From 9733f8ee44e56f1211bbeacc3cf3ddd8cc211b5b Mon Sep 17 00:00:00 2001 From: Peter Wemm Date: Wed, 13 May 1998 06:10:13 +0000 Subject: [PATCH] Hold a reference to the vnode during the sillyrename cleanup. If we block in nfs_vinvalbuf() or the nfs_removeit(), we can have the nfsnode reallocated from underneath us (eg: replaced by a ufs 'struct inode') which can cause disk corruption ('freeing free block' when di_db[5] gets trashed). This is not a cheap fix, but it'll do until the nfsnodes get reference counting and/or locking. Apparently NetBSD have a similar fix (apparently from BSDI). I wish all PR's had this much useful detail. :-) PR: 6611 Submitted by: Stephen Clawson --- sys/nfs/nfs_node.c | 10 +++++++++- sys/nfsclient/nfs_node.c | 10 +++++++++- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/sys/nfs/nfs_node.c b/sys/nfs/nfs_node.c index 48d0bafd9c6..ee145ce27c2 100644 --- a/sys/nfs/nfs_node.c +++ b/sys/nfs/nfs_node.c @@ -34,7 +34,7 @@ * SUCH DAMAGE. * * @(#)nfs_node.c 8.6 (Berkeley) 5/22/95 - * $Id: nfs_node.c,v 1.23 1997/12/27 02:56:33 bde Exp $ + * $Id: nfs_node.c,v 1.24 1998/02/09 06:10:33 eivind Exp $ */ @@ -207,6 +207,13 @@ nfs_inactive(ap) } else sp = (struct sillyrename *)0; if (sp) { + /* + * XXX We need a reference to keep the vnode from being + * recycled by getnewvnode while we do the I/O + * associated with discarding the buffers. + */ + if (vget(ap->a_vp, 0)) + panic("nfs_inactive: lost vnode"); /* * Remove the silly file that was rename'd earlier */ @@ -215,6 +222,7 @@ nfs_inactive(ap) crfree(sp->s_cred); vrele(sp->s_dvp); FREE((caddr_t)sp, M_NFSREQ); + vrele(ap->a_vp); /* XXX Undo above reference */ } np->n_flag &= (NMODIFIED | NFLUSHINPROG | NFLUSHWANT | NQNFSEVICTED | NQNFSNONCACHE | NQNFSWRITE); diff --git a/sys/nfsclient/nfs_node.c b/sys/nfsclient/nfs_node.c index 48d0bafd9c6..ee145ce27c2 100644 --- a/sys/nfsclient/nfs_node.c +++ b/sys/nfsclient/nfs_node.c @@ -34,7 +34,7 @@ * SUCH DAMAGE. * * @(#)nfs_node.c 8.6 (Berkeley) 5/22/95 - * $Id: nfs_node.c,v 1.23 1997/12/27 02:56:33 bde Exp $ + * $Id: nfs_node.c,v 1.24 1998/02/09 06:10:33 eivind Exp $ */ @@ -207,6 +207,13 @@ nfs_inactive(ap) } else sp = (struct sillyrename *)0; if (sp) { + /* + * XXX We need a reference to keep the vnode from being + * recycled by getnewvnode while we do the I/O + * associated with discarding the buffers. + */ + if (vget(ap->a_vp, 0)) + panic("nfs_inactive: lost vnode"); /* * Remove the silly file that was rename'd earlier */ @@ -215,6 +222,7 @@ nfs_inactive(ap) crfree(sp->s_cred); vrele(sp->s_dvp); FREE((caddr_t)sp, M_NFSREQ); + vrele(ap->a_vp); /* XXX Undo above reference */ } np->n_flag &= (NMODIFIED | NFLUSHINPROG | NFLUSHWANT | NQNFSEVICTED | NQNFSNONCACHE | NQNFSWRITE);