From b7ae31a7484b609cd22d029fd753798001f72864 Mon Sep 17 00:00:00 2001 From: Andrew Deason Date: Mon, 21 Sep 2009 14:28:29 -0500 Subject: [PATCH] Avoid salvager vol header read assert When we read the volume header in order to write it back with a modified inUse while salvaging, we were aborting if we couldn't read the header. Since we can fail to read the header data if the volume header file isn't associated with any data (and will be deleted by the salvager), don't abort. Do still abort if we can't write the data back, since if the data can be read but not written, other programs may think that the volume is not being salvaged. Reviewed-on: http://gerrit.openafs.org/480 Tested-by: Derrick Brashear Reviewed-by: Derrick Brashear --- src/vol/vol-salvage.c | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/src/vol/vol-salvage.c b/src/vol/vol-salvage.c index a0986b0ad..72f9ecf7a 100644 --- a/src/vol/vol-salvage.c +++ b/src/vol/vol-salvage.c @@ -3265,19 +3265,36 @@ AskOffline(VolumeId volumeId, char * partition) afs_printable_uint32_lu(volumeId)); fd = afs_open(name, O_RDONLY); - assert(fd >= 0); - assert(read(fd, &diskHeader, sizeof(diskHeader)) == sizeof(diskHeader)); - assert(diskHeader.stamp.magic == VOLUMEHEADERMAGIC); + if (fd < 0) { + return; + } + if (read(fd, &diskHeader, sizeof(diskHeader)) != sizeof(diskHeader) || + diskHeader.stamp.magic != VOLUMEHEADERMAGIC) { + + close(fd); + return; + } close(fd); DiskToVolumeHeader(&header, &diskHeader); IH_INIT(h, fileSysDevice, header.parent, header.volumeInfo); - assert(IH_IREAD(h, 0, (char*)&volHeader, sizeof(volHeader)) == sizeof(volHeader)); - assert(volHeader.stamp.magic == VOLUMEINFOMAGIC); + if (IH_IREAD(h, 0, (char*)&volHeader, sizeof(volHeader)) != sizeof(volHeader) || + volHeader.stamp.magic != VOLUMEINFOMAGIC) { + + IH_RELEASE(h); + return; + } volHeader.inUse = programType; + /* If we can't re-write the header, bail out and error. We don't + * assert when reading the header, since it's possible the + * header isn't really there (when there's no data associated + * with the volume; we just delete the vol header file in that + * case). But if it's there enough that we can read it, but + * somehow we cannot write to it to signify we're salvaging it, + * we've got a big problem and we cannot continue. */ assert(IH_IWRITE(h, 0, (char*)&volHeader, sizeof(volHeader)) == sizeof(volHeader)); IH_RELEASE(h); -- 2.39.5