bartoszek/zephyr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f7d37ea87c
zephyr/kernel
History
Josh DeWitt c05cfbf15e kernel/sched: Re-sort waitq on priority change 
k_thread_priority_set() on a pended thread wasn't re-inserting into the
waitq, causing the incorrect thread to run based on priority. When using
the scalable waitq config, this can also break assumptions of the tree
and leave the owner of a waitq still being in the waitq tree, cycles in
the tree, or a crash.

Remove and re-add a thread to a waitq to ensure the waitq remains in
order and the tree's assumptions are not violated.

To illustrate the issue, consider 4 threads in decreasing priority
order: A, B, C, and D along with two mutexes, m0 and m1. This is
implemented in the new complex_inversion mutex_api test.
1. D locks m1
2. C locks m0
3. C pends on m1
4. B pends on m1
5. A pends on m0, boosts C's priority, now tree on m1 is not sorted
6. D unlocks m1, left-most thread on tree is B. When removing B from
   tree it cannot be found because it searches to the right of C due to
   C's boosted priority when the node is actually on the left. rb_remove
   silently fails.
7. B unlocks m1, left-most thread on tree is still B and it tries to
   unpend itself, resulting in a NULL pointer dereference on
   B->base.pended_on.

Signed-off-by: Josh DeWitt <josh.dewitt@garmin.com>
2025-03-24 07:58:36 +01:00
..
include kernel: rename 'dumb' scheduler and simply call it 'simple' 2025-03-15 00:34:58 +01:00
paging kernel: mm: rename z_num_pagefaults_get to k_mem_num_* 2024-06-12 21:13:26 -04:00
atomic_c.c build: namespace the generated headers with zephyr/ 2024-05-28 22:03:55 +02:00
banner.c kernel: banner: Add option to clear screen on boot 2024-06-13 20:30:14 -04:00
busy_wait.c build: namespace the generated headers with zephyr/ 2024-05-28 22:03:55 +02:00
CMakeLists.txt kernel: make order_key field in thread conditional 2025-03-08 03:38:37 +01:00
compiler_stack_protect.c security: Add default stack protection level 2024-12-20 12:37:20 +01:00
condvar.c kernel: condvar: broadcast does not always need reschedule 2025-02-03 19:51:20 +01:00
cpu_mask.c kernel: Simplify k_thread_cpu_pin() 2024-09-20 09:02:38 +02:00
device.c device: add new device_deinit API 2025-03-10 21:32:40 +01:00
dynamic_disabled.c kernel: dynamic: declare dynamic stubs when disabled 2023-07-24 12:59:43 -04:00
dynamic.c kernel: dynamic: simplify dynamic stack allocation 2024-12-11 21:33:00 +01:00
errno.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
events.c build: namespace the generated headers with zephyr/ 2024-05-28 22:03:55 +02:00
fatal.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
float.c build: namespace the generated headers with zephyr/ 2024-05-28 22:03:55 +02:00
futex.c kernel: futex: Allow for fast return on k_futex_wake() 2025-02-03 19:51:20 +01:00
idle.c llext: export spinlock debugging symbols to extensions 2025-02-11 10:11:31 +01:00
init_static.c lib c/cpp: Move .ctor .init_array handling from C++ to kernel 2024-06-25 19:14:37 -04:00
init.c device: allow initializing any device 2025-03-10 21:32:40 +01:00
ipi.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
irq_offload.c kernel: add closing comments to config endifs 2024-03-25 18:03:31 -04:00
Kconfig kernel: rename 'dumb' scheduler and simply call it 'simple' 2025-03-15 00:34:58 +01:00
Kconfig.device libc: common: Fix init hang issue 2024-06-26 13:07:02 -04:00
Kconfig.init init: support per-core init hook 2024-11-16 14:04:25 -05:00
Kconfig.mem_domain kconfig: replace known integer constants with variables 2024-07-27 20:49:15 +03:00
Kconfig.obj_core kernel: Rewrite k_pipe_* API 2025-01-17 19:43:44 +01:00
Kconfig.smp kernel: remove CONFIG_MP_NUM_CPUS 2024-09-19 18:28:37 +01:00
Kconfig.vm arch: mmu: do not make MMU user configurable 2025-02-19 04:59:19 +01:00
kheap.c kernel: Initialize kheap spinlock 2025-02-04 09:19:09 +01:00
mailbox.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
main_weak.c
mem_domain.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
mem_slab.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
mempool.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
mmu.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
msg_q.c kernel: msgq: Allow for fast returns 2025-02-03 19:51:20 +01:00
mutex.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
nothread.c kernel: Add Z_IS_TIMEOUT_RELATIVE() macro 2025-03-17 02:21:02 +01:00
obj_core.c kernel: reduce k_spin_unlock calls using if-else if-else structure 2024-07-27 20:48:07 +03:00
pipe.c k_pipe: fix trace point for blocking writes 2025-01-28 14:13:14 +01:00
pipes.c kernel: Propagate z_handle_obj_poll_events() return 2025-02-03 19:51:20 +01:00
poll.c kernel: Change z_handle_obj_poll_events() return type 2025-02-03 19:51:20 +01:00
priority_queues.c kernel: priority queues: declare as static inlines 2024-04-22 16:40:11 -04:00
queue.c kernel: queue: Allow for fast return 2025-02-03 19:51:20 +01:00
sched.c kernel/sched: Re-sort waitq on priority change 2025-03-24 07:58:36 +01:00
sem.c kernel: Allow for fast return on k_sem_reset() 2025-02-03 19:51:20 +01:00
smp.c kernel: mark z_smp_current_get() with the const attribute 2025-01-10 07:49:08 +01:00
spinlock_validate.c llext: export spinlock debugging symbols to extensions 2025-02-11 10:11:31 +01:00
stack.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
system_work_q.c kernel: system_work_q: Mark queue thread as essential 2024-04-25 21:40:24 +02:00
thread_monitor.c style: kernel: comply with MISRA C:2012 Rule 15.6 2024-09-11 07:40:35 -04:00
thread.c kernel: thread: fix warning of always false 2025-02-10 22:25:32 +01:00
timeout.c kernel: Add Z_IS_TIMEOUT_RELATIVE() macro 2025-03-17 02:21:02 +01:00
timer.c kernel: Add Z_IS_TIMEOUT_RELATIVE() macro 2025-03-17 02:21:02 +01:00
timeslicing.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
usage.c kernel: Remove duplicate execution_cycles write and improve docstring 2024-04-28 13:04:20 -04:00
userspace_handler.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
userspace.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
version.c build: namespace the generated headers with zephyr/ 2024-05-28 22:03:55 +02:00
work.c Revert "arch: deprecate _current" 2025-01-10 07:49:08 +01:00
xip.c soc: stm32: handle CCM in LINKER_GENERATOR 2025-03-07 19:54:24 +01:00