Skip to content

Commit ee9077a

Browse files
Byte-LabByte-Lab
authored
Merge pull request raspberrypi#47 from sched-ext/scx-fix-flags-corruption
scx: Fix p->scx.flags corruption due to unsynchronized writes of SCX_TASK_ON_DSQ_PRIQ
2 parents 2c5e6d3 + 21f4c19 commit ee9077a

File tree

2 files changed

+10
-5
lines changed

2 files changed

+10
-5
lines changed

include/linux/sched/ext.h

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -598,7 +598,6 @@ enum scx_ent_flags {
598598
SCX_TASK_QUEUED = 1 << 0, /* on ext runqueue */
599599
SCX_TASK_BAL_KEEP = 1 << 1, /* balance decided to keep current */
600600
SCX_TASK_ENQ_LOCAL = 1 << 2, /* used by scx_select_cpu_dfl() to set SCX_ENQ_LOCAL */
601-
SCX_TASK_ON_DSQ_PRIQ = 1 << 3, /* task is queued on the priority queue of a dsq */
602601

603602
SCX_TASK_OPS_PREPPED = 1 << 8, /* prepared for BPF scheduler enable */
604603
SCX_TASK_OPS_ENABLED = 1 << 9, /* task has BPF scheduler enabled */
@@ -609,6 +608,11 @@ enum scx_ent_flags {
609608
SCX_TASK_CURSOR = 1 << 31, /* iteration cursor, not a task */
610609
};
611610

611+
/* scx_entity.dsq_flags */
612+
enum scx_ent_dsq_flags {
613+
SCX_TASK_DSQ_ON_PRIQ = 1 << 0, /* task is queued on the priority queue of a dsq */
614+
};
615+
612616
/*
613617
* Mask bits for scx_entity.kf_mask. Not all kfuncs can be called from
614618
* everywhere and the following bits track which kfunc sets are currently
@@ -646,6 +650,7 @@ struct sched_ext_entity {
646650
} dsq_node;
647651
struct list_head watchdog_node;
648652
u32 flags; /* protected by rq lock */
653+
u32 dsq_flags; /* protected by dsq lock */
649654
u32 weight;
650655
s32 sticky_cpu;
651656
s32 holding_cpu;

kernel/sched/ext.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -620,7 +620,7 @@ static void dispatch_enqueue(struct scx_dispatch_q *dsq, struct task_struct *p,
620620
bool is_local = dsq->id == SCX_DSQ_LOCAL;
621621

622622
WARN_ON_ONCE(p->scx.dsq || !list_empty(&p->scx.dsq_node.fifo));
623-
WARN_ON_ONCE((p->scx.flags & SCX_TASK_ON_DSQ_PRIQ) ||
623+
WARN_ON_ONCE((p->scx.dsq_flags & SCX_TASK_DSQ_ON_PRIQ) ||
624624
!RB_EMPTY_NODE(&p->scx.dsq_node.priq));
625625

626626
if (!is_local) {
@@ -635,7 +635,7 @@ static void dispatch_enqueue(struct scx_dispatch_q *dsq, struct task_struct *p,
635635
}
636636

637637
if (enq_flags & SCX_ENQ_DSQ_PRIQ) {
638-
p->scx.flags |= SCX_TASK_ON_DSQ_PRIQ;
638+
p->scx.dsq_flags |= SCX_TASK_DSQ_ON_PRIQ;
639639
rb_add_cached(&p->scx.dsq_node.priq, &dsq->priq,
640640
scx_dsq_priq_less);
641641
} else {
@@ -675,10 +675,10 @@ static void dispatch_enqueue(struct scx_dispatch_q *dsq, struct task_struct *p,
675675
static void task_unlink_from_dsq(struct task_struct *p,
676676
struct scx_dispatch_q *dsq)
677677
{
678-
if (p->scx.flags & SCX_TASK_ON_DSQ_PRIQ) {
678+
if (p->scx.dsq_flags & SCX_TASK_DSQ_ON_PRIQ) {
679679
rb_erase_cached(&p->scx.dsq_node.priq, &dsq->priq);
680680
RB_CLEAR_NODE(&p->scx.dsq_node.priq);
681-
p->scx.flags &= ~SCX_TASK_ON_DSQ_PRIQ;
681+
p->scx.dsq_flags &= ~SCX_TASK_DSQ_ON_PRIQ;
682682
} else {
683683
list_del_init(&p->scx.dsq_node.fifo);
684684
}

0 commit comments

Comments
 (0)