lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <7bce9231-714c-424a-a4e3-dd42734fb767@kernel.org>
Date: Sun, 25 Jan 2026 19:13:10 +0100
From: "David Hildenbrand (Red Hat)" <david@...nel.org>
To: Lance Yang <lance.yang@...ux.dev>, willy@...radead.org
Cc: syzbot+bf6e6a6ca143afea5ca2@...kaller.appspotmail.com,
 Liam.Howlett@...cle.com, akpm@...ux-foundation.org, baohua@...nel.org,
 baolin.wang@...ux.alibaba.com, dev.jain@....com,
 linux-kernel@...r.kernel.org, linux-mm@...ck.org,
 lorenzo.stoakes@...cle.com, npache@...hat.com, ryan.roberts@....com,
 syzkaller-bugs@...glegroups.com, ziy@...dia.com
Subject: Re: [syzbot] [mm?] kernel BUG in hpage_collapse_scan_file (2)

On 1/25/26 13:10, Lance Yang wrote:
> Ccing Willy.
> 
> On Sat, 24 Jan 2026 18:23:28 -0800, syzbot wrote:
>> Hello,
>>
>> syzbot found the following issue on:
>>
>> HEAD commit:    ca3a02fda4da Add linux-next specific files for 20260123
>> git tree:       linux-next
>> console output: https://syzkaller.appspot.com/x/log.txt?x=10c42452580000
>> kernel config:  https://syzkaller.appspot.com/x/.config?x=10f2b64f8f12b9a4
>> dashboard link: https://syzkaller.appspot.com/bug?extid=bf6e6a6ca143afea5ca2
>> compiler:       Debian clang version 21.1.8 (++20251221033036+2078da43e25a-1~exp1~20251221153213.50), Debian LLD 21.1.8
>> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=17f7cbfa580000
>> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=112d405a580000
>>
>> Downloadable assets:
>> disk image: https://storage.googleapis.com/syzbot-assets/291ebca63a31/disk-ca3a02fd.raw.xz
>> vmlinux: https://storage.googleapis.com/syzbot-assets/b2112a214b54/vmlinux-ca3a02fd.xz
>> kernel image: https://storage.googleapis.com/syzbot-assets/77d1ae437e07/bzImage-ca3a02fd.xz
>>
>> IMPORTANT: if you fix the issue, please add the following tag to the commit:
>> Reported-by: syzbot+bf6e6a6ca143afea5ca2@...kaller.appspotmail.com
>>
>> node ffff888148816ec0 offset 0 parent ffff888148817700 shift 0 count 64 values 0 array ffff88807be6b0f0 list ffff888148816ed8 ffff888148816ed8 marks 0 0 0
>> ------------[ cut here ]------------
>> kernel BUG at ./include/linux/xarray.h:1441!
>> Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
>> CPU: 0 UID: 0 PID: 6017 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)
>> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
>> RIP: 0010:XAS_INVALID include/linux/xarray.h:1441 [inline]
> 
> Seems like that is:
> 
> ```
> static inline struct xa_state *XAS_INVALID(struct xa_state *xas)
> {
> 	XA_NODE_BUG_ON(xas->xa_node, xas_valid(xas));
> 	return xas;
> }
> ```

I think there was recently already a discussion about this.

See

https://lore.kernel.org/linux-mm/aVvz3tYdu49TGkjI@mozart.vkv.me/


And where Willy said that likely it needs more thought:

https://lore.kernel.org/linux-mm/aVwm3MQ_ZDa_kU8c@casper.infradead.org/

-- 
Cheers

David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