl_entity const *b
kernel/sched/deadline.c:1198:85: sparse: got struct sched_dl_entity [noderef] __rcu *
kernel/sched/deadline.c:1296:23: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/deadline.c:1296:23: sparse: expected struct task_struct *p
kernel/sched/deadline.c:1296:23: sparse: got struct task_struct [noderef] __rcu *donor
kernel/sched/deadline.c:1815:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *curr @@
kernel/sched/deadline.c:1815:31: sparse: expected struct task_struct *p
kernel/sched/deadline.c:1815:31: sparse: got struct task_struct [noderef] __rcu *curr
kernel/sched/deadline.c:1815:70: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct sched_dl_entity const *b @@ got struct sched_dl_entity [noderef] __rcu * @@
kernel/sched/deadline.c:1815:70: sparse: expected struct sched_dl_entity const *b
kernel/sched/deadline.c:1815:70: sparse: got struct sched_dl_entity [noderef] __rcu *
kernel/sched/deadline.c:1941:39: sparse: sparse: incorrect type in initializer (different address spaces) @@ expected struct task_struct *donor @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/deadline.c:1941:39: sparse: expected struct task_struct *donor
kernel/sched/deadline.c:1941:39: sparse: got struct task_struct [noderef] __rcu *donor
kernel/sched/deadline.c:2758:9: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct sched_domain *[assigned] sd @@ got struct sched_domain [noderef] __rcu *parent @@
kernel/sched/deadline.c:2758:9: sparse: expected struct sched_domain *[assigned] sd
kernel/sched/deadline.c:2758:9: sparse: got struct sched_domain [noderef] __rcu *parent
kernel/sched/deadline.c:2419:14: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct *curr @@ got struct task_struct [noderef] __rcu * @@
kernel/sched/deadline.c:2419:14: sparse: expected struct task_struct *curr
kernel/sched/deadline.c:2419:14: sparse: got struct task_struct [noderef] __rcu *
kernel/sched/deadline.c:2420:15: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct *donor @@ got struct task_struct [noderef] __rcu * @@
kernel/sched/deadline.c:2420:15: sparse: expected struct task_struct *donor
kernel/sched/deadline.c:2420:15: sparse: got struct task_struct [noderef] __rcu *
kernel/sched/deadline.c:2494:43: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/deadline.c:2494:43: sparse: expected struct task_struct *p
kernel/sched/deadline.c:2494:43: sparse: got struct task_struct [noderef] __rcu *donor
kernel/sched/deadline.c:3083:38: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *tsk @@ got struct task_struct [noderef] __rcu *curr @@
kernel/sched/deadline.c:3083:38: sparse: expected struct task_struct *tsk
kernel/sched/deadline.c:3083:38: sparse: got struct task_struct [noderef] __rcu *curr
kernel/sched/deadline.c:3085:23: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/deadline.c:3085:23: sparse: expected struct task_struct *p
kernel/sched/deadline.c:3085:23: sparse: got struct task_struct [noderef] __rcu *donor
kernel/sched/deadline.c:3087:44: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct sched_dl_entity const *b @@ got struct sched_dl_entity [noderef] __rcu * @@
kernel/sched/deadline.c:3087:44: sparse: expected struct sched_dl_entity const *b
kernel/sched/deadline.c:3087:44: sparse: got struct sched_dl_entity [noderef] __rcu *
kernel/sched/deadline.c:3340:23: sparse: sparse: incompatible types in comparison expression (different address spaces):
kernel/sched/deadline.c:3340:23: sparse: struct task_struct [noderef] __rcu *
kernel/sched/deadline.c:3340:23: sparse: struct task_struct *
kernel/sched/deadline.c:3393:32: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *curr @@
kernel/sched/build_policy.c: note: in included file:
kernel/sched/syscalls.c:1382:22: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct *curr @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/build_policy.c: note: in included file:
kernel/sched/rt.c:1573:15: sparse: sparse: dereference of noderef expression
kernel/sched/rt.c:1958:13: sparse: sparse: dereference of noderef expression
kernel/sched/rt.c:1979:23: sparse: sparse: dereference of noderef expression
kernel/sched/build_policy.c: note: in included file:
>> kernel/sched/sched.h:2812:35: sparse: sparse: incorrect type in initializer (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/build_policy.c: note: in included file:
kernel/sched/rt.c:2316:45: sparse: sparse: dereference of noderef expression
kernel/sched/build_policy.c: note: in included file:
