mds: Fix mds crash while removing ceph.dir.subvolume

Removing vxattr 'ceph.dir.subvolume' on a directory without
it being set causes the mds to crash. This is because the
snaprealm would be null for the directory and the null check
is missing. Setting the vxattr, creates the snaprealm for
the directory as part of it. Hence, mds doesn't crash when
the vxattr is set and then removed. This patch fixes the same.

Reproducer:
$mkdir /mnt/dir1
$setfattr -x "ceph.dir.subvolume" /mnt/dir1

Traceback:
-------
Core was generated by `./ceph/build/bin/ceph-mds -i a -c ./ceph/build/ceph.conf'.
Program terminated with signal SIGSEGV, Segmentation fault.
(gdb) bt
 #0  0x00007f33f1aa8034 in __pthread_kill_implementation () from /lib64/libc.so.6
 #1  0x00007f33f1a4ef1e in raise () from /lib64/libc.so.6
 #2  0x0000562b148a6fd0 in reraise_fatal (signum=signum@entry=11) at /ceph/src/global/signal_handler.cc:88
 #3  0x0000562b148a83d9 in handle_oneshot_fatal_signal (signum=11) at /ceph/src/global/signal_handler.cc:367
 #4  <signal handler called>
 #5  Server::handle_client_setvxattr (this=0x562b4ee3f800, mdr=..., cur=0x562b4ef9cc00) at /ceph/src/mds/Server.cc:6406
 #6  0x0000562b145fadc2 in Server::handle_client_removexattr (this=0x562b4ee3f800, mdr=...) at /ceph/src/mds/Server.cc:7022
 #7  0x0000562b145fbff0 in Server::dispatch_client_request (this=0x562b4ee3f800, mdr=...) at /ceph/src/mds/Server.cc:2825
 #8  0x0000562b145fcfa2 in Server::handle_client_request (this=0x562b4ee3f800, req=...) at /ceph/src/mds/Server.cc:2676
 #9  0x0000562b1460063c in Server::dispatch (this=0x562b4ee3f800, m=...) at /ceph/src/mds/Server.cc:382
 #10 0x0000562b1450eb22 in MDSRank::handle_message (this=this@entry=0x562b4ef42008, m=...) at /ceph/src/mds/MDSRank.cc:1222
 #11 0x0000562b14510c93 in MDSRank::_dispatch (this=this@entry=0x562b4ef42008, m=..., new_msg=new_msg@entry=true)
     at /ceph/src/mds/MDSRank.cc:1045
 #12 0x0000562b14511620 in MDSRankDispatcher::ms_dispatch (this=this@entry=0x562b4ef42000, m=...) at /ceph/src/mds/MDSRank.cc:1019
 #13 0x0000562b144ff117 in MDSDaemon::ms_dispatch2 (this=0x562b4ee64000, m=...) at /ceph/src/common/RefCountedObj.h:56
 #14 0x00007f33f2f4974a in Messenger::ms_deliver_dispatch (this=0x562b4ee70000, m=...) at /ceph/src/msg/Messenger.h:746
 #15 0x00007f33f2f467e2 in DispatchQueue::entry (this=0x562b4ee703b8) at /ceph/src/msg/DispatchQueue.cc:202
 #16 0x00007f33f2ff61cb in DispatchQueue::DispatchThread::entry (this=<optimized out>) at /ceph/src/msg/DispatchQueue.h:101
 #17 0x00007f33f2df4b5d in Thread::entry_wrapper (this=0x562b4ee70518) at /ceph/src/common/Thread.cc:87
 #18 0x00007f33f2df4b6f in Thread::_entry_func (arg=<optimized out>) at /ceph/src/common/Thread.cc:74
 #19 0x00007f33f1aa6088 in start_thread () from /lib64/libc.so.6
 #20 0x00007f33f1b29f8c in clone3 () from /lib64/libc.so.6
---------

Fixes: https://tracker.ceph.com/issues/70794
Signed-off-by: Kotresh HR <khiremat@redhat.com>

diff --git a/src/mds/Server.cc b/src/mds/Server.cc
index 261ae715be9b5bde64b0cb3785aaf13880c1541b..e7ea11464ebd5b1f2984bdc1b38e781f52daeaed 100644 (file)
--- a/src/mds/Server.cc
+++ b/src/mds/Server.cc
@@ -6409,7 +6409,7 @@ void Server::handle_client_setvxattr(const MDRequestRef& mdr, CInode *cur)
     try {
       if (is_rmxattr) {
         const auto srnode = cur->get_projected_srnode();
-       if (!srnode->is_subvolume()) {
+       if (srnode && !srnode->is_subvolume()) {
          respond_to_request(mdr, 0);
          return;
        }