From d617648c7fc6904261f3ae8f2e3726c5c1838508 Mon Sep 17 00:00:00 2001 From: Ned Bass Date: Thu, 28 May 2015 16:14:19 -0700 Subject: [PATCH] dbuf_try_add_ref minor bug fixes - Don't check db->bb_blkid, but use the blkid argument instead. Checking db->db_blkid may be unsafe since we doesn't yet have a hold on the dbuf so its validity is unknown. - Call mutex_exit() on found_db, not db, since it's not certain that they point to the same dbuf, and the mutex was taken on found_db. Signed-off-by: Ned Bass Signed-off-by: Brian Behlendorf Issue #3443 --- module/zfs/dbuf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/module/zfs/dbuf.c b/module/zfs/dbuf.c index 7d8adcd73..48e0e347a 100644 --- a/module/zfs/dbuf.c +++ b/module/zfs/dbuf.c @@ -2251,7 +2251,7 @@ dbuf_try_add_ref(dmu_buf_t *db_fake, objset_t *os, uint64_t obj, uint64_t blkid, dmu_buf_impl_t *found_db; boolean_t result = B_FALSE; - if (db->db_blkid == DMU_BONUS_BLKID) + if (blkid == DMU_BONUS_BLKID) found_db = dbuf_find_bonus(os, obj); else found_db = dbuf_find(os, obj, 0, blkid); @@ -2261,7 +2261,7 @@ dbuf_try_add_ref(dmu_buf_t *db_fake, objset_t *os, uint64_t obj, uint64_t blkid, (void) refcount_add(&db->db_holds, tag); result = B_TRUE; } - mutex_exit(&db->db_mtx); + mutex_exit(&found_db->db_mtx); } return (result); }