[CDRIVER-2341] Segfault destroying client if one of its sessions is not destroyed first Created: 03/Nov/17 Updated: 28/Oct/23 Resolved: 03/Nov/17 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | libmongoc |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Jeremy Mikola | Assignee: | A. Jesse Jiryu Davis |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Description |
|
While implementing retryable write tests (
Backtrace:
|
| Comments |
| Comment by A. Jesse Jiryu Davis [ 03/Nov/17 ] |
|
The client keeps a mongoc_set_t of active mongoc_client_session_t's. Normally a mongoc_set_t also has a "dtor" field, which is a function pointer to an item destructor, but in the case of this set there is no destructor so the function pointer is NULL. This isn't a problem if all sessions are already removed from the set by mongoc_client_session_destroy before the client is destroyed. But if a session is leaked, then the set is non-empty and mongoc_client_session_destroy tries to call the destructor, and executes a NULL function pointer. I've updated the mongoc_set_t to not call the "dtor" function if it's NULL, and clarified the docs to say that a session must be destroyed before the client it came from. |
| Comment by Githook User [ 03/Nov/17 ] |
|
Author: {'name': 'A. Jesse Jiryu Davis', 'username': 'ajdavis', 'email': 'jesse@mongodb.com'}Message: |
| Comment by Githook User [ 03/Nov/17 ] |
|
Author: {'name': 'A. Jesse Jiryu Davis', 'username': 'ajdavis', 'email': 'jesse@mongodb.com'}Message: The set-item destructor should be optional. Don't call it if it's NULL. |