exofs: Fix CRASH on very early IO errors.
Boaz Harrosh [Wed, 16 May 2012 11:22:21 +0000 (14:22 +0300)]
commit 6abe4a87f7bc7978705c386dbba0ca0c7790b3ec upstream.

If at exofs_fill_super() we had an early termination
do to any error, like an IO error while reading the
super-block. We would crash inside exofs_free_sbi().

This is because sbi->oc.numdevs was set to 1, before
we actually have a device table at all.

Fix it by moving the sbi->oc.numdevs = 1 to after the
allocation of the device table.

Reported-by: Johannes Schild <JSchild@gmx.de>

Signed-off-by: Boaz Harrosh <bharrosh@panasas.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/exofs/super.c

index 735ca06..59e0849 100644 (file)
@@ -745,7 +745,6 @@ static int exofs_fill_super(struct super_block *sb, void *data, int silent)
        sbi->one_comp.obj.partition = opts->pid;
        sbi->one_comp.obj.id = 0;
        exofs_make_credential(sbi->one_comp.cred, &sbi->one_comp.obj);
-       sbi->oc.numdevs = 1;
        sbi->oc.single_comp = EC_SINGLE_COMP;
        sbi->oc.comps = &sbi->one_comp;
 
@@ -804,6 +803,7 @@ static int exofs_fill_super(struct super_block *sb, void *data, int silent)
                        goto free_sbi;
 
                ore_comp_set_dev(&sbi->oc, 0, od);
+               sbi->oc.numdevs = 1;
        }
 
        __sbi_read_stats(sbi);