From: Sage Weil <sage@inktank.com>
Date: Fri, 24 Aug 2012 18:16:01 +0000 (-0700)
Subject: osd: fix use-after-free in handle_notify_timeout
X-Git-Tag: v0.51~1
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=bcd4b09ba93c57d3e696cfd8101538ea217d4aa2;p=ceph.git

osd: fix use-after-free in handle_notify_timeout

Valgrind turned this up.

Signed-off-by: Sage Weil <sage@inktank.com>
---

diff --git a/src/osd/OSD.cc b/src/osd/OSD.cc
index e2e45351850..4c27d18fa87 100644
--- a/src/osd/OSD.cc
+++ b/src/osd/OSD.cc
@@ -2267,10 +2267,12 @@ void OSD::handle_notify_timeout(void *_notif)
 
   ReplicatedPG::ObjectContext *obc = (ReplicatedPG::ObjectContext *)notif->obc;
 
+  pg_t pgid = notif->pgid;
+
   complete_notify(_notif, obc);
   service.watch_lock.Unlock(); /* drop lock to change locking order */
 
-  put_object_context(obc, notif->pgid);
+  put_object_context(obc, pgid);
   service.watch_lock.Lock();
   /* exiting with watch_lock held */
 }