diff -ur sshfs-2.8.old/ChangeLog sshfs-2.8/ChangeLog
--- sshfs-2.8.old/ChangeLog 2016-06-22 19:38:01.000000000 +0100
+++ sshfs-2.8/ChangeLog 2021-09-07 08:17:35.352080786 +0100
@@ -1,3 +1,9 @@
+ Unreleased Changes
+ ------------------
+
++* Fixed a crash due to a race condition when listing
++ directory contents.
+
Release 2.7 (2016-06-22)
------------------------
diff -ur sshfs-2.8.old/sshfs.c sshfs-2.8/sshfs.c
--- sshfs-2.8.old/sshfs.c 2016-06-08 16:42:12.000000000 +0100
+++ sshfs-2.8/sshfs.c 2021-09-07 08:17:06.339682726 +0100
@@ -2173,11 +2173,16 @@
outstanding--;
if (done) {
+ /* We need to cache want_reply, since processing
+ thread may free req right after unlock() if
+ want_reply == 0 */
+ int want_reply;
pthread_mutex_lock(&sshfs.lock);
if (sshfs_req_pending(req))
req->want_reply = 0;
+ want_reply = req->want_reply;
pthread_mutex_unlock(&sshfs.lock);
- if (!req->want_reply)
+ if (!want_reply)
continue;
}