Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Non-deterministic send-stream produced if Embedded Blocks feature is enabled (Proxmox, Ubuntu, FreeBSD, but not Arch) #13778

Closed
thenickdude opened this issue Aug 17, 2022 · 6 comments
Closed

Non-deterministic send-stream produced if Embedded Blocks feature is enabled (Proxmox, Ubuntu, FreeBSD, but not Arch) #13778

thenickdude opened this issue Aug 17, 2022 · 6 comments
Labels
Type: Defect Incorrect behavior (e.g. crash, hang)

Comments

@thenickdude
Copy link

System information

I reproduced the bug on these systems:

Type Version/Name
Distribution Name Proxmox
Distribution Version 7.2-7
Kernel Version 5.15.39-3-pve
Architecture AMD64
OpenZFS Version zfs-2.1.5-pve1, zfs-kmod-2.1.5-pve1
Type Version/Name
Distribution Name Ubuntu
Distribution Version 20.04
Kernel Version 5.4.0-124-generic
Architecture AMD64
OpenZFS Version zfs-0.8.3-1ubuntu12.14, zfs-kmod-0.8.3-1ubuntu12.14
Type Version/Name
Distribution Name Ubuntu
Distribution Version 22.04
Kernel Version 5.15.0-46-generic
Architecture AMD64
OpenZFS Version zfs-2.1.4-0ubuntu0.1 zfs-kmod-2.1.4-0ubuntu0.1

The bug doesn't seem to impact this system:

Type Version/Name
Distribution Name Arch Linux
Distribution Version 2022-08-16
Kernel Version 5.19.1-arch2-1
Architecture AMD64
OpenZFS Version zfs-2.1.5-1, zfs-kmod-2.1.5-1

If I zfs send the same snapshot multiple times with the embedded blocks feature enabled (e.g. using --raw or -e), the checksum for the stream randomly varies, because bytes in the stream randomly vary. This doesn't occur when this flag is disabled.

Running this script reproduces the problem:

truncate -s 64M /tmp/zpooltest
zpool create test /tmp/zpooltest
zfs snapshot test@here

TRIALS=16
for i in $(seq $TRIALS); do zfs send test@here | md5sum; done
for i in $(seq $TRIALS); do zfs send -Lc test@here | md5sum; done
for i in $(seq $TRIALS); do zfs send -e test@here | md5sum; done
for i in $(seq $TRIALS); do zfs send --raw test@here | md5sum; done

On Proxmox my result is:

1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -
1bb52dc93f6d9c888af79e0da548e543  -

f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -
f0aac9afb5864c20ab65035f5e6a05ea  -

fe6c3017e24e9d6799b759a04b5cea58  -
99d2ed486c0f35f7608f1dd0b8ad7adf  -
62ff337e423717cccfbf03df532cf775  -
fe6c3017e24e9d6799b759a04b5cea58  -
fe6c3017e24e9d6799b759a04b5cea58  -
bf4bd0a79bcfec8ba4e27459d866ab82  -
fe6c3017e24e9d6799b759a04b5cea58  -
b87af41dfa0a5c95336868a4bd73d75e  -
1a78c433233c5933eaf559b65ec3c8a5  -
fe6c3017e24e9d6799b759a04b5cea58  -
fe6c3017e24e9d6799b759a04b5cea58  -
fe6c3017e24e9d6799b759a04b5cea58  -
fe6c3017e24e9d6799b759a04b5cea58  -
bf4bd0a79bcfec8ba4e27459d866ab82  -
fe6c3017e24e9d6799b759a04b5cea58  -
bf4bd0a79bcfec8ba4e27459d866ab82  -

9d488b0b5e1dbc1da652f5069851e958  -
8ad29f747484632eb5bed22ab4f1de18  -
8ad29f747484632eb5bed22ab4f1de18  -
8ad29f747484632eb5bed22ab4f1de18  -
9d488b0b5e1dbc1da652f5069851e958  -
ea6a424c75703e8a7a4ee51da577dc7b  -
901af110aade52c4353da4027be7bd38  -
9d488b0b5e1dbc1da652f5069851e958  -
8ad29f747484632eb5bed22ab4f1de18  -
ea6a424c75703e8a7a4ee51da577dc7b  -
8ad29f747484632eb5bed22ab4f1de18  -
ea6a424c75703e8a7a4ee51da577dc7b  -
b4f20eef5b6b2304541908c8a662d110  -
ea6a424c75703e8a7a4ee51da577dc7b  -
9d488b0b5e1dbc1da652f5069851e958  -
9d488b0b5e1dbc1da652f5069851e958  -

On Ubuntu 20.04 the problem occurs more rarely (it happens in about 1/64 trials), I had to re-run the send part of the test script several times to catch one, here is one such run:

dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -
dc4ea4c333235584246ccda53a7da44e  -

25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -
25243cecd14040f3397efdbb232b8e3d  -

d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -
d2356a98822ca9a41b42f257e1da562d  -

b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b5ec50ebf3b057e95c33281c5642a940  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -
b8f31df4c04dad5fab0b9dbe3206bcf3  -

On Ubuntu 22.04 I get this result:

9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -
9b41630346d659abef4bdc6fb5b99f7d  -

8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -
8af271931c3bc05ee3e80917f84e3aef  -

9ba194a3bd876df543522dad96811b21  -
c0a9393aaad68b9c20906da6e2c43fdf  -
9ba194a3bd876df543522dad96811b21  -
9ba194a3bd876df543522dad96811b21  -
9ba194a3bd876df543522dad96811b21  -
9ba194a3bd876df543522dad96811b21  -
c0a9393aaad68b9c20906da6e2c43fdf  -
9ba194a3bd876df543522dad96811b21  -
9ba194a3bd876df543522dad96811b21  -
5300b2460bcd90f987c4574f39ee8348  -
5300b2460bcd90f987c4574f39ee8348  -
5300b2460bcd90f987c4574f39ee8348  -
9ba194a3bd876df543522dad96811b21  -
5300b2460bcd90f987c4574f39ee8348  -
5300b2460bcd90f987c4574f39ee8348  -
9ba194a3bd876df543522dad96811b21  -

d31d54b7fd406bea490c58830719dd23  -
d31d54b7fd406bea490c58830719dd23  -
ec01a42b5b86ba046673aa24bfffb9f6  -
a6b1803382537fd5533d7f886626f8f9  -
a6b1803382537fd5533d7f886626f8f9  -
fffa3f1407825bc06a4db785a1b09a2f  -
d31d54b7fd406bea490c58830719dd23  -
d31d54b7fd406bea490c58830719dd23  -
a6b1803382537fd5533d7f886626f8f9  -
ec01a42b5b86ba046673aa24bfffb9f6  -
ec01a42b5b86ba046673aa24bfffb9f6  -
ec01a42b5b86ba046673aa24bfffb9f6  -
d31d54b7fd406bea490c58830719dd23  -
a6b1803382537fd5533d7f886626f8f9  -
a6b1803382537fd5533d7f886626f8f9  -
d31d54b7fd406bea490c58830719dd23  -

You can see that when -e or --raw is used (which also enables -e), the checksum of the produced send stream randomly varies, but when this option is absent the stream is always consistent.

If I pipe the differing streams to "zstreamdump -d", I find that the 5th-last byte of a WRITE_EMBEDDED object randomly varies between streams. Stream1:

WRITE_EMBEDDED object = 34 offset = 0 length = 512 toguid = c6e85c8a68d9bc42 comp = 15 etype = 0 lsize = 512 psize = 27
 00 00 00 17  21 03 00 01  00 41 80 75  e0 c6 09 00   .... !... .A.u ....
 0f 02 00 ff  d9 50 00 00  00 00 00 **b5**  b4 91 ff ff   .... .P.. .... ....
    checksum = 6b8009848a/18edf68af8264/3dd2ff870f177e9/4d022db24594e75e

Stream2:

WRITE_EMBEDDED object = 34 offset = 0 length = 512 toguid = c6e85c8a68d9bc42 comp = 15 etype = 0 lsize = 512 psize = 27
 00 00 00 17  21 03 00 01  00 41 80 75  e0 c6 09 00   .... !... .A.u ....
 0f 02 00 ff  d9 50 00 00  00 00 00 **b3**  b4 91 ff ff   .... .P.. .... ....
    checksum = 6bf409827a/18f0010aeefc8/3dd348c0cdcd3af/4d02983d739e0500

It seems to me that the padding at the end of this block contains random uninitialised memory, which causes WRITE_EMBEDDED objects to vary from send to send.

No other bytes in the stream change from run to run (ignoring the stream checksums, which differ accordingly).

