Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1757541AbeAINdM (ORCPT <rfc822;ralf@linux-mips.org> + 1 other);
        Tue, 9 Jan 2018 08:33:12 -0500
Received: from smtp.codeaurora.org ([198.145.29.96]:35648 "EHLO
        smtp.codeaurora.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1757231AbeAINdK (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 9 Jan 2018 08:33:10 -0500
DMARC-Filter: OpenDMARC Filter v1.3.2 smtp.codeaurora.org 177216034E
Authentication-Results: pdx-caf-mail.web.codeaurora.org; dmarc=none (p=none dis=none) header.from=codeaurora.org
Authentication-Results: pdx-caf-mail.web.codeaurora.org; spf=none smtp.mailfrom=gkohli@codeaurora.org
To: peterz@infradead.org, john.ogness@linutronix.de, mingo@kernel.org
Cc: linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org
From: "Kohli, Gaurav" <gkohli@codeaurora.org>
Subject: Query: Crash is coming during /prod/PID/stat and do_exit of same task
Message-ID: <36ea8b88-4786-dbb2-6b89-15f9801e9c86@codeaurora.org>
Date: Tue, 9 Jan 2018 19:03:05 +0530
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.2
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>

HI ,

We are seeing crash in do_task_stat while accessing stack pointer, It 
seems same task has already completed do_exit call.
So it seems a race between them:

Below is the crash trace:
49750.534377] Kernel BUG at ffffff8e7a4c53a8 [verbose debug info 
unavailable]
[49750.534394] task: ffffffe7b4475580 task.stack: ffffffe7a5f0c000
[49750.534400] PC is at do_task_stat+0x740/0x908
[49750.534402] LR is at do_task_stat+0xa4/0x908
[49750.534403] pc : [<ffffff8e7a4c53a8>] lr : [<ffffff8e7a4c4d0c>] 
pstate: 80400145
[49750.534404] sp : ffffffe7a5f0fbd0

and here is stack trace on that core:

-000|user_stack_pointer(inline)
-000|do_task_stat(
     |    m = 0xFFFFFFE7A5CD7380,
     |    ns = 0xFFFFFF8E7C43C748,
     |  ?,
     |    task = 0xFFFFFFE80D8C2280,
     |  ?)
     |  tty_pgrp = 0
     |  ppid = 2084696064
     |  sid = 0
     |  mm = 0xFFFFFFE7B4424140
     |  tcomm = (84, 9, 71, 122, 142, 255, 255, 255, 48, 253, 240, 165, 
231, 255, 255, 255)
     |  flags = 18446743969119403392
-001|proc_tgid_stat(
     |    m = 0xFFFFFFE7A5CD7380,
     |  ?,

Below are task stats which shows , process completed the do_exit call:
struct task_struct.flags -x 0xFFFFFFE80D8C2280
   flags = 0x40870c

crash_64> struct task_struct.exit_code -x 0xFFFFFFE80D8C2280
   exit_code = 0x6

    struct task_struct.state -x 0xFFFFFFE80D8C2280
   state = 0x40

In our build both patches are there ,
fs/proc: report eip/esp in /prod/PID/stat for coredumping

and also  task.state has already set PF_DUMPCORE as it got the sigabrt 
signal.

Regards
Gaurav


-- Qualcomm India Private Limited, on behalf of Qualcomm Innovation 
Center, Inc. is a member of the Code Aurora Forum, a Linux Foundation 
Collaborative Project.