Project

General

Profile

Actions
Copy link

Bug #12054

closed

spa_load_l2cache() can zero-length allocate

Added by Dan McDonald over 3 years ago. Updated over 1 year ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
zfs - Zettabyte File System
Start date:
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
External Bug:

Description

Discovered during nfs-zone testing, there appears to be a case in spa_load_l2cache() where a zero-length kmem_alloc() with KM_SLEEP can occur:

    if (sav->sav_config != NULL) {
        VERIFY(nvlist_lookup_nvlist_array(sav->sav_config,
            ZPOOL_CONFIG_L2CACHE, &l2cache, &nl2cache) == 0);
        /* XXX KEBE ASKS - what if 'nl2cache' is 0 ? */
        newvdevs = kmem_alloc(nl2cache * sizeof (void *), KM_SLEEP);
    } else {
        nl2cache = 0;
        newvdevs = NULL;
    }
1733

Observations so far are that this appears to only happen on the distro that boots from ZFS at boot time.

Related issues

Is duplicate of illumos gate - Bug #6161: zero-sized kmem_alloc() in zfs`spa_load_l2cacheClosedAndy Fiddaman2015-08-24

Actions
Actions
Copy link
 #1

Updated by Dan McDonald over 3 years ago

One possible suggested fix:

    if (sav->sav_config != NULL) {
        VERIFY(nvlist_lookup_nvlist_array(sav->sav_config,
            ZPOOL_CONFIG_L2CACHE, &l2cache, &nl2cache) == 0);
        newvdevs = (nl2cache == 0) ? NULL :
            kmem_alloc(nl2cache * sizeof (void *), KM_SLEEP);
    } else {
        nl2cache = 0;
        newvdevs = NULL;
    }
Actions
Copy link
 #2

Updated by Andy Fiddaman over 1 year ago

  • Is duplicate of Bug #6161: zero-sized kmem_alloc() in zfs`spa_load_l2cache added
Actions
Copy link
 #3

Updated by Andy Fiddaman over 1 year ago

  • Status changed from New to Duplicate
Actions
Copy link

Also available in: Atom PDF