scheduler: Fix bug in scheduling safety task

[prabakaranklst]

Parent Task-->spwans -----------> Task-A
           -->join_all
                                  Waker Data ptr ------> Task-B (External task, different type)
                                                         Waker Data ptr ----------------------------------> Parent Task

For the above scenario with safety worker enabled in runtime, after polling of Task-A which return error, it is detected as safety error and a safety waker is created from normal waker and wake() function is called. In the wake function, the waker data ptr is typecasted as (parent) task and further try to clone. But, there is no valid pointer in the task vtable for clone() and it results in segmentation fault.

As fix, a safety_error flag in TaskHeader and thread local schedule_safety flag are set instead of creating safety waker. When the wake function is called, it goes through Task-B and then our wake() function is executed. In this wake(), the schedule_safety flag is checked and the task is scheduled on either safety or normal worker.

In case if task is completed prior to setting JoinHandle waker, then the safety_error flag is checked in JoinHandle.poll function to reschedule the task into safety worker.

Notes for Reviewer

Pre-Review Checklist for the PR Author

• PR title is short, expressive and meaningful
• Commits are properly organized
• Relevant issues are linked in the References section
• Tests are conducted
• Unit tests are added

Checklist for the PR Reviewer

• Commits are properly organized and messages are according to the guideline
• Unit tests have been written for new behavior
• Public API is documented
• PR title describes the changes

Post-review Checklist for the PR Author

• All open points are addressed and tracked via issues

References

Closes #18, #20, #39

[github-actions]

License Check Results

🚀 The license check job ran with the Bazel command:

bazel run //:license-check

Status: ⚠️ Needs Review

Click to expand output

[License Check Output]
Extracting Bazel installation...
Starting local Bazel server (8.3.0) and connecting to it...
INFO: Invocation ID: 64305c3c-7e9b-437b-90c2-9da8d5816685
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
DEBUG: Rule 'rust_qnx8_toolchain+' indicated that a canonical reproducible form can be obtained by modifying arguments integrity = "sha256-eQOopREOYCL5vtTb6c1cwZrql4GVrJ1FqgxarQRe1xs="
DEBUG: Repository rust_qnx8_toolchain+ instantiated at:
  <builtin>: in <toplevel>
Repository rule http_archive defined at:
  /home/runner/.bazel/external/bazel_tools/tools/build_defs/repo/http.bzl:394:31: in <toplevel>
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
WARNING: For repository 'bazel_skylib', the root module requires module version [email protected], but got [email protected] in the resolved dependency graph. Please update the version in your MODULE.bazel or set --check_direct_dependencies=off
WARNING: For repository 'rules_rust', the root module requires module version [email protected], but got [email protected] in the resolved dependency graph. Please update the version in your MODULE.bazel or set --check_direct_dependencies=off
WARNING: For repository 'rules_cc', the root module requires module version [email protected], but got [email protected] in the resolved dependency graph. Please update the version in your MODULE.bazel or set --check_direct_dependencies=off
WARNING: For repository 'aspect_rules_lint', the root module requires module version [email protected], but got [email protected] in the resolved dependency graph. Please update the version in your MODULE.bazel or set --check_direct_dependencies=off
WARNING: For repository 'buildifier_prebuilt', the root module requires module version [email protected], but got [email protected] in the resolved dependency graph. Please update the version in your MODULE.bazel or set --check_direct_dependencies=off
WARNING: For repository 'score_process', the root module requires module version [email protected], but got [email protected] in the resolved dependency graph. Please update the version in your MODULE.bazel or set --check_direct_dependencies=off
WARNING: For repository 'googletest', the root module requires module version [email protected], but got [email protected] in the resolved dependency graph. Please update the version in your MODULE.bazel or set --check_direct_dependencies=off
WARNING: For repository 'score_crates', the root module requires module version [email protected], but got [email protected] in the resolved dependency graph. Please update the version in your MODULE.bazel or set --check_direct_dependencies=off
Loading: 
Loading: 0 packages loaded
Loading: 0 packages loaded
    currently loading: 
Analyzing: target //:license-check (1 packages loaded, 0 targets configured)
Analyzing: target //:license-check (1 packages loaded, 0 targets configured)

