From: Igor Fedotov <ifedotov@suse.com>
Date: Fri, 19 Apr 2019 12:04:48 +0000 (+0300)
Subject: os/bluestore: reproduce out-of-bound access for bmap allocator
X-Git-Tag: v15.1.0~2863^2~1
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=aeee8bf2bae99cd5dd7308f01b6279a9576b3919;p=ceph.git

os/bluestore: reproduce out-of-bound access for bmap allocator

Reproduces: https://tracker.ceph.com/issues/39334

Signed-off-by: Igor Fedotov <ifedotov@suse.com>
---

diff --git a/src/os/bluestore/fastbmap_allocator_impl.h b/src/os/bluestore/fastbmap_allocator_impl.h
index 98a78d4b0ca..a7c7305de5a 100755
--- a/src/os/bluestore/fastbmap_allocator_impl.h
+++ b/src/os/bluestore/fastbmap_allocator_impl.h
@@ -352,6 +352,7 @@ protected:
       pos += d0;
     }
     bits = 1;
+    ceph_assert((pos / d0) < l0.size());
     uint64_t& val_e = l0[pos / d0];
     while (pos < l0_pos_end) {
       val_e |= bits;
diff --git a/src/test/objectstore/Allocator_test.cc b/src/test/objectstore/Allocator_test.cc
index 229d793a80b..b74287302f6 100644
--- a/src/test/objectstore/Allocator_test.cc
+++ b/src/test/objectstore/Allocator_test.cc
@@ -225,6 +225,16 @@ TEST_P(AllocTest, test_alloc_non_aligned_len)
   EXPECT_EQ(want_size, alloc->allocate(want_size, alloc_unit, 0, &extents));
 }
 
+TEST_P(AllocTest, test_alloc_39334)
+{
+  int64_t block = 0x4000;
+  int64_t size = 0x5d00000000;
+
+  init_alloc(size, block);
+  alloc->init_add_free(0x4000, 0x5cffffc000);
+  EXPECT_EQ(size - block, alloc->get_free());
+}
+
 TEST_P(AllocTest, test_alloc_fragmentation)
 {
   uint64_t capacity = 4 * 1024 * 1024;