Loading...

Type: Bug
Resolution: Duplicate
Priority: Major - P3
Fix Version/s: None
Affects Version/s: 3.2.6
Component/s: Sharding
Labels:
None

Sprint:
Sharding 14 (05/13/16)
Linked BF Score:
0

The return value of grid.shardRegistry()->getShard can be NULL, which leads to a NULL pointer dereference:

frame #3: 0x000000010e897ac1 mongos`mongo::(anonymous namespace)::PublicGridCommand::_passthrough(this=0x000000010efea800, txn=0x00007f9d89c1bc80, db="test", conf=std::__1::shared_ptr<mongo::DBConfig>::element_type @ 0x00007f9d89c19988 strong=4 weak=1, cmdObj=0x0000700000a38858, options=0, result=0x0000700000a38688) + 193 at commands_public.cpp:182
   179 	                      int options,
   180 	                      BSONObjBuilder& result) {
   181 	        const auto shard = grid.shardRegistry()->getShard(txn, conf->getPrimaryId());
-> 182 	        ShardConnection conn(shard->getConnString(), "");
   183 	
   184 	        BSONObj res;
   185 	        bool ok = conn->runCommand(db, cmdObj, res, passOptions() ? options : 0);
(lldb) p shard
(const std::__1::shared_ptr<mongo::Shard>) $1 = nullptr {
  __ptr_ = 0x0000000000000000
}