Analyzing: target //:license-check (38 packages loaded, 10 targets configured)

Analyzing: target //:license-check (118 packages loaded, 84 targets configured)

Analyzing: target //:license-check (146 packages loaded, 2764 targets configured)

Analyzing: target //:license-check (154 packages loaded, 7069 targets configured)

INFO: Analyzed target //:license-check (157 packages loaded, 9085 targets configured).
[11 / 14] [Prepa] Generating Dash formatted dependency file ...
INFO: From Generating Dash formatted dependency file ...:
INFO: Successfully converted 209 packages from Cargo.lock to bazel-out/k8-fastbuild/bin/formatted.txt
INFO: Found 1 target...
Target //:license.check.license_check up-to-date:
  bazel-bin/license.check.license_check
  bazel-bin/license.check.license_check.jar
INFO: Elapsed time: 22.302s, Critical Path: 0.34s
INFO: 14 processes: 5 disk cache hit, 9 internal.
INFO: Build completed successfully, 14 total actions
INFO: Running command line: bazel-bin/license.check.license_check ./formatted.txt <args omitted>
usage: org.eclipse.dash.licenses.cli.Main [-batch <int>] [-cd <url>]
       [-confidence <int>] [-ef <url>] [-excludeSources <sources>] [-help] [-lic
       <url>] [-project <shortname>] [-repo <url>] [-review] [-summary <file>]
       [-timeout <seconds>] [-token <token>]

[github-actions]

The created documentation from the pull request is available at: docu-html

[pawelrutkaq]

This is anyway race condition or ? since if it landed here, someone may actually take it anyway right before you ?

[prabakaranklst]

Lets consider the below scenario.

1. Worker-X execute parent task (PT1) and it spawns 5-child tasks (CT2,CT3,etc.), then JoinHandle.poll is executed and waker is set for all child tasks.
2. Worker-X completes execution of CT2 and wake PT1
3. A worker (say W1) executes CT3 and at the same time another worker (say W2) executes PT1
   case1 (racing - without unset_join_handle()): PT1 inside set_waker() and writing the waker, at the same time CT3 is completed and it finds join handle waker, reads the waker to call wake() and this results in runtime failure.
   case2 (fix - with unset_join_handle()): PT1 inside set_waker() unset_join_handle flag only if CT3 is NOT completed and write waker. Otherwise the flag is not touched, also waker is not written.
   So, CT3 will either find waker if execution is completed before unsetting flag, otherwise will not find waker.

[pawelrutkaq]

this is not required. If the Joinhandle.poll had a time to execute with result of this task it's all good. If You read doc, it's guaranteed that if task fail Parent task will get executed, but it can be in safety workers or in normal worker depending on state.

[prabakaranklst]

Lets consider simple scenario,

1. Parent task spawns a safety task
2. Safety task is executed by a worker and results in safety error
3. Parent task does something and await on join handle & returns result
4. Parent task executes recovery action if safety task failed

At step 3, in JoinHandle.poll, if we are not detecting safety error and not waking (wake_by_ref) into safety worker, then step 4 will be executed by async worker. I hope this is not the expected behaviour.

[pawelrutkaq]

Why this change exeactly ? Action to move parent task to safety worker is happening once child task is finished or ?

[prabakaranklst]

As mentioned in above comment (#32 (comment)), wake_by_ref() is called from JoinHandle.polll to re-schedule the task into safety worker which sets safety notified flag. So, the safety notified flag is checked and re-spawned into safety worker.

[pawelrutkaq]

That won't work as is, the waker can be called outside of runtime (ie iceoryx2 event thread), so it cannot use static CTX in the whole path.

[prabakaranklst]

Modified ctx_get_schedule_safety()

[pawelrutkaq]

you shall not call your waker here, since you are in a task that is running so, all is fine or ?

[prabakaranklst]

please refer #32 (comment)

[pawelrutkaq]

RefCell<Option> and borrow_mut on usage.