On 16.09.2021 20:20, Greg Kroah-Hartman wrote:
> On Thu, Sep 16, 2021 at 06:12:44PM +0200, Rafael J. Wysocki wrote:
>> On 9/16/2021 5:56 PM, Greg Kroah-Hartman wrote:
>>> From: Kevin Hao <haokexin@xxxxxxxxx>
>>>
>>> commit e5c6b312ce3cc97e90ea159446e6bfa06645364d upstream.
>>>
>>> The struct sugov_tunables is protected by the kobject, so we can't free
>>> it directly. Otherwise we would get a call trace like this:
>>> ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x30
>>> WARNING: CPU: 3 PID: 720 at lib/debugobjects.c:505 debug_print_object+0xb8/0x100
>>> Modules linked in:
>>> CPU: 3 PID: 720 Comm: a.sh Tainted: G W 5.14.0-rc1-next-20210715-yocto-standard+ #507
>>> Hardware name: Marvell OcteonTX CN96XX board (DT)
>>> pstate: 40400009 (nZcv daif +PAN -UAO -TCO BTYPE=--)
>>> pc : debug_print_object+0xb8/0x100
>>> lr : debug_print_object+0xb8/0x100
>>> sp : ffff80001ecaf910
>>> x29: ffff80001ecaf910 x28: ffff00011b10b8d0 x27: ffff800011043d80
>>> x26: ffff00011a8f0000 x25: ffff800013cb3ff0 x24: 0000000000000000
>>> x23: ffff80001142aa68 x22: ffff800011043d80 x21: ffff00010de46f20
>>> x20: ffff800013c0c520 x19: ffff800011d8f5b0 x18: 0000000000000010
>>> x17: 6e6968207473696c x16: 5f72656d6974203a x15: 6570797420746365
>>> x14: 6a626f2029302065 x13: 303378302f307830 x12: 2b6e665f72656d69
>>> x11: ffff8000124b1560 x10: ffff800012331520 x9 : ffff8000100ca6b0
>>> x8 : 000000000017ffe8 x7 : c0000000fffeffff x6 : 0000000000000001
>>> x5 : ffff800011d8c000 x4 : ffff800011d8c740 x3 : 0000000000000000
>>> x2 : ffff0001108301c0 x1 : ab3c90eedf9c0f00 x0 : 0000000000000000
>>> Call trace:
>>> debug_print_object+0xb8/0x100
>>> __debug_check_no_obj_freed+0x1c0/0x230
>>> debug_check_no_obj_freed+0x20/0x88
>>> slab_free_freelist_hook+0x154/0x1c8
>>> kfree+0x114/0x5d0
>>> sugov_exit+0xbc/0xc0
>>> cpufreq_exit_governor+0x44/0x90
>>> cpufreq_set_policy+0x268/0x4a8
>>> store_scaling_governor+0xe0/0x128
>>> store+0xc0/0xf0
>>> sysfs_kf_write+0x54/0x80
>>> kernfs_fop_write_iter+0x128/0x1c0
>>> new_sync_write+0xf0/0x190
>>> vfs_write+0x2d4/0x478
>>> ksys_write+0x74/0x100
>>> __arm64_sys_write+0x24/0x30
>>> invoke_syscall.constprop.0+0x54/0xe0
>>> do_el0_svc+0x64/0x158
>>> el0_svc+0x2c/0xb0
>>> el0t_64_sync_handler+0xb0/0xb8
>>> el0t_64_sync+0x198/0x19c
>>> irq event stamp: 5518
>>> hardirqs last enabled at (5517): [<ffff8000100cbd7c>] console_unlock+0x554/0x6c8
>>> hardirqs last disabled at (5518): [<ffff800010fc0638>] el1_dbg+0x28/0xa0
>>> softirqs last enabled at (5504): [<ffff8000100106e0>] __do_softirq+0x4d0/0x6c0
>>> softirqs last disabled at (5483): [<ffff800010049548>] irq_exit+0x1b0/0x1b8
>>>
>>> So split the original sugov_tunables_free() into two functions,
>>> sugov_clear_global_tunables() is just used to clear the global_tunables
>>> and the new sugov_tunables_free() is used as kobj_type::release to
>>> release the sugov_tunables safely.
