We have a fuzz test in the jsobj unit test suite that fuzzes a BSONObj and calls valid() on it. The goal is to detect cases where valid() can seg fault if it sees invalid bson. It appears that when the unit test framework was rewritten there was an issue introduced where test arguments were not correctly passed to tests. As a result, the fuzz tests were running but not doing any actual fuzzing.

I recently fixed the issue in the unit test framework, and the fuzz tests have started seg faulting. This likely means the valid() function is now not safe to call on arbitrary data. I am going to disable the fuzz tests for now.