Date: Mon, 22 Jun 2020 19:03:02 +0000 (UTC) From: Allan Jude <allanjude@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r362505 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs Message-ID: <202006221903.05MJ32VW057800@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: allanjude Date: Mon Jun 22 19:03:02 2020 New Revision: 362505 URL: https://svnweb.freebsd.org/changeset/base/362505 Log: MFOpenZFS: Add zio_ddt_free()+ddt_phys_decref() error handling The assumption in zio_ddt_free() is that ddt_phys_select() must always find a match. However, if that fails due to a damaged DDT or some other reason the code will NULL dereference in ddt_phys_decref(). While this should never happen it has been observed on various platforms. The result is that unless your willing to patch the ZFS code the pool is inaccessible. Therefore, we're choosing to more gracefully handle this case rather than leave it fatal. http://mail.opensolaris.org/pipermail/zfs-discuss/2012-February/050972.html https://github.com/openzfs/zfs/commit/5dc6af0eec29b119b731c793037fd77214fc9438 Reported by: Pierre Beyssac Obtained from: OpenZFS MFC after: 2 weeks Sponsored by: Klara Inc. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/ddt.c head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zio.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/ddt.c ============================================================================== --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/ddt.c Mon Jun 22 17:57:49 2020 (r362504) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/ddt.c Mon Jun 22 19:03:02 2020 (r362505) @@ -325,8 +325,10 @@ ddt_phys_addref(ddt_phys_t *ddp) void ddt_phys_decref(ddt_phys_t *ddp) { - ASSERT((int64_t)ddp->ddp_refcnt > 0); - ddp->ddp_refcnt--; + if (ddp) { + ASSERT((int64_t)ddp->ddp_refcnt > 0); + ddp->ddp_refcnt--; + } } void Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zio.c ============================================================================== --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zio.c Mon Jun 22 17:57:49 2020 (r362504) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zio.c Mon Jun 22 19:03:02 2020 (r362505) @@ -2937,8 +2937,11 @@ zio_ddt_free(zio_t *zio) ddt_enter(ddt); freedde = dde = ddt_lookup(ddt, bp, B_TRUE); - ddp = ddt_phys_select(dde, bp); - ddt_phys_decref(ddp); + if (dde) { + ddp = ddt_phys_select(dde, bp); + if (ddp) + ddt_phys_decref(ddp); + } ddt_exit(ddt); return (zio);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202006221903.05MJ32VW057800>