However if I run this test on Arch Linux the trailing bytes of the WRITE_EMBEDDED objects are all zeros, and the stream checksum never varied in 1000 trials:

WRITE_EMBEDDED object = 34 offset = 0 length = 512 toguid = dd6fa15f6846d5bf comp = 15 etype = 0 lsize = 512 psize = 27
 00 00 00 17  21 03 00 01  00 41 80 45  18 02 09 00   .... !... .A.E ....
 0f 02 00 ff  d9 50 00 00  00 00 00 00  00 00 00 00   .... .P.. .... ....
    checksum = 51fa73ef61/eff813e44bf1/1cf75bee4fd56e5/a68c6ad3f8fe58f6

So it seems like the end of the block is being properly zeroed on Arch Linux, but not on Proxmox (Debian with Ubuntu-based kernel) or Ubuntu.
@thenickdude thenickdude added the Type: Defect Incorrect behavior (e.g. crash, hang) label Aug 17, 2022
@thenickdude
Copy link
Author

Reproduced on FreeBSD too now:

Type Version/Name
Distribution Name FreeBSD
Distribution Version 13.1-RELEASE
Kernel Version 13.1-RELEASE
Architecture AMD64
OpenZFS Version zfs-2.1.4-FreeBSD_g52bad4f23 zfs-kmod-2.1.4-FreeBSD_g52bad4f23 
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0
2c7be1f476a828a2c8a68928d796c0f0

f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55
f158399a53f1cb9e4dc6667c21e0bf55

78e2eb2fc3140920d52a75abcc7f2934
a1dc223a90b27db2a9088b5cddda3492
78e2eb2fc3140920d52a75abcc7f2934
a1dc223a90b27db2a9088b5cddda3492
ef53e8ff4abdb3d45aca94984bdfa9ab
ad33327698abc46471c3bc1562576b26
c1150289ade6237905bdd48ad3fe200a
124f0ec02e6db0b219abb965156e635d
a3f360393a9baba312b40d944d444117
c1150289ade6237905bdd48ad3fe200a
1cbd027b5cd851f69303814bd6d9869a
779a139cc8f42411d17ae653ac81b040
b564b7d4c7ed5e7f6150bc1f8abc3fd0
5c795de14c998136bb71664299522282
fc8c27684eb7a89a66fa69b476bdfa49
f2719565825d7e72a92e33bac2f3906f

181320c91766e0ea2609429ae66e9be7
68dd8c0f6c92ef45fe8c9ff5584861bf
9e2f0630fe83b8cf181692e9dd818083
68dd8c0f6c92ef45fe8c9ff5584861bf
9fe587a61cc5002a485c94169b40ad07
ffffd56580c37978e6c2f3bf61aac26f
9fe587a61cc5002a485c94169b40ad07
b6e8b789847307f0d3d953e794b78551
7528ad220dc39364bf83b028a12cd91b
9fe587a61cc5002a485c94169b40ad07
181320c91766e0ea2609429ae66e9be7
1f08c8a7fc15bb17cda89723e6b8db7a
0ef7e263b61cc85e2207b9e630f0cfc3
bf2dabcabb3006fccf7a58bc11360e5a
3a1c20542a949045792aa9e8a81b82f3
7528ad220dc39364bf83b028a12cd91b

WRITE_EMBEDDED object = 34 offset = 0 length = 512 toguid = a059b43588aa7566 comp = 15 etype = 0 lsize = 512 psize = 29
 00 00 00 19  21 03 00 01  00 61 80 15  c0 50 06 01   .... !... .a.. .P..
 0b 00 0f 02  00 ff d7 50  00 00 00 00  00 47 49 53   .... ...P .... .GIS
    checksum = 4e1a16ac69/f5eca4a36c40/20bac60f8acda88/52574901c67a7920

This one has psize=29, and you can see that the non-zero garbage bytes at the end of the block there are exactly the three padding bytes that round 29 up to the next multiple of 8 (32).

@thenickdude thenickdude changed the title Non-deterministic send-stream produced if Embedded Blocks feature is enabled (Proxmox, Ubuntu, but not Arch) Non-deterministic send-stream produced if Embedded Blocks feature is enabled (Proxmox, Ubuntu, FreeBSD, but not Arch) Aug 17, 2022
@pcd1193182
Copy link
Contributor

pcd1193182 commented Aug 17, 2022
edited
Loading

We allocate the buffer for the embedded block on the stack, and we don't zero it before use. The unpacking code also doesn't zero anything after the tail. We send unused bytes because we round the payload size up to a multiple of 8. This should be easy to fix; we can just zero the padding bytes after the call to decode_embedded_bp_compressed in dump_write_embedded. it shouldn't cause any problems in terms of receive, since the padding bytes are discarded.

ryao added a commit to ryao/zfs that referenced this issue Dec 3, 2022
@ryao
Zero end of dump_write_embedded() in embedded block buffer
a752ce0 
This fixes a kernel stack leak.

Closes openzfs#13778
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
@ryao ryao mentioned this issue Dec 3, 2022
Merged
13 tasks
@ryao
Copy link
Contributor

ryao commented Dec 3, 2022

@thenickdude If you have a chance, would you verify that #14255 fixes this?

@thenickdude
Copy link
Author

thenickdude commented Dec 3, 2022
edited
Loading

After installing your commit on Ubuntu 22.04, no changes in the send-stream were detected within 10,000 trials using the repro script I provided earlier (previously each zfs send -e's hash randomly differed from the previous trial in the majority of cases), looks like that's solved!

I also tested it by filling a pool with the ZFS sourcecode like so, and sending and receiving that snapshot and manually diffing them to verify that the send-stream was not blatantly corrupted by the patch:

truncate -s 2G /tmp/zpooltest
zpool create test /tmp/zpooltest
git clone https://github.com/openzfs/zfs /test/zfs
zfs snapshot test@here
zfs send -e test@here | zfs recv test/recv
diff -r --no-dereference /test/zfs /test/recv/zfs

No differences in the sent and received datasets were detected. I verified that this testcase did in fact exercise the problematic WRITE_EMBEDDED objects by checking the stream like so:

$ zfs send -e test@here | zstreamdump -d | grep WRITE_EMBEDDED

...
	Total DRR_WRITE_EMBEDDED records = 284 (20024 bytes)

In the original unpatched ZFS version, every send -e of this dataset's hash differed from the previous attempt. In the patched version, the hash was always consistent within 200 trials.

@ryao
Copy link
Contributor

ryao commented Dec 3, 2022

After installing your commit on Ubuntu 22.04, no changes in the send-stream were detected within 10,000 trials using the repro script I provided earlier (previously each zfs send -e's hash randomly differed from the previous trial in the majority of cases), looks like that's solved!

Awesome. Would it be alright for me to add you to the commit message in a Tested-by line?

@thenickdude
Copy link
Author

Yep, sure.

ryao added a commit to ryao/zfs that referenced this issue Dec 3, 2022
@ryao
Zero end of embedded block buffer in dump_write_embedded()
90224a5 
This fixes a kernel stack leak.

Closes openzfs#13778
Tested-by: Nicholas Sherlock <n.sherlock@gmail.com>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
andrewc12 pushed a commit to andrewc12/openzfs that referenced this issue Dec 17, 2022
@ryao @andrewc12
Zero end of embedded block buffer in dump_write_embedded()
77e9174 
This fixes a kernel stack leak.

Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Tested-by: Nicholas Sherlock <n.sherlock@gmail.com>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes openzfs#13778
Closes openzfs#14255
tonyhutter pushed a commit to tonyhutter/zfs that referenced this issue Jan 13, 2023
@ryao @tonyhutter
Zero end of embedded block buffer in dump_write_embedded()
80aed9e 
This fixes a kernel stack leak.

Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Tested-by: Nicholas Sherlock <n.sherlock@gmail.com>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes openzfs#13778
Closes openzfs#14255
tonyhutter pushed a commit to tonyhutter/zfs that referenced this issue Jan 18, 2023
@ryao @tonyhutter
Zero end of embedded block buffer in dump_write_embedded()
d748bd7 
This fixes a kernel stack leak.

Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Tested-by: Nicholas Sherlock <n.sherlock@gmail.com>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes openzfs#13778
Closes openzfs#14255
tonyhutter pushed a commit to tonyhutter/zfs that referenced this issue Jan 19, 2023
@ryao @tonyhutter
Zero end of embedded block buffer in dump_write_embedded()
a2aabac 
This fixes a kernel stack leak.

Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Tested-by: Nicholas Sherlock <n.sherlock@gmail.com>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes openzfs#13778
Closes openzfs#14255
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type: Defect Incorrect behavior (e.g. crash, hang)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pcd1193182 @ryao @thenickdude