Commit 520bf71b authored Jan 12, 2024 by Eric Biggers Committed by Jaegeuk Kim Jan 30, 2024

f2fs: fix double free of f2fs_sb_info

kill_f2fs_super() is called even if f2fs_fill_super() fails.
f2fs_fill_super() frees the struct f2fs_sb_info, so it must set
sb->s_fs_info to NULL to prevent it from being freed again.

Fixes: 275dca46 ("f2fs: move release of block devices to after kill_block_super()")
Reported-by: <syzbot+8f477ac014ff5b32d81f@syzkaller.appspotmail.com>
Closes: https://lore.kernel.org/r/0000000000006cb174060ec34502@google.com

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>

parent f0812408

Please to comment