Syzbot reported a data-race in __filemap_add_folio / invalidate_bdev[1] due to concurrent access to mapping->nrpages. Adds a lock around the access to nrpages. [1] https://syzkaller.appspot.com/bug?extid=f2aaf773187f5cae54f3 Signed-off-by: Yuan Tan <tanyuan@xxxxxxxxxxx> Reported-by: syzbot+f2aaf773187f5cae54f3@xxxxxxxxxxxxxxxxxxxxxxxxx --- block/bdev.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) I had already completed and tested this patch before Matthew sent the email. I'm not sure if this solution is correct. If it's not, please ignore the patch :) diff --git a/block/bdev.c b/block/bdev.c index 9d73a8fbf7f9..934043d09068 100644 --- a/block/bdev.c +++ b/block/bdev.c @@ -96,7 +96,14 @@ void invalidate_bdev(struct block_device *bdev) { struct address_space *mapping = bdev->bd_mapping; - if (mapping->nrpages) { + XA_STATE(xas, &mapping->i_pages, 0); /* we don't care about the index */ + unsigned long nrpages; + + xas_lock_irq(&xas); + nrpages = mapping->nrpages; + xas_unlock_irq(&xas); + + if (nrpages) { invalidate_bh_lrus(); lru_add_drain_all(); /* make sure all lru add caches are flushed */ invalidate_mapping_pages(mapping, 0, -1); -- 2.25.1
