On Wed, Jul 18, 2018 at 07:07:18PM +0900, Tetsuo Handa wrote: > syzbot is hitting NULL pointer dereference at process_init_reply() [1]. > This is because deactivate_locked_super() is called before response for > initial request is processed. Fix this by protecting process_init_reply() > using fc->killsb. IDGI... why is FUSE_INIT asynchronous in the first place? What's the point returning a superblock before FUSE_INIT completes, seeing that things like fuse_get_req() block until that one is over?