>> kernel/sched/sched.h:2812:35: sparse: sparse: incorrect type in initializer (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/build_policy.c: note: in included file:
kernel/sched/rt.c:2359:32: sparse: sparse: dereference of noderef expression
kernel/sched/rt.c:2360:32: sparse: sparse: dereference of noderef expression
kernel/sched/rt.c:2441:33: sparse: sparse: dereference of noderef expression
kernel/sched/rt.c:2479:33: sparse: sparse: dereference of noderef expression
kernel/sched/build_policy.c: note: in included file:
>> kernel/sched/pelt.c:480:50: sparse: sparse: dereference of noderef expression
kernel/sched/build_policy.c: note: in included file:
>> kernel/sched/deadline.c:1169:19: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:1808:11: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:2384:11: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:2493:15: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:2548:34: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:2579:15: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:2923:54: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:2923:54: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:2924:15: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:3046:50: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:3046:50: sparse: sparse: dereference of noderef expression
kernel/sched/build_policy.c: note: in included file:
>> kernel/sched/sched.h:2812:35: sparse: sparse: incorrect type in initializer (different address spaces) @@ expected struct task_struct *p @@ got struct task_struct [noderef] __rcu *donor @@
kernel/sched/build_policy.c: note: in included file:
kernel/sched/deadline.c:3086:16: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:3394:54: sparse: sparse: dereference of noderef expression
kernel/sched/deadline.c:3394:54: sparse: sparse: dereference of noderef expression
kernel/sched/build_policy.c: note: in included file:
kernel/sched/syscalls.c:1307:11: sparse: sparse: dereference of noderef expression
kernel/sched/build_policy.c: note: in included file:
kernel/sched/rt.c:1665:15: sparse: sparse: dereference of noderef expression
vim +2812 kernel/sched/sched.h
04746ed80bcf31 Ingo Molnar 2024-04-07 2809
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2810 static inline struct task_struct *get_push_task(struct rq *rq)
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2811 {
af0c8b2bf67b25 Peter Zijlstra 2024-10-09 @2812 struct task_struct *p = rq->donor;
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2813
5cb9eaa3d274f7 Peter Zijlstra 2020-11-17 2814 lockdep_assert_rq_held(rq);
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2815
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2816 if (rq->push_busy)
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2817 return NULL;
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2818
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2819 if (p->nr_cpus_allowed == 1)
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2820 return NULL;
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2821
e681dcbaa4b284 Sebastian Andrzej Siewior 2021-08-26 2822 if (p->migration_disabled)
e681dcbaa4b284 Sebastian Andrzej Siewior 2021-08-26 2823 return NULL;
e681dcbaa4b284 Sebastian Andrzej Siewior 2021-08-26 2824
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2825 rq->push_busy = true;
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2826 return get_task_struct(p);
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2827 }
a7c81556ec4d34 Peter Zijlstra 2020-09-28 2828
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH v2] sched: rcu: fix rq->{curr,donor} address space annotations
2026-02-14 10:20 [PATCH] sched: rcu: fix rq->{curr,donor} address space annotations Sun Jian
2026-02-14 19:44 ` kernel test robot
@ 2026-02-20 19:33 ` Sun Jian
2026-02-20 19:48 ` Peter Zijlstra
` (2 more replies)
1 sibling, 3 replies; 7+ messages in thread
From: Sun Jian @ 2026-02-20 19:33 UTC (permalink / raw)
To: mingo, peterz, juri.lelli, vincent.guittot
Cc: dietmar.eggemann, rostedt, bsegall, mgorman, vschneid, nathan,
nick.desaulniers+lkml, morbo, justinstitt, linux-kernel, llvm,
Sun Jian
With CONFIG_SCHED_PROXY_EXEC enabled, struct rq::curr and rq::donor are
annotated as __rcu. Several call sites access these pointers as plain
struct task_struct * while holding rq locks, which triggers address
space warnings from sparse.
