From owner-freebsd-current@FreeBSD.ORG  Sun Apr 10 02:53:09 2005
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4B9AB16A4CE; Sun, 10 Apr 2005 02:53:09 +0000 (GMT)
Received: from sana.init-main.com (104.194.138.210.bn.2iij.net
	[210.138.194.104])	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 3AB2A43D2D; Sun, 10 Apr 2005 02:53:06 +0000 (GMT)
	(envelope-from takawata@init-main.com)
Received: from init-main.com (localhost.init-main.com [127.0.0.1])
	by sana.init-main.com (8.13.1/8.13.1) with ESMTP id j3A2pLEH055107;
	Sun, 10 Apr 2005 11:51:22 +0900 (JST)
	(envelope-from takawata@init-main.com)
Message-Id: <200504100251.j3A2pLEH055107@sana.init-main.com>
To: jeff@freebsd.org, bp@freebsd.org
From: takawata@jp.freebsd.org
Date: Sun, 10 Apr 2005 11:51:21 +0900
Sender: takawata@init-main.com
cc: freebsd-fs@freebsd.org
cc: freebsd-current@freebsd.org
Subject: smbfs bug introduced at smbfs_vnops.c:1.58
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Apr 2005 02:53:09 -0000

Hi I found the bug which is introduced at smbfs_vnops.c rev 1.58

This will make instant panic when you try to access
file on mounted smbfs.

This is caused by uninitialized vp.

Index: smbfs_vnops.c
===================================================================
RCS file: /home/ncvs/src/sys/fs/smbfs/smbfs_vnops.c,v
retrieving revision 1.59
diff -u -r1.59 smbfs_vnops.c
--- smbfs_vnops.c	29 Mar 2005 13:06:58 -0000	1.59
+++ smbfs_vnops.c	10 Apr 2005 02:44:04 -0000
@@ -1118,7 +1118,8 @@
 		return error;
 	if (error) {		/* name was found */
 		struct vattr vattr;
-
+		
+		vp = *vpp;
 		killit = 0;
 		error = VOP_GETATTR(vp, &vattr, cnp->cn_cred, td);
 		/*