Implement workaround for openzfs#2094 erratum

ZoL commit 1421c89 unintentionally changed the disk format in a forward-compatible, but not backward compatible way. This was accomplished by adding an entry to zbookmark_t, which is included in a couple of on-disk structures. That lead to the creation of pools with incorrect dsl_scan_phys_t objects that could only be imported by versions of ZFSOnLinux containing that commit. Such pools cannot be imported by other versions of ZFS. That including past and future versions of ZoL. This corrects that problem by removing the field that was added to zbookmark_t and also implementing a workaround that can detect that error in a way that permits pool import to continue. A kernel alert describing this will be printed to dmesg asking the system administrator to run a scrub. A subsequent scrub will replace the damaged dsl_scan_phys_t object, repairing the pool. Pools affected by the damaged dsl_scan_phys_t can be detected prior to an upgrade by running the following command as root: zdb -dddd poolname 1 | grep -P '^\t\tscan = ' | sed -e 's;scan = ;;' | wc -w Note that `poolname` must be replaced with the name of the pool you wish to check. A value of 25 indicates the dsl_scan_phys_t has been damaged. A value of 24 indicates that the dsl_scan_phys_t is normal. A value of 0 indicates that there has never been a scrub run on the pool. The regression caused by the change to zbookmark_t never made it into a tagged release or any Gentoo backports. Only those using HEAD were affected. However, this patch has a few limitations. There is no way to detect a damaged dsl_scan_phys_t object when it has occurred on 32-bit systems due to integer rounding that wrote incorrect information, but avoided the overflow on them. Correcting such issues requires triggering a scrub. In addition, bptree_entry_phys_t objects are also affected. These objects only exist during an asynchronous destroy and automating repair of damaged bptree_entry_phys_t objects is non-trivial. Any pools that have been imported by an affected version of ZoL must have all asynchronous destroy operations finish before export and subsequent import by a version containing this commit. Failure to do that will prevent pool import. The presence of any background destroys on any imported pools can be checked by running `zpool get freeing` as root. This will display a non-zero value for any pool with an active asynchronous destroy. The function the field removed from zbookmark_t served is left unimplemented until a later patch that will reimplement the field in a way that does not affect the disk format. Lastly, it is expected that no user data has been lost as a result of this erratum. Signed-off-by: Richard Yao <ryao@gentoo.org> Original-patch-by: Tim Chase <tim@chase2k.com>
ryao · Feb 5, 2014 · daa8b0f · daa8b0f
1 parent 2e7b765
commit daa8b0f
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 4 deletions.
diff --git a/include/sys/zio.h b/include/sys/zio.h
@@ -260,7 +260,6 @@ struct zbookmark {
 	uint64_t	zb_object;
 	int64_t		zb_level;
 	uint64_t	zb_blkid;
-	char *		zb_func;
 };
 
 #define	SET_BOOKMARK(zb, objset, object, level, blkid)  \
@@ -269,7 +268,6 @@ struct zbookmark {
 	(zb)->zb_object = object;                       \
 	(zb)->zb_level = level;                         \
 	(zb)->zb_blkid = blkid;                         \
-	(zb)->zb_func = FTAG;                           \
 }
 
 #define	ZB_DESTROYED_OBJSET	(-1ULL)

diff --git a/module/zfs/dsl_scan.c b/module/zfs/dsl_scan.c
@@ -123,7 +123,38 @@ dsl_scan_init(dsl_pool_t *dp, uint64_t txg)
 		err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
 		    DMU_POOL_SCAN, sizeof (uint64_t), SCAN_PHYS_NUMINTS,
 		    &scn->scn_phys);
-		if (err == ENOENT)
+		/*
+		 * Workaround for zfsonlinux/zfs#2094 erratum
+		 */
+		if (err == EOVERFLOW) {
+			uint64_t zaptmp[SCAN_PHYS_NUMINTS + 1];
+			VERIFY(SCAN_PHYS_NUMINTS == 24);
+			VERIFY(offsetof(dsl_scan_phys_t, scn_flags)
+				== (23 * sizeof(uint64_t)));
+
+			err = zap_lookup(dp->dp_meta_objset,
+				DMU_POOL_DIRECTORY_OBJECT,
+				DMU_POOL_SCAN, sizeof (uint64_t),
+				SCAN_PHYS_NUMINTS + 1,
+				&zaptmp);
+			if (err == 0) {
+				uint64_t overflow = zaptmp[SCAN_PHYS_NUMINTS];
+
+				if (overflow >> 1)
+					return (EOVERFLOW);
+
+				bcopy(zaptmp, &scn->scn_phys,
+					SCAN_PHYS_NUMINTS * sizeof(uint64_t));
+				scn->scn_phys.scn_flags = overflow;
+
+				printk(KERN_ALERT
+					"ZFS: Detected ZoL issue #2094 "
+					"on pool \"%s\". "
+					"Please run a scrub.",
+					spa->spa_name);
+			}
+		}
+		else if (err == ENOENT)
 			return (0);
 		else if (err)
 			return (err);

diff --git a/module/zfs/spa_stats.c b/module/zfs/spa_stats.c
@@ -207,7 +207,6 @@ spa_read_history_add(spa_t *spa, const zbookmark_t *zb, uint32_t aflags)
 		return;
 
 	srh = kmem_zalloc(sizeof (spa_read_history_t), KM_PUSHPAGE);
-	strlcpy(srh->origin, zb->zb_func, sizeof (srh->origin));
 	strlcpy(srh->comm, getcomm(), sizeof (srh->comm));
 	srh->start  = gethrtime();
 	srh->objset = zb->zb_objset;