Project

General

Profile

Bug #4661

Corrupted pool should not panic the system when doing 'zpool import'

Added by Xin Li over 6 years ago. Updated over 6 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
zfs - Zettabyte File System
Start date:
2014-03-01
Due date:
% Done:

90%

Estimated time:
0.50 h
Difficulty:
Bite-size
Tags:
needs-triage
Gerrit CR:

Description

Craig Rodrigues have reported a panic when a corrupted pool is present (on our patched version of FreeBSD aka "TrueOS" at github.com/trueos). "zpool import" would panic the system.

The panic is spa_tryimport -> spa_load -> load_nvlist, where there is a:
VERIFY(0 == dmu_bonus_hold(spa->spa_meta_objset, obj, FTAG, &db));

Note that load_nvlist is a static method and all callers are within spa.c, which all handles errors. With this in mind, it seems to be reasonable to just return the error returned from dmu_bonus_hold instead of asserting it be succeed.

I'd like to request a review of the attached patch (trueos 825d6821d636129800c00b10eafb68e6e00cb23a) and merge to upstream if it's appropriate.


Files

spa.diff (525 Bytes) spa.diff proposed patch Xin Li, 2014-03-01 02:27 AM
spa-rev1.diff (530 Bytes) spa-rev1.diff Revised patch per Matth's suggestion Xin Li, 2014-03-02 02:21 AM

History

#1

Updated by Matthew Ahrens over 6 years ago

Patch looks fine. Only one nit: we try to explicitly convert to booleans, so "if (error != 0)" would be preferable.

#2

Updated by Xin Li over 6 years ago

Also available in: Atom PDF