Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-1827

Memory leak when there's multiple query plans with empty result

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 1.6.4, 1.7.1
    • Affects Version/s: 1.6.2
    • Component/s: Stability
    • Labels:
      None
    • ALL

      Steps to reproduce:
      on empty DB do

      > db.tst.insert({_id: "foo", k: "bar"})
      > db.tst.find({$or: [{_id: "a", k: "b"}, {_id: "c", k: "d"}]})

      Every such find() statement produces a leak of 32k bytes(see the very last record in attached valgrind log)

      The problem is that in UserQueryOp::finish(), when appending data to message, there's no check if data length is 0. Here's the code:
      – db/query.cpp@818
      if ( _pq.isExplain())

      { _eb.noteScan( _c.get(), _nscanned, _nscannedObjects, _n, scanAndOrderRequired(), _curop.elapsedMillis(), useHints && !_pq.getHint().eoo() ); }

      else

      { _response.appendData( _buf.buf(), _buf.len() ); _buf.decouple(); }


      In case when _buf.len() is 0, the _response doesn't take ownership over _buf data, so after calling _buf.decouple() allocated buffer is lost and will be never freed.

      I was able to reproduce this on 1.6.2 and git master, patch against master is attached.

        1. patch.diff
          0.7 kB
        2. val.log
          726 kB

            Assignee:
            mathias@mongodb.com Mathias Stearn
            Reporter:
            cverutin Constantine Verutin
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: