From 6613440b5873a83df792dc9cc4363e49d818da94 Mon Sep 17 00:00:00 2001 From: peter Date: Wed, 13 May 1998 06:10:13 +0000 Subject: Hold a reference to the vnode during the sillyrename cleanup. If we block in nfs_vinvalbuf() or the nfs_removeit(), we can have the nfsnode reallocated from underneath us (eg: replaced by a ufs 'struct inode') which can cause disk corruption ('freeing free block' when di_db[5] gets trashed). This is not a cheap fix, but it'll do until the nfsnodes get reference counting and/or locking. Apparently NetBSD have a similar fix (apparently from BSDI). I wish all PR's had this much useful detail. :-) PR: 6611 Submitted by: Stephen Clawson --- sys/nfsclient/nfs_node.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'sys/nfsclient') diff --git a/sys/nfsclient/nfs_node.c b/sys/nfsclient/nfs_node.c index 48d0baf..ee145ce 100644 --- a/sys/nfsclient/nfs_node.c +++ b/sys/nfsclient/nfs_node.c @@ -34,7 +34,7 @@ * SUCH DAMAGE. * * @(#)nfs_node.c 8.6 (Berkeley) 5/22/95 - * $Id: nfs_node.c,v 1.23 1997/12/27 02:56:33 bde Exp $ + * $Id: nfs_node.c,v 1.24 1998/02/09 06:10:33 eivind Exp $ */ @@ -208,6 +208,13 @@ nfs_inactive(ap) sp = (struct sillyrename *)0; if (sp) { /* + * XXX We need a reference to keep the vnode from being + * recycled by getnewvnode while we do the I/O + * associated with discarding the buffers. + */ + if (vget(ap->a_vp, 0)) + panic("nfs_inactive: lost vnode"); + /* * Remove the silly file that was rename'd earlier */ (void) nfs_vinvalbuf(ap->a_vp, 0, sp->s_cred, p, 1); @@ -215,6 +222,7 @@ nfs_inactive(ap) crfree(sp->s_cred); vrele(sp->s_dvp); FREE((caddr_t)sp, M_NFSREQ); + vrele(ap->a_vp); /* XXX Undo above reference */ } np->n_flag &= (NMODIFIED | NFLUSHINPROG | NFLUSHWANT | NQNFSEVICTED | NQNFSNONCACHE | NQNFSWRITE); -- cgit v1.1