From ceed7ff9e65e22baae4ab9fc851517c83a168592 Mon Sep 17 00:00:00 2001 From: Semyon Danilov Date: Fri, 26 Jan 2024 21:03:51 +0000 Subject: [PATCH 1/2] Fix use after free --- .../pdisk/blobstorage_pdisk_impl_log.cpp | 13 +++++-------- .../blobstorage/pdisk/blobstorage_pdisk_state.h | 1 + 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/ydb/core/blobstorage/pdisk/blobstorage_pdisk_impl_log.cpp b/ydb/core/blobstorage/pdisk/blobstorage_pdisk_impl_log.cpp index dfa78979f08b..60d0f450502f 100644 --- a/ydb/core/blobstorage/pdisk/blobstorage_pdisk_impl_log.cpp +++ b/ydb/core/blobstorage/pdisk/blobstorage_pdisk_impl_log.cpp @@ -13,27 +13,24 @@ class TLogFlushCompletionAction : public TCompletionAction { const ui32 EndChunkIdx; const ui32 EndSectorIdx; THolder &CommonLogger; + TCompletionAction* CompletionLogWrite; public: TLogFlushCompletionAction(ui32 endChunkIdx, ui32 endSectorIdx, THolder &commonLogger, TCompletionAction* completionLogWrite) : EndChunkIdx(endChunkIdx) , EndSectorIdx(endSectorIdx) - , CommonLogger(commonLogger) { - this->FlushAction = completionLogWrite; - } + , CommonLogger(commonLogger) + , CompletionLogWrite(completionLogWrite) { } void Exec(TActorSystem *actorSystem) override { CommonLogger->FirstUncommitted = TFirstUncommitted(EndChunkIdx, EndSectorIdx); - Y_DEBUG_ABORT_UNLESS(FlushAction); - - // FlushAction here is a TCompletionLogWrite which will decrease owner's inflight count. - FlushAction->Exec(actorSystem); + CompletionLogWrite->Exec(actorSystem); delete this; } void Release(TActorSystem *actorSystem) override { - FlushAction->Release(actorSystem); + CompletionLogWrite->Release(actorSystem); delete this; } diff --git a/ydb/core/blobstorage/pdisk/blobstorage_pdisk_state.h b/ydb/core/blobstorage/pdisk/blobstorage_pdisk_state.h index 5dc1eba7a6c4..641ca889adef 100644 --- a/ydb/core/blobstorage/pdisk/blobstorage_pdisk_state.h +++ b/ydb/core/blobstorage/pdisk/blobstorage_pdisk_state.h @@ -196,6 +196,7 @@ struct TOwnerData { CurrentFirstLsnToKeep = 0; LastWrittenCommitLsn = 0; CutLogId = TActorId(); + LogEndPosition = TLogEndPosition(0, 0); WhiteboardProxyId = TActorId(); LogRecordsInitiallyRead = 0; LogRecordsConsequentlyRead = 0; From 4e2772631f6ab338f5d1a40edf215bd5361963b5 Mon Sep 17 00:00:00 2001 From: Semyon Danilov Date: Mon, 29 Jan 2024 10:53:02 +0000 Subject: [PATCH 2/2] Propagate completion result and error --- ydb/core/blobstorage/pdisk/blobstorage_pdisk_impl_log.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/ydb/core/blobstorage/pdisk/blobstorage_pdisk_impl_log.cpp b/ydb/core/blobstorage/pdisk/blobstorage_pdisk_impl_log.cpp index 60d0f450502f..44d5bb98a11c 100644 --- a/ydb/core/blobstorage/pdisk/blobstorage_pdisk_impl_log.cpp +++ b/ydb/core/blobstorage/pdisk/blobstorage_pdisk_impl_log.cpp @@ -23,13 +23,17 @@ class TLogFlushCompletionAction : public TCompletionAction { void Exec(TActorSystem *actorSystem) override { CommonLogger->FirstUncommitted = TFirstUncommitted(EndChunkIdx, EndSectorIdx); - + + CompletionLogWrite->SetResult(Result); + CompletionLogWrite->SetErrorReason(ErrorReason); CompletionLogWrite->Exec(actorSystem); delete this; } void Release(TActorSystem *actorSystem) override { + CompletionLogWrite->SetResult(Result); + CompletionLogWrite->SetErrorReason(ErrorReason); CompletionLogWrite->Release(actorSystem); delete this;