From: Latchesar Ionkov Date: Fri, 23 Sep 2005 04:43:53 +0000 (-0700) Subject: [PATCH] v9fs: don't free root dentry & inode if error occurs in v9fs_get_sb X-Git-Tag: firefly_0821_release~40860^2~82 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=f71626a461e7d4af099ca71830ea530e96c22e11;p=firefly-linux-kernel-4.4.55.git [PATCH] v9fs: don't free root dentry & inode if error occurs in v9fs_get_sb If error occurs while in v9fs_get_sb after it calles sget, the dentry object of the root and its inode may be freed twice -- once while handling the error in v9fs_get_sb, and second time when v9fs_get_sb calles deactivate_super (which in turn calls v9fs_kill_super) The patch removes the unnecessary code that frees the root dentry and its inode. Signed-off-by: Latchesar Ionkov Cc: Eric Van Hensbergen Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/fs/9p/vfs_super.c b/fs/9p/vfs_super.c index 868f350b2c5f..1e2b2b54d300 100644 --- a/fs/9p/vfs_super.c +++ b/fs/9p/vfs_super.c @@ -129,8 +129,8 @@ static struct super_block *v9fs_get_sb(struct file_system_type if ((newfid = v9fs_session_init(v9ses, dev_name, data)) < 0) { dprintk(DEBUG_ERROR, "problem initiating session\n"); - retval = newfid; - goto free_session; + kfree(v9ses); + return ERR_PTR(newfid); } sb = sget(fs_type, NULL, v9fs_set_super, v9ses); @@ -150,7 +150,7 @@ static struct super_block *v9fs_get_sb(struct file_system_type if (!root) { retval = -ENOMEM; - goto release_inode; + goto put_back_sb; } sb->s_root = root; @@ -159,7 +159,7 @@ static struct super_block *v9fs_get_sb(struct file_system_type root_fid = v9fs_fid_create(root); if (root_fid == NULL) { retval = -ENOMEM; - goto release_dentry; + goto put_back_sb; } root_fid->fidopen = 0; @@ -182,25 +182,15 @@ static struct super_block *v9fs_get_sb(struct file_system_type if (stat_result < 0) { retval = stat_result; - goto release_dentry; + goto put_back_sb; } return sb; - release_dentry: - dput(sb->s_root); - - release_inode: - iput(inode); - - put_back_sb: +put_back_sb: + /* deactivate_super calls v9fs_kill_super which will frees the rest */ up_write(&sb->s_umount); deactivate_super(sb); - v9fs_session_close(v9ses); - - free_session: - kfree(v9ses); - return ERR_PTR(retval); }