From 3408332d715413e87b16fd5d7e4e4c04a4f03498 Mon Sep 17 00:00:00 2001
From: Mateusz Piotrowski <mateusz.piotrowski@klarasystems.com>
Date: Tue, 24 Feb 2026 19:24:22 +0100
Subject: [PATCH] zhack: Fix importing large allocation profiles on small pools
 (#18256)

This patch fixes a segmentation fault in zhack metaslab leak which might
be triggered by feeding zhack with a fragmentation profile that's
exported from a pool larger than the target pool.

Fixes: 8f15d2e4d58525e583277ccfef83f2056be4f72e
Sponsored-by: Klara, Inc.
Sponsored-by: Wasabi Technology, Inc.
Reviewed-by: Paul Dagnelie <paul.dagnelie@klarasystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>

Signed-off-by: Mateusz Piotrowski <mateusz.piotrowski@klarasystems.com>
---
 cmd/zhack.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cmd/zhack.c b/cmd/zhack.c
index 6e202d17d..e9306e63f 100644
--- a/cmd/zhack.c
+++ b/cmd/zhack.c
@@ -745,8 +745,11 @@ zhack_do_metaslab_leak(int argc, char **argv)
 			    &start, &size), ==, 2);
 
 			ASSERT(vd);
-			metaslab_t *cur =
-			    vd->vdev_ms[start >> vd->vdev_ms_shift];
+			size_t idx;
+			idx = start >> vd->vdev_ms_shift;
+			if (idx >= vd->vdev_ms_count)
+				continue;
+			metaslab_t *cur = vd->vdev_ms[idx];
 			if (prev != cur) {
 				if (prev) {
 					dmu_tx_commit(tx);