Fix these sites by dereferencing rq->{curr,donor} with
rcu_dereference_protected() under rq locks and reusing local pointers,
and by using rcu_access_pointer() for address-only comparisons.
No functional change intended.
Build/verify:
make -j$(nproc) O=../out/full-clang-x86_64 LLVM=1 kernel/sched/core.o
make -j$(nproc) O=../out/full-clang-x86_64 LLVM=1 C=2 CHECK=sparse \
kernel/sched/{core,pelt,build_policy}.o
Signed-off-by: Sun Jian <sun.jian.kdev@gmail.com>
---
v2:
- Fix sparse address space warning in core.c: __schedule() prev assignment
- Fix sparse noderef dereferences in pelt.c: update_other_load_avgs()
- Fix sparse noderef dereference in deadline.c: dl_server_timer()
- Use rcu_dereference_protected() in sched.h: get_push_task()
---
kernel/sched/core.c | 78 +++++++++++++++++++++++++++++------------
kernel/sched/deadline.c | 7 +++-
kernel/sched/pelt.c | 7 +++-
kernel/sched/pelt.h | 5 ++-
kernel/sched/sched.h | 23 ++++++------
5 files changed, 83 insertions(+), 37 deletions(-)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index 759777694c78..1dd13dd5be5f 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -330,7 +330,8 @@ void sched_core_dequeue(struct rq *rq, struct task_struct *p, int flags)
* and re-examine whether the core is still in forced idle state.
*/
if (!(flags & DEQUEUE_SAVE) && rq->nr_running == 1 &&
- rq->core->core_forceidle_count && rq->curr == rq->idle)
+ rq->core->core_forceidle_count &&
+ rcu_access_pointer(rq->curr) == rq->idle)
resched_curr(rq);
}
@@ -891,7 +892,12 @@ static enum hrtimer_restart hrtick(struct hrtimer *timer)
rq_lock(rq, &rf);
update_rq_clock(rq);
- rq->donor->sched_class->task_tick(rq, rq->donor, 1);
+ {
+ bool locked = lockdep_is_held(__rq_lockp(rq));
+ struct task_struct *donor =
+ rcu_dereference_protected(rq->donor, locked);
+ donor->sched_class->task_tick(rq, donor, 1);
+ }
rq_unlock(rq, &rf);
return HRTIMER_NORESTART;
@@ -1111,7 +1117,9 @@ void wake_up_q(struct wake_q_head *head)
*/
static void __resched_curr(struct rq *rq, int tif)
{
- struct task_struct *curr = rq->curr;
+ struct task_struct *curr =
+ rcu_dereference_protected(rq->curr,
+ lockdep_is_held(__rq_lockp(rq)));
struct thread_info *cti = task_thread_info(curr);
int cpu;
@@ -1218,7 +1226,8 @@ int get_nohz_timer_target(void)
guard(rcu)();
- for_each_domain(cpu, sd) {
+ sd = rcu_dereference(cpu_rq(cpu)->sd);
+ for (; sd; sd = rcu_dereference(sd->parent)) {
for_each_cpu_and(i, sched_domain_span(sd), hk_mask) {
if (cpu == i)
continue;
@@ -2179,12 +2188,15 @@ static void block_task(struct rq *rq, struct task_struct *p, int flags)
*/
inline int task_curr(const struct task_struct *p)
{
- return cpu_curr(task_cpu(p)) == p;
+ return rcu_access_pointer(cpu_curr(task_cpu(p))) == p;
}
void wakeup_preempt(struct rq *rq, struct task_struct *p, int flags)
{
- struct task_struct *donor = rq->donor;
+ struct task_struct *donor =
+ rcu_dereference_protected(rq->donor, lockdep_is_held(__rq_lockp(rq)));
+ struct task_struct *curr =
+ rcu_dereference_protected(rq->curr, lockdep_is_held(__rq_lockp(rq)));
if (p->sched_class == rq->next_class) {
rq->next_class->wakeup_preempt(rq, p, flags);
@@ -2199,7 +2211,7 @@ void wakeup_preempt(struct rq *rq, struct task_struct *p, int flags)
* A queue event has occurred, and we're going to schedule. In
* this case, we can save a useless back to back clock update.
