|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH 09/16] xen: sched: close potential races when switching scheduler to CPUs
by using the sched_switch hook that we have introduced in
the various schedulers.
The key is to let the actual switch of scheduler and the
remapping of the scheduler lock for the CPU (if necessary)
happen together (in the same critical section) protected
(at least) by the old scheduler lock for the CPU.
This also means that, in Credit2 and RTDS, we can get rid
of the code that was doing the scheduler lock remapping
in csched2_free_pdata() and rt_free_pdata(), and of their
triggering ASSERT-s.
Signed-off-by: Dario Faggioli <dario.faggioli@xxxxxxxxxx>
---
Cc: George Dunlap <george.dunlap@xxxxxxxxxxxxx>
Cc: Meng Xu <mengxu@xxxxxxxxxxxxx>
Cc: Tianyang Chen <tiche@xxxxxxxxxxxxxx>
---
xen/common/sched_credit.c | 9 +++++++++
xen/common/sched_credit2.c | 28 ++++++++++------------------
xen/common/sched_rt.c | 13 -------------
xen/common/schedule.c | 30 +++++++++++++++++++++---------
4 files changed, 40 insertions(+), 40 deletions(-)
diff --git a/xen/common/sched_credit.c b/xen/common/sched_credit.c
index 929ba9c..903a704 100644
--- a/xen/common/sched_credit.c
+++ b/xen/common/sched_credit.c
@@ -577,6 +577,15 @@ csched_init_pdata(const struct scheduler *ops, void
*pdata, int cpu)
{
unsigned long flags;
struct csched_private *prv = CSCHED_PRIV(ops);
+ struct schedule_data *sd = &per_cpu(schedule_data, cpu);
+
+ /*
+ * This is called either during during boot, resume or hotplug, in
+ * case Credit1 is the scheduler chosen at boot. In such cases, the
+ * scheduler lock for cpu is already pointing to the default per-cpu
+ * spinlock, as Credit1 needs it, so there is no remapping to be done.
+ */
+ ASSERT(sd->schedule_lock == &sd->_lock && !spin_is_locked(&sd->_lock));
spin_lock_irqsave(&prv->lock, flags);
init_pdata(prv, pdata, cpu);
diff --git a/xen/common/sched_credit2.c b/xen/common/sched_credit2.c
index 25d8e85..64fb028 100644
--- a/xen/common/sched_credit2.c
+++ b/xen/common/sched_credit2.c
@@ -1974,7 +1974,6 @@ init_pdata(struct csched2_private *prv, unsigned int cpu)
{
unsigned rqi;
struct csched2_runqueue_data *rqd;
- spinlock_t *old_lock;
ASSERT(spin_is_locked(&prv->lock));
ASSERT(!cpumask_test_cpu(cpu, &prv->initialized));
@@ -2005,21 +2004,11 @@ init_pdata(struct csched2_private *prv, unsigned int
cpu)
activate_runqueue(prv, rqi);
}
- /* IRQs already disabled */
- old_lock = pcpu_schedule_lock(cpu);
-
- /* Move spinlock to new runq lock. */
- per_cpu(schedule_data, cpu).schedule_lock = &rqd->lock;
-
/* Set the runqueue map */
prv->runq_map[cpu] = rqi;
cpumask_set_cpu(cpu, &rqd->idle);
cpumask_set_cpu(cpu, &rqd->active);
-
- /* _Not_ pcpu_schedule_unlock(): per_cpu().schedule_lock changed! */
- spin_unlock(old_lock);
-
cpumask_set_cpu(cpu, &prv->initialized);
return rqi;
@@ -2029,10 +2018,19 @@ static void
csched2_init_pdata(const struct scheduler *ops, void *pdata, int cpu)
{
struct csched2_private *prv = CSCHED2_PRIV(ops);
+ spinlock_t *old_lock;
unsigned long flags;
+ unsigned rqi;
spin_lock_irqsave(&prv->lock, flags);
- init_pdata(prv, cpu);
+ old_lock = pcpu_schedule_lock(cpu);
+
+ rqi = init_pdata(prv, cpu);
+ /* Move the scheduler lock to the new runq lock. */
+ per_cpu(schedule_data, cpu).schedule_lock = &prv->rqd[rqi].lock;
+
+ /* _Not_ pcpu_schedule_unlock(): schedule_lock may have changed! */
+ spin_unlock(old_lock);
spin_unlock_irqrestore(&prv->lock, flags);
}
@@ -2079,7 +2077,6 @@ csched2_free_pdata(const struct scheduler *ops, void
*pcpu, int cpu)
unsigned long flags;
struct csched2_private *prv = CSCHED2_PRIV(ops);
struct csched2_runqueue_data *rqd;
