From: Andrew Deason Date: Mon, 21 Sep 2009 19:28:29 +0000 (-0500) Subject: Avoid salvager vol header read assert X-Git-Tag: openafs-devel-1_5_65~55 X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=b7ae31a7484b609cd22d029fd753798001f72864;p=packages%2Fo%2Fopenafs.git Avoid salvager vol header read assert When we read the volume header in order to write it back with a modified inUse while salvaging, we were aborting if we couldn't read the header. Since we can fail to read the header data if the volume header file isn't associated with any data (and will be deleted by the salvager), don't abort. Do still abort if we can't write the data back, since if the data can be read but not written, other programs may think that the volume is not being salvaged. Reviewed-on: http://gerrit.openafs.org/480 Tested-by: Derrick Brashear Reviewed-by: Derrick Brashear --- diff --git a/src/vol/vol-salvage.c b/src/vol/vol-salvage.c index a0986b0ad..72f9ecf7a 100644 --- a/src/vol/vol-salvage.c +++ b/src/vol/vol-salvage.c @@ -3265,19 +3265,36 @@ AskOffline(VolumeId volumeId, char * partition) afs_printable_uint32_lu(volumeId)); fd = afs_open(name, O_RDONLY); - assert(fd >= 0); - assert(read(fd, &diskHeader, sizeof(diskHeader)) == sizeof(diskHeader)); - assert(diskHeader.stamp.magic == VOLUMEHEADERMAGIC); + if (fd < 0) { + return; + } + if (read(fd, &diskHeader, sizeof(diskHeader)) != sizeof(diskHeader) || + diskHeader.stamp.magic != VOLUMEHEADERMAGIC) { + + close(fd); + return; + } close(fd); DiskToVolumeHeader(&header, &diskHeader); IH_INIT(h, fileSysDevice, header.parent, header.volumeInfo); - assert(IH_IREAD(h, 0, (char*)&volHeader, sizeof(volHeader)) == sizeof(volHeader)); - assert(volHeader.stamp.magic == VOLUMEINFOMAGIC); + if (IH_IREAD(h, 0, (char*)&volHeader, sizeof(volHeader)) != sizeof(volHeader) || + volHeader.stamp.magic != VOLUMEINFOMAGIC) { + + IH_RELEASE(h); + return; + } volHeader.inUse = programType; + /* If we can't re-write the header, bail out and error. We don't + * assert when reading the header, since it's possible the + * header isn't really there (when there's no data associated + * with the volume; we just delete the vol header file in that + * case). But if it's there enough that we can read it, but + * somehow we cannot write to it to signify we're salvaging it, + * we've got a big problem and we cannot continue. */ assert(IH_IWRITE(h, 0, (char*)&volHeader, sizeof(volHeader)) == sizeof(volHeader)); IH_RELEASE(h);