Received: by 2002:a17:90a:88:0:0:0:0 with SMTP id a8csp512023pja; Thu, 7 Nov 2019 00:41:15 -0800 (PST) X-Google-Smtp-Source: APXvYqxHKTCgmf5XwGYgroUZVnsJko+4bMtGXj5B6+6Sq6niSgXetv6RXkOkauRbj94sdXeJGHk/ X-Received: by 2002:a17:906:4e83:: with SMTP id v3mr1890970eju.246.1573116075517; Thu, 07 Nov 2019 00:41:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573116075; cv=none; d=google.com; s=arc-20160816; b=e3/dl/FtObPhrOJTt2SY4Q7kWeTzUq5cv9dFkG9bVrXJeC0akQQiIB5uDkumLKd0MD ziLjrohblL8fZms8XUp/etfrY7JtMyitmJMX2g8a0q3Cxel+kyYLfEf6TnvUxSr1Dbx2 JD2KAlPakpIAycxv/VNPOkAWXzMJ53PGblDG4bsTaqs6zoxvejWqzYUOJ8I62aZZEQtU 3ChbkqZwSgz1ika4y5+SIg/jKa861fopMMNkWpG13D3FIPelvqOphYJ+miGlmLWkhJyE FLONzshEtDI6VntMT0NIBRd/fwUnVTQI2zsYe0bZY9o961H/mksJOiEUTX/jHyJXD7c8 xakA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=opicPFKtwIPxFSgiwI6vNDZdBPJBxHt3Rm3AWYLl2rY=; b=QuY+wkpi03UQXIZ7nbktDkx1YMD/xzZA0a3fdbYwOGwEGDb80CkEg5LQMSZ9CSefD4 VLFqcyTnUmTVkaEol+y3/pPbpe8/U1Yno1N2FggorVNg5agglybiV1tf9Lt46utzXofN DEB8u3gl6lUzRODLHtWovqXWD79QL0lKXkbz0c7PZgcfXjcBXtaZIy5/YqRerAzpWD+t 6PM+cUYLy9lOHkqH+IHOgQHRoCyhpOKx+7jl563j+HXC6NGTb+7zpgp0s4SmZD4/V0yQ yGOcIMf0F4Hyjvi8VsvR/c3sg6xIcRdgtri44M0qGTHz02POA9+f2pJAkgwFr2SMmu2Z OvDw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=virtuozzo.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u16si1122234edi.310.2019.11.07.00.40.52; Thu, 07 Nov 2019 00:41:15 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=virtuozzo.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1733181AbfKGIh1 (ORCPT + 99 others); Thu, 7 Nov 2019 03:37:27 -0500 Received: from relay.sw.ru ([185.231.240.75]:52296 "EHLO relay.sw.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726925AbfKGIh1 (ORCPT ); Thu, 7 Nov 2019 03:37:27 -0500 Received: from [172.16.24.104] by relay.sw.ru with esmtp (Exim 4.92.3) (envelope-from ) id 1iSdHp-00040B-A7; Thu, 07 Nov 2019 11:37:01 +0300 Subject: Re: NULL pointer dereference in pick_next_task_fair To: Peter Zijlstra Cc: Quentin Perret , linux-kernel@vger.kernel.org, aaron.lwe@gmail.com, valentin.schneider@arm.com, mingo@kernel.org, pauld@redhat.com, jdesfossez@digitalocean.com, naravamudan@digitalocean.com, vincent.guittot@linaro.org, dietmar.eggemann@arm.com, juri.lelli@redhat.com, rostedt@goodmis.org, bsegall@google.com, mgorman@suse.de, kernel-team@android.com, john.stultz@linaro.org References: <20191028174603.GA246917@google.com> <20191106120525.GX4131@hirez.programming.kicks-ass.net> <33643a5b-1b83-8605-2347-acd1aea04f93@virtuozzo.com> <20191106165437.GX4114@hirez.programming.kicks-ass.net> <20191106172737.GM5671@hirez.programming.kicks-ass.net> From: Kirill Tkhai Message-ID: <831c2cd4-40a4-31b2-c0aa-b5f579e770d6@virtuozzo.com> Date: Thu, 7 Nov 2019 11:36:50 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: <20191106172737.GM5671@hirez.programming.kicks-ass.net> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 06.11.2019 20:27, Peter Zijlstra wrote: > On Wed, Nov 06, 2019 at 05:54:37PM +0100, Peter Zijlstra wrote: >> On Wed, Nov 06, 2019 at 06:51:40PM +0300, Kirill Tkhai wrote: >>>> +#ifdef CONFIG_SMP >>>> + if (!rq->nr_running) { >>>> + /* >>>> + * Make sure task_on_rq_curr() fails, such that we don't do >>>> + * put_prev_task() + set_next_task() on this task again. >>>> + */ >>>> + prev->on_cpu = 2; >>>> newidle_balance(rq, rf); >>> >>> Shouldn't we restore prev->on_cpu = 1 after newidle_balance()? Can't prev >>> become pickable again after newidle_balance() releases rq->lock, and we >>> take it again, so this on_cpu == 2 never will be cleared? >> >> Indeed so. > > Oh wait, the way it was written this is not possible. Because > rq->nr_running == 0 and prev->on_cpu > 0 it means the current task is > going to sleep and cannot be woken back up. I mostly mean throttling. AFAIR, tasks of throttled rt_rq are not accounted in rq->nr_running. But it seems rt_rq may become unthrottled again after newidle_balance() unlocks rq lock, and prev will become pickable again. > But if I move the ->on_cpu=2 thing earlier, as I wrote I'd do, then yes, > we have to set it back to 1. Because in that case we can get here for a > spurious schedule and we'll pick the same task again.