Illumos #1661: Fix flaw in sa_find_sizes() calculation
When calculating space needed for SA_BONUS buffers, hdrsize is always rounded up to next 8-aligned boundary. However, in two places the round up was done against sum of 'total' plus hdrsize. On the other hand, hdrsize increments by 4 each time, which means in certain conditions, we would end up returning with will_spill == 0 and (total + hdrsize) larger than full_space, leading to a failed assertion because it's invalid for dmu_set_bonus. Reviewed by: Matthew Ahrens <matt@delphix.com> Reviewed by: Dan McDonald <danmcd@nexenta.com> Approved by: Gordon Ross <gwr@nexenta.com> References to Illumos issue: https://www.illumos.org/issues/1661 Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov> Closes #426
This commit is contained in:
Xin Li
Brian Behlendorf
parent
3cee2262a6
commit
c475167627
|
|
@ -607,14 +607,14 @@ sa_find_sizes(sa_os_t *sa, sa_bulk_attr_t *attr_desc, int attr_count,
|
||||||
* and spill buffer.
|
* and spill buffer.
|
||||||
*/
|
*/
|
||||||
if (buftype == SA_BONUS && *index == -1 &&
|
if (buftype == SA_BONUS && *index == -1 &&
|
||||||
P2ROUNDUP(*total + hdrsize, 8) >
|
(*total + P2ROUNDUP(hdrsize, 8)) >
|
||||||
(full_space - sizeof (blkptr_t))) {
|
(full_space - sizeof (blkptr_t))) {
|
||||||
*index = i;
|
*index = i;
|
||||||
done = B_TRUE;
|
done = B_TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
next:
|
next:
|
||||||
if (P2ROUNDUP(*total + hdrsize, 8) > full_space &&
|
if ((*total + P2ROUNDUP(hdrsize, 8)) > full_space &&
|
||||||
buftype == SA_BONUS)
|
buftype == SA_BONUS)
|
||||||
*will_spill = B_TRUE;
|
*will_spill = B_TRUE;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue