Re: [syzbot] [mm?] possible deadlock in mfill_get_vma

Next message: Inochi Amaoto: "[PATCH net-next v10 0/4] riscv: spacemit: Add ethernet support for K3"
Previous message: Wang Jun: "[PATCH v5 1/1] media: saa7164: add ioremap return checks and cleanups"
In reply to: syzbot: "[syzbot] [mm?] possible deadlock in mfill_get_vma"
Next in thread: syzbot: "Re: [syzbot] [mm?] possible deadlock in mfill_get_vma"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Edward Adam Davis

Date: Sun Mar 15 2026 - 20:57:53 EST

#syz test

diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c
index 9ffc80d0a51b..ccfadea3dc79 100644
--- a/mm/userfaultfd.c
+++ b/mm/userfaultfd.c
@@ -197,7 +197,6 @@ static void mfill_put_vma(struct mfill_state *state)
if (!state->vma)
return;

- up_read(&state->ctx->map_changing_lock);
uffd_mfill_unlock(state->vma);
state->vma = NULL;
}
@@ -261,6 +260,7 @@ static int mfill_get_vma(struct mfill_state *state)
return 0;

out_unlock:
+ up_read(&state->ctx->map_changing_lock);
mfill_put_vma(state);
return err;
}