From: Sudeep Holla <sudeep.holla@arm.com>
To: Viresh Kumar <viresh.kumar@linaro.org>,
"linux-pm@vger.kernel.org" <linux-pm@vger.kernel.org>
Cc: Sudeep Holla <sudeep.holla@arm.com>
Subject: NULL pointer dereference in cpufreq_set_policy
Date: Tue, 15 Oct 2019 16:57:35 +0100 [thread overview]
Message-ID: <20191015155735.GA29105@bogus> (raw)
Hi Viresh,
I was trying to unify Vexpress SPC driver and arm_big_little generic
driver as it's the only user of bL driver and switcher in the mainline.
I did this a while ago(v5.3) and encountered the kernel crash with NULL
pointer reference(crash log with some debug enabled below).
Since dev_pm_qos_* was added in v5.3 with the Commit 18c49926c4bf
("cpufreq: Add QoS requests for userspace constraints"), I just tried
reverting that and it fixed the crash. I haven't spent much time
debugging, since it has been for a while I wanted to report it.
Regards,
Sudeep
Crash Log
-->8
cpufreq: setting new policy for CPU 0: 500000 - 1200000 kHz
cpufreq: new min and max freqs are 500000 - 1200000 kHz
cpufreq: governor switch
cpufreq: cpufreq_init_governor: for CPU 0
cpufreq: cpufreq_start_governor: for CPU 0
cpufreq: target for CPU 0: 1200000 kHz, relation 1, requested 1200000 kHz
cpufreq: __target_index: cpu: 0, oldfreq: 1000000, new freq: 1200000
cpufreq: notification 0 of frequency transition to 1200000 kHz
cpufreq: handle_update for cpu 0 called
cpufreq: notification 1 of frequency transition to 1200000 kHz
cpufreq: FREQ: 1200000 - CPUs: 0-1
cpufreq: governor change
cpufreq: initialization complete
cpufreq: cpufreq_online: bringing CPU1 online
cpufreq: cpufreq_online: bringing CPU2 online
cpu cpu2: ve_spc_cpufreq_init: CPU 2 initialized
cpufreq: setting new policy for CPU 2: 350000 - 1000000 kHz
cpufreq: new min and max freqs are 350000 - 1000000 kHz
cpufreq: governor switch
cpufreq: cpufreq_init_governor: for CPU 2
cpufreq: cpufreq_start_governor: for CPU 2
cpufreq: target for CPU 2: 1000000 kHz, relation 1, requested 1000000 kHz
cpufreq: __target_index: cpu: 2, oldfreq: 800000, new freq: 1000000
cpufreq: notification 0 of frequency transition to 1000000 kHz
cpufreq: handle_update for cpu 2 called
cpufreq: notification 1 of frequency transition to 1000000 kHz
cpufreq: FREQ: 1000000 - CPUs: 2-4
cpufreq: governor change
cpufreq: initialization complete
cpufreq: cpufreq_online: bringing CPU3 online
cpufreq: cpufreq_online: bringing CPU4 online
cpufreq: driver vexpress-spc up and running
vexpress_spc_cpufreq: ve_spc_cpufreq_probe: Registered platform driver: vexpress-spc
cpufreq: updating policy for CPU 2
cpufreq: setting new policy for CPU 2: 350000 - 1000000 kHz
cpufreq: new min and max freqs are 350000 - 1000000 kHz
cpufreq: governor limits update
cpufreq: cpufreq_governor_limits: for CPU 2
cpufreq: target for CPU 2: 1000000 kHz, relation 1, requested 1000000 kHz
cpufreq: updating policy for CPU 0
cpufreq: setting new policy for CPU 0: 500000 - 1200000 kHz
cpufreq: new min and max freqs are 500000 - 1200000 kHz
cpufreq: governor limits update
cpufreq: cpufreq_governor_limits: for CPU 0
cpufreq: target for CPU 0: 1200000 kHz, relation 1, requested 1200000 kHz
big.LITTLE switcher initializing
cpufreq: unregistering driver vexpress-spc
cpufreq: cpufreq_offline: unregistering CPU 0
cpufreq: cpufreq_stop_governor: for CPU 0
cpufreq: cpufreq_start_governor: for CPU 1
cpufreq: target for CPU 1: 1200000 kHz, relation 1, requested 1200000 kHz
cpufreq: cpufreq_offline: unregistering CPU 1
cpufreq: cpufreq_stop_governor: for CPU 1
cpufreq: cpufreq_exit_governor: for CPU 1
cpufreq: last reference is dropped
cpufreq: waiting for dropping of refcount
cpufreq: wait complete
cpufreq: cpufreq_offline: unregistering CPU 2
cpufreq: cpufreq_stop_governor: for CPU 2
cpufreq: cpufreq_start_governor: for CPU 3
cpufreq: target for CPU 3: 1000000 kHz, relation 1, requested 1000000 kHz
cpufreq: cpufreq_offline: unregistering CPU 3
cpufreq: cpufreq_stop_governor: for CPU 3
cpufreq: cpufreq_start_governor: for CPU 4
cpufreq: target for CPU 4: 1000000 kHz, relation 1, requested 1000000 kHz
cpufreq: cpufreq_offline: unregistering CPU 4
cpufreq: cpufreq_stop_governor: for CPU 4
cpufreq: cpufreq_exit_governor: for CPU 4
cpufreq: last reference is dropped
cpufreq: waiting for dropping of refcount
cpufreq: wait complete
CPU0 paired with CPU4
CPU1 paired with CPU3
GIC ID for CPU 0 cluster 0 is 0
GIC ID for CPU 1 cluster 0 is 1
GIC ID for CPU 0 cluster 1 is 2
Offlining CPU 0 cluster 1 ...
