On Tue, Jun 25, 2024 at 01:04:59PM -0700, Pei Li wrote: > Acquire fsck_error_counts_lock before accessing the critical section > protected by this lock. > > syzbot has tested the proposed patch and the reproducer did not trigger > any issue. > > Reported-by: [email protected] > Closes: https://syzkaller.appspot.com/bug?extid=a2bc0e838efd7663f4d9 > Signed-off-by: Pei Li <[email protected]> > --- > Syzbot detected we are accessing free'd memory in > bch2_sb_errors_from_cpu(). > > It is caused by race condition when another task is freeing the array > protected by fsck_error_counts_lock. > > This patch acquires fsck_error_counts_lock before accessing the entries > and get the current number of elements in the array. > > syzbot has tested the proposed patch and the reproducer did not trigger any > issue: > > Tested on: > > commit: 55027e68 Merge tag 'input-for-v6.10-rc5' of git://git... > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=1790a501980000 > kernel config: https://syzkaller.appspot.com/x/.config?x=d6b9ee98d841760c > dashboard link: https://syzkaller.appspot.com/bug?extid=a2bc0e838efd7663f4d9 > compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for > Debian) 2.40 > patch: https://syzkaller.appspot.com/x/patch.diff?x=1272faae980000 > > Note: testing is done by a robot and is best-effort only.
Looks good - applied
