[BUG] MAX_RT_PRIO != MAX_USER_RT_PRIO

From: Aleksey Makarov
Date: Thu Oct 21 2004 - 13:30:41 EST



Hi,

After debugging some strange memory corruptions in
SMP kernel I discovered this bug.

First, some excerpts from linux 2.6.9:

Documentation/sched-coding.txt:60:
--8<-------------------------------8<----------------
MAX_PRIO
The maximum priority of the system, stored in the task as task->prio.
Lower priorities are higher. Normal (non-RT) priorities range from
MAX_RT_PRIO to (MAX_PRIO - 1).
MAX_RT_PRIO
The maximum real-time priority of the system. Valid RT priorities
range from 0 to (MAX_RT_PRIO - 1).
MAX_USER_RT_PRIO
The maximum real-time priority that is exported to user-space. Should
always be equal to or less than MAX_RT_PRIO. Setting it less allows
kernel threads to have higher priorities than any user-space task.
--8<-------------------------------8<----------------

kernel/sched.c:4130:
--8<-------------------------------8<----------------
_setscheduler(p, SCHED_FIFO, MAX_RT_PRIO-1);
--8<-------------------------------8<----------------

kernel/sched.c:3169
--8<-------------------------------8<----------------
static void __setscheduler(struct task_struct *p, int policy, int prio)
{
BUG_ON(p->array);
p->policy = policy;
p->rt_priority = prio;
if (policy != SCHED_NORMAL)
p->prio = MAX_USER_RT_PRIO-1 - p->rt_priority;
else
p->prio = p->static_prio;
}
--8<-------------------------------8<----------------

Let MAX_RT_PRIO = 120, MAX_USER_RT_PRIO = 100, CONFIG_SMP = y.

Then, after __setscheduler() call in kernel/sched.c:4130,
value of p->prio will be -20.

p->prio is used, for example, in kernel/sched.c:707:
_set_bit(p->prio, array->bitmap);
So, instead of setting a bit in bitmap array of struct prio,
it changes the nr_active field.

Aleksey Makarov

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/