lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <0000000000006a51e205c928399f@google.com>
Date:   Mon, 09 Aug 2021 15:51:22 -0700
From:   syzbot <syzbot+c87be4f669d920c76330@...kaller.appspotmail.com>
To:     Matthew Wilcox <willy@...radead.org>
Cc:     akpm@...ux-foundation.org, bp@...en8.de, frederic@...nel.org,
        hpa@...or.com, jmattson@...gle.com, joro@...tes.org,
        kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org, mark.rutland@....com, masahiroy@...nel.org,
        mingo@...hat.com, npiggin@...il.com, pbonzini@...hat.com,
        peterz@...radead.org, rafael.j.wysocki@...el.com,
        rostedt@...dmis.org, seanjc@...gle.com, sedat.dilek@...il.com,
        syzkaller-bugs@...glegroups.com, tglx@...utronix.de,
        vitor@...saru.org, vkuznets@...hat.com, wanpengli@...cent.com,
        will@...nel.org, willy@...radead.org, x86@...nel.org
Subject: Re: [syzbot] kernel BUG in find_lock_entries

> On Mon, Aug 09, 2021 at 02:02:22PM -0700, syzbot wrote:
>> The issue was bisected to:
>> 
>> commit 997acaf6b4b59c6a9c259740312a69ea549cc684
>> Author: Mark Rutland <mark.rutland@....com>
>> Date:   Mon Jan 11 15:37:07 2021 +0000
>> 
>>     lockdep: report broken irq restoration
>
> That's just a bogus bisection.  The correct bad commit is 5c211ba29deb.
>
>> kernel BUG at mm/filemap.c:2041!
>> invalid opcode: 0000 [#1] PREEMPT SMP KASAN
>> CPU: 1 PID: 24786 Comm: syz-executor626 Not tainted 5.14.0-rc4-syzkaller #0
>> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
>> RIP: 0010:find_lock_entries+0x10d5/0x1110 mm/filemap.c:2041
>
> This patch should fix it.  It's not just removing the warning; this
> warning duplicates the warning a few lines down (after taking the
> lock).  It's not safe to make this assertion without holding the page
> lock as the page can move between the page cache and the swap cache.
>
> #syz test

want 2 args (repo, branch), got 4

>
> diff --git a/mm/filemap.c b/mm/filemap.c
> index d1458ecf2f51..34de0b14aaa9 100644
> --- a/mm/filemap.c
> +++ b/mm/filemap.c
> @@ -2038,7 +2038,6 @@ unsigned find_lock_entries(struct address_space *mapping, pgoff_t start,
>  		if (!xa_is_value(page)) {
>  			if (page->index < start)
>  				goto put;
> -			VM_BUG_ON_PAGE(page->index != xas.xa_index, page);
>  			if (page->index + thp_nr_pages(page) - 1 > end)
>  				goto put;
>  			if (!trylock_page(page))

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