From aa4c90254e495840aef367b5d6144b2ea861e452 Mon Sep 17 00:00:00 2001 From: Radoslaw Zarzynski Date: Wed, 7 Apr 2021 19:48:49 +0000 Subject: [PATCH] crimson/osd: fix the lifetime of Notify during timeouts. This fixes a segfault during `LibRadosWatchNotify.WatchNotify2Timeout`. Signed-off-by: Radoslaw Zarzynski --- src/crimson/osd/watch.cc | 4 ++++ src/crimson/osd/watch.h | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/crimson/osd/watch.cc b/src/crimson/osd/watch.cc index 8898be8bdf3..ee9308e2858 100644 --- a/src/crimson/osd/watch.cc +++ b/src/crimson/osd/watch.cc @@ -210,6 +210,10 @@ void Notify::do_timeout() if (complete) { return; } + // it might be that `this` is kept alive only because of the reference + // a watcher stores and which is being removed by `cancel_notify()`. + // to avoid use-after-free we bump up the ref counter with `guard_ptr`. + [[maybe_unused]] auto guard_ptr = shared_from_this(); for (auto& watcher : watchers) { watcher->cancel_notify(ninfo.notify_id); } diff --git a/src/crimson/osd/watch.h b/src/crimson/osd/watch.h index c58cf3edd4a..4b50d286050 100644 --- a/src/crimson/osd/watch.h +++ b/src/crimson/osd/watch.h @@ -106,7 +106,7 @@ struct notify_reply_t { }; std::ostream &operator<<(std::ostream &out, const notify_reply_t &rhs); -class Notify { +class Notify : public seastar::enable_shared_from_this { std::set watchers; const notify_info_t ninfo; crimson::net::ConnectionRef conn; -- 2.39.5