Re: [PATCH] coredump: reduce stack usage in vfs_coredump()

[Arnd Bergmann]

On Wed, Jun 25, 2025, at 13:54, Marek Szyprowski wrote:
> On 25.06.2025 13:41, Marek Szyprowski wrote:
>>
>> This change appears in today's linux-next (next-20250625) as commit 
>> fb82645d3f72 ("coredump: reduce stack usage in vfs_coredump()"). In my 
>> tests I found that it causes a kernel oops on some of my ARM 32bit 
>> Exynos based boards. This is really strange, because I don't see any 
>> obvious problem in this patch. Reverting $subject on top of linux-next 
>> hides/fixes the oops. I suspect some kind of use-after-free issue, but 
>> I cannot point anything related. Here is the kernel log from one of 
>> the affected boards (I've intentionally kept the register and stack 
>> dumps):
>
> I've just checked once again and found the source of the issue. 
> vfs_coredump() calls coredump_cleanup(), which calls coredump_finish(), 
> which performs the following dereference:
>
> next = current->signal->core_state->dumper.next
>
> of the core_state assigned in zap_threads() called from coredump_wait(). 
> It looks that core_state cannot be moved into coredump_wait() without 
> refactoring/cleaning this first.

Thanks for the analysis, I agree that this can't work and my patch
just needs to be dropped. The 'noinline_for_stack' change on
its own is probably sufficient to avoid the warning, and I can
respin a new version after more build testing.

     Arnd