From: "Srivatsa S. Bhat" <srivatsa.bhat@linux.vnet.ibm.com>
To: Stephen Warren <swarren@wwwdotorg.org>
Cc: "Rafael J. Wysocki" <rjw@sisk.pl>,
Viresh Kumar <viresh.kumar@linaro.org>,
"linux-pm@vger.kernel.org" <linux-pm@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
cpufreq <cpufreq@vger.kernel.org>
Subject: Re: cpufreq_stats NULL deref on second system suspend
Date: Thu, 12 Sep 2013 00:12:25 +0530 [thread overview]
Message-ID: <5230B991.3040702@linux.vnet.ibm.com> (raw)
In-Reply-To: <5230B078.3070306@linux.vnet.ibm.com>
On 09/11/2013 11:33 PM, Srivatsa S. Bhat wrote:
> On 09/11/2013 09:35 PM, Stephen Warren wrote:
>> On 09/11/2013 04:21 AM, Srivatsa S. Bhat wrote:
>>> On 09/11/2013 04:04 AM, Rafael J. Wysocki wrote:
>>>> On Tuesday, September 10, 2013 02:53:01 PM Stephen Warren wrote:
>>>>> On 09/09/2013 05:14 PM, Rafael J. Wysocki wrote:
>>>>>> On Monday, September 09, 2013 03:29:06 PM Stephen Warren wrote:
>>>>>>> On 09/09/2013 02:24 PM, Rafael J. Wysocki wrote:
>>>>>>>> On Monday, September 09, 2013 02:01:32 PM Stephen Warren wrote:
>>>>>>>>> On 09/09/2013 02:01 PM, Rafael J. Wysocki wrote:
>>>>>>>>>> On Monday, September 09, 2013 01:22:23 PM Stephen Warren wrote:
>>>>>>>>>>> Viresh,
>>>>>>>>>>>
>>>>>>>>>>> I'm seeing the crash below when suspending my system for the second time.
>> ...
>>> Stephen, I went through the code and I think I found out what is going wrong.
>>> Can you please try the following patch?
>>
>> Unfortunately, I still see the exact same failure/backtrace with this
>> patch applied.
>>
>
> Oh, is it? Can you please give me the map of the related cpus on your
> system? (ie., cat /sys/devices/system/cpu/cpu*/cpufreq/related_cpus for
> each CPU.)
>
> I must be missing something...
>
OK, I took a second look at the code, and I suspect that applying the
second patch might help. So can you try by applying both the patches
please[1][2]?
Basically here is my hunch: say CPUs 2 and 3 are part of a policy and
3 is the policy->cpu. During suspend, CPU 2 will be taken offline first,
and we hit this code:
1199 if (cpu != policy->cpu && !frozen) {
1200 sysfs_remove_link(&dev->kobj, "cpufreq");
1201 } else if (cpus > 1) {
1202
1203 new_cpu = cpufreq_nominate_new_policy_cpu(policy, cpu, frozen);
1204 if (new_cpu >= 0) {
1205 WARN_ON(lock_policy_rwsem_write(cpu));
1206 update_policy_cpu(policy, new_cpu);
1207 unlock_policy_rwsem_write(cpu);
1208
1209 if (!frozen) {
1210 pr_debug("%s: policy Kobject moved to cpu: %d "
1211 "from: %d\n",__func__, new_cpu, cpu);
1212 }
1213 }
1214 }
At this point, the first 'if' condition fails because frozen == true.
So it enters the else part. But, policy->cpu is actually 3, not 2,
and hence we invoke nominate_...() unnecessarily. That function returns
3 since that's the only CPU remaining in the mask, and so we call
update_policy_cpu() with new_cpu = 3, and old_cpu was also 3! And that
is the perfect recipe for disaster, with the current implementation of
update_policy_cpu().
And my second patch [2] tried to fix this exact problem, although I
didn't realize we actually had a case where we hit this in the current
code itself.
So please try by applying both the patches and let me know how it goes.
Thanks a lot for your testing efforts!
[1]. http://marc.info/?l=linux-kernel&m=137889516210816&w=2
[2]. http://marc.info/?l=linux-kernel&m=137889800511940&w=2
Regards,
Srivatsa S. Bhat
next prev parent reply other threads:[~2013-09-11 18:46 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-09 19:22 cpufreq_stats NULL deref on second system suspend Stephen Warren
2013-09-09 20:01 ` Rafael J. Wysocki
2013-09-09 20:01 ` Stephen Warren
2013-09-09 20:24 ` Rafael J. Wysocki
2013-09-09 21:29 ` Stephen Warren
2013-09-09 23:14 ` Rafael J. Wysocki
2013-09-10 20:53 ` Stephen Warren
2013-09-10 22:34 ` Rafael J. Wysocki
2013-09-11 10:21 ` Srivatsa S. Bhat
2013-09-11 10:44 ` Viresh Kumar
2013-09-11 10:45 ` Viresh Kumar
2013-09-11 11:14 ` Srivatsa S. Bhat
2013-09-11 11:59 ` Viresh Kumar
2013-09-11 13:56 ` Srivatsa S. Bhat
2013-09-12 5:52 ` Viresh Kumar
2013-09-12 6:26 ` Srivatsa S. Bhat
2013-09-12 6:41 ` Viresh Kumar
2013-09-12 6:46 ` Srivatsa S. Bhat
2013-09-12 6:52 ` Viresh Kumar
2013-09-12 7:14 ` Srivatsa S. Bhat
2013-09-12 15:55 ` Stephen Warren
2013-09-12 17:26 ` Srivatsa S. Bhat
2013-09-13 4:26 ` Viresh Kumar
2013-09-11 11:10 ` Srivatsa S. Bhat
2013-09-11 11:15 ` Viresh Kumar
2013-09-11 11:17 ` Srivatsa S. Bhat
2013-09-11 11:41 ` Viresh Kumar
2013-09-11 11:09 ` Srivatsa S. Bhat
2013-09-11 16:05 ` Stephen Warren
2013-09-11 18:03 ` Srivatsa S. Bhat
2013-09-11 18:42 ` Srivatsa S. Bhat [this message]
2013-09-11 19:03 ` Stephen Warren
2013-09-11 19:46 ` Srivatsa S. Bhat
2013-09-11 20:07 ` Stephen Warren
2013-09-11 20:05 ` Srivatsa S. Bhat
2013-09-12 6:04 ` Viresh Kumar
2013-09-12 6:00 ` Viresh Kumar
2013-09-12 5:58 ` Viresh Kumar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5230B991.3040702@linux.vnet.ibm.com \
--to=srivatsa.bhat@linux.vnet.ibm.com \
--cc=cpufreq@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=rjw@sisk.pl \
--cc=swarren@wwwdotorg.org \
--cc=viresh.kumar@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).