>>>
>>> Fixes: 9bdcb44e391d ("cpufreq: schedutil: New governor based on scheduler utilization data")
>>> Cc: 4.7+ <stable@xxxxxxxxxxxxxxx> # 4.7+
>>> Signed-off-by: Kevin Hao <haokexin@xxxxxxxxx>
>>> Acked-by: Viresh Kumar <viresh.kumar@xxxxxxxxxx>
>>> Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@xxxxxxxxx>
>>> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
>>> ---
>>> kernel/sched/cpufreq_schedutil.c | 16 +++++++++++-----
>>> 1 file changed, 11 insertions(+), 5 deletions(-)
>>>
>>> --- a/kernel/sched/cpufreq_schedutil.c
>>> +++ b/kernel/sched/cpufreq_schedutil.c
>>> @@ -610,9 +610,17 @@ static struct attribute *sugov_attrs[] =
>>> };
>>> ATTRIBUTE_GROUPS(sugov);
>>> +static void sugov_tunables_free(struct kobject *kobj)
>>> +{
>>> + struct gov_attr_set *attr_set = container_of(kobj, struct gov_attr_set, kobj);
>>> +
>>> + kfree(to_sugov_tunables(attr_set));
>>> +}
>>> +
>>> static struct kobj_type sugov_tunables_ktype = {
>>> .default_groups = sugov_groups,
>>> .sysfs_ops = &governor_sysfs_ops,
>>> + .release = &sugov_tunables_free,
>>> };
>>> /********************** cpufreq governor interface *********************/
>>> @@ -712,12 +720,10 @@ static struct sugov_tunables *sugov_tuna
>>> return tunables;
>>> }
>>> -static void sugov_tunables_free(struct sugov_tunables *tunables)
>>> +static void sugov_clear_global_tunables(void)
>>> {
>>> if (!have_governor_per_policy())
>>> global_tunables = NULL;
>>> -
>>> - kfree(tunables);
>>> }
>>> static int sugov_init(struct cpufreq_policy *policy)
>>> @@ -780,7 +786,7 @@ out:
>>> fail:
>>> kobject_put(&tunables->attr_set.kobj);
>>> policy->governor_data = NULL;
>>> - sugov_tunables_free(tunables);
>>> + sugov_clear_global_tunables();
>>> stop_kthread:
>>> sugov_kthread_stop(sg_policy);
>>> @@ -807,7 +813,7 @@ static void sugov_exit(struct cpufreq_po
>>> count = gov_attr_set_put(&tunables->attr_set, &sg_policy->tunables_hook);
>>> policy->governor_data = NULL;
>>> if (!count)
>>> - sugov_tunables_free(tunables);
>>> + sugov_clear_global_tunables();
>>> mutex_unlock(&global_tunables_lock);
>>>
>>>
>> Please defer this one.
>>
>> It uncovers a bug in cpufreq that needs to be fixed separately.
>
> Now dropped from all queues, thanks!
>
> greg k-h
>
Hi Greg,
I am trying to get familiar with stable release process, because we
would like to start testing stable release candidates. But I cannot get
all the nuances how to get automatically information regarding rc code
ready to be tested.
Also I wonder how we could automatically detect situations when stable
release is expected to became diverged from the rc, e.g. like
[PATCH 5.10 033/306] cpufreq: schedutil: Use kobject release() method to
free sugov_tunables
was dropped from 5.10.67 without announcing the 5.10.67-rc2?
Any suggestions are appreciated.
Best regards,
Alexey Khoroshilov,
Linux Verification Center, ISPRAS
