[Patch v4 15/16] sched/cache: Fix possible overflow when invalidating the preferred CPU

Next message: Tejun Heo: "Re: [PATCH] writeback: fix race between cgroup_writeback_umount() and inode_switch_wbs()"
Previous message: Andy Shevchenko: "Re: ad7768-1: GPIO reset path delays do not match the datasheet"
In reply to: Tim Chen: "[Patch v4 10/16] sched/cache: Fix unpaired account_llc_enqueue/dequeue"
Next in thread: Tim Chen: "[Patch v4 14/16] sched/cache: Fix has_multi_llcs iff at least one partition has multiple LLCs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Tim Chen

Date: Wed May 13 2026 - 16:39:03 EST

From: Chen Yu <yu.c.chen@xxxxxxxxx>

epoch comes from the local rq->cpu_epoch, but mm->sc_stat.epoch is written
by task_tick_cache() running on any CPU - potentially a different CPU whose
rq->cpu_epoch is further ahead. The unsigned underflow wraps to a huge number,
so the condition fires incorrectly.

Fix this by converting the result to long.

Fixes: df0d98475954 ("sched/cache: Introduce infrastructure for cache-aware load balancing")
Signed-off-by: Chen Yu <yu.c.chen@xxxxxxxxx>
Co-developed-by: Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
Signed-off-by: Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
---
kernel/sched/fair.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
index 8617cd3642c7..7e64cd18727e 100644
--- a/kernel/sched/fair.c
+++ b/kernel/sched/fair.c
@@ -1688,7 +1688,7 @@ void account_mm_sched(struct rq *rq, struct task_struct *p, s64 delta_exec)
* If this process hasn't hit task_cache_work() for a while invalidate
* its preferred state.
*/
- if (epoch - READ_ONCE(mm->sc_stat.epoch) > llc_epoch_affinity_timeout ||
+ if ((long)(epoch - READ_ONCE(mm->sc_stat.epoch)) > (long)llc_epoch_affinity_timeout ||
invalid_llc_nr(mm, p, cpu_of(rq)) ||
exceed_llc_capacity(mm, cpu_of(rq))) {
if (READ_ONCE(mm->sc_stat.cpu) != -1)
--
2.32.0