| blob | e60c05adb2b294d685592933f9685b9d60be88c6 |
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
22 /*
23 * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
24 */
26 /*
27 * Remove objects. Objects need removal from a process as part of:
28 *
29 * - a dlclose() request
30 *
31 * - tearing down a dlopen(), lazy-load, or filter hierarchy that failed to
32 * completely load
33 *
34 * Any other failure condition will result in process exit (in which case all
35 * we have to do is execute the fini's - tear down is unnecessary).
36 *
37 * Any removal of objects is therefore associated with a dlopen() handle. There
38 * is a small window between creation of the first dlopen() object and creating
39 * its handle (in which case remove_so() can get rid of the new link-map if
40 * necessary), but other than this all object removal is driven by inspecting
41 * the components of a handle.
42 *
43 * Things to note. The creation of a link-map, and its addition to the link-map
44 * list occurs in {elf|aout}_new_lm(), if this returns success the link-map is
45 * valid and added, otherwise any steps (allocations) in the process of creating
46 * the link-map would have been undone. If a failure occurs between creating
47 * the link-map and adding it to a handle, remove_so() is called to remove the
48 * link-map. If a failures occurs after a handle have been created,
49 * remove_hdl() is called to remove the handle and the link-map.
50 */
52 #include <string.h>
53 #include <stdio.h>
54 #include <unistd.h>
55 #include <dlfcn.h>
56 #include <sys/debug.h>
57 #include <sys/avl.h>
58 #include <libc_int.h>
59 #include <debug.h>
65 /*
66 * Atexit callback provided by libc. As part of dlclose() determine the address
67 * ranges of all objects that are to be deleted. Pass this information to
68 * libc's pre-atexit routine. Libc will purge any registered atexit() calls
69 * related to those objects about to be deleted.
70 */
71 static int
73 {
74 uint_t num;
80 /*
81 * Has a callback been established?
82 */
86 /*
87 * Determine the total number of mapped segments that will be unloaded.
88 */
93 }
95 /*
96 * Account for a null entry at the end of the address range array.
97 */
101 /*
102 * Allocate an array for the address range.
103 */
107 /*
108 * Fill the address range with each loadable segments size and address.
109 */
113 uint_t ndx;
120 _addr++;
121 }
122 }
129 /*
130 * If we fail to converse with libc, generate an error message to
131 * satisfy any dlerror() usage.
132 */
138 }
140 /*
141 * Break down an Alist containing pathname descriptors. In most instances, the
142 * Alist is removed completely. However, in some instances the alist is cleaned
143 * of all entries, but retained for later use.
144 */
145 void
147 {
156 }
157 }
158 }
160 /*
161 * Remove a link-map list descriptor. This is called to finalize the removal
162 * of an entire link-map list, after all link-maps have been removed, or none
163 * got added. As load_one() can process a list of potential candidate objects,
164 * the link-map descriptor must be maintained as each object is processed. Only
165 * after all objects have been processed can a failure condition finally tear
166 * down the link-map list descriptor.
167 */
168 void
170 {
177 /*
178 * Cleanup any pending RTLDINFO in the case where it was
179 * allocated but not called (see _relocate_lmc()).
180 */
183 /*
184 * As we are freeing the link-map list, all nodes must
185 * have previously been removed.
186 */
189 }
192 }
193 }
195 /*
196 * Remove a link-map. This removes a link-map from its associated list and
197 * free's up the link-map itself. Note, all components that are freed are local
198 * to the link-map, no inter-link-map lists are operated on as these are all
199 * broken down by dlclose() while all objects are still mapped.
200 *
201 * This routine is called from dlclose() to zap individual link-maps after their
202 * interdependencies (DEPENDS(), CALLER(), handles, etc.) have been removed.
203 * This routine is also called from the bowels of load_one() in the case of a
204 * link-map creation failure.
205 */
206 void
208 {
214 /*
215 * Unlink the link map from the link-map list.
216 */
220 /*
221 * If this object contributed any local external vectors for the current
222 * link-map list, remove the vectors. If this object contributed any
223 * global external vectors we should find some new candidates, or leave
224 * this object lying around.
225 */
233 }
238 }
239 }
240 }
244 /*
245 * If this object is an auditor, determine whether any link-map lists
246 * are maintaining cookies to represent this auditor. These cookies
247 * are established for local auditing preinit and activity events.
248 */
251 Aliste idx1;
256 Aliste idx2;
266 }
267 }
268 }
269 }
271 /*
272 * If this is a temporary link-map, put in place to facilitate the
273 * link-edit or a relocatable object, then the link-map contains no
274 * information that needs to be cleaned up.
275 */
279 /*
280 * Remove any FullpathNode AVL names if they still exist.
281 */
285 /*
286 * Remove any alias names.
287 */
291 /*
292 * Remove any of this objects filtee infrastructure. The filtees them-
293 * selves have already been removed.
294 */
304 }
305 }
307 /*
308 * Deallocate any remaining cruft and free the link-map.
309 */
318 /*
319 * Note that COPY_R() and COPY_S() reference the same memory
320 * location, and that we want to release the memory referenced
321 * without regard to which list it logically belongs to. We can
322 * use either pointer to do this.
323 */
327 /*
328 * During a dlclose() any groups this object was a part of will have
329 * been torn down. However, we can get here to remove an object that
330 * has failed to load, perhaps because its addition to a handle failed.
331 * Therefore if this object indicates that its part of a group tear
332 * these associations down.
333 */
335 Aliste idx1;
340 Aliste idx2;
348 }
349 }
351 }
355 /*
356 * Clean up reglist if needed
357 */
371 }
376 }
377 }
378 }
380 /*
381 * If this link map represents a relocatable object concatenation, then
382 * the image was simply generated in allocated memory. Free the memory.
383 * Note: memory maps were fabricated for the relocatable object, and
384 * the mapping infrastructure must be free'd, but there are no address
385 * mappings that must be unmapped.
386 *
387 * Otherwise, unmap the object.
388 */
399 }
402 }
404 /*
405 * Traverse an objects dependency list removing callers and dependencies.
406 * There's a chicken and egg problem with tearing down link-maps. Any
407 * relationship between link-maps is maintained on a DEPENDS list, and an
408 * associated CALLERS list. These lists can't be broken down at the time a
409 * single link-map is removed, as any related link-map may have already been
410 * removed. Thus, lists between link-maps must be broken down before the
411 * individual link-maps themselves.
412 */
413 static void
415 {
416 Aliste idx1;
419 /*
420 * First, traverse this objects dependencies.
421 */
425 /*
426 * Remove this object from the dependencies callers.
427 */
430 }
434 }
436 /*
437 * Second, traverse this objects callers.
438 */
443 /*
444 * If we're removing an object that was triggered by a lazyload,
445 * remove the callers DYNINFO() entry and bump the lazy counts.
446 * This reinitialization of the lazy information allows a lazy
447 * object to be reloaded again later. Although we may be
448 * breaking down a group of lazyloaded objects because one has
449 * failed to relocate, it's possible that one or more of the
450 * individual objects can be reloaded without a problem.
451 */
464 }
465 }
466 }
470 }
474 }
475 }
477 /*
478 * Delete any temporary link-map control list.
479 */
480 void
482 {
484 #if DEBUG
489 /*
490 * This element should be empty.
491 */
493 #endif
495 }
497 /*
498 * If a lazy loaded object, or filtee fails to load, possibly because it, or
499 * one of its dependencies can't be relocated, then tear down any objects
500 * that are apart of this link-map control list.
501 */
502 static void
504 {
508 /* LINTED */
511 /*
512 * If auditing is in effect, the loading of these objects might have
513 * resulted in la_objopen() events being posted. Normally, an
514 * la_objclose() event is posted after an object's .fini is executed,
515 * just before the objects are unloaded. These failed objects do not
516 * have their .fini's executed, but an la_objclose() event should still
517 * be posted to any auditors.
518 */
522 }
524 /*
525 * Remove any lists that may point between objects.
526 */
530 /*
531 * Finally, remove each object. remove_so() calls lm_delete(), thus
532 * effectively the link-map control head gets updated to point to the
533 * next link-map.
534 */
539 }
541 /*
542 * Determine whether an object is deletable.
543 */
544 static int
546 {
547 Aliste idx;
551 /*
552 * If the object hasn't yet been relocated take this as a sign that
553 * it's loading failed, thus we're here to cleanup. If the object is
554 * relocated it will only be retained if it was marked non-deletable,
555 * and exists on the main link-map control list.
556 */
561 /*
562 * If this object is the head of a handle that has not been captured as
563 * a candidate for deletion, then this object is in use from a dlopen()
564 * outside of the scope of this dlclose() family. Dlopen'ed objects,
565 * and filtees, have group descriptors for their callers. Typically
566 * this parent will have callers that are not apart of this dlclose()
567 * family, and thus would be caught by the CALLERS test below. However,
568 * if the caller had itself been dlopen'ed, it may not have any explicit
569 * callers registered for itself. Thus, by looking for objects with
570 * handles we can ferret out these outsiders.
571 */
573 /*
574 * If this is a private handle, then the handle isn't referenced
575 * from outside of the group of objects being deleted, and can
576 * be ignored when evaluating objects for deletion.
577 */
582 }
584 /*
585 * If this object is called by any object outside of the family of
586 * objects selected for deletion, it can't be deleted.
587 */
591 }
593 /*
594 * This object is a candidate for deletion.
595 */
597 }
599 /*
600 * Collect the groups (handles) and associated objects that are candidates for
601 * deletion. The criteria for deleting an object is whether it is only refer-
602 * enced from the objects within the groups that are candidates for deletion.
603 */
604 static int
606 {
607 Aliste idx1;
611 /*
612 * Add this group to our group collection. If it isn't added either an
613 * allocation has failed, or it already exists.
614 */
616 ALE_CREATE)
619 /*
620 * Traverse the dependencies of the group and collect the associated
621 * objects.
622 */
626 /*
627 * We only want to process dependencies for deletion. Although
628 * we want to purge group descriptors for parents, we don't want
629 * to analyze the parent itself for additional filters or
630 * deletion.
631 */
637 ALE_ALLOCFAIL)
642 /*
643 * If this object is a candidate for deletion, determine if the
644 * object provides any filtees. If so, the filter groups are
645 * added to the group collection.
646 *
647 * An object is a candidate for deletion if:
648 *
649 * - the object hasn't yet been relocated, in which case
650 * we're here to clean up a failed load, or
651 * - the object doesn't reside on the base link-map control
652 * list, in which case a group of objects, typically
653 * lazily loaded, or filtees, need cleaning up, or
654 * - the object isn't tagged as non-deletable.
655 */
665 Aliste idx2;
682 }
683 }
684 }
685 }
687 }
689 /*
690 * Traverse the list of deletable candidates. If an object can't be deleted
691 * then neither can its dependencies or filtees. Any object that is cleared
692 * from being deleted drops the deletion count, plus, if there are no longer
693 * any deletions pending we can discontinue any further processing.
694 */
695 static int
697 {
698 Aliste idx1;
703 Aliste idx2;
711 /*
712 * As this object can't be deleted, make sure its dependencies
713 * aren't deleted either.
714 */
723 }
724 }
726 /*
727 * If this object is a filtee and one of its filters is outside
728 * of this dlclose family, then it can't be deleted either.
729 */
745 Aliste idx3;
754 ALE_EXISTS)
758 gdp)) {
766 }
767 }
769 /*
770 * Remove this group handle from our dynamic
771 * deletion list.
772 */
774 }
775 }
776 }
778 }
780 /*
781 * Cleanup any collection alists we've created.
782 */
783 static void
785 {
788 }
790 /*
791 * Remove a handle, leaving the associated objects intact.
792 */
793 void
795 {
798 Aliste idx;
807 }
810 /* LINTED */
815 }
816 }
818 /*
819 * If a load operation, using a new link-map control list, has failed, then
820 * forcibly remove the failed objects. This failure can occur as a result
821 * of a lazy load, a dlopen(), or a filtee load, once the application is
822 * running. If the link-map control list has not yet started relocation, then
823 * cleanup is simply a process of removing all the objects from the control
824 * list. If relocation has begun, then other loads may have been triggered to
825 * satisfy the relocations, and thus we need to break down the control list
826 * using handles.
827 *
828 * The objects associated with this load must be part of a unique handle. In
829 * the case of a dlopen() or filtee request, a handle will have been created.
830 * For a lazyload request, a handle must be generated so that the remove
831 * process can use the handle.
832 *
833 * During the course of processing these objects, other objects (handles) may
834 * have been loaded to satisfy relocation requirements. After these families
835 * have successfully loaded, they will have been propagated to the same link-map
836 * control list. The failed objects need to be removed from this list, while
837 * any successfully loaded families can be left alone, and propagated to the
838 * previous link-map control list. By associating each load request with a
839 * handle, we can isolate the failed objects while not interfering with any
840 * successfully loaded families.
841 */
842 void
844 {
847 Aliste idx;
851 /*
852 * Determine the link-map control list, and whether any object has been
853 * added to this list.
854 */
855 /* LINTED */
862 /*
863 * Obtain a handle for the first object on the link-map control list.
864 * If none exists (which would occur from a lazy load request), and
865 * the link-map control list is being relocated, create a handle.
866 */
871 /*
872 * If this is a private handle, remove this state, so as to
873 * prevent any attempt to remove the handle more than once.
874 */
878 /*
879 * Establish a handle, and should anything fail, fall through
880 * to remove the link-map control list.
881 */
888 }
890 /*
891 * If relocation hasn't begun, simply remove all the objects from this
892 * list, and any handle that may have been created.
893 */
900 }
902 }
906 /*
907 * As the objects of this handle are being forcibly removed, first
908 * remove any associations to objects on parent link-map control
909 * lists. This breaks the bond between a caller and a hierarchy of
910 * dependencies represented by the handle, thus the caller doesn't lock
911 * the hierarchy and prevent their deletion from the generic handle
912 * processing or remove_hdl().
913 *
914 * This scenario can be produced when the relocation of a object
915 * results in vectoring through a filter that is already loaded. The
916 * filtee may be on the link-map list that is presently being processed,
917 * however an association between the filter and filtee would have been
918 * established during filtee processing. It is this association that
919 * must be broken to allow the objects on this link-map list to be
920 * removed.
921 */
925 /*
926 * If this object has not been relocated, break down any
927 * dependency relationships the object might have established.
928 */
941 Aliste idx2;
952 }
953 }
954 }
955 }
958 }
960 /*
961 * Having removed any callers, set the group handle reference count to
962 * one, and let the generic handle remover delete the associated
963 * objects.
964 */
968 /*
969 * If this link-map control list still contains objects, determine the
970 * previous control list and move the objects.
971 */
974 Aliste plmco;
977 /* LINTED */
981 }
982 }
984 /*
985 * Remove the objects associated with a handle. There are two goals here, to
986 * delete the objects associated with the handle, and to remove the handle
987 * itself. Things get a little more complex if the objects selected for
988 * deletion are filters, in this case we also need to collect their filtees,
989 * and process the combined groups as a whole. But, care still must be exer-
990 * cised to make sure any filtees found aren't being used by filters outside of
991 * the groups we've collect. The series of events is basically:
992 *
993 * - Determine the groups (handles) that might be deletable.
994 *
995 * - Determine the objects of these handles that can be deleted.
996 *
997 * - Fire the fini's of those objects selected for deletion.
998 *
999 * - Remove all inter-dependency linked lists while the objects link-maps
1000 * are still available.
1001 *
1002 * - Remove all deletable objects link-maps and unmap the objects themselves.
1003 *
1004 * - Remove the handle descriptors for each deleted object, and hopefully
1005 * the whole handle.
1006 *
1007 * A handle that can't be deleted is added to an orphans list. This list is
1008 * revisited any time another dlclose() request results in handle descriptors
1009 * being deleted. These deleted descriptors can be sufficient to allow the
1010 * final deletion of the orphaned handles.
1011 */
1012 int
1014 {
1024 /*
1025 * Generate the family of groups and objects that are candidates for
1026 * deletion. This consists of the objects that are explicitly defined
1027 * as dependencies of this handle, plus any filtee handles and their
1028 * associated objects.
1029 */
1033 }
1037 /*
1038 * Traverse the groups we've collected to determine if any filtees are
1039 * included. If so, and the filtee handle is in use by a filter outside
1040 * of the family of objects collected for this deletion, it can not be
1041 * removed.
1042 */
1051 /*
1052 * Special case for ld.so.1. There can be multiple instances of
1053 * libdl.so.1 using this handle, so although we want the handles
1054 * reference count to be decremented, we don't want the handle
1055 * removed.
1056 */
1062 }
1066 Aliste idx3;
1068 /*
1069 * Determine whether this dependency is the filtee's
1070 * parent filter, and that it isn't also an explicit
1071 * dependency (in which case it would have added its own
1072 * dependencies to the handle).
1073 */
1086 /*
1087 * Remove this group handle from our dynamic deletion
1088 * list. In addition, recompute the list of objects
1089 * that are candidates for deletion to continue this
1090 * group verification.
1091 */
1098 Aliste idx4;
1109 }
1110 }
1111 }
1113 }
1114 }
1116 /*
1117 * Now that we've collected all the handles dependencies, traverse the
1118 * collection determining whether they are a candidate for deletion.
1119 */
1121 /*
1122 * Establish which link-map list we're dealing with for later
1123 * .fini processing.
1124 */
1128 /*
1129 * If an object isn't a candidate for deletion we'll have to
1130 * rescan the handle insuring that this objects dependencies
1131 * aren't deleted either.
1132 */
1135 delcnt++;
1138 }
1140 /*
1141 * Rescan the handle if any objects where found non-deletable.
1142 */
1146 /*
1147 * Now that we have determined the number of groups that are candidates
1148 * for removal, mark each group descriptor as a candidate for removal
1149 * from the group.
1150 */
1154 }
1156 /*
1157 * Now that we know which objects on this handle can't be deleted
1158 * determine whether they still need to remain identified as belonging
1159 * to this group to be able to continue binding to one another.
1160 */
1165 Aliste idx3;
1174 Aliste idx4;
1178 /*
1179 * If this dependency (dlmp) can be referenced
1180 * by the caller (clmp) without being part of
1181 * this group (ghp) then belonging to this group
1182 * is no longer necessary. This can occur when
1183 * objects are part of multiple handles, or if a
1184 * previously deleted handle was moved to the
1185 * orphan list and has been reopened. Note,
1186 * first make sure the caller can reference the
1187 * dependency with this group, if it can't we
1188 * must be bound to a filtee, so there's no need
1189 * to remain a part of this group either.
1190 */
1205 }
1206 }
1207 }
1208 }
1210 /*
1211 * If the owner of a handle can't be deleted and it's handle descriptor
1212 * must remain also, don't delete the handle at all. Leave it for
1213 * possible later use. Although it's left intact, it will still be
1214 * moved to the orphans list, as we might be able to revisit it on later
1215 * dlclose() operations and finally remove the underlying objects. Note
1216 * that the handle still remains attached to the owner via the HANDLES
1217 * list, so that it can be re-associated to the owner if a dlopen()
1218 * of this object reoccurs.
1219 */
1223 /*
1224 * If this handle is already an orphan, or if it's owner is
1225 * deletable there's no need to inspect its dependencies.
1226 */
1231 /*
1232 * Make sure all handle dependencies aren't removed or the
1233 * dependencies themselves aren't deleted.
1234 */
1238 /*
1239 * The first dependency of a non-orphaned handle is the
1240 * owner. If the handle descriptor for this isn't
1241 * required there's no need to look at any other of the
1242 * handles dependencies.
1243 */
1252 delcnt--;
1253 }
1254 }
1255 }
1257 /*
1258 * Final scan of objects to see if any objects are to to be deleted.
1259 * Also - display diagnostic information on what operations are to be
1260 * performed on the collected handles before firing .fini's (which
1261 * produces additional diagnostics).
1262 */
1270 Aliste idx3;
1275 /*
1276 * Note, we must never delete a parent. The parent
1277 * may already be tagged for deletion from a previous
1278 * dlclose(). That dlclose has triggered this dlclose(),
1279 * but the parents deletion is the responsibility of the
1280 * previous dlclose(), not this one.
1281 */
1286 /*
1287 * Remove any pathnames from the FullpathNode
1288 * AVL tree. As we're about to fire .fini's,
1289 * it's possible this object will be required
1290 * again, in which case we want to make sure a
1291 * new version of the object gets loaded.
