bcachefs: Work around a zstd bug

The zstd compression code seems to have a bug where it will write just past the end of the destination buffer - probably only when the compressed output isn't going to fit in the destination buffer, which will never happen if you're always allocating a bigger buffer than the source buffer which would explain other users not hitting it. But, we size the buffer according to how much contiguous space on disk we have, so... generally, bugs like this don't write more than a word past the end of the buffer, so an easy workaround is to subtract a fudge factor from the buffer size. Signed-off-by: Kent Overstreet <kent.overstreet@gmail.com> Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev>
2024-09-29 13:53:33 +00:00 · 2021-01-07 17:06:22 -05:00 · 2021-01-07 17:06:22 -05:00 · fd54c40e00
commit fd54c40e00
parent 29d90f61eb
1 changed files with 12 additions and 1 deletions
--- a/fs/bcachefs/compress.c
+++ b/fs/bcachefs/compress.c
@ -336,8 +336,19 @@ static int attempt_compress(struct bch_fs *c,
 		ZSTD_CCtx *ctx = zstd_init_cctx(workspace,
 			zstd_cctx_workspace_bound(&c->zstd_params.cParams));

+		/*
+		 * ZSTD requires that when we decompress we pass in the exact
+		 * compressed size - rounding it up to the nearest sector
+		 * doesn't work, so we use the first 4 bytes of the buffer for
+		 * that.
+		 *
+		 * Additionally, the ZSTD code seems to have a bug where it will
+		 * write just past the end of the buffer - so subtract a fudge
+		 * factor (7 bytes) from the dst buffer size to account for
+		 * that.
+		 */
 		size_t len = zstd_compress_cctx(ctx,
-				dst + 4,	dst_len - 4,
+				dst + 4,	dst_len - 4 - 7,
 				src,		src_len,
 				&c->zstd_params);
 		if (zstd_is_error(len))