[LU-7893] osd-zfs: calls dmu_objset_disown() with NULL objset_t * Created: 21/Mar/16  Updated: 09/Feb/17  Resolved: 11/Apr/16

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: Lustre 2.8.0
Fix Version/s: Lustre 2.9.0

Type: Bug Priority: Minor
Reporter: Olaf Faaland Assignee: Nathaniel Clark
Resolution: Fixed Votes: 0
Labels: llnl, patch, zfs
Environment:

lustre-2.8.0-2.6.32_573.18.1.1chaos.ch5.4.x86_64_g0bbc784
TOSS 2.4-7 (based on RHEL 6.7)

Issue Links:
Duplicate
is duplicated by LU-7921 replay-single/30: ZFS NULL pointer dm... Resolved
Related
Severity: 3
Rank (Obsolete): 9223372036854775807

 Description   

When a ZFS-backed target is mounted, and dmu_objset_own() fails, osd_mount() follows a goto err: and calls dmu_objset_disown(NULL). This triggers a kernel panic due to NULL pointer dereference.

dmu_objset_disown() should only be called if the dmu_objset_own() succeeded.

Call Trace:
 osd_mount+0x435/0x1130 [osd_zfs]
 ? keys_fill+0xd5/0x1b0 [obdclass]
 ? kmem_cache_alloc_trace+0x1cf/0x1e0
 osd_device_alloc+0x266/0x290 [osd_zfs]
 obd_setup+0x1bf/0x290 [obdclass]
 class_setup+0x259/0x930 [obdclass]
 class_process_config+0x1151/0x24c0 [obdclass]
 ? do_lcfg+0x198/0x9f0 [obdclass]
 ? __kmalloc+0x22c/0x240
 do_lcfg+0x2cf/0x9f0 [obdclass]
 lustre_start_simple+0x94/0x200 [obdclass]
 osd_start+0x54f/0x840 [obdclass]
 ? simple_strtoull+0x2c/0x50
 ? simple_strtoul+0x9/0x10
 ? target_name2index+0x78/0xc0 [obdclass]
 server_fill_super+0x253/0x1450 [obdclass]
 ? libcfs_debug_msg+0x41/0x50 [libcfs]
 lustre_fill_super+0x348/0x8c0 [obdclass]
 ? lustre_fill_super+0x0/0x8c0 [obdclass]
 get_sb_nodev+0x5f/0xa0
 lustre_get_sb+0x25/0x30 [obdclass]
 vfs_kern_mount+0x7b/0x1b0
 do_kern_mount+0x52/0x130
 do_mount+0x2fb/0x930
 sys_mount+0x90/0xe0
 system_call_fastpath+0x16/0x1b


 Comments   
Comment by Olaf Faaland [ 21/Mar/16 ]

The system this occurred on in testing is at 2_8_RC4, but this code is no different in 2_8_0 or in master.

Comment by Gerrit Updater [ 21/Mar/16 ]

Olaf Faaland-LLNL (faaland1@llnl.gov) uploaded a new patch: http://review.whamcloud.com/19052
Subject: LU-7893 osd-zfs: calls dmu_objset_disown() with NULL
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: d6df23ed4529ae1f75824d1284cde86756ada948

Comment by Olaf Faaland [ 21/Mar/16 ]

Other calls to dmu_objset_disown() were already conditional on o->od_os != NULL.

Comment by Peter Jones [ 22/Mar/16 ]

Nathaniel

Could you pleae keep an eye on the test runs for this change?

Thanks

Peter

Comment by Gerrit Updater [ 28/Mar/16 ]

Oleg Drokin (oleg.drokin@intel.com) merged in patch http://review.whamcloud.com/19052/
Subject: LU-7893 osd-zfs: calls dmu_objset_disown() with NULL
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 1b8adfc4945860444d64719d076c4e14c0544384

Comment by Joseph Gmitter (Inactive) [ 11/Apr/16 ]

Landed to master for 2.9.0

Comment by Gerrit Updater [ 16/Jun/16 ]

Oleg Drokin (oleg.drokin@intel.com) merged in patch http://review.whamcloud.com/15671/
Subject: LU-7893 osd-zfs: fix error handling in osd_mount()
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 0704fcd0e620e66743be1010c8eb1faed4d206d0

Generated at Sat Feb 10 02:12:50 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.