git-server-git.apps.pok.os.sepia.ceph.com Git

author	Oguzhan Ozmen <oozmen@bloomberg.net>
	Tue, 19 May 2026 22:12:35 +0000 (22:12 +0000)
committer	Oguzhan Ozmen <oozmen@bloomberg.net>
	Wed, 20 May 2026 13:56:31 +0000 (13:56 +0000)
commit	61b6d72226072d8eae791909b066471ce42d746c
tree	5cdf3cfadf79abad575cf919a4c6597f734b4025	tree \| snapshot
parent	a323441c65cd3db1767e1207d1fbad94990c65b6	commit \| diff

rgw/datalog: DataLogBackends::trim_entries: fix crash when target_gen > head_gen

When a cluster has no sync zones (single-zone), DataLogTrimCR passes
max_marker() as the trim marker, which encodes target_gen = UINT64_MAX
from gencursor(). In DataLogBackends::trim_entries, after trimming the
head (last) generation, the break condition

if (be->gen_id == target_gen)

is false (e.g. 0 != UINT64_MAX), so the loop attempts its increment
expression:

be = upper_bound(be->gen_id)->second

upper_bound(head_gen) returns end(), and dereferencing end()->second
causes crash.

Fix: also break when be->gen_id >= head_gen. Once we've trimmed the
head generation there are no further backends in the map, so the
upper_bound dereference in the loop increment will be skipped.

This is a general bug that affects any cluster using max_marker() as a
trim target (i.e. every single-zone deployment).

Signed-off-by: Oguzhan Ozmen <oozmen@bloomberg.net>

src/rgw/driver/rados/rgw_datalog.cc		diff \| blob \| history
src/test/rgw/test_datalog.cc		diff \| blob \| history