Bug 707138

Summary: numademu with huge msize has segmentation fault
Product: Red Hat Enterprise Linux 6 Reporter: Petr Sklenar <psklenar>
Component: numactlAssignee: Petr Holasek <pholasek>
Status: CLOSED DUPLICATE QA Contact: qe-baseos-daemons
Severity: medium Docs Contact:
Priority: medium    
Version: 6.3CC: anton, dhoward
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: numactl-2.0.7-1.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 822556 (view as bug list) Environment:
Last Closed: 2012-02-15 12:58:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 822556, 823126, 823127    
Attachments:
Description Flags
patch - checks pointers returned from numa_alloc's none

Description Petr Sklenar 2011-05-24 07:55:53 UTC 
Description of problem:
numademu with huge msize has segmentation fault

Version-Release number of selected component (if applicable):
numactl-2.0.3-9.el6.i686

How reproducible:
deterministic

Steps to Reproduce:
# numactl --show
policy: default
preferred node: current
physcpubind: 0 1 
cpubind: 0 
nodebind: 0 
membind: 0 
# /usr/bin/numademo 12g memset
1 nodes available
Segmentation fault

  
Actual results:
Segmentation fault

Expected results:
No Segmentation fault,
error message is better

Additional info:

# valgrind /usr/bin/numademo 12g memset
==23717== Memcheck, a memory error detector
==23717== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==23717== Using Valgrind-3.6.0 and LibVEX; rerun with -h for copyright info
==23717== Command: /usr/bin/numademo 12g memset
==23717== 
1 nodes available
==23717== Invalid write of size 4
==23717==    at 0x4A08E8C: memset (mc_replace_strmem.c:731)
==23717==    by 0x401DE7: ??? (in /usr/bin/numademo)
==23717==    by 0x40288C: ??? (in /usr/bin/numademo)
==23717==    by 0x40300B: ??? (in /usr/bin/numademo)
==23717==    by 0x34B141EC9C: (below main) (in /lib64/libc-2.12.so)
==23717==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==23717== 
==23717== 
==23717== Process terminating with default action of signal 11 (SIGSEGV)
==23717==  Access not within mapped region at address 0x0
==23717==    at 0x4A08E8C: memset (mc_replace_strmem.c:731)
==23717==    by 0x401DE7: ??? (in /usr/bin/numademo)
==23717==    by 0x40288C: ??? (in /usr/bin/numademo)
==23717==    by 0x40300B: ??? (in /usr/bin/numademo)
==23717==    by 0x34B141EC9C: (below main) (in /lib64/libc-2.12.so)
==23717==  If you believe this happened as a result of a stack
==23717==  overflow in your program's main thread (unlikely but
==23717==  possible), you can try to increase the size of the
==23717==  main thread stack using the --main-stacksize= flag.
==23717==  The main thread stack size used in this run was 10485760.
==23717== 
==23717== HEAP SUMMARY:
==23717==     in use at exit: 771 bytes in 9 blocks
==23717==   total heap usage: 20 allocs, 11 frees, 101,579 bytes allocated
==23717== 
==23717== LEAK SUMMARY:
==23717==    definitely lost: 0 bytes in 0 blocks
==23717==    indirectly lost: 0 bytes in 0 blocks
==23717==      possibly lost: 0 bytes in 0 blocks
==23717==    still reachable: 771 bytes in 9 blocks
==23717==         suppressed: 0 bytes in 0 blocks
==23717== Rerun with --leak-check=full to see details of leaked memory
==23717== 
==23717== For counts of detected and suppressed errors, rerun with: -v
==23717== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 6 from 6)
Segmentation fault
Comment 1 RHEL Program Management 2011-07-06 01:23:57 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unfortunately unable to
address this request at this time. Red Hat invites you to
ask your support representative to propose this request, if
appropriate and relevant, in the next release of Red Hat
Enterprise Linux. If you would like it considered as an
exception in the current release, please ask your support
representative.
Comment 2 Petr Holasek 2011-08-18 11:23:38 UTC 
Created attachment 518852 [details]
patch - checks pointers returned from numa_alloc's
Comment 3 Petr Holasek 2011-08-18 11:24:54 UTC 
(In reply to comment #2)
> Created attachment 518852 [details]
> patch - checks pointers returned from numa_alloc's

Patch also sent to upstream: 
http://article.gmane.org/gmane.linux.kernel.numa/681
Comment 5 Petr Holasek 2011-08-18 12:18:14 UTC 
(In reply to comment #3)
> (In reply to comment #2)
> > Created attachment 518852 [details]
> > patch - checks pointers returned from numa_alloc's
> 
> Patch also sent to upstream: 
> http://article.gmane.org/gmane.linux.kernel.numa/681

Patch accepted by upstream, will be included in 2.0.8-rc1.
Comment 6 Petr Holasek 2012-02-15 12:43:12 UTC 
Fixed in 2.0.7 rebased build https://brewweb.devel.redhat.com/taskinfo?taskID=4045186
Comment 7 Anton Arapov 2012-02-15 12:58:57 UTC 

*** This bug has been marked as a duplicate of bug 645066 ***