| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e97d5c0c-b8ec-4da4-b838-7a308f8a6327@kernel.org> Date: Wed, 4 Feb 2026 20:18:14 +0100 From: "David Hildenbrand (arm)" <david@...nel.org> To: Zi Yan <ziy@...dia.com> Cc: 是参差 <shicenci@...il.com>, linux-mm@...ck.org, linmiaohe@...wei.com, akpm@...ux-foundation.org, linux-kernel@...r.kernel.org, Matthew Wilcox <willy@...radead.org> Subject: Re: WARNING in memory_failure() at include/linux/huge_mm.h:635 triggered On 2/4/26 18:41, Zi Yan wrote: > On 4 Feb 2026, at 12:34, Zi Yan wrote: > >> On 4 Feb 2026, at 12:23, Zi Yan wrote: >> >>> >>> >>> From the C repro above, syzbot opened a dev "/dev/sg#" and did mmap on it. >>> Is it a device driver issue? >> >> OK, it is CONFIG_CHR_DEV_SG. And the driver allocates a compound page at[1]. >> Since we initialize folio fields in prep_compound_page(), it becomes a folio >> when it is inserted into a VMA. > > More details: > later at sg_vma_fault(), the driver just handles a page fault by supplying > a subpage from a pre-allocated compound page[3]. We then get a large folio > without !CONFIG_TRANSPARENT_HUGEPAGE. We can identify such non-folio (but compound) things by looking at PG_large_rmappable IIRC. -- Cheers, David
Powered by blists - more mailing lists