| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241228103627.577-1-hdanton@sina.com>
Date: Sat, 28 Dec 2024 18:36:26 +0800
From: Hillf Danton <hdanton@...a.com>
To: syzbot <syzbot+c0673e1f1f054fac28c2@...kaller.appspotmail.com>
Cc: linux-kernel@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [mm?] WARNING in __folio_rmap_sanity_checks (2)
On Fri, 27 Dec 2024 20:56:21 -0800
> syzbot has found a reproducer for the following issue on:
>
> HEAD commit: 8155b4ef3466 Add linux-next specific files for 20241220
> git tree: linux-next
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1652fadf980000
#syz test
--- x/include/linux/rmap.h
+++ y/include/linux/rmap.h
@@ -195,7 +195,7 @@ enum rmap_level {
};
static inline void __folio_rmap_sanity_checks(const struct folio *folio,
- const struct page *page, int nr_pages, enum rmap_level level)
+ struct page *page, int nr_pages, enum rmap_level level)
{
/* hugetlb folios are handled separately. */
VM_WARN_ON_FOLIO(folio_test_hugetlb(folio), folio);
@@ -213,8 +213,17 @@ static inline void __folio_rmap_sanity_c
*/
VM_WARN_ON_ONCE(nr_pages <= 0);
- VM_WARN_ON_FOLIO(page_folio(page) != folio, folio);
- VM_WARN_ON_FOLIO(page_folio(page + nr_pages - 1) != folio, folio);
+ if (!folio_test_large(folio)) {
+ VM_WARN_ON_FOLIO(page_folio(page) != folio, folio);
+ VM_WARN_ON_FOLIO(page_folio(page + nr_pages - 1) != folio, folio);
+ } else {
+ struct page *p = compound_head(page);
+
+ VM_WARN_ON_FOLIO(page_folio(p) != folio, folio);
+ p = page + nr_pages - 1;
+ p = compound_head(p);
+ VM_WARN_ON_FOLIO(page_folio(p) != folio, folio);
+ }
switch (level) {
case RMAP_LEVEL_PTE:
--
Powered by blists - more mailing lists