hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/IDB5TR ----------------------------------------- A race exists between enqueue_ctx() and xsched_task_free(). If vstream_kick() invokes enqueue_ctx() while xsched_task_free() is about to kfree(ctx), the xsched_entity can be enqueued before its context freed and then this xsched_entity becomes invalid (NULL), but still stay in the queue. This leads to nr_running being non-zero. In xsched_schedule(), __raw_pick_next_ctx() returns NULL, causing the scheduler to spin forever and eventually trigger soft lockup. Fix this by preventing enqueue_ctx() from operating on a context that is being freed. Fixes: 76c15076abcb ("xsched: Add basic scheduler core support") Signed-off-by: Zicheng Qu <quzicheng@huawei.com> --- kernel/xsched/vstream.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/xsched/vstream.c b/kernel/xsched/vstream.c index b9c4715c1061..ebde50cbb8c6 100644 --- a/kernel/xsched/vstream.c +++ b/kernel/xsched/vstream.c @@ -89,7 +89,10 @@ static void xsched_task_free(struct kref *kref) list_del(&ctx->ctx_node); mutex_unlock(&xcu->ctx_list_lock); + mutex_lock(&xcu->xcu_lock); + dequeue_ctx(&ctx->xse, xcu); kfree(ctx); + mutex_unlock(&xcu->xcu_lock); } struct xsched_cu *xcu_find(uint32_t type, -- 2.34.1