Subject: Re: CVS commit: src/sys/fs/smbfs
To: Jaromir Dolecek <jdolecek@netbsd.org>
From: Bill Studenmund <wrstuden@netbsd.org>
List: source-changes
Date: 02/25/2003 12:33:40
On Tue, 18 Feb 2003, Jaromir Dolecek wrote:
>
> Module Name: src
> Committed By: jdolecek
> Date: Tue Feb 18 19:40:37 UTC 2003
>
> Modified Files:
> src/sys/fs/smbfs: smbfs_vfsops.c
>
> Log Message:
> vrele() the reference to root vnode before calling vflush() in smbfs_unmount(),
> so that the filesystem wouldn't appear as busy when it's not, and vref()
> it back if the vflush() fails
I'm concerned about the vref() in the error case. What happens when the
vflush() has killed off the vnode corresponding to the root vnode? You
either dereference NULL (if SMBTOV(smp->sm_root) returns NULL), or you
start referencing an entirely different vnode. Oh, and bad things happen
if smp->sm_root itself is NULL.
You really need to do the gyrations done in smbfs_root(). Or do better
checking to make sure you vref() what you think you are vref()ing.
Take care,
Bill