On Fri, Nov 25, 2005 at 10:47:38PM +0100, Csaba Henk wrote: > Hi! > > Imagine the following: > > You have a corrupt file (so that you can open it, but when you try reading > from it, it returns EIO). Pretty common with crappy optical media. > > You try "mdconfig -a -t vnode" on it. > > This will lead to a call to xmdioctl() such that mdio->md_type is > MD_VNODE. So you get the following call chain: > > xmdioctl -> mdcreate_vnode -> mdsetcred -> VOP_READ > > VOP_READ returns EIO. This error value will be propagated to mdcreate_vnode, > who will then feel like vn_close-ing the vnode, and propagate the error > further. > > Now we got back to xmdioctl, who will call for mddestroy because of the error. > mddestroy still sees the vnode, and will vn_close it again. > > This will yield a "negative refcount" panic. > > Two different ideas for fixing this: > > 1. Don't vn_close in mdcreate_vnode when there is an error. > 2. Not just vn_close in mdcreate_vnode upon error but also > nullify the sc->vnode field. > > I attach two patches, they realize the above ideas, respectively. > Note that I didn't test either. You probably should do so ;-) This isn't the easiest thing for someone to test without such corrupted media. Kris
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:48 UTC