On Tue, Apr 06, 2021 at 06:53:32PM -0500, Aditya Pakki wrote: > In virtio_fs_get_tree, after fm is freed, it is again freed in case > s_root is NULL and virtio_fs_fill_super() returns an error. To avoid > a double free, set fm to NULL. > > Signed-off-by: Aditya Pakki <pakki...@umn.edu> > --- > fs/fuse/virtio_fs.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c > index 4ee6f734ba83..a7484c1539bf 100644 > --- a/fs/fuse/virtio_fs.c > +++ b/fs/fuse/virtio_fs.c > @@ -1447,6 +1447,7 @@ static int virtio_fs_get_tree(struct fs_context *fsc) > if (fsc->s_fs_info) { > fuse_conn_put(fc); > kfree(fm); > + fm = NULL;
I think both the code paths are mutually exclusive and that's why we don't double free it. sget_fc(), can either return existing super block which is already initialized, or it can create a new super block which need to initialize further. If if get an existing super block, in that case fs->s_fs_info will still be set and we need to free fm (as we did not use it). But in that case this super block is already initialized so sb->s_root should be non-null and we will not call virtio_fs_fill_super() on this. And hence we will not get into kfree(fm) again. Same applies to fuse_conn_put(fc) call as well. So I think this patch is not needed. I think sget_fc() semantics are not obvious and that confuses the reader of the code. Thanks Vivek > } > if (IS_ERR(sb)) > return PTR_ERR(sb); > -- > 2.25.1 >