1292 */
1297 else
1302 /*
1303 * If this object contains any private handles, remove
1304 * them now.
1305 */
1309 }
1310 }
1311 }
1313 /*
1314 * If there are objects to be deleted process their .fini's.
1315 */
1319 /*
1320 * Sort and fire all fini's of the objects selected for
1321 * deletion. Note that we have to start our search from the
1322 * link-map head - there's no telling whether this object has
1323 * dependencies on objects that were loaded before it and which
1324 * can now be deleted. If the tsort() fails because of an
1325 * allocation error then that might just be a symptom of why
1326 * we're here in the first place - forgo the fini's but
1327 * continue to try cleaning up.
1328 */
1336 }
1337 }
1339 /*
1340 * Now that .fini processing (which may have involved new bindings)
1341 * is complete, remove all inter-dependency lists from those objects
1342 * selected for deletion.
1343 */
1351 /*
1352 * Determine whether we're dealing with a filter, and if so
1353 * process any inter-dependencies with its filtee's.
1354 */
1363 Aliste idx2;
1377 /*
1378 * Determine whether this filtee's handle is a
1379 * part of the list of handles being deleted.
1380 */
1382 /*
1383 * If this handle exists on the deletion
1384 * list, then it has been removed. If
1385 * this filter isn't going to be
1386 * deleted, sever its reference to the
1387 * handle.
1388 */
1391 /*
1392 * If this handle isn't on the deletion
1393 * list, then it must still exist. If
1394 * this filter is being deleted, make
1395 * sure the filtees reference count
1396 * gets decremented.
1397 */
1401 }
1402 }
1403 }
1404 }
1405 }
1407 /*
1408 * If called from dlclose(), determine if there are already handles on
1409 * the orphans list that we can reinvestigate.
1410 */
1413 else
1416 /*
1417 * Finally remove any handle infrastructure and remove any objects
1418 * marked for deletion.
1419 */
1423 /*
1424 * If we're not dealing with orphaned handles remove this handle
1425 * from its present handle list.
1426 */
1430 /* LINTED */
1433 }
1435 /*
1436 * Traverse each handle dependency. Retain the dependencies
1437 * flags to insure we don't delete any parents (the flags
1438 * information is deleted as part of the alist removal that
1439 * occurs before we inspect the object for deletion).
1440 */
1448 rmcnt++;
1450 /*
1451 * If this object is the owner of the handle break that
1452 * association in case the handle is retained.
1453 */
1457 }
1462 /*
1463 * Complete the link-map deletion if appropriate.
1464 */
1469 }
1470 }
1472 /*
1473 * If we've deleted all the dependencies of the handle, finalize
1474 * the cleanup by removing the handle itself.
1475 *
1476 * Otherwise we're left with a handle containing one or more
1477 * objects that can not be deleted (they're in use by other
1478 * handles, non-deletable, etc.), but require to remain a part
1479 * of this group to allow them to continue binding to one
1480 * another.
1481 *
1482 * If the handles reference count is zero, or represents a
1483 * link-map list (dlopen(0)), then move that handle to the
1484 * orphans list. Should another dlclose() operation occur that
1485 * results in the removal of handle descriptors, these orphan
1486 * handles are re-examined to determine if their deletion can
1487 * be completed.
1488 */
1495 /*
1496 * Move this handle to the orphans list.
1497 */
1499 AL_CNT_HANDLES);
1506 }
1507 }
1508 }
1510 /*
1511 * If no handle descriptors got removed there's no point in looking for
1512 * orphans to process.
1513 */
1517 /*
1518 * Cleanup any alists we've created.
1519 */
1522 /*
1523 * If orphan processing isn't required we're done. If our processing
1524 * originated from investigating orphans, return the number of handle
1525 * descriptors removed as an indication whether orphan processing
1526 * should continue.
1527 */
1532 }
1534 /*
1535 * Traverse the orphans list as many times as necessary until no
1536 * handle removals occur.
1537 */
1540 Aliste idx;
1544 /*
1545 * Effectively clean the HDLIST_ORP list. Any object that can't
1546 * be removed will be re-added to the list.
1547 */
1561 }
1568 rescan++;
1571 }
1575 }
1582 }