On Wed, Jun 25, 2025 at 03:29:50PM +0200, Arnd Bergmann wrote:
> On Wed, Jun 25, 2025, at 13:54, Marek Szyprowski wrote:
> > On 25.06.2025 13:41, Marek Szyprowski wrote:
> >>
> >> This change appears in today's linux-next (next-20250625) as commit
> >> fb82645d3f72 ("coredump: reduce stack usage in vfs_coredump()"). In my
> >> tests I found that it causes a kernel oops on some of my ARM 32bit
> >> Exynos based boards. This is really strange, because I don't see any
> >> obvious problem in this patch. Reverting $subject on top of linux-next
> >> hides/fixes the oops. I suspect some kind of use-after-free issue, but
> >> I cannot point anything related. Here is the kernel log from one of
> >> the affected boards (I've intentionally kept the register and stack
> >> dumps):
> >
> > I've just checked once again and found the source of the issue.
> > vfs_coredump() calls coredump_cleanup(), which calls coredump_finish(),
> > which performs the following dereference:
> >
> > next = current->signal->core_state->dumper.next
> >
> > of the core_state assigned in zap_threads() called from coredump_wait().
> > It looks that core_state cannot be moved into coredump_wait() without
> > refactoring/cleaning this first.
>
> Thanks for the analysis, I agree that this can't work and my patch
> just needs to be dropped. The 'noinline_for_stack' change on
> its own is probably sufficient to avoid the warning, and I can
> respin a new version after more build testing.
@Arnd, I've dropped the previous patch. I'll wait for you to respin.
