1661 ZFS bug in sa_find_sizes() that can lead to panic
1313 Integer overflow in txg_delay() (fix copyright)
Reviewed by: Matthew Ahrens <
[email protected]>
Reviewed by: Dan McDonald <
[email protected]>
Approved by: Gordon Ross <
[email protected]>
--- a/usr/src/uts/common/fs/zfs/sa.c Fri Oct 21 11:49:36 2011 -0400
+++ b/usr/src/uts/common/fs/zfs/sa.c Fri Oct 21 11:44:31 2011 -0400
@@ -20,6 +20,7 @@
*/
/*
* Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * Portions Copyright 2011 iXsystems, Inc
*/
#include <sys/zfs_context.h>
@@ -605,14 +606,14 @@
* and spill buffer.
*/
if (buftype == SA_BONUS && *index == -1 &&
- P2ROUNDUP(*total + hdrsize, 8) >
+ *total + P2ROUNDUP(hdrsize, 8) >
(full_space - sizeof (blkptr_t))) {
*index = i;
done = B_TRUE;
}
next:
- if (P2ROUNDUP(*total + hdrsize, 8) > full_space &&
+ if (*total + P2ROUNDUP(hdrsize, 8) > full_space &&
buftype == SA_BONUS)
*will_spill = B_TRUE;
}
--- a/usr/src/uts/common/fs/zfs/txg.c Fri Oct 21 11:49:36 2011 -0400
+++ b/usr/src/uts/common/fs/zfs/txg.c Fri Oct 21 11:44:31 2011 -0400
@@ -20,6 +20,7 @@
*/
/*
* Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Portions Copyright 2011 Martin Matuska
*/
#include <sys/zfs_context.h>