Wang Hai wrote on Fri, Jun 12, 2020:
> p9_read_work and p9_fd_cancelled may be called concurrently.
> In some cases, req->req_list may be deleted by both p9_read_work
> and p9_fd_cancelled.
>
> We can fix it by ignoring replies associated with a cancelled
> request and ignoring cancelled request if message has been received
> before lock.
>
> Fixes: 60ff779c4abb ("9p: client: remove unused code and any reference to
> "cancelled" function")
> Reported-by: syzbot+77a25acfa0382e06a...@syzkaller.appspotmail.com
> Signed-off-by: Wang Hai <wangha...@huawei.com>
Thanks! looks good to me, I'll queue for 5.9 as well unless you're in a
hurry.
--
Dominique
