Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Critical - P2
Fix Version/s: None
Affects Version/s: 2.4.0
Component/s: JavaScript
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Confidence Status:
None
Work Order:
0
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

The following functions may attempt to dereference an empty handle when v8 heap space is nearly depleted:

namedGet()
namedGetRO()
indexedGet()
indexedGetRO()
nativeCallback()

This is because mongoToV8Element() does not check for allocation success nor OOM when creating a new JS object.

is duplicated by

SERVER-9117 Mongo segfault on mapreduce - repeatable every time

Closed

is related to

SERVER-9291 V8Scope::invoke shouldn't silently ignore arguments after the 24th

Closed

related to

SERVER-9213 Resource constraints cause premature OOM and segfault

Closed

SERVER-9267 Issues with readonly BSON in v8

Closed

SERVER-9185 Add GC Prologue and Epilogue heap stats

Closed

SERVER-9187 Reduce memory requirements from v8 interceptors

Closed

(1 related to)

Assignee:: Unassigned
Reporter:: Ben Becker (Inactive)
Participants:: Andy Schwerin, Ben Becker, Francois Rigault, Mira Carey
Votes:: 1 Vote for this issue
Watchers:: 13 Start watching this issue

Created:: Mar 21 2013 02:21:44 PM UTC
Updated:: Apr 14 2016 03:19:27 PM UTC
Resolved:: Sep 24 2015 05:50:36 PM UTC