Re: [PATCH] numa, mem-hotplug: Fix stack overflow in numa when setingkernel nodes to unhotpluggable.

From: Tang Chen
Date: Tue Jan 28 2014 - 02:08:00 EST



Hi Dave,

I think here is the overflow problem. Not the stackoverflow,
but the array index overflow.

Please have a look at the following path:

numa_init()
|---> numa_register_memblks()
| |---> memblock_set_node(memory) set correct nid in memblock.memory
| |---> memblock_set_node(reserved) set correct nid in memblock.reserved
| |......
| |---> setup_node_data()
| |---> memblock_alloc_nid() here, nid is set to MAX_NUMNODES (1024)
|......
|---> numa_clear_kernel_node_hotplug()
|---> node_set() here, we have an index 1024, and overflowed

For now, I think this is the first problem you mentioned.

Will send a new patch to fix it and do more tests.

Thanks.

On 01/28/2014 01:31 PM, Tang Chen wrote:
On 01/28/2014 12:47 PM, Dave Jones wrote:
On Tue, Jan 28, 2014 at 12:47:11PM +0800, Tang Chen wrote:
> On 01/28/2014 11:55 AM, Dave Jones wrote:
> > On Tue, Jan 28, 2014 at 11:24:37AM +0800, Tang Chen wrote:
> >
> > > > I did a bisect with the patch above applied each step of the way.
> > > > This time I got a plausible looking result....
> > >
> > > I cannot reproduce this. Would you please share how to reproduce
it ?
> > > Or does it just happen during the booting ?
> >
> > Just during boot. Very early. So early in fact, I have no logging
facilities
> > like usb-serial, just what is on vga console.
> >
> > If you want me to add some printk's, I can add a while (1); before
> > the part that oopses so we can diagnose further..
>
> Sure. Would you please do that for me ? Maybe we can find something in
> the early log.

I was hoping you'd have suggestions what you'd like me to dump ;-)


I think I found something.

Since I can reproduce the first problem on 3.10, I found some memory
ranges in memblock
have nid = 1024. When we use node_set(), it will crash.

I'll see if we have the same problem on the latest kernel.

[ 0.000000] NUMA: Initialized distance table, cnt=2
[ 0.000000] NUMA: Warning: node ids are out of bound, from=-1 to=-1
distance=10
[ 0.000000] NUMA: Node 0 [mem 0x00000000-0x7fffffff] + [mem
0x100000000-0x47fffffff] -> [mem 0x00000000-0x47fffffff]
[ 0.000000] Initmem setup node 0 [mem 0x00000000-0x47fffffff]
[ 0.000000] NODE_DATA [mem 0x47ffd9000-0x47fffffff]
[ 0.000000] Initmem setup node 1 [mem 0x480000000-0x87fffffff]
[ 0.000000] NODE_DATA [mem 0x87ffbb000-0x87ffe1fff]
[ 0.000000] AAAA: i = 0, nid = 0
[ 0.000000] AAAA: i = 1, nid = 0
[ 0.000000] AAAA: i = 2, nid = 0
[ 0.000000] AAAA: i = 3, nid = 0
[ 0.000000] AAAA: i = 4, nid = 1024
[ 0.000000] AAAA: i = 5, nid = 1024
[ 0.000000] AAAA: i = 6, nid = 1
[ 0.000000] AAAA: i = 7, nid = 1
[ 0.000000] Reserving 128MB of memory at 704MB for crashkernel (System
RAM: 32406MB)
[ 0.000000] [ffffea0000000000-ffffea0011ffffff] PMD ->
[ffff880470200000-ffff88047fdfffff] on node 0
[ 0.000000] [ffffea0012000000-ffffea0021ffffff] PMD ->
[ffff88086f600000-ffff88087f5fffff] on node 1
[ 0.000000] Zone ranges:
[ 0.000000] DMA [mem 0x00001000-0x00ffffff]
[ 0.000000] DMA32 [mem 0x01000000-0xffffffff]
[ 0.000000] Normal [mem 0x100000000-0x87fffffff]
[ 0.000000] Movable zone start for each node
[ 0.000000] Early memory node ranges
[ 0.000000] node 0: [mem 0x00001000-0x00098fff]
[ 0.000000] node 0: [mem 0x00100000-0x696f7fff]
[ 0.000000] node 0: [mem 0x100000000-0x47fffffff]
[ 0.000000] node 1: [mem 0x480000000-0x87fffffff]

Thanks.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/