Greetings, Kernel Oops seen when memory hot-unplug on powerpc mainline kernel. Machine: Power6 PowerVM ppc64 Kernel: 4.15.0 Config: attached gcc: 4.8.2 Test: Memory hot-unplug of a memory block echo offline > /sys/devices/system/memory/memory/state The faulty instruction address points to the code path: # gdb -batch vmlinux -ex 'list *(0xc000000000238330)' 0xc000000000238330 is in get_pfnblock_flags_mask (./include/linux/mmzone.h:1157). 1152 #endif 1153 1154 static inline struct mem_section *__nr_to_section(unsigned long nr) 1155 { 1156 #ifdef CONFIG_SPARSEMEM_EXTREME 1157 if (!mem_section) 1158 return NULL; 1159 #endif 1160 if (!mem_section[SECTION_NR_TO_ROOT(nr)]) 1161 return NULL; The code was first introduced with commit( 83e3c48: mm/sparsemem: Allocate mem_section at runtime for CONFIG_SPARSEMEM_EXTREME=y) Trace messages: --------------- Offlined Pages 1024 ehea: memory is going online ehea: LPAR memory changed - re-initializing driver ehea: re-initializing driver complete ehea: memory is going online ehea: LPAR memory changed - re-initializing driver ehea: re-initializing driver complete ehea: memory is going offline ehea: LPAR memory changed - re-initializing driver ehea: re-initializing driver complete Offlined Pages 1024 Unable to handle kernel paging request for data at address 0xc0005b706ad88178 Faulting instruction address: 0xc000000000238330 Oops: Kernel access of bad area, sig: 11 [#1] BE SMP NR_CPUS=1024 NUMA pSeries Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: rpadlpar_io(E) rpaphp(E) xt_CHECKSUM(E) bnep(E) bluetooth(E) ecdh_generic(E) nf_conntrack_netbios_ns(E) nf_conntrack_broadcast(E) ip6t_REJECT(E) nf_reject_ipv6(E) nf_conntrack_ipv6(E) nf_defrag_ipv6(E) ipt_REJECT(E) nf_reject_ipv4(E) nf_conntrack_ipv4(E) nf_defrag_ipv4(E) cfg80211(E) xt_conntrack(E) rfkill(E) nf_conntrack(E) libcrc32c(E) ebtable_nat(E) ebtable_broute(E) bridge(E) stp(E) llc(E) ebtable_filter(E) ebtables(E) ip6table_mangle(E) ip6table_security(E) ip6table_raw(E) ip6table_filter(E) ip6_tables(E) iptable_mangle(E) iptable_security(E) iptable_raw(E) iptable_filter(E) ip_tables(E) ses(E) enclosure(E) osst(E) scsi_transport_sas(E) st(E) nfsd(E) auth_rpcgss(E) ehea(E) uio_pdrv_genirq(E) nfs_acl(E) uio(E) lockd(E) sunrpc(E) grace(E) ipv6(E) crc_ccitt(E) autofs4(E) ext4(E) mbcache(E) jbd2(E) sr_mod(E) cdrom(E) sd_mod(E) dm_mirror(E) dm_region_hash(E) dm_log(E) dm_mod(E) dax(E) CPU: 12 PID: 6981 Comm: avocado Tainted: G W E 4.15.0-autotest #1 NIP: c000000000238330 LR: c0000000002c5dcc CTR: c000000000122f80 REGS: c0000002aef63370 TRAP: 0300 Tainted: G W E (4.15.0-autotest) MSR: 800000000200b032 CR: 24242488 XER: 00000000 CFAR: c00000000000883c DAR: c0005b706ad88178 DSISR: 40000000 SOFTE: 1 GPR00: c0000000002c5b70 c0000002aef635f0 c000000001101a00 c0000002b1563800 GPR04: b6db6db6e3f3e100 0000000000000002 0000000000000007 000000000010a000 GPR08: 00005b6db6db71f8 c0000002b3fd0f80 00b6db6db6e3f3e1 0000000000000040 GPR12: 0000000024242488 c00000000ed43c00 000001001054b518 000000803cdf37a8 GPR16: 0000000000000000 c0000002b3f3ce20 0000000000000001 0000000000000001 GPR20: 0000000000000001 0000000000000000 0000000000026400 00000000003fffff GPR24: c00000000113caa0 0000000000000008 0000000000000000 0000000000000001 GPR28: c0000000012a1620 c0000002b3f3ce20 c0000002b3f3ca00 c0000002b1560000 NIP [c000000000238330] .get_pfnblock_flags_mask+0x20/0xd0 LR [c0000000002c5dcc] .unset_migratetype_isolate+0x2bc/0x340 Call Trace: [c0000002aef635f0] [c0000000002c5b70] .unset_migratetype_isolate+0x60/0x340 (unreliable) [c0000002aef636a0] [c0000000002c60e0] .start_isolate_page_range+0x290/0x450 [c0000002aef637a0] [c0000000002c0164] .__offline_pages+0x114/0xaa0 [c0000002aef638f0] [c00000000058a9b8] .memory_subsys_offline+0x58/0xe0 [c0000002aef63970] [c000000000567638] .device_offline+0xe8/0x130 [c0000002aef63a00] [c00000000058a71c] .store_mem_state+0x15c/0x180 [c0000002aef63a90] [c000000000562710] .dev_attr_store+0x30/0x60 [c0000002aef63b00] [c0000000003789e0] .sysfs_kf_write+0x60/0xa0 [c0000002aef63b70] [c0000000003777a4] .kernfs_fop_write+0x184/0x260 [c0000002aef63c10] [c0000000002cce8c] .__vfs_write+0x3c/0x1e0 [c0000002aef63cf0] [c0000000002cd240] .vfs_write+0xc0/0x230 [c0000002aef63d90] [c0000000002cd558] .SyS_write+0x58/0x100 [c0000002aef63e30] [c00000000000b858] system_call+0x58/0x6c Instruction dump: 4e800020 60000000 60000000 60000000 3d02001a 788ac202 3928fc20 e9290000 2fa90000 419e006c 78886502 79081f24 <7d29402a> 2fa90000 419e000c 794a2428 ---[ end trace 2cf894fd69b0954b ]--- INFO: rcu_sched detected stalls on CPUs/tasks: (detected by 7, t=2102 jiffies, g=25946, c=25945, q=29) All QSes seen, last rcu_sched kthread activity 2102 (4295176275-4295174173), jiffies_till_next_fqs=1, root ->qsmask 0x0 sh R running task 0 6189 1 0x00000080 -- Regard's Abdul Haleem IBM Linux Technology Centre