(lldb) bt
* thread #30: tid = 0x001d, 0x000000010dfc4204 mongos`mongo::ConnectionString::ConnectionString(this=0x0000700000a37570, (null)=0x0000000000000018) + 20 at connection_string.h:57, stop reason = signal SIGSTOP
    frame #0: 0x000000010dfc4204 mongos`mongo::ConnectionString::ConnectionString(this=0x0000700000a37570, (null)=0x0000000000000018) + 20 at connection_string.h:57
    frame #1: 0x000000010dfc361d mongos`mongo::ConnectionString::ConnectionString(this=0x0000700000a37570, (null)=0x0000000000000018) + 29 at connection_string.h:57
    frame #2: 0x000000010e001c00 mongos`mongo::Shard::getConnString(this=0x0000000000000000) const + 32 at shard.h:73
  * frame #3: 0x000000010e897ac1 mongos`mongo::(anonymous namespace)::PublicGridCommand::_passthrough(this=0x000000010efea800, txn=0x00007f9d89c1bc80, db="test", conf=std::__1::shared_ptr<mongo::DBConfig>::element_type @ 0x00007f9d89c19988 strong=4 weak=1, cmdObj=0x0000700000a38858, options=0, result=0x0000700000a38688) + 193 at commands_public.cpp:182
    frame #4: 0x000000010e8979ae mongos`mongo::(anonymous namespace)::PublicGridCommand::passthrough(this=0x000000010efea800, txn=0x00007f9d89c1bc80, conf=std::__1::shared_ptr<mongo::DBConfig>::element_type @ 0x00007f9d89c19988 strong=4 weak=1, cmdObj=0x0000700000a38858, result=0x0000700000a38688) + 206 at commands_public.cpp:156
    frame #5: 0x000000010e898d73 mongos`mongo::(anonymous namespace)::DropCmd::run(this=0x000000010efea800, txn=0x00007f9d89c1bc80, dbName="test", cmdObj=0x0000700000a38858, options=0, errmsg="", result=0x0000700000a38688) + 1219 at commands_public.cpp:562
    frame #6: 0x000000010e90f82a mongos`mongo::Command::execCommandClientBasic(txn=0x00007f9d89c1bc80, c=0x000000010efea800, client=0x00007f9d89c17410, queryOptions=0, ns="test.$cmd", cmdObj=0x0000700000a38858, result=0x0000700000a38688) + 3658 at s_only.cpp:149
    frame #7: 0x000000010e92d126 mongos`mongo::(anonymous namespace)::runAgainstRegistered(txn=0x00007f9d89c1bc80, ns="test.$cmd", jsobj=0x0000700000a38858, anObjBuilder=0x0000700000a38688, queryOptions=0) + 950 at strategy.cpp:109
    frame #8: 0x000000010e92c440 mongos`mongo::Strategy::clientCommandOp(txn=0x00007f9d89c1bc80, request=0x0000700000a39320) + 4176 at strategy.cpp:266
    frame #9: 0x000000010e90dd23 mongos`mongo::Request::process(this=0x0000700000a39320, txn=0x00007f9d89c1bc80, attempt=0) + 1411 at request.cpp:109
    frame #10: 0x000000010dea3fce mongos`mongo::ShardedMessageHandler::process(this=0x00007f9d8b913648, m=0x0000700000a39bb0, p=0x00007f9d89d0abf0) + 254 at server.cpp:160
    frame #11: 0x000000010e9ecdc9 mongos`mongo::PortMessageServer::handleIncomingMsg(arg=0x00007f9d89d0abf0) + 2121 at message_server_port.cpp:229
    frame #12: 0x000000010e9eb607 mongos`void* std::__1::__thread_proxy<std::__1::tuple<std::__1::__bind<void* (*)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*> > >(void*) [inlined] decltype(__f=0x00007f9d89d08b80, __args=0x00007f9d89d08b88)(void*)>(fp)(std::__1::forward<mongo::(anonymous namespace)::MessagingPortWithHandler*&>(fp0))) std::__1::__invoke<void* (*&)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*&>(void* (*&&&)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*&&&) + 24 at __functional_base:416
    frame #13: 0x000000010e9eb5ef mongos`void* std::__1::__thread_proxy<std::__1::tuple<std::__1::__bind<void* (*)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*> > >(void*) [inlined] std::__1::__bind_return<void* (*)(void*), std::__1::tuple<mongo::(anonymous namespace)::MessagingPortWithHandler*>, std::__1::tuple<>, __is_valid_bind_return<void* (*)(void*), std::__1::tuple<mongo::(anonymous namespace)::MessagingPortWithHandler*>, std::__1::tuple<> >::value>::type std::__1::__apply_functor<void* (__f=0x00007f9d89d08b80, __bound_args=0x00007f9d89d08b88, __args=0x0000700000a39e70)(void*), std::__1::tuple<mongo::(anonymous namespace)::MessagingPortWithHandler*>, 0ul, std::__1::tuple<> >(void* (*&)(void*), std::__1::tuple<mongo::(anonymous namespace)::MessagingPortWithHandler*>&, std::__1::__tuple_indices<0ul>, std::__1::tuple<>&&) + 40 at functional:2097
    frame #14: 0x000000010e9eb5c7 mongos`void* std::__1::__thread_proxy<std::__1::tuple<std::__1::__bind<void* (*)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*> > >(void*) [inlined] std::__1::__bind_return<void* (*)(void*), std::__1::tuple<mongo::(anonymous namespace)::MessagingPortWithHandler*>, std::__1::tuple<>, __is_valid_bind_return<void* (*)(void*), std::__1::tuple<mongo::(anonymous namespace)::MessagingPortWithHandler*>, std::__1::tuple<> >::value>::type std::__1::__bind<void* (this=0x00007f9d89d08b80)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*>::operator()<>() + 35 at functional:2160
    frame #15: 0x000000010e9eb5a4 mongos`void* std::__1::__thread_proxy<std::__1::tuple<std::__1::__bind<void* (*)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*> > >(void*) [inlined] decltype(__f=0x00007f9d89d08b80)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*> >(fp)(std::__1::forward<>(fp0))) std::__1::__invoke<std::__1::__bind<void* (*)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*> >(std::__1::__bind<void* (*)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*>&&) + 11 at __functional_base:416
    frame #16: 0x000000010e9eb599 mongos`void* std::__1::__thread_proxy<std::__1::tuple<std::__1::__bind<void* (*)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*> > >(void*) [inlined] void std::__1::__thread_execute<std::__1::__bind<void* (*)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*> >(__t=0x00007f9d89d08b80)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*> >&, std::__1::__tuple_indices<>) + 25 at thread:337
    frame #17: 0x000000010e9eb580 mongos`void* std::__1::__thread_proxy<std::__1::tuple<std::__1::__bind<void* (*)(void*), mongo::(anonymous namespace)::MessagingPortWithHandler*> > >(__vp=0x00007f9d89d08b80) + 368 at thread:347
    frame #18: 0x00007fff8afb9c13 libsystem_pthread.dylib`_pthread_body + 131
    frame #19: 0x00007fff8afb9b90 libsystem_pthread.dylib`_pthread_start + 168
    frame #20: 0x00007fff8afb7375 libsystem_pthread.dylib`thread_start + 13

duplicates

SERVER-23996 ShardRegistry::getShard should return a StatusWith<shared_ptr<Shard>>

Closed

Details

Description

Attachments

Issue Links

Activity

People

Dates