From 18746531a881356ed24b6ef2fdc9e50707642163 Mon Sep 17 00:00:00 2001 From: Kirk McKusick Date: Mon, 17 Apr 2023 23:03:30 -0700 Subject: [PATCH] Bug fixes for fsck_ffs(8). Increment a reference count when returning a zero'ed out buffer after a failed read. Zero out a structure before using it. Only dirty a buffer that has been modified. Submitted by: Chuck Silvers Sponsored by: Netflix MFC after: 1 week --- sbin/fsck_ffs/fsutil.c | 4 +++- sbin/fsck_ffs/inode.c | 10 ++++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/sbin/fsck_ffs/fsutil.c b/sbin/fsck_ffs/fsutil.c index d5852723124..2b915d28aa2 100644 --- a/sbin/fsck_ffs/fsutil.c +++ b/sbin/fsck_ffs/fsutil.c @@ -320,8 +320,10 @@ getdatablk(ufs2_daddr_t blkno, long size, int type) * Skip check for inodes because chkrange() considers * metadata areas invalid to write data. */ - if (type != BT_INODES && chkrange(blkno, size / sblock.fs_fsize)) + if (type != BT_INODES && chkrange(blkno, size / sblock.fs_fsize)) { + failedbuf.b_refcnt++; return (&failedbuf); + } bhdp = &bufhashhd[HASH(blkno)]; LIST_FOREACH(bp, bhdp, b_hash) if (bp->b_bno == fsbtodb(&sblock, blkno)) { diff --git a/sbin/fsck_ffs/inode.c b/sbin/fsck_ffs/inode.c index a46fea0607a..37b0f9ebc1b 100644 --- a/sbin/fsck_ffs/inode.c +++ b/sbin/fsck_ffs/inode.c @@ -747,6 +747,7 @@ snapremove(ino_t inum) bzero(&snaplist[i - 1], sizeof(struct inode)); snapcnt--; } + memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_type = SNAP; idesc.id_func = snapclean; idesc.id_number = inum; @@ -767,14 +768,15 @@ snapclean(struct inodesc *idesc) if (blkno == 0) return (KEEPON); - bp = idesc->id_bp; dp = idesc->id_dp; if (blkno == BLK_NOCOPY || blkno == BLK_SNAP) { - if (idesc->id_lbn < UFS_NDADDR) + if (idesc->id_lbn < UFS_NDADDR) { DIP_SET(dp, di_db[idesc->id_lbn], 0); - else + } else { + bp = idesc->id_bp; IBLK_SET(bp, bp->b_index, 0); - dirty(bp); + dirty(bp); + } } return (KEEPON); }