Skip to content

Commit

Permalink
Fix empty xattr dir causing lockup
Browse files Browse the repository at this point in the history
During zfs_rmnode on a xattr dir, if the system crash just after
dmu_free_long_range, we would get empty xattr dir in delete queue. This would
cause blkid=0 be passed into zap_get_leaf_byblk when doing zfs_purgedir during
mount, and would try to do rw_enter on a wrong structure and cause system
lockup.

We fix this by returning ENOENT when blkid is zero in zap_get_leaf_byblk.

Signed-off-by: Chunwei Chen <[email protected]>
Signed-off-by: Brian Behlendorf <[email protected]>
Closes openzfs#4114
Closes openzfs#4052
Closes openzfs#4006
Closes openzfs#3018
Closes openzfs#2861
  • Loading branch information
Chunwei Chen authored and kernelOfTruth committed Jan 8, 2016
1 parent 5d483fd commit f0cee6c
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions module/zfs/zap.c
Original file line number Diff line number Diff line change
Expand Up @@ -507,6 +507,16 @@ zap_get_leaf_byblk(zap_t *zap, uint64_t blkid, dmu_tx_t *tx, krw_t lt,

ASSERT(RW_LOCK_HELD(&zap->zap_rwlock));

/*
* If system crashed just after dmu_free_long_range in zfs_rmnode, we
* would be left with an empty xattr dir in delete queue. blkid=0
* would be passed in when doing zfs_purgedir. If that's the case we
* should just return immediately. The underlying objects should
* already be freed, so this should be perfectly fine.
*/
if (blkid == 0)
return (ENOENT);

err = dmu_buf_hold(zap->zap_objset, zap->zap_object,
blkid << bs, NULL, &db, DMU_READ_NO_PREFETCH);
if (err)
Expand Down

0 comments on commit f0cee6c

Please sign in to comment.