*/
- if (task_on_rq_queued(donor) && test_tsk_need_resched(rq->curr))
+ if (task_on_rq_queued(donor) && test_tsk_need_resched(curr))
rq_clock_skip_update(rq);
}
@@ -3604,7 +3616,9 @@ ttwu_stat(struct task_struct *p, int cpu, int wake_flags)
__schedstat_inc(p->stats.nr_wakeups_remote);
guard(rcu)();
- for_each_domain(rq->cpu, sd) {
+
+ sd = rcu_dereference(rq->sd);
+ for (; sd; sd = rcu_dereference(sd->parent)) {
if (cpumask_test_cpu(cpu, sched_domain_span(sd))) {
__schedstat_inc(sd->ttwu_wake_remote);
break;
@@ -3809,7 +3823,9 @@ void wake_up_if_idle(int cpu)
guard(rcu)();
if (is_idle_task(rcu_dereference(rq->curr))) {
guard(rq_lock_irqsave)(rq);
- if (is_idle_task(rq->curr))
+ bool locked = lockdep_is_held(__rq_lockp(rq));
+
+ if (is_idle_task(rcu_dereference_protected(rq->curr, locked)))
resched_curr(rq);
}
}
@@ -5556,7 +5572,8 @@ void sched_tick(void)
sched_clock_tick();
rq_lock(rq, &rf);
- donor = rq->donor;
+ donor = rcu_dereference_protected(rq->donor,
+ lockdep_is_held(__rq_lockp(rq)));
psi_account_irqtime(rq, donor, NULL);
@@ -5644,7 +5661,10 @@ static void sched_tick_remote(struct work_struct *work)
*/
if (tick_nohz_tick_stopped_cpu(cpu)) {
guard(rq_lock_irq)(rq);
- struct task_struct *curr = rq->curr;
+ struct task_struct *curr =
+ rcu_dereference_protected(rq->curr, lockdep_is_held(__rq_lockp(rq)));
+ struct task_struct *donor =
+ rcu_dereference_protected(rq->donor, lockdep_is_held(__rq_lockp(rq)));
if (cpu_online(cpu)) {
/*
@@ -5652,7 +5672,7 @@ static void sched_tick_remote(struct work_struct *work)
* we are always sure that there is no proxy (only a
* single task is running).
*/
- WARN_ON_ONCE(rq->curr != rq->donor);
+ WARN_ON_ONCE(curr != donor);
update_rq_clock(rq);
if (!is_idle_task(curr)) {
@@ -6778,7 +6798,9 @@ static void __sched notrace __schedule(int sched_mode)
cpu = smp_processor_id();
rq = cpu_rq(cpu);
- prev = rq->curr;
+ bool locked = lockdep_is_held(__rq_lockp(rq));
+
+ prev = rcu_dereference_protected(rq->curr, locked);
schedule_debug(prev, preempt);
@@ -6845,7 +6867,12 @@ static void __sched notrace __schedule(int sched_mode)
}
pick_again:
- next = pick_next_task(rq, rq->donor, &rf);
+ {
+ bool locked = lockdep_is_held(__rq_lockp(rq));
+ struct task_struct *donor =
+ rcu_dereference_protected(rq->donor, locked);
+ next = pick_next_task(rq, donor, &rf);
+ }
rq_set_donor(rq, next);
rq->next_class = next->sched_class;
if (unlikely(task_is_blocked(next))) {
@@ -7352,7 +7379,7 @@ void rt_mutex_setprio(struct task_struct *p, struct task_struct *pi_task)
* real need to boost.
