dev: Fix segfault in flash device

Fix a bug in which the flash device would write out of bounds and
could either trigger a segfault and corrupt the memory of other
objects. This was caused by using pageSize in the place of
pagesPerBlock when running the garbage collector.

Also, added an assert to flag this condition in the future.

diff --git a/src/dev/arm/flash_device.cc b/src/dev/arm/flash_device.cc
index 8e337cd86d478b7362a5e49afd25d8bcd17bbedf..b0b855349c218d14b216b744110328c3b1c971df 100644 (file)
--- a/src/dev/arm/flash_device.cc
+++ b/src/dev/arm/flash_device.cc
@@ -379,7 +379,8 @@ FlashDevice::remap(uint64_t logic_page_addr)
         block = locationTable[logic_page_addr].block * pagesPerBlock;
 
         //assumption: clean will improve locality
-        for (uint32_t count = 0; count < pageSize; count++) {
+        for (uint32_t count = 0; count < pagesPerBlock; count++) {
+            assert(block + count < pagesPerDisk);
             locationTable[block + count].page = (block + count) %
                 pagesPerBlock;
             ++count;