Re: [2.6.28] NULL pointer dereference at get_stats()

From: Frederik Deweerdt
Date: Tue Dec 30 2008 - 16:37:42 EST


[Trimmed netdev from cc:]
Hello Tetsuo,

On Wed, Dec 31, 2008 at 02:01:56AM +0900, Tetsuo Handa wrote:
> Hello.
>
> Frederik Deweerdt wrote:
> > Does adding maxcpus=0 to the boot parameters solve the problem? Stephen
> > suspected a per-cpu variable related problem.
>
> No, but I got interestring results.
>
> Result | # of virtual CPUs | Kernel command line
> -------+-------------------+-----------------------------------------
> OK | 2 | ro root=LABEL=/
> BUG | 2 | ro root=LABEL=/ noapic nolapic
> BUG | 2 | ro root=LABEL=/ noapic nolapic maxcpus=0
> BUG | 2 | ro root=LABEL=/ noapic nolapic nosmp
> BUG | 2 | ro root=LABEL=/ maxcpus=0
> BUG | 2 | ro root=LABEL=/ nosmp
> OK | 1 | ro root=LABEL=/
> OK | 1 | ro root=LABEL=/ nolapic noapic
> OK | 1 | ro root=LABEL=/ nolapic noapic maxcpus=0
> OK | 1 | ro root=LABEL=/ nolapic noapic nosmp
>
> "OK" means NULL pointer dereference didn't happen.
> "BUG" means NULL pointer dereference happened.
>
> I was adding "noapic" "nolapic" to command line while assigning 2 vcpus.
> Thus, I encountered this problem. Workaround is to remove "noapic" "nolapic".
>
> Now, it seems to me that this problem is caused by interaction of
> "noapic" "nolapic" "maxcpus=0" "nosmp" options.

Thanks for the thourough testing. I've reviewed the code, and the only
think that looks weird to me is the case where smp_sanity_check() fails.
The attached patch is an attempt to correct this, Tetsuo, could you
test it?

Ingo, could you please have a look at it? It does what commit
deef325086c3897393b8f7d6bccd0340 "x86: disable preemption in
native_smp_prepare_cpus" was looking to fix, but continuing the APIC
setup in case smp_sanity_check fails.


Regards,
Frederik

diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c
index f8500c9..888c6d3 100644
--- a/arch/x86/kernel/smpboot.c
+++ b/arch/x86/kernel/smpboot.c
@@ -1188,16 +1188,13 @@ void __init native_smp_prepare_cpus(unsigned int max_cpus)
if (smp_sanity_check(max_cpus) < 0) {
printk(KERN_INFO "SMP disabled\n");
disable_smp();
- goto out;
}

- preempt_disable();
if (read_apic_id() != boot_cpu_physical_apicid) {
panic("Boot APIC ID in local APIC unexpected (%d vs %d)",
read_apic_id(), boot_cpu_physical_apicid);
/* Or can we switch back to PIC here? */
}
- preempt_enable();

connect_bsp_APIC();

@@ -1230,7 +1227,7 @@ void __init native_smp_prepare_cpus(unsigned int max_cpus)

if (is_uv_system())
uv_system_init();
-out:
+
preempt_enable();
}
/*
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/