Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-30576

junk data on the wire causes segfault in latest dev build

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • None
    • Fully Compatible
    • OS X
    • Hide

      using any recent version of the node driver:

      const MongoClient = require('mongodb').MongoClient;
MongoClient.connect('mongodb://localhost')
  .then(db => {
    db.serverConfig.connections()[0]
      .write(new Buffer('312312321321askdjljsaNCKnablibh'))
  });
      Show
      using any recent version of the node driver: const MongoClient = require( 'mongodb' ).MongoClient; MongoClient.connect( 'mongodb: //localhost' ) .then(db => { db.serverConfig.connections()[0] .write( new Buffer( '312312321321askdjljsaNCKnablibh' )) });

      We have some node driver tests that inject junk data onto the wire in order to cause certain network failures. The tests were failing with v3.5.11, and when I dug a little deeper it seems the behavior now crashes the server

       
mbroadst@gorgor:~$ mongod --version
db version v3.5.11
git version: a8a9854b666515d48720cf2b203553954b6a75e6
OpenSSL version: OpenSSL 0.9.8zh 14 Jan 2016
allocator: system
modules: none
build environment:
    distarch: x86_64
    target_arch: x86_64

      Process 21862 stopped
* thread #2, name = 'conn3', stop reason = signal SIGTRAP
    frame #0: 0x00007fff8aedcdd6 libsystem_kernel.dylib`__pthread_kill + 10
libsystem_kernel.dylib`__pthread_kill:
->  0x7fff8aedcdd6 <+10>: jae    0x7fff8aedcde0            ; <+20>
    0x7fff8aedcdd8 <+12>: movq   %rax, %rdi
    0x7fff8aedcddb <+15>: jmp    0x7fff8aed5cdf            ; cerror_nocancel
    0x7fff8aedcde0 <+20>: retq
(lldb) bt
* thread #2, name = 'conn3', stop reason = signal SIGTRAP
  * frame #0: 0x00007fff8aedcdd6 libsystem_kernel.dylib`__pthread_kill + 10
    frame #1: 0x00007fff8afc8787 libsystem_pthread.dylib`pthread_kill + 90
    frame #2: 0x00007fff8adf3497 libsystem_c.dylib`raise + 26
    frame #3: 0x00000001015716b4 mongod`mongo::breakpoint() + 84
    frame #4: 0x00000001014affe0 mongod`mongo::invariantFailed(char const*, char const*, unsigned int) + 512
    frame #5: 0x0000000100205839 mongod`mongo::ServiceStateMachine::_processMessage(mongo::ServiceStateMachine::ThreadGuard&) + 2249
    frame #6: 0x0000000100204564 mongod`mongo::ServiceStateMachine::_runNextInGuard(mongo::ServiceStateMachine::ThreadGuard&) + 372
    frame #7: 0x0000000100204f28 mongod`mongo::ServiceStateMachine::runNext() + 56
    frame #8: 0x0000000100203687 mongod`std::__1::__function::__func<mongo::ServiceEntryPointImpl::startSession(std::__1::shared_ptr<mongo::transport::Session>)::$_1, std::__1::allocator<mongo::ServiceEntryPointImpl::startSession(std::__1::shared_ptr<mongo::transport::Session>)::$_1>, void ()>::operator()() + 135
    frame #9: 0x00000001013c6a5c mongod`mongo::(anonymous namespace)::runFunc(void*) + 28
    frame #10: 0x00000001013c6b51 mongod`void* std::__1::__thread_proxy<std::__1::tuple<std::__1::__bind<void* (&)(void*), std::__1::function<void ()>*> > >(void*) + 97
    frame #11: 0x00007fff8afc5aab libsystem_pthread.dylib`_pthread_body + 180
    frame #12: 0x00007fff8afc59f7 libsystem_pthread.dylib`_pthread_start + 286
    frame #13: 0x00007fff8afc51fd libsystem_pthread.dylib`thread_start + 13

            Assignee:
            backlog-server-platform DO NOT USE - Backlog - Platform Team
            Reporter:
            matt.broadstone@mongodb.com Matt Broadstone
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: