From f96e4545bd7a4dd9c58eb7e8a42eafe0b18089ad Mon Sep 17 00:00:00 2001
From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Wed, 1 May 2013 16:43:37 -0400
Subject: [PATCH] consumer relayd interaction: fix segfaults

State where control socket is unset but data socket is set for a relayd
socket pair can be reached if relayd suddently disconnects at the wrong
time. Ensure we always verify that the file descriptors and operations
are initialized before using them.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
---
 src/common/consumer.c      |  2 ++
 src/common/relayd/relayd.c | 20 ++++++++++++++++++++
 2 files changed, 22 insertions(+)

diff --git a/src/common/consumer.c b/src/common/consumer.c
index c47c0ff08..0e9c52e83 100644
--- a/src/common/consumer.c
+++ b/src/common/consumer.c
@@ -720,6 +720,8 @@ struct consumer_relayd_sock_pair *consumer_allocate_relayd_sock_pair(
 	obj->net_seq_idx = net_seq_idx;
 	obj->refcount = 0;
 	obj->destroy_flag = 0;
+	obj->control_sock.sock.fd = -1;
+	obj->data_sock.sock.fd = -1;
 	lttng_ht_node_init_u64(&obj->node, obj->net_seq_idx);
 	pthread_mutex_init(&obj->ctrl_sock_mutex, NULL);
 
diff --git a/src/common/relayd/relayd.c b/src/common/relayd/relayd.c
index aa3f76853..2283865cf 100644
--- a/src/common/relayd/relayd.c
+++ b/src/common/relayd/relayd.c
@@ -41,6 +41,10 @@ static int send_command(struct lttcomm_relayd_sock *rsock,
 	char *buf;
 	uint64_t buf_size = sizeof(header);
 
+	if (rsock->sock.fd < 0) {
+		return -ECONNRESET;
+	}
+
 	if (data) {
 		buf_size += size;
 	}
@@ -87,6 +91,10 @@ static int recv_reply(struct lttcomm_relayd_sock *rsock, void *data, size_t size
 {
 	int ret;
 
+	if (rsock->sock.fd < 0) {
+		return -ECONNRESET;
+	}
+
 	DBG3("Relayd waiting for reply of size %zu", size);
 
 	ret = rsock->sock.ops->recvmsg(&rsock->sock, data, size, 0);
@@ -337,6 +345,13 @@ int relayd_connect(struct lttcomm_relayd_sock *rsock)
 	/* Code flow error. Safety net. */
 	assert(rsock);
 
+	if (!rsock->sock.ops) {
+		/*
+		 * Attempting a connect on a non-initialized socket.
+		 */
+		return -ECONNRESET;
+	}
+
 	DBG3("Relayd connect ...");
 
 	return rsock->sock.ops->connect(&rsock->sock);
@@ -379,6 +394,7 @@ int relayd_close(struct lttcomm_relayd_sock *rsock)
 			PERROR("relayd_close default close");
 		}
 	}
+	rsock->sock.fd = -1;
 
 end:
 	return ret;
@@ -396,6 +412,10 @@ int relayd_send_data_hdr(struct lttcomm_relayd_sock *rsock,
 	assert(rsock);
 	assert(hdr);
 
+	if (rsock->sock.fd < 0) {
+		return -ECONNRESET;
+	}
+
 	DBG3("Relayd sending data header of size %zu", size);
 
 	/* Again, safety net */
-- 
2.34.1