Hi Peter,
I find one list API usage may not be correct in current fair.c code.
In move_one_task function, it may iterate through whole cfs_tasks
list to get one task to move.
But in dequeue_task(), it would delete one task node from list
without the lock protection. So that we could see from
list_for_each_entry_safe API definitoin:
#define list_for_each_entry_safe(pos, n, head, member)
\
for (pos = list_entry((head)->next, typeof(*pos), member), \
n = list_entry(pos->member.next, typeof(*pos),
member); \
&pos->member != (head); \
pos = n, n = list_entry(n->member.next, typeof(*n), member))
As this task node may be listed in the middle of this queue chain, it
may lead to error of searching for the next node when iterating.
Would this be possible to happen? Please help to comment it.
Thanks,
Lei
On Mon, Sep 02, 2013 at 02:26:45PM +0800, Lei Wen wrote:
> Hi Peter,
>
> I find one list API usage may not be correct in current fair.c code.
> In move_one_task function, it may iterate through whole cfs_tasks
> list to get one task to move.
>
> But in dequeue_task(), it would delete one task node from list
> without the lock protection. So that we could see from
> list_for_each_entry_safe API definitoin:
Both sites hold the required rq->lock.
On Mon, Sep 9, 2013 at 7:15 PM, Peter Zijlstra <[email protected]> wrote:
> On Mon, Sep 02, 2013 at 02:26:45PM +0800, Lei Wen wrote:
>> Hi Peter,
>>
>> I find one list API usage may not be correct in current fair.c code.
>> In move_one_task function, it may iterate through whole cfs_tasks
>> list to get one task to move.
>>
>> But in dequeue_task(), it would delete one task node from list
>> without the lock protection. So that we could see from
>> list_for_each_entry_safe API definitoin:
>
> Both sites hold the required rq->lock.
I see, sorry for the noise...
Thanks,
Lei