Allow recovery from corrupted snapshot maps

If the ZAP object containing a snapshot map is corrupted due to an
unrecoverable checksum error or otherwise, dsl_dataset_name() will
normally panic the system due to its VERIFY.

This patch attempts to allow a recovery avenue from such situations by
manufacturing a descriptive snapshot name and then ignoring the error.
Scrubbing a pool with this type of corruption will then show the affected
object in the error list rather than panicking.

The recovery code is only enabled when the zfs_recover module parameter
is set.

Signed-off-by: Tim Chase <tim@chase2k.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #3705
This commit is contained in:
Tim Chase 2015-08-23 09:58:11 -05:00 committed by Brian Behlendorf
parent 4cb7b9c5d4
commit d439f63ff5

View File

@ -311,6 +311,12 @@ dsl_dataset_get_snapname(dsl_dataset_t *ds)
headphys = headdbuf->db_data; headphys = headdbuf->db_data;
err = zap_value_search(dp->dp_meta_objset, err = zap_value_search(dp->dp_meta_objset,
headphys->ds_snapnames_zapobj, ds->ds_object, 0, ds->ds_snapname); headphys->ds_snapnames_zapobj, ds->ds_object, 0, ds->ds_snapname);
if (err != 0 && zfs_recover == B_TRUE) {
err = 0;
(void) snprintf(ds->ds_snapname, sizeof (ds->ds_snapname),
"SNAPOBJ=%llu-ERR=%d",
(unsigned long long)ds->ds_object, err);
}
dmu_buf_rele(headdbuf, FTAG); dmu_buf_rele(headdbuf, FTAG);
return (err); return (err);
} }