From: Kirill Tkhai <tkhai@yandex.ru>
To: Juri Lelli <juri.lelli@gmail.com>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"peterz@infradead.org" <peterz@infradead.org>,
"mingo@redhat.com" <mingo@redhat.com>,
"stable@vger.kernel.org" <stable@vger.kernel.org>
Subject: Re: [PATCH] sched/dl: Fix race between dl_task_timer() and sched_setaffinity()
Date: Mon, 19 May 2014 23:31:19 +0400 [thread overview]
Message-ID: <783871400527879@web2j.yandex.ru> (raw)
In-Reply-To: <20140519151233.5043b749361e1b384f1e5562@gmail.com>
19.05.2014, 17:11, "Juri Lelli" <juri.lelli@gmail.com>:
> On Sat, 17 May 2014 01:30:03 +0400
> Kirill Tkhai <tkhai@yandex.ru> wrote:
>
>> The race is in unlocked task_rq() access. In pair with parallel
>> call of sched_setaffinity() it may be a reason of corruption
>> of internal rq's data.
>
> Sure, the thing can happen!
[snipped]
>> @@ -513,9 +513,16 @@ static enum hrtimer_restart dl_task_timer(struct hrtimer *timer)
>> struct sched_dl_entity,
>> dl_timer);
>> struct task_struct *p = dl_task_of(dl_se);
>> - struct rq *rq = task_rq(p);
>> + struct rq *rq;
>
> We could maybe add a comment here, in line with what we have below, to
> document why we need this.
How about this? (I added comment and rewrote changelog).
[PATCH] sched/dl: Fix race between dl_task_timer() and sched_setaffinity()
Throttled task is still on rq, and it may be moved to other cpu
if user is playing with sched_setaffinity(). Therefore, unlocked
task_rq() access makes the race.
To fix that we do the same as made in __task_rq_lock(). We do not
use __task_rq_lock() itself, because it has a useful lockdep check,
which is not correct in case of dl_task_timer(). This case is
an exception.
Signed-off-by: Kirill Tkhai <tkhai@yandex.ru>
CC: Juri Lelli <juri.lelli@gmail.com>
CC: Peter Zijlstra <peterz@infradead.org>
CC: Ingo Molnar <mingo@redhat.com>
Cc: <stable@vger.kernel.org> # v3.14
diff --git a/kernel/sched/deadline.c b/kernel/sched/deadline.c
index 800e99b..c0a6921 100644
--- a/kernel/sched/deadline.c
+++ b/kernel/sched/deadline.c
@@ -513,9 +513,17 @@ static enum hrtimer_restart dl_task_timer(struct hrtimer *timer)
struct sched_dl_entity,
dl_timer);
struct task_struct *p = dl_task_of(dl_se);
- struct rq *rq = task_rq(p);
+ struct rq *rq;
+again:
+ rq = task_rq(p);
raw_spin_lock(&rq->lock);
+ if (unlikely(rq != task_rq(p))) {
+ /* Task was moved, retrying. */
+ raw_spin_unlock(&rq->lock);
+ goto again;
+ }
+
/*
* We need to take care of a possible races here. In fact, the
* task might have changed its scheduling policy to something
next prev parent reply other threads:[~2014-05-19 19:31 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-16 21:30 [PATCH] sched/dl: Fix race between dl_task_timer() and sched_setaffinity() Kirill Tkhai
2014-05-19 13:12 ` Juri Lelli
2014-05-19 19:31 ` Kirill Tkhai [this message]
2014-05-20 0:00 ` Peter Zijlstra
2014-05-20 5:08 ` Kirill Tkhai
2014-05-20 6:07 ` Kirill Tkhai
2014-05-20 7:53 ` Peter Zijlstra
2014-05-20 8:17 ` Juri Lelli
2014-05-20 9:33 ` Kirill Tkhai
2014-05-21 7:29 ` Peter Zijlstra
2014-06-05 14:33 ` [tip:sched/urgent] sched/dl: Fix race in dl_task_timer() tip-bot for Kirill Tkhai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=783871400527879@web2j.yandex.ru \
--to=tkhai@yandex.ru \
--cc=juri.lelli@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox