From patchwork Wed Oct 16 04:19:02 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Viresh Kumar X-Patchwork-Id: 3050171 Return-Path: X-Original-To: patchwork-linux-pm@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 7A5CD9F2B6 for ; Wed, 16 Oct 2013 04:19:08 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 52EED20426 for ; Wed, 16 Oct 2013 04:19:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 1B4C220421 for ; Wed, 16 Oct 2013 04:19:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1750858Ab3JPETF (ORCPT ); Wed, 16 Oct 2013 00:19:05 -0400 Received: from mail-qa0-f50.google.com ([209.85.216.50]:41822 "EHLO mail-qa0-f50.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750844Ab3JPETE (ORCPT ); Wed, 16 Oct 2013 00:19:04 -0400 Received: by mail-qa0-f50.google.com with SMTP id cm18so283719qab.16 for ; Tue, 15 Oct 2013 21:19:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=IRvehAcOevJFhKdWBxwPHhKVBufRxsoFtDgOAgn46Mw=; b=XVJmuLTaCYDossO87gXYSyzlKMFAuWQwkGNN3LqyQUciNgg6wXPVvnwEasD99GBEu7 jMwzH27ynl4adOz55LmVQqd2koneF67M88xBLN9BT0iVOkY3apWQjA8at2gD52EKlGvj PLREjniEfJ1SEmCvFUfAJ4eNbi5p96dC+Walb+6EmxO+p56jzLe7aGtr7x4fssDobmkx H06Efwa1hIxMzAziYQkgyf60RcsUiCFdqFNFpzalEdWErilmg+j4F4yQgku+80T6yFAQ CigH5/3COjqkj7kFJGN3z7aQ5wGHB8QPMrmkfA2vU2yK/otG0EY6Zl848JzKtePs5huU 0JDw== X-Gm-Message-State: ALoCoQk1StkFp1X4+8vzxhm8yUlrn5oLwtvkiBzRqUfzUQkXYBBHmMBt4XA2Emmm4npiWAWQ2YFq MIME-Version: 1.0 X-Received: by 10.224.119.130 with SMTP id z2mr1926171qaq.62.1381897142807; Tue, 15 Oct 2013 21:19:02 -0700 (PDT) Received: by 10.49.119.37 with HTTP; Tue, 15 Oct 2013 21:19:02 -0700 (PDT) In-Reply-To: <2502389.2uE805jDh9@vostro.rjw.lan> References: <20131013090159.GB24566@lunn.ch> <20131013211436.GB24927@lunn.ch> <20131013214547.GC24927@lunn.ch> <2502389.2uE805jDh9@vostro.rjw.lan> Date: Wed, 16 Oct 2013 09:49:02 +0530 Message-ID: Subject: Re: cpufreq-next opps with cpufreq-bench From: Viresh Kumar To: Andrew Lunn , "Rafael J. Wysocki" Cc: linux-pm@vger.kernel.org Sender: linux-pm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-pm@vger.kernel.org X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, T_TVD_MIME_EPI, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP On 16/10/2013, Rafael J. Wysocki wrote: > Well, I've dropped the offending commit from my queue. Hopefully, it still > builds on all targets it used to build on. Thanks!! I tried to reproduce it 2 days back and my laptop was almost completely discharged and I have left my charger at a friends place last week :( So couldn't really do anything until then.. Got my charger today and so coming back on this.. I couldn't run and find cpufreq-bench on ubuntu (Is it available?).. But I think I have found the problem.. @Andrew: Can you give this a try please? (Use attached commit).. commit 0c5d6493fe02606512e94fad3ea075bc4f56b7e7 Author: Viresh Kumar Date: Wed Oct 16 09:39:18 2013 +0530 cpufreq: Use correct rwsem in cpufreq_set_policy() Recent commit "cpufreq: create per policy rwsem instead of per CPU cpu_policy_rwsem" introduced a bug where kernel crashes when we run cpufreq-bench. Crash looks like this: Unable to handle kernel NULL pointer dereference at virtual address 00000000 pgd = cfa60000 [00000000] *pgd=0d7c9831, *pte=00000000, *ppte=00000000 Internal error: Oops: 17 [#1] PREEMPT ARM Modules linked in: CPU: 0 PID: 2427 Comm: cpufreq-bench Not tainted 3.12.0-rc4-00708-g1546af5 #86 task: cfa98e60 ti: ce58a000 task.ti: ce58a000 PC is at wake_up_process+0xc/0x48 LR is at __up_write+0x158/0x164 pc : [] lr : [] psr: 60000093 sp : ce58bd90 ip : ce58bda8 fp : ce58bda4 r10: cfb3aa28 r9 : ce58bea8 r8 : ce58beb8 r7 : ce58beac r6 : 00000000 r5 : cfb3a9c0 r4 : ce58be10 r3 : cfb3aa5c r2 : cfb3aa5c r1 : 00000000 r0 : 00000000 Flags: nZCv IRQs off FIQs on Mode SVC_32 ISA ARM Segment user Control: 0005397f Table: 0fa60000 DAC: 00000015 Process cpufreq-bench (pid: 2427, stack limit = 0xce58a1c0) Stack: (0xce58bd90 to 0xce58c000) Backtrace: [] (wake_up_process+0x0/0x48) from [] (__up_write+0x158/0x164) r5:cfb3a9c0 r4:ce58be10 [] (__up_write+0x0/0x164) from [] (up_write+0x10/0x14) [] (up_write+0x0/0x14) from [] (cpufreq_set_policy+0x120/0x1cc) [] (cpufreq_set_policy+0x0/0x1cc) from [] (store_scaling_governor+0xac/0x1a4) r7:0000000b r6:00000000 r5:ce58be10 r4:cfb3a9c0 [] (store_scaling_governor+0x0/0x1a4) from [] (store+0x88/0xa4) r8:c04d6e3c r7:cfae6a80 r6:ce58bf78 r5:cfb3a9c0 r4:cfb3aa58 [] (store+0x0/0xa4) from [] (sysfs_write_file+0x108/0x188) r5:cfa12f58 r4:cfa12f40 [] (sysfs_write_file+0x0/0x188) from [] (vfs_write+0xcc/0x198) [] (vfs_write+0x0/0x198) from [] (SyS_write+0x4c/0x78) [] (SyS_write+0x0/0x78) from [] (ret_fast_syscall+0x0/0x2c) r8:c00095e4 r7:00000004 r6:bedcfaf0 r5:00000006 r4:0000000b Code: e89da800 e1a0c00d e92dd830 e24cb004 (e5903000) ---[ end trace a412cb5cfd5edab9 ]--- note: cpufreq-bench[2427] exited with preempt_count 1 This happened because we used rwsem of new policy structure instead of the existing one. And that one was never initialized. Reported-by: Andrew Lunn Signed-off-by: Viresh Kumar --- drivers/cpufreq/cpufreq.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) /* start new governor */ @@ -1914,10 +1914,10 @@ static int cpufreq_set_policy(struct cpufreq_policy *policy, if (!__cpufreq_governor(policy, CPUFREQ_GOV_START)) { failed = 0; } else { - up_write(&new_policy->rwsem); + up_write(&policy->rwsem); __cpufreq_governor(policy, CPUFREQ_GOV_POLICY_EXIT); - down_write(&new_policy->rwsem); + down_write(&policy->rwsem); } } From 0c5d6493fe02606512e94fad3ea075bc4f56b7e7 Mon Sep 17 00:00:00 2001 Message-Id: <0c5d6493fe02606512e94fad3ea075bc4f56b7e7.1381896884.git.viresh.kumar@linaro.org> From: Viresh Kumar Date: Wed, 16 Oct 2013 09:39:18 +0530 Subject: [PATCH] cpufreq: Use correct rwsem in cpufreq_set_policy() Recent commit "cpufreq: create per policy rwsem instead of per CPU cpu_policy_rwsem" introduced a bug where kernel crashes when we run cpufreq-bench. Crash looks like this: Unable to handle kernel NULL pointer dereference at virtual address 00000000 pgd = cfa60000 [00000000] *pgd=0d7c9831, *pte=00000000, *ppte=00000000 Internal error: Oops: 17 [#1] PREEMPT ARM Modules linked in: CPU: 0 PID: 2427 Comm: cpufreq-bench Not tainted 3.12.0-rc4-00708-g1546af5 #86 task: cfa98e60 ti: ce58a000 task.ti: ce58a000 PC is at wake_up_process+0xc/0x48 LR is at __up_write+0x158/0x164 pc : [] lr : [] psr: 60000093 sp : ce58bd90 ip : ce58bda8 fp : ce58bda4 r10: cfb3aa28 r9 : ce58bea8 r8 : ce58beb8 r7 : ce58beac r6 : 00000000 r5 : cfb3a9c0 r4 : ce58be10 r3 : cfb3aa5c r2 : cfb3aa5c r1 : 00000000 r0 : 00000000 Flags: nZCv IRQs off FIQs on Mode SVC_32 ISA ARM Segment user Control: 0005397f Table: 0fa60000 DAC: 00000015 Process cpufreq-bench (pid: 2427, stack limit = 0xce58a1c0) Stack: (0xce58bd90 to 0xce58c000) Backtrace: [] (wake_up_process+0x0/0x48) from [] (__up_write+0x158/0x164) r5:cfb3a9c0 r4:ce58be10 [] (__up_write+0x0/0x164) from [] (up_write+0x10/0x14) [] (up_write+0x0/0x14) from [] (cpufreq_set_policy+0x120/0x1cc) [] (cpufreq_set_policy+0x0/0x1cc) from [] (store_scaling_governor+0xac/0x1a4) r7:0000000b r6:00000000 r5:ce58be10 r4:cfb3a9c0 [] (store_scaling_governor+0x0/0x1a4) from [] (store+0x88/0xa4) r8:c04d6e3c r7:cfae6a80 r6:ce58bf78 r5:cfb3a9c0 r4:cfb3aa58 [] (store+0x0/0xa4) from [] (sysfs_write_file+0x108/0x188) r5:cfa12f58 r4:cfa12f40 [] (sysfs_write_file+0x0/0x188) from [] (vfs_write+0xcc/0x198) [] (vfs_write+0x0/0x198) from [] (SyS_write+0x4c/0x78) [] (SyS_write+0x0/0x78) from [] (ret_fast_syscall+0x0/0x2c) r8:c00095e4 r7:00000004 r6:bedcfaf0 r5:00000006 r4:0000000b Code: e89da800 e1a0c00d e92dd830 e24cb004 (e5903000) ---[ end trace a412cb5cfd5edab9 ]--- note: cpufreq-bench[2427] exited with preempt_count 1 This happened because we used rwsem of new policy structure instead of the existing one. And that one was never initialized. Reported-by: Andrew Lunn Signed-off-by: Viresh Kumar --- drivers/cpufreq/cpufreq.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/cpufreq/cpufreq.c b/drivers/cpufreq/cpufreq.c index 8a3914b..5c9be08 100644 --- a/drivers/cpufreq/cpufreq.c +++ b/drivers/cpufreq/cpufreq.c @@ -1902,10 +1902,10 @@ static int cpufreq_set_policy(struct cpufreq_policy *policy, /* end old governor */ if (policy->governor) { __cpufreq_governor(policy, CPUFREQ_GOV_STOP); - up_write(&new_policy->rwsem); + up_write(&policy->rwsem); __cpufreq_governor(policy, CPUFREQ_GOV_POLICY_EXIT); - down_write(&new_policy->rwsem); + down_write(&policy->rwsem); } /* start new governor */ @@ -1914,10 +1914,10 @@ static int cpufreq_set_policy(struct cpufreq_policy *policy, if (!__cpufreq_governor(policy, CPUFREQ_GOV_START)) { failed = 0; } else { - up_write(&new_policy->rwsem); + up_write(&policy->rwsem); __cpufreq_governor(policy, CPUFREQ_GOV_POLICY_EXIT); - down_write(&new_policy->rwsem); + down_write(&policy->rwsem); } } -- 1.7.12.rc2.18.g61b472e