*/
if (unlikely(p == rq->idle)) {
- WARN_ON(p != rq->curr);
+ WARN_ON(p != rcu_access_pointer(rq->curr));
WARN_ON(p->pi_blocked_on);
goto out_unlock;
}
@@ -8116,7 +8143,9 @@ static DEFINE_PER_CPU(struct cpu_stop_work, push_work);
static void balance_push(struct rq *rq)
__must_hold(__rq_lockp(rq))
{
- struct task_struct *push_task = rq->curr;
+ struct task_struct *push_task =
+ rcu_dereference_protected(rq->curr,
+ lockdep_is_held(__rq_lockp(rq)));
lockdep_assert_rq_held(rq);
@@ -10272,7 +10301,7 @@ void dump_cpu_task(int cpu)
return;
pr_info("Task dump for CPU %d:\n", cpu);
- sched_show_task(cpu_curr(cpu));
+ sched_show_task(rcu_access_pointer(cpu_curr(cpu)));
}
/*
@@ -10583,24 +10612,27 @@ static void mm_cid_fixup_cpus_to_tasks(struct mm_struct *mm)
/* Remote access to mm::mm_cid::pcpu requires rq_lock */
guard(rq_lock_irq)(rq);
+
+ struct task_struct *curr =
+ rcu_dereference_protected(rq->curr, lockdep_is_held(__rq_lockp(rq)));
/* Is the CID still owned by the CPU? */
if (cid_on_cpu(pcp->cid)) {
/*
* If rq->curr has @mm, transfer it with the
* transition bit set. Otherwise drop it.
*/
- if (rq->curr->mm == mm && rq->curr->mm_cid.active)
- mm_cid_transit_to_task(rq->curr, pcp);
+ if (curr->mm == mm && curr->mm_cid.active)
+ mm_cid_transit_to_task(curr, pcp);
else
mm_drop_cid_on_cpu(mm, pcp);
- } else if (rq->curr->mm == mm && rq->curr->mm_cid.active) {
- unsigned int cid = rq->curr->mm_cid.cid;
+ } else if (curr->mm == mm && curr->mm_cid.active) {
+ unsigned int cid = curr->mm_cid.cid;
/* Ensure it has the transition bit set */
if (!cid_in_transit(cid)) {
cid = cid_to_transit_cid(cid);
- rq->curr->mm_cid.cid = cid;
+ curr->mm_cid.cid = cid;
pcp->cid = cid;
}
}
@@ -10625,7 +10657,7 @@ static bool mm_cid_fixup_task_to_cpu(struct task_struct *t, struct mm_struct *mm
return false;
if (cid_on_task(t->mm_cid.cid)) {
/* If running on the CPU, put the CID in transit mode, otherwise drop it */
- if (task_rq(t)->curr == t)
+ if (rcu_access_pointer(task_rq(t)->curr) == t)
mm_cid_transit_to_cpu(t, per_cpu_ptr(mm->mm_cid.pcpu, task_cpu(t)));
else
mm_unset_cid_on_task(t);
diff --git a/kernel/sched/deadline.c b/kernel/sched/deadline.c
index d08b00429323..1376474774c3 100644
--- a/kernel/sched/deadline.c
+++ b/kernel/sched/deadline.c
@@ -1166,7 +1166,12 @@ static enum hrtimer_restart dl_server_timer(struct hrtimer *timer, struct sched_
* any relevant server through calling dl_server_update() and
* friends.
*/
- rq->donor->sched_class->update_curr(rq);
+ {
+ struct task_struct *donor =
+ rcu_dereference_protected(rq->donor,
+ lockdep_is_held(__rq_lockp(rq)));
+ donor->sched_class->update_curr(rq);
+ }
if (dl_se->dl_defer_idle) {
dl_server_stop(dl_se);
diff --git a/kernel/sched/pelt.c b/kernel/sched/pelt.c
index 897790889ba3..b0ad86e8ba8b 100644
--- a/kernel/sched/pelt.c
+++ b/kernel/sched/pelt.c
@@ -477,11 +477,16 @@ int update_irq_load_avg(struct rq *rq, u64 running)
bool update_other_load_avgs(struct rq *rq)
{
u64 now = rq_clock_pelt(rq);
- const struct sched_class *curr_class = rq->donor->sched_class;
+ struct task_struct *donor;
+ const struct sched_class *curr_class;
unsigned long hw_pressure = arch_scale_hw_pressure(cpu_of(rq));
lockdep_assert_rq_held(rq);
+ donor = rcu_dereference_protected(rq->donor,
+ lockdep_is_held(__rq_lockp(rq)));
+ curr_class = donor->sched_class;
+
/* hw_pressure doesn't care about invariance */
return update_rt_rq_load_avg(now, rq, curr_class == &rt_sched_class) |
update_dl_rq_load_avg(now, rq, curr_class == &dl_sched_class) |
diff --git a/kernel/sched/pelt.h b/kernel/sched/pelt.h
index f921302dc40f..2498616fa1a9 100644
--- a/kernel/sched/pelt.h
+++ b/kernel/sched/pelt.h
@@ -99,7 +99,10 @@ static inline void _update_idle_rq_clock_pelt(struct rq *rq)
*/
static inline void update_rq_clock_pelt(struct rq *rq, s64 delta)
{
- if (unlikely(is_idle_task(rq->curr))) {
+ struct task_struct *curr =
+ rcu_dereference_protected(rq->curr,
+ lockdep_is_held(__rq_lockp(rq)));
+ if (unlikely(is_idle_task(curr))) {
_update_idle_rq_clock_pelt(rq);
return;
}
diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h
index b82fb70a9d54..c1673f2baaea 100644
--- a/kernel/sched/sched.h
+++ b/kernel/sched/sched.h
@@ -1387,12 +1387,13 @@ static __always_inline struct rq *__this_rq(void)
#define cpu_rq(cpu) (&per_cpu(runqueues, (cpu)))
#define this_rq() __this_rq()
#define task_rq(p) cpu_rq(task_cpu(p))
-#define cpu_curr(cpu) (cpu_rq(cpu)->curr)
+#define cpu_curr(cpu) ((cpu_rq(cpu)->curr))
#define raw_rq() raw_cpu_ptr(&runqueues)
static inline bool idle_rq(struct rq *rq)
{
- return rq->curr == rq->idle && !rq->nr_running && !rq->ttwu_pending;
+ return rcu_access_pointer(rq->curr) == rq->idle &&
+ !rq->nr_running && !rq->ttwu_pending;
}
/**
@@ -2360,7 +2361,7 @@ static inline u64 global_rt_runtime(void)
*/
static inline int task_current(struct rq *rq, struct task_struct *p)
{
- return rq->curr == p;
+ return rcu_access_pointer(rq->curr) == p;
}
/*
@@ -2371,7 +2372,7 @@ static inline int task_current(struct rq *rq, struct task_struct *p)
*/
static inline int task_current_donor(struct rq *rq, struct task_struct *p)
{
- return rq->donor == p;
+ return rcu_access_pointer(rq->donor) == p;
}
static inline bool task_is_blocked(struct task_struct *p)
@@ -2659,7 +2660,7 @@ struct sched_class {
static inline void put_prev_task(struct rq *rq, struct task_struct *prev)
{
- WARN_ON_ONCE(rq->donor != prev);
+ WARN_ON_ONCE(rcu_access_pointer(rq->donor) != prev);
prev->sched_class->put_prev_task(rq, prev, NULL);
}
@@ -2670,8 +2671,7 @@ static inline void set_next_task(struct rq *rq, struct task_struct *next)
static inline void
__put_prev_set_next_dl_server(struct rq *rq,
- struct task_struct *prev,
- struct task_struct *next)
+ struct task_struct *prev, struct task_struct *next)
{
prev->dl_server = NULL;
next->dl_server = rq->dl_server;
@@ -2679,10 +2679,9 @@ __put_prev_set_next_dl_server(struct rq *rq,
}
static inline void put_prev_set_next_task(struct rq *rq,
- struct task_struct *prev,
- struct task_struct *next)
+ struct task_struct *prev, struct task_struct *next)
{
- WARN_ON_ONCE(rq->donor != prev);
+ WARN_ON_ONCE(rcu_access_pointer(rq->donor) != prev);
__put_prev_set_next_dl_server(rq, prev, next);
@@ -2809,9 +2808,11 @@ static inline cpumask_t *alloc_user_cpus_ptr(int node)
static inline struct task_struct *get_push_task(struct rq *rq)
{
- struct task_struct *p = rq->donor;
+ struct task_struct *p;
lockdep_assert_rq_held(rq);
+ p = rcu_dereference_protected(rq->donor,
+ lockdep_is_held(__rq_lockp(rq)));
if (rq->push_busy)
return NULL;
base-commit: 770aaedb461a055f79b971d538678942b6607894
--
2.43.0
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH v2] sched: rcu: fix rq->{curr,donor} address space annotations
2026-02-20 19:33 ` [PATCH v2] " Sun Jian
@ 2026-02-20 19:48 ` Peter Zijlstra
2026-02-21 1:53 ` sun jian
2026-02-20 23:19 ` kernel test robot
2026-02-20 23:29 ` kernel test robot
2 siblings, 1 reply; 7+ messages in thread
From: Peter Zijlstra @ 2026-02-20 19:48 UTC (permalink / raw)
To: Sun Jian
Cc: mingo, juri.lelli, vincent.guittot, dietmar.eggemann, rostedt,
bsegall, mgorman, vschneid, nathan, nick.desaulniers+lkml, morbo,
justinstitt, linux-kernel, llvm
On Sat, Feb 21, 2026 at 03:33:53AM +0800, Sun Jian wrote:
> With CONFIG_SCHED_PROXY_EXEC enabled, struct rq::curr and rq::donor are
> annotated as __rcu. Several call sites access these pointers as plain
> struct task_struct * while holding rq locks, which triggers address
> space warnings from sparse.
>
> Fix these sites by dereferencing rq->{curr,donor} with
> rcu_dereference_protected() under rq locks and reusing local pointers,
> and by using rcu_access_pointer() for address-only comparisons.
>
> No functional change intended.
>
> Build/verify:
> make -j$(nproc) O=../out/full-clang-x86_64 LLVM=1 kernel/sched/core.o
> make -j$(nproc) O=../out/full-clang-x86_64 LLVM=1 C=2 CHECK=sparse \
> kernel/sched/{core,pelt,build_policy}.o
>
> Signed-off-by: Sun Jian <sun.jian.kdev@gmail.com>
Yeah, lets not do this. It makes the code horrible.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v2] sched: rcu: fix rq->{curr,donor} address space annotations
2026-02-20 19:33 ` [PATCH v2] " Sun Jian
2026-02-20 19:48 ` Peter Zijlstra
@ 2026-02-20 23:19 ` kernel test robot
2026-02-20 23:29 ` kernel test robot
2 siblings, 0 replies; 7+ messages in thread
From: kernel test robot @ 2026-02-20 23:19 UTC (permalink / raw)
To: Sun Jian, mingo, peterz, juri.lelli, vincent.guittot
Cc: oe-kbuild-all, dietmar.eggemann, rostedt, bsegall, mgorman,
vschneid, nathan, nick.desaulniers+lkml, morbo, justinstitt,
linux-kernel, llvm, Sun Jian
Hi Sun,
kernel test robot noticed the following build errors:
[auto build test ERROR on 770aaedb461a055f79b971d538678942b6607894]
url: https://github.com/intel-lab-lkp/linux/commits/Sun-Jian/sched-rcu-fix-rq-curr-donor-address-space-annotations/20260221-033739
base: 770aaedb461a055f79b971d538678942b6607894
patch link: https://lore.kernel.org/r/20260220193353.21870-1-sun.jian.kdev%40gmail.com
patch subject: [PATCH v2] sched: rcu: fix rq->{curr,donor} address space annotations
config: arc-allnoconfig (https://download.01.org/0day-ci/archive/20260221/202602210752.PVuJInZ7-lkp@intel.com/config)
compiler: arc-linux-gcc (GCC) 15.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20260221/202602210752.PVuJInZ7-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202602210752.PVuJInZ7-lkp@intel.com/
All errors (new ones prefixed by >>):
arc-linux-ld: kernel/sched/core.o: in function `wake_up_if_idle':
core.c:(.text+0x1ecc): undefined reference to `lockdep_is_held'
>> arc-linux-ld: core.c:(.text+0x1ecc): undefined reference to `lockdep_is_held'
arc-linux-ld: kernel/sched/core.o: in function `__schedule':
core.c:(.sched.text+0x6a): undefined reference to `lockdep_is_held'
>> arc-linux-ld: core.c:(.sched.text+0x6a): undefined reference to `lockdep_is_held'
arc-linux-ld: core.c:(.sched.text+0x136): undefined reference to `lockdep_is_held'
arc-linux-ld: kernel/sched/core.o:core.c:(.sched.text+0x136): more undefined references to `lockdep_is_held' follow
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v2] sched: rcu: fix rq->{curr,donor} address space annotations
2026-02-20 19:33 ` [PATCH v2] " Sun Jian
2026-02-20 19:48 ` Peter Zijlstra
2026-02-20 23:19 ` kernel test robot
@ 2026-02-20 23:29 ` kernel test robot
2 siblings, 0 replies; 7+ messages in thread
From: kernel test robot @ 2026-02-20 23:29 UTC (permalink / raw)
To: Sun Jian, mingo, peterz, juri.lelli, vincent.guittot
