From fba33c3819761487a75c8f1307482959105a6269 Mon Sep 17 00:00:00 2001 From: Nathaniel Clark Date: Thu, 7 Jun 2018 12:51:56 -0400 Subject: [PATCH] Don't panic on bad SA_MAGIC in sa_build_index If sa_build_index() encounters a corrupt buffer, don't panic. Add info to zfs ring buffer and return EIO. This allows for a cleaner error recovery path. Reviewed-by: Brian Behlendorf Reviewed by: Matthew Ahrens Signed-off-by: Nathaniel Clark Issue #6500 Closes #7487 --- module/zfs/sa.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/module/zfs/sa.c b/module/zfs/sa.c index 75f7f8d96c..0ca33e80d7 100644 --- a/module/zfs/sa.c +++ b/module/zfs/sa.c @@ -1284,7 +1284,13 @@ sa_build_index(sa_handle_t *hdl, sa_buf_type_t buftype) /* only check if not old znode */ if (IS_SA_BONUSTYPE(bonustype) && sa_hdr_phys->sa_magic != SA_MAGIC && sa_hdr_phys->sa_magic != 0) { - VERIFY(BSWAP_32(sa_hdr_phys->sa_magic) == SA_MAGIC); + if (BSWAP_32(sa_hdr_phys->sa_magic) != SA_MAGIC) { + mutex_exit(&sa->sa_lock); + zfs_dbgmsg("Buffer Header: %x != SA_MAGIC:%x " + "object=%#llx\n", sa_hdr_phys->sa_magic, SA_MAGIC, + db->db.db_object); + return (SET_ERROR(EIO)); + } sa_byteswap(hdl, buftype); }