[SERVER-58310] ThreadPoolTaskExecutor is memory unsafe when task cancellation occurs around the same time an exhaust network response is received - MongoDB Jira

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: 4.4.0, 5.0.0-rc7
Fix Version/s: 4.4.14, 5.3.0, 5.0.7
Component/s: Networking
Labels:
- servicearch-wfbf-day

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Requested:

v5.3, v5.0, v4.4
Sprint:
Service Arch 2021-10-04, Service Arch 2021-12-13, Service Arch 2022-1-10, Service Arch 2022-1-24
Linked BF Score:
20
Story Points:
3

Description

cbState->callback is modified without holding ThreadPoolTaskExecutor::_mutex in ThreadPoolTaskExecutor::runCallbackExhaust(). This is memory unsafe because cbState->callback is also modified in the exhaust codepath's RemoteCommandOnReplyFn upon task cancellation. This issue has been observed to cause server crashes when shutting down a replica set monitor due to a partially initialized TaskExecutor::CallbackFn callback being invoked.

Attachments

Issue Links

is related to

SERVER-58221 Stress test for ThreadPoolTaskExecutor for concurrency coverage

Closed

SERVER-62396 Add a non-deterministic variant for `ThreadPoolTaskExecutor` tests

Backlog

SERVER-45114 Connect AsyncDBClient exhaust functionality throughout

Closed

Activity

People

Assignee:: Amirsaman Memaripour

Reporter:: Max Hirschhorn

Participants:: Amirsaman Memaripour, Githook User, Max Hirschhorn

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: Jul 06 2021 11:34:02 PM UTC

Updated:: Mar 12 2022 03:37:41 AM UTC

Resolved:: Jan 06 2022 07:27:55 PM UTC