- struct schedule_data *sd = &per_cpu(schedule_data, cpu);
int rqi;
spin_lock_irqsave(&prv->lock, flags);
@@ -2107,11 +2104,6 @@ csched2_free_pdata(const struct scheduler *ops, void
*pcpu, int cpu)
deactivate_runqueue(prv, rqi);
}
- /* Move spinlock to the original lock. */
- ASSERT(sd->schedule_lock == &rqd->lock);
- ASSERT(!spin_is_locked(&sd->_lock));
- sd->schedule_lock = &sd->_lock;
-
spin_unlock(&rqd->lock);
cpumask_clear_cpu(cpu, &prv->initialized);
diff --git a/xen/common/sched_rt.c b/xen/common/sched_rt.c
index 92be248..0564b1d 100644
--- a/xen/common/sched_rt.c
+++ b/xen/common/sched_rt.c
@@ -718,19 +718,6 @@ rt_alloc_pdata(const struct scheduler *ops, int cpu)
static void
rt_free_pdata(const struct scheduler *ops, void *pcpu, int cpu)
{
- struct rt_private *prv = rt_priv(ops);
- struct schedule_data *sd = &per_cpu(schedule_data, cpu);
- unsigned long flags;
-
- spin_lock_irqsave(&prv->lock, flags);
-
- /* Move spinlock back to the default lock */
- ASSERT(sd->schedule_lock == &prv->lock);
- ASSERT(!spin_is_locked(&sd->_lock));
- sd->schedule_lock = &sd->_lock;
-
- spin_unlock_irqrestore(&prv->lock, flags);
-
free_cpumask_var(_cpumask_scratch[cpu]);
}
diff --git a/xen/common/schedule.c b/xen/common/schedule.c
index 1adc0e2..29582a6 100644
--- a/xen/common/schedule.c
+++ b/xen/common/schedule.c
@@ -1617,7 +1617,6 @@ void __init scheduler_init(void)
int schedule_cpu_switch(unsigned int cpu, struct cpupool *c)
{
struct vcpu *idle;
- spinlock_t *lock;
void *ppriv, *ppriv_old, *vpriv, *vpriv_old;
struct scheduler *old_ops = per_cpu(scheduler, cpu);
struct scheduler *new_ops = (c == NULL) ? &ops : c->sched;
@@ -1640,11 +1639,21 @@ int schedule_cpu_switch(unsigned int cpu, struct
cpupool *c)
if ( old_ops == new_ops )
goto out;
+ /*
+ * To setup the cpu for the new scheduler we need:
+ * - a valid instance of per-CPU scheduler specific data, as it is
+ * allocated by SCHED_OP(alloc_pdata). Note that we do not want to
+ * initialize it yet (i.e., we are not calling SCHED_OP(init_pdata)).
+ * That will be done by the target scheduler, in SCHED_OP(switch_sched),
+ * in proper ordering and with locking.
+ * - a valid instance of per-vCPU scheduler specific data, for the idle
+ * vCPU of cpu. That is what the target scheduler will use for the
+ * sched_priv field of the per-vCPU info of the idle domain.
+ */
idle = idle_vcpu[cpu];
ppriv = SCHED_OP(new_ops, alloc_pdata, cpu);
if ( IS_ERR(ppriv) )
return PTR_ERR(ppriv);
- SCHED_OP(new_ops, init_pdata, ppriv, cpu);
vpriv = SCHED_OP(new_ops, alloc_vdata, idle, idle->domain->sched_priv);
if ( vpriv == NULL )
{
@@ -1652,17 +1661,20 @@ int schedule_cpu_switch(unsigned int cpu, struct
cpupool *c)
return -ENOMEM;
}
- lock = pcpu_schedule_lock_irq(cpu);
-
SCHED_OP(old_ops, tick_suspend, cpu);
+
+ /*
+ * The actual switch, including (if necessary) the rerouting of the
+ * scheduler lock to whatever new_ops prefers, needs to happen in one
+ * critical section, protected by old_ops' lock, or races are possible.
+ * Since each scheduler has its own contraints and locking scheme, do
+ * that inside specific scheduler code, rather than here.
+ */
vpriv_old = idle->sched_priv;
- idle->sched_priv = vpriv;
- per_cpu(scheduler, cpu) = new_ops;
ppriv_old = per_cpu(schedule_data, cpu).sched_priv;
- per_cpu(schedule_data, cpu).sched_priv = ppriv;
- SCHED_OP(new_ops, tick_resume, cpu);
+ SCHED_OP(new_ops, switch_sched, cpu, ppriv, vpriv);
- pcpu_schedule_unlock_irq(lock, cpu);
+ SCHED_OP(new_ops, tick_resume, cpu);
SCHED_OP(old_ops, free_vdata, vpriv_old);
SCHED_OP(old_ops, free_pdata, ppriv_old, cpu);
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |