design + stress jstest: initial-sync cloner function_ref lifetime audit

XMLWordPrintableJSON

    • Type: Task
    • Resolution: Unresolved
    • Priority: Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Companion artifact for SERVER-126463 (collection cloner function_ref UAF risk).

      Names `collection_cloner.cpp:565-572`: `function_ref` bound to ternary lambda temps, invoked in `CollectionBulkLoaderImpl::insertDocuments` line 210. Currently latent only because captureless lambdas decay to function pointers. Proposes hoist-to-auto-local OR unary `+` decay tripwire.

      Files in worktree mongo-w4-5:

      • jstests/noPassthrough/repl/initial_sync_cloner_fn_ref_lifetime.js (153 lines)
      • src/mongo/db/repl/SERVER-126463-design.md

      Status: Draft.

            Assignee:
            Unassigned
            Reporter:
            Mehar Grewal
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: