From mboxrd@z Thu Jan 1 00:00:00 1970 Content-Type: multipart/mixed; boundary="===============6818046744107769297==" MIME-Version: 1.0 From: Oleg Nesterov To: lkp@lists.01.org Subject: Re: kthread_stop insanity (Re: [[DEBUG] force] 2642458962: BUG: unable to handle kernel paging request at ffffc90000997f18) Date: Tue, 28 Jun 2016 20:58:54 +0200 Message-ID: <20160628185853.GA3998@redhat.com> In-Reply-To: <20160627170010.GA21628@redhat.com> List-Id: --===============6818046744107769297== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable On 06/27, Oleg Nesterov wrote: > > On 06/27, Andy Lutomirski wrote: > > > > Want to send a patch? I could do it, but you understand this code > > much better than I do. > > Well, I'll try to do this tomorrow unless you do it. I have cloned luto/linux.git to see if kthread_stop() can pin ->stack somehow, but it seems this is not possible, finish_task_switch() does free_thread_stack() unconditionally. Then how (say) proc_pid_stack() can work? If it hits the task which is alreay dead we are (probably) fine, valid_stack_ptr() should fail iiuc. But what if we race with the last schedule() ? "addr =3D *stack" can read the already vfree'ed memory, no? Looks like print_context_stack/etc need probe_kernel_address or I missed something. Oleg. --===============6818046744107769297==-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752423AbcF1S6T (ORCPT ); Tue, 28 Jun 2016 14:58:19 -0400 Received: from mx1.redhat.com ([209.132.183.28]:58801 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752226AbcF1S6S (ORCPT ); Tue, 28 Jun 2016 14:58:18 -0400 Date: Tue, 28 Jun 2016 20:58:54 +0200 From: Oleg Nesterov To: Andy Lutomirski Cc: Andy Lutomirski , Linus Torvalds , Peter Zijlstra , Tejun Heo , LKP , LKML , kernel test robot Subject: Re: kthread_stop insanity (Re: [[DEBUG] force] 2642458962: BUG: unable to handle kernel paging request at ffffc90000997f18) Message-ID: <20160628185853.GA3998@redhat.com> References: <20160627145443.GA17145@redhat.com> <20160627170010.GA21628@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20160627170010.GA21628@redhat.com> User-Agent: Mutt/1.5.18 (2008-05-17) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Tue, 28 Jun 2016 18:58:17 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 06/27, Oleg Nesterov wrote: > > On 06/27, Andy Lutomirski wrote: > > > > Want to send a patch? I could do it, but you understand this code > > much better than I do. > > Well, I'll try to do this tomorrow unless you do it. I have cloned luto/linux.git to see if kthread_stop() can pin ->stack somehow, but it seems this is not possible, finish_task_switch() does free_thread_stack() unconditionally. Then how (say) proc_pid_stack() can work? If it hits the task which is alreay dead we are (probably) fine, valid_stack_ptr() should fail iiuc. But what if we race with the last schedule() ? "addr = *stack" can read the already vfree'ed memory, no? Looks like print_context_stack/etc need probe_kernel_address or I missed something. Oleg.