Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 2 Aug 2018 20:37:53 +0000 (UTC)
From:      Alexander Motin <mav@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org
Subject:   svn commit: r337178 - vendor/illumos/dist/cmd/zdb
Message-ID:  <201808022037.w72Kbro6023636@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: mav
Date: Thu Aug  2 20:37:53 2018
New Revision: 337178
URL: https://svnweb.freebsd.org/changeset/base/337178

Log:
  9523 Large alloc in zdb can cause trouble
  
  16MB alloc in zdb_embedded_block() can cause cores in certain situations
  (clang, gcc55).
  
  OsX commit: https://github.com/openzfsonosx/zfs/commit/ced236a5da6e72ea7bf6d2919fe14e17cffe10f1
  FreeBSD commit: https://svnweb.freebsd.org/base?view=revision&revision=326150
  illumos/illumos-gate@03a4c2f4bfaca30115963b76445279b36468a614
  
  Reviewed by: Igor Kozhukhov <igor@dilos.org>
  Reviewed by: Andriy Gapon <avg@FreeBSD.org>
  Reviewed by: Matthew Ahrens <mahrens@delphix.com>
  Approved by: Dan McDonald <danmcd@joyent.com>
  Author:     Jorgen Lundman <lundman@lundman.net>

Modified:
  vendor/illumos/dist/cmd/zdb/zdb.c

Modified: vendor/illumos/dist/cmd/zdb/zdb.c
==============================================================================
--- vendor/illumos/dist/cmd/zdb/zdb.c	Thu Aug  2 20:33:13 2018	(r337177)
+++ vendor/illumos/dist/cmd/zdb/zdb.c	Thu Aug  2 20:37:53 2018	(r337178)
@@ -4906,7 +4906,7 @@ zdb_embedded_block(char *thing)
 {
 	blkptr_t bp;
 	unsigned long long *words = (void *)&bp;
-	char buf[SPA_MAXBLOCKSIZE];
+	char *buf;
 	int err;
 
 	bzero(&bp, sizeof (bp));
@@ -4917,16 +4917,22 @@ zdb_embedded_block(char *thing)
 	    words + 8, words + 9, words + 10, words + 11,
 	    words + 12, words + 13, words + 14, words + 15);
 	if (err != 16) {
-		(void) printf("invalid input format\n");
+		(void) fprintf(stderr, "invalid input format\n");
 		exit(1);
 	}
 	ASSERT3U(BPE_GET_LSIZE(&bp), <=, SPA_MAXBLOCKSIZE);
+	buf = malloc(SPA_MAXBLOCKSIZE);
+	if (buf == NULL) {
+		(void) fprintf(stderr, "out of memory\n");
+		exit(1);
+	}
 	err = decode_embedded_bp(&bp, buf, BPE_GET_LSIZE(&bp));
 	if (err != 0) {
-		(void) printf("decode failed: %u\n", err);
+		(void) fprintf(stderr, "decode failed: %u\n", err);
 		exit(1);
 	}
 	zdb_dump_block_raw(buf, BPE_GET_LSIZE(&bp), 0);
+	free(buf);
 }
 
 static boolean_t

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201808022037.w72Kbro6023636>