cpufreq: handle_update for cpu 1 called
cpufreq: updating policy for CPU 1
cpufreq: setting new policy for CPU 1: 500000 - 1200000 kHz
8<--- cut here ---
Unable to handle kernel NULL pointer dereference at virtual address 0000001c
pgd = (ptrval)
[0000001c] *pgd=80000080204003, *pmd=00000000
Internal error: Oops: 206 [#1] SMP THUMB2
Modules linked in:
CPU: 0 PID: 34 Comm: kworker/0:1 Not tainted 5.4.0-rc1-00006-g67f5a8081a4b-dirty #86
Hardware name: ARM-Versatile Express
Workqueue: events handle_update
PC is at cpufreq_set_policy+0x58/0x228
LR is at dev_pm_qos_read_value+0x77/0xac
pc : [<c0ae29d4>] lr : [<c08b56f3>] psr: 00000173
sp : e61d9dc8 ip : 00124f80 fp : eab71580
r10: 00000000 r9 : c179a324 r8 : 00000000
r7 : eab7a250 r6 : e5076400 r5 : c17f3204 r4 : e61d9de0
r3 : 00000000 r2 : eab7a2cc r1 : 00000153 r0 : e61d9de0
Flags: nzcv IRQs on FIQs off Mode SVC_32 ISA Thumb Segment user
Control: 70c5387d Table: 80203000 DAC: fffffffd
Process kworker/0:1 (pid: 34, stack limit = 0x(ptrval))
Stack: (0xe61d9dc8 to 0xe61da000)
9dc0: e61d8000 e5076400 e5076400 eab74700 00000000 c0ae2bdb
9de0: e5076600 00000003 00000000 00000000 00000001 00000000 00124f80 0007a120
9e00: 000f4240 00000000 ffffffff 00124f80 000f4240 00000000 00000000 00000000
9e20: c1779d58 00000000 66726570 616d726f 0065636e 00000000 00000000 e507645c
9e40: e507645c c0ae2c79 e5068580 e506859c 00000000 00000001 00000100 00000122
9e60: e50684c0 e5076484 e5076484 00000000 00000000 c1779bb0 00000000 00000000
9e80: 00000001 00000000 00020002 e50764ac e50764ac 00000001 e60e5640 00000000
9ea0: 00030003 e50764c4 e50764c4 00000000 00000000 00000000 ffffffff 00000000
9ec0: 00000000 00010001 00010001 e50764ec e50764ec 00000000 00000000 00000000
9ee0: 00000000 c0ae0e39 00000000 00000000 c0ae0e1d 00000000 00000000 f29a212c
9f00: c127bdd4 e5076458 e50764b4 c0ae2ca7 e5076458 e6114280 eab71580 c0465111
9f20: ffffe000 eab71580 e61d9f40 e6114280 eab71580 e6114294 c1604d00 eab71598
9f40: ffffe000 00000008 eab71580 c046546f ffffe000 c1604d00 c17999b5 c1159018
9f60: e61d9f78 e619a100 e6116000 00000000 e61d8000 e6114280 c0465371 e60bde9c
9f80: e619a11c c0469f43 00000001 e6116000 c0469e45 00000000 00000000 00000000
9fa0: 00000000 00000000 00000000 c04011e9 00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000
[<c0ae29d4>] (cpufreq_set_policy) from [<c0ae2bdb>] (refresh_frequency_limits.part.24+0x37/0x48)
[<c0ae2bdb>] (refresh_frequency_limits.part.24) from [<c0ae2ca7>] (handle_update+0x2f/0x38)
[<c0ae2ca7>] (handle_update) from [<c0465111>] (process_one_work+0x16d/0x3cc)
[<c0465111>] (process_one_work) from [<c046546f>] (worker_thread+0xff/0x414)
[<c046546f>] (worker_thread) from [<c0469f43>] (kthread+0xff/0x100)
[<c0469f43>] (kthread) from [<c04011e9>] (ret_from_fork+0x11/0x28)
Exception stack(0xe61d9fb0 to 0xe61d9ff8)
9fa0: 00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
Code: fe57 682b 62a0 4620 (69db) 4798
---[ end trace ca670bee3386a225 ]---
next reply other threads:[~2019-10-15 15:57 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-15 15:57 Sudeep Holla [this message]
2019-10-15 16:08 ` NULL pointer dereference in cpufreq_set_policy Rafael J. Wysocki
2019-10-15 16:17 ` Sudeep Holla
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191015155735.GA29105@bogus \
--to=sudeep.holla@arm.com \
--cc=linux-pm@vger.kernel.org \
--cc=viresh.kumar@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).