Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-19442

ESE- Access violation as result of invalid pointer under low resources simulation

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.1.7
    • Component/s: Storage, WiredTiger
    • Labels:
    • Backwards Compatibility:
      Fully Compatible
    • Operating System:
      ALL
    • Steps To Reproduce:
      Hide

      Install application verifier from here
      https://dev.windows.com/en-us/downloads/windows-10-sdk
      Start mongod in a loop and wait for it to break into debugger
      Run any simple CRUD operation.
      Configure
      appverif /verify mongod.exe /faults 5 1000

      Show
      Install application verifier from here https://dev.windows.com/en-us/downloads/windows-10-sdk Start mongod in a loop and wait for it to break into debugger Run any simple CRUD operation. Configure appverif /verify mongod.exe /faults 5 1000
    • Epic Link:
    • Sprint:
      Security 7 08/10/15

      Description

      version:
      db version v3.1.6-pre-
      git version: 23055835b7455c87120dc6f5a87ff0b497ac6d66
      ESE enabled
      running mongod w/ the parameters below

      --replSet EitanRs4 --port 5002 --dbpath D:\data\db1 --storageEngine wiredTiger --logpath d:\data\rs3primary.txt --enableEncryption --encryptionKeyFile ese_32_byte_key.dat --sslMode allowSSL --sslPEMKeyFile mongod.pem --sslCAFile .\ca.pem --setParameter saslHostName=localhost --sslAllowInvalidHostnames

      Environment: windows

      Issue: Access violation as results of passing invalid pointer

      0:020> g
      (c64.1018): Access violation - code c0000005 (!!! second chance !!!)
      LIBEAY32!EVP_CipherInit_ex+0x46:
      00000000`778eebc6 896910          mov     dword ptr [rcx+10h],ebp ds:00000000`00000010=????????
      0:020> 
      0:020> k
       # Child-SP          RetAddr           Call Site
      00 0000002b`2079c220 00000000`778ef4e4 LIBEAY32!EVP_CipherInit_ex+0x46 [z:\temp\openssl-1.0.1p\crypto\evp\evp_enc.c @ 111]
      01 0000002b`2079c280 00007ff6`f040b03c LIBEAY32!EVP_EncryptInit_ex+0x24 [z:\temp\openssl-1.0.1p\crypto\evp\evp_enc.c @ 290]
      02 0000002b`2079c2c0 00007ff6`f040bf99 mongod!mongo::crypto::aesEncrypt+0x2ac [c:\data\mci\src\src\mongo\db\modules\enterprise\src\encryptdb\symmetric_crypto.cpp @ 49]
      03 0000002b`2079c590 00007ff6`f0a95703 mongod!mongo::`anonymous namespace'::encrypt+0xe9 [c:\data\mci\src\src\mongo\db\modules\enterprise\src\encryptdb\wiredtiger_encryption_callbacks.cpp @ 145]
      04 0000002b`2079c770 00007ff6`f0a69f30 mongod!__wt_encrypt+0x63 [c:\data\mci\src\src\third_party\wiredtiger\src\support\crypto.c @ 91]
      05 0000002b`2079c7c0 00007ff6`f0a9a1a4 mongod!__wt_log_write+0x270 [c:\data\mci\src\src\third_party\wiredtiger\src\log\log.c @ 1705]
      06 0000002b`2079c880 00007ff6`f0a90c4e mongod!__wt_txn_commit+0x194 [c:\data\mci\src\src\third_party\wiredtiger\src\txn\txn.c @ 520]
      07 0000002b`2079c8e0 00007ff6`f066dd5b mongod!__session_commit_transaction+0x19e [c:\data\mci\src\src\third_party\wiredtiger\src\session\session_api.c @ 824]
      08 0000002b`2079c950 00007ff6`f066da50 mongod!mongo::WiredTigerRecoveryUnit::_txnClose+0x6b [c:\data\mci\src\src\mongo\db\storage\wiredtiger\wiredtiger_recovery_unit.cpp @ 305]
      09 0000002b`2079ca30 00007ff6`f0262c9d mongod!mongo::WiredTigerRecoveryUnit::_commit+0x30 [c:\data\mci\src\src\mongo\db\storage\wiredtiger\wiredtiger_recovery_unit.cpp @ 124]
      0a 0000002b`2079ca70 00007ff6`f029225f mongod!mongo::WriteUnitOfWork::commit+0x2d [c:\data\mci\src\src\mongo\db\operation_context.h @ 249]
      0b 0000002b`2079caa0 00007ff6`f01e04d3 mongod!mongo::Cloner::Fun::operator()+0xfdf [c:\data\mci\src\src\mongo\db\cloner.cpp @ 224]
      0c 0000002b`2079d070 00007ff6`f02929fc mongod!mongo::DBClientConnection::query+0x263 [c:\data\mci\src\src\mongo\client\dbclient.cpp @ 1196]
      0d 0000002b`2079d180 00007ff6`f02953fa mongod!mongo::Cloner::copy+0x4cc [c:\data\mci\src\src\mongo\db\cloner.cpp @ 278]
      0e 0000002b`2079d6b0 00007ff6`f05941e8 mongod!mongo::Cloner::copyDb+0x18da [c:\data\mci\src\src\mongo\db\cloner.cpp @ 616]
      0f 0000002b`2079e590 00007ff6`f0592fcb mongod!mongo::repl::`anonymous namespace'::_initialSyncClone+0x288 [c:\data\mci\src\src\mongo\db\repl\rs_initialsync.cpp @ 196]
      10 0000002b`2079e8a0 00007ff6`f0595104 mongod!mongo::repl::`anonymous namespace'::_initialSync+0x7fb [c:\data\mci\src\src\mongo\db\repl\rs_initialsync.cpp @ 395]
      11 0000002b`2079f750 00007ff6`f059cb7b mongod!mongo::repl::syncDoInitialSync+0x74 [c:\data\mci\src\src\mongo\db\repl\rs_initialsync.cpp @ 495]
      12 0000002b`2079f950 00007ff6`f0522db2 mongod!mongo::repl::runSyncThread+0x3fb [c:\data\mci\src\src\mongo\db\repl\rs_sync.cpp @ 124]
      13 0000002b`2079fc50 00007ffc`317dd24c mongod!std::_LaunchPad<std::_Bind<1,void,void (__cdecl*const)(void)> >::_Go+0x12 [c:\program files (x86)\microsoft visual studio 12.0\vc\include\thr\xthread @ 187]
      14 0000002b`2079fc80 00007ffc`316d4f7f MSVCP120!_Call_func+0x14 [f:\dd\vctools\crt\crtw32\stdcpp\thr\threadcall.cpp @ 28]
      15 0000002b`2079fcc0 00007ffc`316d5126 MSVCR120!_callthreadstartex+0x17 [f:\dd\vctools\crt\crtw32\startup\threadex.c @ 376]
      16 0000002b`2079fcf0 00007ffc`3e9fa4dd MSVCR120!_threadstartex+0x102 [f:\dd\vctools\crt\crtw32\startup\threadex.c @ 354]
      17 0000002b`2079fd20 00007ffc`54fa13d2 vfbasics+0x1a4dd
      18 0000002b`2079fd60 00007ffc`56dd5444 KERNEL32!BaseThreadInitThunk+0x22
      19 0000002b`2079fd90 00000000`00000000 ntdll!RtlUserThreadStart+0x34
      
      

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: