Bug #8378: crash due to bp in-memory modification of nopwrite block - illumos gate - illumos

Bug #8378

crash due to bp in-memory modification of nopwrite block

Added by Serapheim Dimitropoulos over 2 years ago. Updated about 2 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Serapheim Dimitropoulos

Category:

zfs - Zettabyte File System

Start date:

2017-06-12

Due date:

% Done:

100%

Estimated time:

Difficulty:

Medium

Tags:

needs-triage

Description

The problem is that zfs_get_data() supplies a stale zgd_bp to dmu_sync(), which we then nopwrite against.

zfs_get_data() doesn't hold any DMU-related locks, so after it copies db_blkptr to zgd_bp, dbuf_write_ready()
could change db_blkptr, and dbuf_write_done() could remove the dirty record. dmu_sync() then sees the stale
BP and that the dbuf it not dirty, so it is eligible for nop-writing.

The fix is for dmu_sync() to copy db_blkptr to zgd_bp after acquiring the db_mtx. We could still see a stale
db_blkptr, but if it is stale then the dirty record will still exist and thus we won't attempt to nopwrite.

History

Updated by Electric Monk about 2 years ago

% Done changed from 0 to 100
Status changed from New to Closed

git commit b7edcb940884114e61382937505433c4c38c0278

commit  b7edcb940884114e61382937505433c4c38c0278
Author: Matthew Ahrens <mahrens@delphix.com>
Date:   2017-06-29T23:10:41.000Z

    8378 crash due to bp in-memory modification of nopwrite block
    Reviewed by: Prakash Surya <prakash.surya@delphix.com>
    Reviewed by: George Wilson <george.wilson@delphix.com>
    Approved by: Robert Mustacchi <rm@joyent.com>

Also available in: Atom PDF

Project

General

Profile

illumos gate

Issues

Custom queries

Bug #8378

crash due to bp in-memory modification of nopwrite block

History

Updated by Electric Monk about 2 years ago