From: "Vegard Nossum" <vegard.nossum@gmail•com>
To: Ingo Molnar <mingo@elte•hu>
Cc: Andrew Morton <akpm@linux-foundation•org>,
Stephen Rothwell <sfr@canb•auug.org.au>,
linux-next@vger•kernel.org, LKML <linux-kernel@vger•kernel.org>,
Mike Travis <travis@sgi•com>
Subject: Re: linux-next: Tree for June 5
Date: Fri, 6 Jun 2008 14:33:56 +0200 [thread overview]
Message-ID: <19f34abd0806060533x6d3ff66tc29306143103fc40@mail.gmail.com> (raw)
In-Reply-To: <20080606115759.GA29321@elte.hu>
On Fri, Jun 6, 2008 at 1:57 PM, Ingo Molnar <mingo@elte•hu> wrote:
>
> * Andrew Morton <akpm@linux-foundation•org> wrote:
>
>> Good
>>
>> a9ad585c8a18f7ba754b85f5786976609b9d7d29
>> Author: Mike Travis <travis@sgi•com> 2008-05-12 12:21:12
>> Committer: Thomas Gleixner <tglx@linutronix•de> 2008-05-23 09:07:47
>> Parent: 543e21916497be5a4005fd5820264ce1de9bd56d (x86: restore pda nodenumber field)
>> Child: 78d49c6d890aee9cf8aea371011c9d7b0121b822 (x86: remove static boot_cpu_pda array v2)
>> Branch:
>> Follows: v2.6.26-rc2
>> Precedes: next-20080526
>>
>> x86: remove the static 256k node_to_cpumask_map
>>
>> crash, as described earlier.
>
> thanks for tracking it down! This was the origin of the commit:
>
> # tip/x86/numa: a9ad585: x86: remove the static 256k node_to_cpumask_map
>
> which has been in -tip since May 12 and in linux-next for two weeks
> AFAICS, which is beyond the point of being something freshly wrong.
>
> So i suspect something more subtle here. What compiler version are you
> using? This crash is not something that has been found in testing before
> - i use rather new compilers, gcc 4.2.2 most of the time. Previous
> compilers miscompile the kernel seriously so it's not usable for our
> regression testing grid.
>
Hi,
I reproced it with gc 4.1.2. I think the error is somewhere in kernel/sched.c.
static int __build_sched_domains(const cpumask_t *cpu_map,
struct sched_domain_attr *attr)
{
...
for (i = 0; i < MAX_NUMNODES; i++) {
...
sg = kmalloc_node(sizeof(struct sched_group), GFP_KERNEL, i);
...
This code is calling into the allocator with a spurious value of i,
which causes SLAB to use an index (of 4 in my case) that is out of
bounds for its nodelist array (at least it hasn't been initialized).
This bit of code (a bit further down, inside the same loop) is also dubious:
sg = kmalloc_node(sizeof(struct sched_group),
GFP_KERNEL, i);
if (!sg) {
printk(KERN_WARNING
"Can not alloc domain group for node %d\n", j);
goto error;
}
Where it passes i to kmalloc_node() but reports an allocation for node
j. Which one is correct?
Hope this helps, will send an update if I find out more.
Vegard
--
"The animistic metaphor of the bug that maliciously sneaked in while
the programmer was not looking is intellectually dishonest as it
disguises that the error is the programmer's own creation."
-- E. W. Dijkstra, EWD1036
next prev parent reply other threads:[~2008-06-06 12:34 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-06-05 7:52 linux-next: Tree for June 5 Stephen Rothwell
2008-06-06 2:56 ` Andrew Morton
2008-06-06 3:46 ` Andrew Morton
2008-06-06 7:17 ` Ingo Molnar
2008-06-06 7:25 ` Ingo Molnar
2008-06-06 7:33 ` Andrew Morton
2008-06-06 7:41 ` Ingo Molnar
2008-06-06 7:47 ` Andrew Morton
2008-06-06 7:53 ` Stephen Rothwell
2008-06-06 8:01 ` Andrew Morton
2008-06-06 8:22 ` Stephen Rothwell
2008-06-06 8:30 ` Andrew Morton
2008-06-06 8:36 ` Ingo Molnar
2008-06-06 11:50 ` Paul Mackerras
2008-06-06 8:27 ` Ingo Molnar
2008-06-06 8:23 ` Ingo Molnar
2008-06-06 8:28 ` Stephen Rothwell
2008-06-06 8:33 ` Ingo Molnar
2008-06-06 8:38 ` Andrew Morton
2008-06-06 8:49 ` Ingo Molnar
2008-06-06 9:01 ` Andrew Morton
2008-06-06 10:47 ` Ingo Molnar
2008-06-06 16:37 ` Ingo Molnar
2008-06-06 7:29 ` Andrew Morton
2008-06-06 9:48 ` Andrew Morton
2008-06-06 9:54 ` Andrew Morton
2008-06-06 10:10 ` Ingo Molnar
2008-06-06 10:54 ` Andrew Morton
2008-06-06 11:21 ` Vegard Nossum
2008-06-06 11:57 ` Ingo Molnar
2008-06-06 12:33 ` Vegard Nossum [this message]
2008-06-06 13:33 ` Mike Travis
2008-06-06 13:50 ` Vegard Nossum
2008-06-06 14:07 ` Vegard Nossum
2008-06-06 14:20 ` Mike Travis
2008-06-06 14:36 ` Vegard Nossum
2008-06-06 14:41 ` Mike Travis
2008-06-06 14:51 ` Mike Travis
2008-06-06 14:54 ` Mike Travis
2008-06-06 14:57 ` Ingo Molnar
2008-06-06 15:01 ` Ingo Molnar
2008-06-06 15:13 ` Vegard Nossum
2008-06-06 15:23 ` Ingo Molnar
2008-06-06 15:52 ` Mike Travis
2008-06-18 8:26 ` Ingo Molnar
2008-06-06 15:04 ` Mike Travis
2008-06-06 15:20 ` Mike Travis
2008-06-06 15:33 ` Ingo Molnar
2008-06-06 15:13 ` Ingo Molnar
2008-06-06 14:13 ` Mike Travis
2008-06-06 13:28 ` Mike Travis
2008-06-06 17:15 ` Ingo Molnar
2008-06-06 7:33 ` Stephen Rothwell
-- strict thread matches above, loose matches on Subject: below --
2009-06-05 6:41 Stephen Rothwell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=19f34abd0806060533x6d3ff66tc29306143103fc40@mail.gmail.com \
--to=vegard.nossum@gmail$(echo .)com \
--cc=akpm@linux-foundation$(echo .)org \
--cc=linux-kernel@vger$(echo .)kernel.org \
--cc=linux-next@vger$(echo .)kernel.org \
--cc=mingo@elte$(echo .)hu \
--cc=sfr@canb$(echo .)auug.org.au \
--cc=travis@sgi$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox