From 8d2666e3f66c263946b47155f3764f64ce64d684 Mon Sep 17 00:00:00 2001
From: Jeff Mahoney <jeffm@suse.com>
Date: Tue, 22 Aug 2017 10:01:30 -0500
Subject: [PATCH] fsr: fix uninitialized fs usage after timeout

In the main loop of fsrallfs, we exit when we've hit the timeout but
we increment fs before we get there.  If we're operating on the last
file system in the array, we'll hit an uninitialized fsdesc and
crash in fsrall_cleanup.

Signed-off-by: Jeff Mahoney <jeffm@suse.com>
[sandeen: change Jeff's for(; loop]
Reviewed-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Eric Sandeen <sandeen@sandeen.net>
---
 fsr/xfs_fsr.c | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/fsr/xfs_fsr.c b/fsr/xfs_fsr.c
index d4846a320..2a18ce082 100644
--- a/fsr/xfs_fsr.c
+++ b/fsr/xfs_fsr.c
@@ -600,12 +600,7 @@ fsrallfs(char *mtab, int howlong, char *leftofffile)
 	/* reorg for 'howlong' -- checked in 'fsrfs' */
 	while (endtime > time(0)) {
 		pid_t pid;
-		if (fs == fsend)
-			fs = fsbase;
-		if (fs->npass == npasses) {
-			fsrprintf(_("Completed all %d passes\n"), npasses);
-			break;
-		}
+
 		if (npasses > 1 && !fs->npass)
 			Mflag = 1;
 		else
@@ -631,6 +626,12 @@ fsrallfs(char *mtab, int howlong, char *leftofffile)
 		startino = 0;  /* reset after the first time through */
 		fs->npass++;
 		fs++;
+		if (fs == fsend)
+			fs = fsbase;
+		if (fs->npass == npasses) {
+			fsrprintf(_("Completed all %d passes\n"), npasses);
+			break;
+		}
 	}
 	fsrall_cleanup(endtime <= time(0));
 }
-- 
2.47.2