diff options
authorYanmin Zhang <>2008-06-30 20:21:54 +0400
committerGreg Kroah-Hartman <>2008-07-03 07:46:16 +0400
commit712a9da4d9f05a918152422bbc30b601f892b62c (patch)
parent66f100382995e2510e5bbae37ec4dbc4f73e4638 (diff)
x86: fix cpu hotplug crash
Commit fcb43042ef55d2f46b0efa5d7746967cef38f056 upstream x86: fix cpu hotplug crash Vegard Nossum reported crashes during cpu hotplug tests: In function _cpu_up, the panic happens when calling __raw_notifier_call_chain at the second time. Kernel doesn't panic when calling it at the first time. If just say because of nr_cpu_ids, that's not right. By checking the source code, I found that function do_boot_cpu is the culprit. Consider below call chain: _cpu_up=>__cpu_up=>smp_ops.cpu_up=>native_cpu_up=>do_boot_cpu. So do_boot_cpu is called in the end. In do_boot_cpu, if boot_error==true, cpu_clear(cpu, cpu_possible_map) is executed. So later on, when _cpu_up calls __raw_notifier_call_chain at the second time to report CPU_UP_CANCELED, because this cpu is already cleared from cpu_possible_map, get_cpu_sysdev returns NULL. Many resources are related to cpu_possible_map, so it's better not to change it. Below patch against 2.6.26-rc7 fixes it by removing the bit clearing in cpu_possible_map. Signed-off-by: Zhang Yanmin <> Tested-by: Vegard Nossum <> Acked-by: Rusty Russell <> Signed-off-by: Ingo Molnar <> Signed-off-by: Greg Kroah-Hartman <>
1 files changed, 0 insertions, 1 deletions
diff --git a/arch/x86/kernel/smpboot_64.c b/arch/x86/kernel/smpboot_64.c
index 0880f2c388a9..7b768e358df4 100644
--- a/arch/x86/kernel/smpboot_64.c
+++ b/arch/x86/kernel/smpboot_64.c
@@ -704,7 +704,6 @@ do_rest:
clear_bit(cpu, (unsigned long *)&cpu_initialized); /* was set by cpu_init() */
clear_node_cpumask(cpu); /* was set by numa_add_cpu */
cpu_clear(cpu, cpu_present_map);
- cpu_clear(cpu, cpu_possible_map);
per_cpu(x86_cpu_to_apicid, cpu) = BAD_APICID;
return -EIO;