Fix l2arc_apply_transforms ztest crash

In #13375 we modified the allocation size of the buffer that we use 
to apply l2arc transforms to be the size of the arc hdr we're using, 
rather than the allocation size that will be in place on the disk, 
because sometimes the hdr size is larger. Unfortunately, sometimes 
the allocation size is larger, which means that we overflow the buffer 
in that case. This change modifies the allocation to be the max of 
the two values

Reviewed-by: Mark Maybee <mark.maybee@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Paul Dagnelie <pcd@delphix.com>
Closes #15177
Closes #15248
This commit is contained in:
Paul Dagnelie 2023-09-19 08:58:14 -07:00 committed by GitHub
parent 6cb933c56e
commit 741c215bab
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -9092,15 +9092,16 @@ l2arc_apply_transforms(spa_t *spa, arc_buf_hdr_t *hdr, uint64_t asize,
* write things before deciding to fail compression in nearly * write things before deciding to fail compression in nearly
* every case.) * every case.)
*/ */
cabd = abd_alloc_for_io(size, ismd); uint64_t bufsize = MAX(size, asize);
tmp = abd_borrow_buf(cabd, size); cabd = abd_alloc_for_io(bufsize, ismd);
tmp = abd_borrow_buf(cabd, bufsize);
psize = zio_compress_data(compress, to_write, &tmp, size, psize = zio_compress_data(compress, to_write, &tmp, size,
hdr->b_complevel); hdr->b_complevel);
if (psize >= asize) { if (psize >= asize) {
psize = HDR_GET_PSIZE(hdr); psize = HDR_GET_PSIZE(hdr);
abd_return_buf_copy(cabd, tmp, size); abd_return_buf_copy(cabd, tmp, bufsize);
HDR_SET_COMPRESS(hdr, ZIO_COMPRESS_OFF); HDR_SET_COMPRESS(hdr, ZIO_COMPRESS_OFF);
to_write = cabd; to_write = cabd;
abd_copy(to_write, hdr->b_l1hdr.b_pabd, psize); abd_copy(to_write, hdr->b_l1hdr.b_pabd, psize);
@ -9110,9 +9111,9 @@ l2arc_apply_transforms(spa_t *spa, arc_buf_hdr_t *hdr, uint64_t asize,
} }
ASSERT3U(psize, <=, HDR_GET_PSIZE(hdr)); ASSERT3U(psize, <=, HDR_GET_PSIZE(hdr));
if (psize < asize) if (psize < asize)
memset((char *)tmp + psize, 0, asize - psize); memset((char *)tmp + psize, 0, bufsize - psize);
psize = HDR_GET_PSIZE(hdr); psize = HDR_GET_PSIZE(hdr);
abd_return_buf_copy(cabd, tmp, size); abd_return_buf_copy(cabd, tmp, bufsize);
to_write = cabd; to_write = cabd;
} }