From 3187b036d83adae3646d411e6705e056189f33bb Mon Sep 17 00:00:00 2001
From: Sage Weil <sage@redhat.com>
Date: Thu, 3 May 2018 08:45:09 -0500
Subject: [PATCH] osd/PG: fix uninit read in Incomplete::react(AdvMap&)

If a PG is incomplete when the pool is deleted we'll dereference invalid
iterators here.

Fixes: http://tracker.ceph.com/issues/23980
Signed-off-by: Sage Weil <sage@redhat.com>
---
 src/osd/PG.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/osd/PG.cc b/src/osd/PG.cc
index c490c47709d2..37e2bdbe7506 100644
--- a/src/osd/PG.cc
+++ b/src/osd/PG.cc
@@ -8959,7 +8959,8 @@ boost::statechart::result PG::RecoveryState::Incomplete::react(const AdvMap &adv
   int64_t poolnum = pg->info.pgid.pool();
 
   // Reset if min_size turn smaller than previous value, pg might now be able to go active
-  if (advmap.lastmap->get_pools().find(poolnum)->second.min_size >
+  if (!advmap.osdmap->have_pg_pool(poolnum) ||
+      advmap.lastmap->get_pools().find(poolnum)->second.min_size >
       advmap.osdmap->get_pools().find(poolnum)->second.min_size) {
     post_event(advmap);
     return transit< Reset >();
-- 
2.47.3