gefs: clunk dent and mnt when dropping rclose message

When clunking a Fid while the file-system is read only, dont just free the Amsg, but also drop the references to dent and mnt. Make clunkfid() nil fid->rclose, so no reuse after free is possible. Make clunkfid() always set the return pointer, avoid missing prior initialization.
2025-01-12 11:10:06 +00:00 · 2024-08-30 19:54:26 +00:00 · 2024-08-30 19:54:26 +00:00 · 761452154a
commit 761452154a
parent d31382ca17
1 changed files with 8 additions and 10 deletions
--- a/sys/src/cmd/gefs/fs.c
+++ b/sys/src/cmd/gefs/fs.c
@ -800,8 +800,9 @@ clunkfid(Conn *c, Fid *fid, Amsg **ao)
 		free(f->scan);
 		f->scan = nil;
 	}
-	if(f->rclose != nil){
-		*ao = f->rclose;
+
+	if((*ao = f->rclose) != nil){
+		f->rclose = nil;

 		qlock(&f->dent->trunclk);
 		f->dent->trunc = 1;
@ -1805,11 +1806,7 @@ fsremove(Fmsg *m, int id, Amsg **ao)
 	t = f->mnt->root;
 	nm = 0;
 	lock(f);
-	*ao = nil;
 	clunkfid(m->conn, f, ao);
-	/* rclose files are getting removed here anyways */
-	if(*ao != nil)
-		f->rclose = nil;
 	unlock(f);

 	truncwait(f->dent, id);
@ -2332,7 +2329,6 @@ putconn(Conn *c)
 			unlock(&c->fidtablk[i]);
 			
 			lock(f);
-			a = nil;
 			clunkfid(c, f, &a);
 			unlock(f);
 			putfid(f);
@ -2447,11 +2443,13 @@ runmutate(int id, void *)
 				}
 				lock(f);
 				clunkfid(m->conn, f, &a);
-				/* read only: ignore rclose */
-				f->rclose = nil;
 				unlock(f);
-				free(a);
 				putfid(f);
+				if(a != nil){
+					clunkdent(a->mnt, a->dent);
+					clunkmount(a->mnt);
+					free(a);
+				}
 			}
 			rerror(m, Erdonly);
 			continue;