Bug 199795

Summary: CONFIG_STATIC_USERMODEHELPER_PATH="" causes NULL pointer dereference in do_coredump() when kernel.core_pattern is set to a pipe.
Product: Process Management Reporter: Sergey Kvachonok (ravenexp)
Component: OtherAssignee: process_other
Status: NEW ---    
Severity: low CC: mcgrof, slyfox
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 4.16.10 Subsystem:
Regression: No Bisected commit-id:
Attachments: Oops dmesg
0001-umh-always-return-error-when-helper-was-not-called.patch

Description Sergey Kvachonok 2018-05-22 06:08:28 UTC 
Created attachment 276125 [details]
Oops dmesg

My kernel config contains:

CONFIG_STATIC_USERMODEHELPER=y
CONFIG_STATIC_USERMODEHELPER_PATH=""

My system is using systemd, which sysctls

kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e

at the boot time.

Running a SEGFAULT-ing program triggers:

BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
IP: do_coredump+0xba0/0xe20

Full dmesg log attached.

Running

sysctl kernel.core_pattern = /tmp/core.%e.%p.%h.%t

makes the oops go away.

I understand that my kernel was configured incorrectly for use with systemd,
but it should not cause a kernel oops in any case.
A helpful error message would be much better.
Comment 1 Sergei Trofimovich 2020-04-15 07:00:56 UTC 
Created attachment 288461 [details]
0001-umh-always-return-error-when-helper-was-not-called.patch
Comment 2 Sergei Trofimovich 2020-04-15 07:02:06 UTC 
Sent patch as https://lkml.org/lkml/2020/4/15/116
Comment 3 Luis Chamberlain 2020-04-16 05:12:40 UTC 
Thanks for the patch and bug report! I provided an alternative patch. Let's review on the thread I replied to, I Cc'd other possible stakeholders.