Re: [syzbot] [udf?] possible deadlock in udf_free_blocks
From: Jeongjun Park
Date: Tue Apr 15 2025 - 11:43:06 EST
#syz test git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
---
fs/udf/balloc.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/fs/udf/balloc.c b/fs/udf/balloc.c
index 807c493ed0cd..f70d13eaedce 100644
--- a/fs/udf/balloc.c
+++ b/fs/udf/balloc.c
@@ -657,8 +657,10 @@ void udf_free_blocks(struct super_block *sb, struct inode *inode,
uint32_t count)
{
uint16_t partition = bloc->partitionReferenceNum;
- struct udf_part_map *map = &UDF_SB(sb)->s_partmaps[partition];
+ struct udf_sb_info *sbi = UDF_SB(sb);
+ struct udf_part_map *map = &sbi->s_partmaps[partition];
uint32_t blk;
+ bool islocked = false;
if (check_add_overflow(bloc->logicalBlockNum, offset, &blk) ||
check_add_overflow(blk, count, &blk) ||
@@ -670,6 +672,11 @@ void udf_free_blocks(struct super_block *sb, struct inode *inode,
return;
}
+ islocked = mutex_is_locked(&sbi->s_alloc_mutex);
+
+ if (islocked)
+ mutex_unlock(&sbi->s_alloc_mutex);
+
if (map->s_partition_flags & UDF_PART_FLAG_UNALLOC_BITMAP) {
udf_bitmap_free_blocks(sb, map->s_uspace.s_bitmap,
bloc, offset, count);
@@ -678,6 +685,9 @@ void udf_free_blocks(struct super_block *sb, struct inode *inode,
bloc, offset, count);
}
+ if (islocked)
+ mutex_lock(&sbi->s_alloc_mutex);
+
if (inode) {
inode_sub_bytes(inode,
((sector_t)count) << sb->s_blocksize_bits);
--