Commit 304f0802 authored Nov 04, 2022 by Kozlowski Mateusz Committed by Tomasz Zawadzki Nov 22, 2022

lib/ftl: Fix segfault in recovery path of unmap



The ftl_md_get_buffer_size returns the buffer size in bytes, so we
should divide by the block size, instead of this smaller value. Risks
touching bad memory during dirty shutdown recovery, especially in >16TiB
drives.

Signed-off-by: Kozlowski Mateusz <mateusz.kozlowski@intel.com>
Signed-off-by: Mariusz Barczak <mariusz.barczak@intel.com>
Change-Id: I4095b00a79a1bdbce5046dc46349a9670e41b18e
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/15259


Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
Community-CI: Mellanox Build Bot
Reviewed-by: Ben Walker <benjamin.walker@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>

parent 6a26cb60

lib/ftl/mngt/ftl_mngt_recovery.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -770,7 +770,7 @@ ftl_mngt_recover_unmap_map_cb(struct spdk_ftl_dev dev, struct ftl_md md, int s
		return;
		}

		num_md_blocks = ftl_md_get_buffer_size(md) / lbas_in_page;
		num_md_blocks = ftl_md_get_buffer_size(md) / FTL_BLOCK_SIZE;

		for (i = 0; i < num_md_blocks; ++i, page_vss++) {
		lba = page_vss->unmap.start_lba;