From: Arthur Outhenin-Chalandre Date: Fri, 21 May 2021 15:05:24 +0000 (+0200) Subject: rbd-mirror: fix segfault in snapshot replayer shutdown X-Git-Tag: v16.2.5~50^2 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=c34729fd0738d3cf3546a6023dc4454c7ab1e0e8;p=ceph.git rbd-mirror: fix segfault in snapshot replayer shutdown If an error arises in the init flow of the snapshot replayer and the function returns before the call on `register_local_update_watcher` the value of `m_update_watch_ctx` will not be initialized. Therefore, on the shutdown phase, the replayer will try to free this pointer and segfault. This commit fixes this issue by setting `m_update_watch_ctx` to `nullptr`. Fixes: https://tracker.ceph.com/issues/50931 Signed-off-by: Arthur Outhenin-Chalandre (cherry picked from commit 3bc07f6ce06151d96949becb2be423cfabf01429) --- diff --git a/src/tools/rbd_mirror/image_replayer/snapshot/Replayer.h b/src/tools/rbd_mirror/image_replayer/snapshot/Replayer.h index 170d3c1d0cc8..c2c28171f87d 100644 --- a/src/tools/rbd_mirror/image_replayer/snapshot/Replayer.h +++ b/src/tools/rbd_mirror/image_replayer/snapshot/Replayer.h @@ -211,7 +211,7 @@ private: int m_error_code = 0; std::string m_error_description; - C_UpdateWatchCtx* m_update_watch_ctx; + C_UpdateWatchCtx* m_update_watch_ctx = nullptr; uint64_t m_local_update_watcher_handle = 0; uint64_t m_remote_update_watcher_handle = 0; bool m_image_updated = false;