From nobody Tue Dec 2 01:03:55 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 07C7C33C1BA for ; Mon, 24 Nov 2025 22:31:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764023488; cv=none; b=jLqYUE6XvXcumYwmr0DW9unAyzCg5BuSK8SSNbfz5hTRujIskH+Z9QZBtjDMlu0mi+Mwk2RXUviIiBcuz2Y8yGWRP+cD/GBESfmogu2WvbkhrXO27Msk5RUz8wwzlO0sYuBQGXDr894lxS+sAaG9s7yqwIadxHlVawN91QtQ19o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764023488; c=relaxed/simple; bh=4q473SgTwCYp6QKeMFdKzYedqzxmtloTSbgEr0egrbs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=qIMsTWsE/CkMZkcFRxSBpgISjq0i7unScq9NGNnlpbVCSp9Tx7ifU6LSe1FPPKW+A0aPvyg9rV2htlj9RHp3zNLJ354tM7c3WDBX4NTQVMO+qTsWi1ji46Vgobf+dLsW8IrdS7izx+nf5WQPSX03jyeNAqdqZWuHepZKk0eQk5U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jstultz.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=EXecwnG6; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jstultz.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="EXecwnG6" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-3437b43eec4so7781920a91.3 for ; Mon, 24 Nov 2025 14:31:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1764023486; x=1764628286; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=m/fWLTLRfB+bV4rm+I0+IwxgfjUIPGp/IY/eUQV65TA=; b=EXecwnG6XulIXJYcyaSePWos93aGWkMT1krShkyYvS7eB7OqsSDbkfuxBurklo7q8Z 215CTIWLgHVoINfXg/SSC0J9G56fFvhYeRAX2hfRqeikdMxDULLgiFj7Xlq2tsEF6jNg 7tEnRxzcmCkdwcIK7Qte0C9pEeP5Q3MpfgzOb3G1AG0SrT/avmlvHU7pX5ORCqeYRzri RamY6/0wXol9eSEQkj7tYEsl14jmqhajfQwL+/uhdkyRJ1ETjZC54qK0vt5RzbE1ysP8 KPWuk+w2ZgCj9TYiEA0r23tC1JGgsbU6OuBf/9WZzlSIYfkvq3T0+gvRJgddo3fbiDEW P6hw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1764023486; x=1764628286; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=m/fWLTLRfB+bV4rm+I0+IwxgfjUIPGp/IY/eUQV65TA=; b=Ww6GQBp9tKYl61yMjstLG5nfbUUqt8MjkX5F5GVyVDWvr1P+kWHXItuZ37lQe6/pAo 2eIgxOmIt3PHttYNU5k9xYchrgjY+3SxyIKTDxwP4hJgrOWVNNm7+1S+9pwszyDyfnPS Ny1HziGGzOrBk8tNdZuHeR7B5KDR9SHaJdHtNxbd8AY8xkYeO7ZYYkhCsIu5plk5YDRQ Pa3ha4+GJVn9MYkhn6Tn90tn6So3L/vwr/HBwNYCnHBPKNbN1L/exd84+i+BXUy4J4/G 9+btNftjJzeyHHuzPc/tiP+Trok6rNJSYJMYuocOphMFFSRSWXSFtY6T2VRi1/TCTWPU IkKQ== X-Gm-Message-State: AOJu0YxcBwjxq6iMbC5//VQsh1ClvVWroqZoNBXevdOMIv2GVF+D4F9N /vPASgzkXFsGASz8pVSDSjk85YP/MoQvHvu/EixwwIr2nX2879ioAGctTmqY4P0wBjbBOQ5M4kY 4gkX9BXFg6raSdtccH/wXC7Q28pVUxsaO4ie8N4Fg6tMb60/sJ+VUbWYO5JvAtymgmv8g3PZ5gW F6BTiDea75Aza4+x/RNndpaRsP1kPCbkEma7ZxQcnpkR7BCMeI X-Google-Smtp-Source: AGHT+IHUFTgTqOkK1PkYzrtfYnuxrOkEajhIkKqJz1ULwuzfSCuoHnYGg600gLrRmVM1ILKGHXdbCgCS/Dzn X-Received: from pjzh23.prod.google.com ([2002:a17:90a:ea97:b0:33d:ee1f:6fb7]) (user=jstultz job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:3841:b0:343:6d82:9278 with SMTP id 98e67ed59e1d1-34733f36040mr11752101a91.30.1764023486164; Mon, 24 Nov 2025 14:31:26 -0800 (PST) Date: Mon, 24 Nov 2025 22:31:00 +0000 In-Reply-To: <20251124223111.3616950-1-jstultz@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20251124223111.3616950-1-jstultz@google.com> X-Mailer: git-send-email 2.52.0.487.g5c8c507ade-goog Message-ID: <20251124223111.3616950-9-jstultz@google.com> Subject: [PATCH v24 08/11] sched: Avoid donor->sched_class->yield_task() null traversal From: John Stultz To: LKML Cc: John Stultz , Joel Fernandes , Qais Yousef , Ingo Molnar , Peter Zijlstra , Juri Lelli , Vincent Guittot , Dietmar Eggemann , Valentin Schneider , Steven Rostedt , Ben Segall , Zimuzo Ezeozue , Mel Gorman , Will Deacon , Waiman Long , Boqun Feng , "Paul E. McKenney" , Metin Kaya , Xuewen Yan , K Prateek Nayak , Thomas Gleixner , Daniel Lezcano , Suleiman Souhlal , kuyo chang , hupu , kernel-team@android.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" With proxy-exec once we do return migration from ttwu(), if a task is proxying for a waiting donor, and the donor is woken up, we switch the rq->donor to point to idle briefly until we can re-enter __schedule(). However, if a task that was acting as a proxy calls into yield() right after the donor is switched to idle, it may trip a null pointer traversal, because the idle task doesn't have a yield_task() pointer. So add a conditional to ensure we don't try to call the yield_task() pointer in that case. This was only recently found because prior to commit 127b90315ca07 ("sched/proxy: Yield the donor task") do_sched_yield() incorrectly called current->sched_class_yield_task() instead of using rq->donor. Signed-off-by: John Stultz --- Cc: Joel Fernandes Cc: Qais Yousef Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Juri Lelli Cc: Vincent Guittot Cc: Dietmar Eggemann Cc: Valentin Schneider Cc: Steven Rostedt Cc: Ben Segall Cc: Zimuzo Ezeozue Cc: Mel Gorman Cc: Will Deacon Cc: Waiman Long Cc: Boqun Feng Cc: "Paul E. McKenney" Cc: Metin Kaya Cc: Xuewen Yan Cc: K Prateek Nayak Cc: Thomas Gleixner Cc: Daniel Lezcano Cc: Suleiman Souhlal Cc: kuyo chang Cc: hupu Cc: kernel-team@android.com --- kernel/sched/syscalls.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kernel/sched/syscalls.c b/kernel/sched/syscalls.c index bf360a6fbb800..4b2b81437b03b 100644 --- a/kernel/sched/syscalls.c +++ b/kernel/sched/syscalls.c @@ -1351,7 +1351,8 @@ static void do_sched_yield(void) rq =3D this_rq_lock_irq(&rf); =20 schedstat_inc(rq->yld_count); - rq->donor->sched_class->yield_task(rq); + if (rq->donor->sched_class->yield_task) + rq->donor->sched_class->yield_task(rq); =20 preempt_disable(); rq_unlock_irq(rq, &rf); --=20 2.52.0.487.g5c8c507ade-goog