From: Andrew Deason Date: Mon, 25 Jul 2011 16:12:37 +0000 (-0500) Subject: libafs: Add afs_conn refCount imbalance safeguard X-Git-Tag: upstream/1.8.0_pre1^2~3474 X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=e453f49bd4d501210e4d1696cb07158c4b887334;p=packages%2Fo%2Fopenafs.git libafs: Add afs_conn refCount imbalance safeguard If someone is putting back too many refs, we can detect so very easily. If we see that such a thing is happening, give a warning and bail out, instead of risking a panic or memory corruption. Change-Id: I36c968f9cd7cab3f569d3f6860f41678f026fba8 Reviewed-on: http://gerrit.openafs.org/5094 Tested-by: Derrick Brashear Reviewed-by: Derrick Brashear --- diff --git a/src/afs/afs_conn.c b/src/afs/afs_conn.c index f842a91c3..f63ac633f 100644 --- a/src/afs/afs_conn.c +++ b/src/afs/afs_conn.c @@ -596,6 +596,24 @@ afs_PutConn(struct afs_conn *ac, struct rx_connection *rxconn, { AFS_STATCNT(afs_PutConn); ac->refCount--; + if (ac->refCount < 0) { + static int warned = 0; + /* So, someone is 'put'ing more refs than they got. From now on, we + * have no idea if the structure is actually still in use, so just + * set the refcount to a really negative number to make it unlikely + * that the count will ever reach 0 and the conn gets freed. This + * leaks memory, but the alternative is panicing, or risking memory + * corruption. */ + ac->refCount = -10000; + if (!warned) { + warned = 1; + afs_warn("afs_PutConn: negative refCount with 0x%lx; this should " + "not ever happen! Trying to carry on anyway, but please " + "report this issue\n", + (unsigned long)(uintptrsz)ac); + } + return; + } ac->parent->refCount--; rx_PutConnection(rxconn); } /*afs_PutConn */