When memory allocations for recovery fails,

dont dereference a null pointer while trying to print the log message for the failure.

also shutdown ctdb with ctdb_fatal()

diff --git a/server/ctdb_recover.c b/server/ctdb_recover.c
index f61b6e7b6f63b1b11ec292c0e6b29ab172ff6b74..b48b4e7214f3a1e90ca776f3c414f3ab8e9f9e55 100644 (file)
--- a/server/ctdb_recover.c
+++ b/server/ctdb_recover.c
@@ -340,10 +340,8 @@ static int traverse_pulldb(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data,
        }
        params->pulldata = talloc_realloc_size(NULL, params->pulldata, rec->length + params->len);
        if (params->pulldata == NULL) {
-               DEBUG(DEBUG_ERR,(__location__ " Failed to expand pulldb_data to %u (%u records)\n", 
-                        rec->length + params->len, params->pulldata->count));
-               params->failed = true;
-               return -1;
+               DEBUG(DEBUG_CRIT,(__location__ " Failed to expand pulldb_data to %u\n", rec->length + params->len));
+               ctdb_fatal(params->ctdb, "failed to allocate memory for recovery. shutting down\n");
        }
        params->pulldata->count++;
        memcpy(params->len+(uint8_t *)params->pulldata, rec, rec->length);