illumos gate

During a recent run of zfstest, we panicked dereferencing a null pointer
in the reservation tests. [Note: this is from the bits just prior to
the multiple consistent snapshots changes]

$c

spa_load_impl+0x599(ffffff01d65f3a80, 422437eaf84057d1, ffffff01e9278988, 3, 0, 1)
spa_load+0x14a(ffffff01d65f3a80, 3, 0, 1)
spa_tryimport+0x97(ffffff01d62bd610)
zfs_ioc_pool_tryimport+0x45(ffffff01d0336000)
zfsdev_ioctl+0x15e(b600000000, 5a06, 803f5e0, 100003, ffffff01d775f020, ffffff0008a41de4)
cdev_ioctl+0x45(b600000000, 5a06, 803f5e0, 100003, ffffff01d775f020, ffffff0008a41de4)
spec_ioctl+0x5a(ffffff01d0275a40, 5a06, 803f5e0, 100003, ffffff01d775f020, ffffff0008a41de4)
fop_ioctl+0x7b(ffffff01d0275a40, 5a06, 803f5e0, 100003, ffffff01d775f020, ffffff0008a41de4)
ioctl+0x18e(3, 5a06, 803f5e0)

spa_load_impl+599::dis -w -n3

spa_load_impl+0x58a: testl %eax,%eax
spa_load_impl+0x58c: jne +0xb46 <spa_load_impl+0x10d8>
spa_load_impl+0x592: movq 0x228(%r14),%r8
spa_load_impl+0x599: movq 0x8(%r8),%r8
spa_load_impl+0x59d: movq %r8,0x280(%r14)
spa_load_impl+0x5a4: leaq +0x71f7d(%rip),%rsi <0xfffffffff7a65ff8>
spa_load_impl+0x5ab: leaq 0x378(%r14),%rdx

The panic at +0x599 corresponds to this line in spa_load_impl():

2125     spa->spa_meta_objset = spa->spa_dsl_pool->dp_meta_objset;

but spa_dsl_pool is NULL.

The pool in question was missing disks c5t²³⁴d0, but the tests in question
don't do anything along those lines, and I didn't see any disk errors.

ffffff01d65f3a80 ::spa -v

ADDR STATE NAME
ffffff01d65f3a80 ACTIVE $import

ADDR             STATE     AUX          DESCRIPTION                        
    ffffff0208158cc0 HEALTHY   -            root
    ffffff01e87a3940 HEALTHY   -              missing
    ffffff01d427e000 HEALTHY   -              missing
    ffffff021d9d5080 HEALTHY   -              missing
    ffffff0206b7f2c0 HEALTHY   -              /dev/dsk/c5t1d0s0

dmu_objset_open_impl returned an error when called from dsl_pool_init()
and that caused us to call dsl_pool_close().