fs/f2fs/inode.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
f2fs_update_inode() reads inode->i_blocks without holding i_lock to
serialize it to the on-disk inode, while concurrent truncate or
allocation paths may modify i_blocks under i_lock. Since blkcnt_t is
u64, this risks torn reads on 32-bit architectures.
Following the approach in ext4_inode_blocks_set(), add READ_ONCE() to prevent
potential compiler-induced tearing.
Signed-off-by: Cen Zhang <zzzccc427@gmail.com>
---
fs/f2fs/inode.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/f2fs/inode.c b/fs/f2fs/inode.c
index 078874db918c..73b913dbe02a 100644
--- a/fs/f2fs/inode.c
+++ b/fs/f2fs/inode.c
@@ -694,7 +694,7 @@ void f2fs_update_inode(struct inode *inode, struct folio *node_folio)
ri->i_uid = cpu_to_le32(i_uid_read(inode));
ri->i_gid = cpu_to_le32(i_gid_read(inode));
ri->i_links = cpu_to_le32(inode->i_nlink);
- ri->i_blocks = cpu_to_le64(SECTOR_TO_BLOCK(inode->i_blocks) + 1);
+ ri->i_blocks = cpu_to_le64(SECTOR_TO_BLOCK(READ_ONCE(inode->i_blocks)) + 1);
if (!f2fs_is_atomic_file(inode) ||
is_inode_flag_set(inode, FI_ATOMIC_COMMITTED))
--
2.34.1On 2026/3/17 19:42, Cen Zhang wrote: > f2fs_update_inode() reads inode->i_blocks without holding i_lock to > serialize it to the on-disk inode, while concurrent truncate or > allocation paths may modify i_blocks under i_lock. Since blkcnt_t is > u64, this risks torn reads on 32-bit architectures. > > Following the approach in ext4_inode_blocks_set(), add READ_ONCE() to prevent > potential compiler-induced tearing. > Need a Fixes line and Cc stable@kernel.org? Otherwise, it looks good to me. Thanks, > Signed-off-by: Cen Zhang <zzzccc427@gmail.com> > --- > fs/f2fs/inode.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/f2fs/inode.c b/fs/f2fs/inode.c > index 078874db918c..73b913dbe02a 100644 > --- a/fs/f2fs/inode.c > +++ b/fs/f2fs/inode.c > @@ -694,7 +694,7 @@ void f2fs_update_inode(struct inode *inode, struct folio *node_folio) > ri->i_uid = cpu_to_le32(i_uid_read(inode)); > ri->i_gid = cpu_to_le32(i_gid_read(inode)); > ri->i_links = cpu_to_le32(inode->i_nlink); > - ri->i_blocks = cpu_to_le64(SECTOR_TO_BLOCK(inode->i_blocks) + 1); > + ri->i_blocks = cpu_to_le64(SECTOR_TO_BLOCK(READ_ONCE(inode->i_blocks)) + 1); > > if (!f2fs_is_atomic_file(inode) || > is_inode_flag_set(inode, FI_ATOMIC_COMMITTED))
Hi Chao,
Thank you for the review.
On 2026/3/18 13:56, Chao Yu wrote:
> Need a Fixes line and Cc stable@kernel.org?
Good point, added both in v2:
Fixes: 19f99cee206c ("f2fs: add core inode operations")
Cc: stable@vger.kernel.org
> Otherwise, it looks good to me.
Thanks!
Best regards,
Cen
© 2016 - 2026 Red Hat, Inc.