Re: [PATCH v2] 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work

From: wanghai (M)
Date: Fri Jun 12 2020 - 05:22:59 EST

Next message: Matti Vaittinen: "[PATCH] regulator: Fix pickable ranges mapping"
Previous message: Pierre Morel: "Re: [PATCH] s390: protvirt: virtio: Refuse device without IOMMU"
In reply to: Dominique Martinet: "Re: [PATCH v2] 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

å 2020/6/12 17:10, Dominique Martinet åé:

Wang Hai wrote on Fri, Jun 12, 2020:

p9_read_work and p9_fd_cancelled may be called concurrently.
In some cases, req->req_list may be deleted by both p9_read_work
and p9_fd_cancelled.

We can fix it by ignoring replies associated with a cancelled
request and ignoring cancelled request if message has been received
before lock.

Fixes: 60ff779c4abb ("9p: client: remove unused code and any reference to "cancelled" function")
Reported-by: syzbot+77a25acfa0382e06ab23@xxxxxxxxxxxxxxxxxxxxxxxxx
Signed-off-by: Wang Hai <wanghai38@xxxxxxxxxx>

Thanks! looks good to me, I'll queue for 5.9 as well unless you're in a
hurry.

Ok, thanks.

Next message: Matti Vaittinen: "[PATCH] regulator: Fix pickable ranges mapping"
Previous message: Pierre Morel: "Re: [PATCH] s390: protvirt: virtio: Refuse device without IOMMU"
In reply to: Dominique Martinet: "Re: [PATCH v2] 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]