Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753358AbcDTNAh (ORCPT ); Wed, 20 Apr 2016 09:00:37 -0400 Received: from mx1.redhat.com ([209.132.183.28]:38914 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751238AbcDTNAg (ORCPT ); Wed, 20 Apr 2016 09:00:36 -0400 Reply-To: xlpang@redhat.com Subject: Re: [PATCH v3 5/6] sched/deadline/rtmutex: Fix unprotected PI access in enqueue_task_dl() References: <1460633827-345-1-git-send-email-xlpang@redhat.com> <1460633827-345-6-git-send-email-xlpang@redhat.com> <20160414153111.GC2975@worktop.cust.blueprintrf.com> <57104ADB.20402@redhat.com> <57104FA0.4090509@redhat.com> <20160420122552.GY3430@twins.programming.kicks-ass.net> To: Peter Zijlstra Cc: linux-kernel@vger.kernel.org, Thomas Gleixner , Juri Lelli , Ingo Molnar , Steven Rostedt From: Xunlei Pang Message-ID: <57177D70.10504@redhat.com> Date: Wed, 20 Apr 2016 21:00:32 +0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 MIME-Version: 1.0 In-Reply-To: <20160420122552.GY3430@twins.programming.kicks-ass.net> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1119 Lines: 26 On 2016/04/20/ at 20:25, Peter Zijlstra wrote: > On Fri, Apr 15, 2016 at 10:19:12AM +0800, Xunlei Pang wrote: >> On 2016/04/15 at 09:58, Xunlei Pang wrote: >>> On 2016/04/14 at 23:31, Peter Zijlstra wrote: >>>> On Thu, Apr 14, 2016 at 07:37:06PM +0800, Xunlei Pang wrote: >>>>> We access @pi_task's data without any lock in enqueue_task_dl(), though >>>>> checked "dl_prio(pi_task->normal_prio)" condition, that's not enough. >>>> The proper fix is to ensure that pi_task is guaranteed to be blocked. >>> Even if pi_task was blocked, its parameters are still allowed to be changed, >>> so we have to do that. Did I miss something? >>> >>> Regards, >>> Xunlei >> Fortunately, I just reproduced through an overnight test, so it really happened in reality as I thought. > But what happens? How is it changed when it is blocked? The top waiter's policy can be changed by other tasks through sched_setattr() syscall during it was blocked. I created another thread doing the following thing: while (1) { change the waiter to cfs do something change the waiter to deadline } Regards, Xunlei