Hi!
I am seeing another bug in 9p under syzkaller, the reprocase is:
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x88142, 0x182)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000640)='/dev/null\x00',
0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00',
&(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000100)={'trans=fd,',
{'rfdno', 0x3d, r1}, 0x2$, {'wfdno', 0x3d, r0}})
The default behaviour of syzkaller is to call syscalls concurrently (I
think), at least it forks by default and executes the same sequence in
both threads.
In this example both threads makes it to:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/9p/client.c?h=v5.8#n757
and sit there with the only difference which is thread#1 goes via
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/9p/client.c?h=v5.8#n767
I am pretty sure things should not have gone that far but I cannot
clearly see what needs fixing. Ideas? Thanks,
--
Alexey
