zstd: Pass a maximum decompressed size for coredumps#397
zstd: Pass a maximum decompressed size for coredumps#397g2p wants to merge 1 commit intocanonical:mainfrom
Conversation
|
Everyone contributing to this PR have now signed the CLA. Thanks! |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #397 +/- ##
=======================================
Coverage 83.01% 83.02%
=======================================
Files 99 99
Lines 20329 20337 +8
Branches 3206 3208 +2
=======================================
+ Hits 16876 16884 +8
Misses 2933 2933
Partials 520 520 ☔ View full report in Codecov by Sentry. |
|
Thanks. What happens when the coredump size is bigger than 512 MB? Shouldn't we determine the size dynamically from the coredump file? Are you willing to work on the patch (linter fix, add test case, etc) or is it a drive-by fire-and-forget patch that we should polish? |
g2p
force-pushed
the
systemd-coredump-zstd-fix
branch
2 times, most recently
from
c378a6a to
1e5616f
Compare
|
Decompression is done in memory, so maybe it is better to keep a length limit. I've reformatted with black and added a test case. It is kind of a drive-by otherwise, if it needs more significant reworking. |
g2p
force-pushed
the
systemd-coredump-zstd-fix
branch
from
1e5616f to
46efc8d
Compare
g2p
force-pushed
the
systemd-coredump-zstd-fix
branch
from
46efc8d to
11a34e4
Compare
|
Thanks. The merge request looks good. There is one question to ask before merging: What will happen when the core-dump size is bigger than COREDUMP_MAX_SIZE? |
|
The failing codecov/project can be ignored. That is caused by fluctuating coverage (the previous run had some failure code path covered). |
|
It will blow up, as it did in some cases before the patch (systemd coredump on oracular). The problem is that callers aren't expecting errors, for example when going through So a more complete fix could involve validation, silently truncating the core dump (easy enough with another parameter to zstandard decompress), or skipping it if it's too large. |
|
I'm not asking you to implement this, but I think the best path forward would be to either move to on-disk decompression (e.g. in /var/tmp or $XDG_CACHE ?) or just skip the crash if it's too big. While they're still valuable in some use cases, truncated dumps are useless for us. |
bdrung
left a comment
bdrung
left a comment
There was a problem hiding this comment.
I am reconsidering my standpoint. This change will be a step in the right direction. It will fix the crash for dumps that are smaller than 512 MiB, but still fail for bigger ones. This change does not introduce regressions. If the compressed data contains the decompressed size header, it will ignore the max_output_size parameter. I tested this on noble with zstd NEWS.md:
compressed_news = pathlib.Path("NEWS.md.zst").read_bytes()
assert len(compressed_news) > 1024
decompressed = zstandard.ZstdDecompressor().decompress(compressed_news, max_output_size=1024)
assert len(decompressed) > len(compressed_news)I will work on __len__ to not use get_value to avoid needing to keep all the data in memory.
|
This is a different approach to fix only the |
This fixes handling of systemd coredumps, which don't necessarily include a decompressed size header. Maximum size was picked at 512M from looking at existing core dumps. Fixes https://bugs.launchpad.net/apport/+bug/2081708
bdrung
force-pushed
the
systemd-coredump-zstd-fix
branch
from
11a34e4 to
00f2d13
Compare
3 participants
This fixes handling of systemd coredumps, which don't necessarily include a decompressed size header.
Maximum size was picked at 512M from looking at existing core dumps.
Fixes https://bugs.launchpad.net/apport/+bug/2081708