[PATCH sched_ext/for-6.18-fixes] sched_ext: Fix scx_kick_pseqs corruption on concurrent scheduler loads

Next message: Bernd Schubert: "Re: [PATCH 5.15] fuse: Fix race condition in writethrough path A race"
Previous message: Frederic Weisbecker: "[PATCH 33/33] doc: Add housekeeping documentation"
Next in thread: Tejun Heo: "Re: [PATCH sched_ext/for-6.18-fixes] sched_ext: Fix scx_kick_pseqs corruption on concurrent scheduler loads"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Andrea Righi

Date: Mon Oct 13 2025 - 16:36:48 EST

If we load a BPF scheduler while another scheduler is already running,
alloc_kick_pseqs() would be called again, overwriting the previously
allocated arrays.

Fix by moving the alloc_kick_pseqs() call after the scx_enable_state()
check, ensuring that the arrays are only allocated when a scheduler can
actually be loaded.

Fixes: 14c1da3895a11 ("sched_ext: Allocate scx_kick_cpus_pnt_seqs lazily using kvzalloc()")
Signed-off-by: Andrea Righi <arighi@xxxxxxxxxx>
---
kernel/sched/ext.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/kernel/sched/ext.c b/kernel/sched/ext.c
index c645d47124e72..12c9c35956926 100644
--- a/kernel/sched/ext.c
+++ b/kernel/sched/ext.c
@@ -4577,15 +4577,15 @@ static int scx_enable(struct sched_ext_ops *ops, struct bpf_link *link)

mutex_lock(&scx_enable_mutex);

- ret = alloc_kick_pseqs();
- if (ret)
- goto err_unlock;
-
if (scx_enable_state() != SCX_DISABLED) {
ret = -EBUSY;
- goto err_free_pseqs;
+ goto err_unlock;
}

+ ret = alloc_kick_pseqs();
+ if (ret)
+ goto err_unlock;
+
sch = scx_alloc_and_add_sched(ops);
if (IS_ERR(sch)) {
ret = PTR_ERR(sch);
--
2.51.0