Cc: oe-kbuild-all, dietmar.eggemann, rostedt, bsegall, mgorman,
vschneid, nathan, nick.desaulniers+lkml, morbo, justinstitt,
linux-kernel, llvm, Sun Jian
Hi Sun,
kernel test robot noticed the following build errors:
[auto build test ERROR on 770aaedb461a055f79b971d538678942b6607894]
url: https://github.com/intel-lab-lkp/linux/commits/Sun-Jian/sched-rcu-fix-rq-curr-donor-address-space-annotations/20260221-033739
base: 770aaedb461a055f79b971d538678942b6607894
patch link: https://lore.kernel.org/r/20260220193353.21870-1-sun.jian.kdev%40gmail.com
patch subject: [PATCH v2] sched: rcu: fix rq->{curr,donor} address space annotations
config: arm64-allnoconfig (https://download.01.org/0day-ci/archive/20260221/202602210735.v0eU5uou-lkp@intel.com/config)
compiler: aarch64-linux-gcc (GCC) 15.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20260221/202602210735.v0eU5uou-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202602210735.v0eU5uou-lkp@intel.com/
All errors (new ones prefixed by >>):
aarch64-linux-ld: Unexpected GOT/PLT entries detected!
aarch64-linux-ld: Unexpected run-time procedure linkages detected!
aarch64-linux-ld: kernel/sched/core.o: in function `wake_up_if_idle':
core.c:(.text+0x5190): undefined reference to `lockdep_is_held'
>> aarch64-linux-ld: core.c:(.text+0x51d4): undefined reference to `lockdep_is_held'
aarch64-linux-ld: kernel/sched/core.o: in function `__schedule':
core.c:(.sched.text+0xd0): undefined reference to `lockdep_is_held'
>> aarch64-linux-ld: core.c:(.sched.text+0x1a4): undefined reference to `lockdep_is_held'
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v2] sched: rcu: fix rq->{curr,donor} address space annotations
2026-02-20 19:48 ` Peter Zijlstra
@ 2026-02-21 1:53 ` sun jian
0 siblings, 0 replies; 7+ messages in thread
From: sun jian @ 2026-02-21 1:53 UTC (permalink / raw)
To: Peter Zijlstra
Cc: mingo, juri.lelli, vincent.guittot, dietmar.eggemann, rostedt,
bsegall, mgorman, vschneid, nathan, nick.desaulniers+lkml, morbo,
justinstitt, linux-kernel, llvm
On Sat, Feb 21, 2026 at 3:48 AM Peter Zijlstra <peterz@infradead.org> wrote:
>
> On Sat, Feb 21, 2026 at 03:33:53AM +0800, Sun Jian wrote:
> > With CONFIG_SCHED_PROXY_EXEC enabled, struct rq::curr and rq::donor are
> > annotated as __rcu. Several call sites access these pointers as plain
> > struct task_struct * while holding rq locks, which triggers address
> > space warnings from sparse.
>
> Yeah, lets not do this. It makes the code horrible.
Understood, I'll drop it.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2026-02-21 1:53 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-02-14 10:20 [PATCH] sched: rcu: fix rq->{curr,donor} address space annotations Sun Jian
2026-02-14 19:44 ` kernel test robot
2026-02-20 19:33 ` [PATCH v2] " Sun Jian
2026-02-20 19:48 ` Peter Zijlstra
2026-02-21 1:53 ` sun jian
2026-02-20 23:19 ` kernel test robot
2026-02-20 23:29 ` kernel test robot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox