[CDRIVER-721] Crash destroying replset client after connection fails Created: 25/Jun/15  Updated: 19/Oct/16  Resolved: 01/Sep/15

Status: Closed
Project: C Driver
Component/s: libmongoc
Affects Version/s: 1.1.8
Fix Version/s: 1.2-beta1

Type: Bug Priority: Blocker - P1
Reporter: A. Jesse Jiryu Davis Assignee: A. Jesse Jiryu Davis
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
related to CDRIVER-726 Remove 1.1.8 release Closed
is related to CDRIVER-695 _mongoc_cluster_node_destroy segfault... Closed

 Description   

Connect mongoc_client_t with a replset URI containing no valid hosts:

"mongodb://a,b/?replicaSet=foo"

Do an operation that requires a connection, like mongoc_collection_find, then call mongoc_client_destroy. nodes_len is now the length of the seed list, but "nodes" itself is NULL because it was set to "bson_realloc (0)". Segfault here:

https://github.com/mongodb/mongo-c-driver/blob/1.1.8/src/mongoc/mongoc-cluster.c#L576

I introduced the bug in 1.1.8 while attempting to fix CDRIVER-695, here:

https://github.com/mongodb/mongo-c-driver/commit/19d2da28257ea3ae24cf3f832d16487b5628314c#diff-f2707266016fd5d134ea334ccdd752e9L2207



 Comments   
Comment by A. Jesse Jiryu Davis [ 01/Sep/15 ]

All relevant tests have been forward-ported to 1.2.0-beta1, and the bugs discovered in that process (CDRIVER-789, CDRIVER-798) resolved in the 1.2.0-dev branch.

Comment by A. Jesse Jiryu Davis [ 18/Aug/15 ]

Remaining work on 1.2.0-dev branch for 1.2-beta1: review the old bug and tests and the new code and tests, verify the new code is thoroughly tested against regressions of this bug.

Comment by Githook User [ 10/Aug/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: forward-port CDRIVER-721 tests to 1.2.0-dev

Discovered CDRIVER-789 from these tests.
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/9e58464e494bd70f40c7df193a2da5f03445b1f8

Comment by Githook User [ 05/Aug/15 ]

Author:

{u'username': u'bjori', u'name': u'Hannes Magnusson', u'email': u'bjori@php.net'}

Message: Merge branch 'master' into 1.2.0-dev

  • master: (38 commits)
    various fixups for memory leaks and races in tests
    Fix memory leak in mongoc_uri_parse_option
    post-release bump
    1.1.10 Release
    CDRIVER-755 leaks in _mongoc_cluster_ismaster
    CDRIVER-745 test cluster node destroy, then disconnect
    CDRIVER-750 don't query recovering RS members
    spell "cyrus" correctly in install guide
    CDRIVER-745 crash in _mongoc_cluster_disconnect_node
    post-release bump
    CDRIVER-731: Do not trace SASL mutex callbacks
    debian changelog fixes for deb pkg
    1.1.9 Release
    redundant include
    CDRIVER-721 test reconnection
    CDRIVER-727 actually enable coverage in libmongoc
    update libbson to 1.1.9-dev
    CDRIVER-721 test rs and mongos, connected and not
    CDRIVER-721 additional tests
    CDRIVER-721 mongoc_client_destroy crash after connection fails
    ...

Conflicts:
CMakeLists.txt
NEWS
README.rst
build/autotools/Versions.m4
build/rpm/mongo-c-driver.spec
debian/changelog
doc/installing.page
doc/mongoc_version.page
src/libbson
src/mongoc/mongoc-cluster-private.h
src/mongoc/mongoc-cluster.c
src/mongoc/mongoc-read-prefs.c
src/mongoc/mongoc-uri.c
src/mongoc/mongoc-write-command.c
tests/mock-server.c
tests/mock-server.h
tests/test-libmongoc.c
tests/test-mongoc-client.c
tests/test-mongoc-cluster.c
tests/test-mongoc-database.c
tests/test-mongoc-read-prefs.c
tests/test-mongoc-uri.c
tests/test-sasl.c
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/e62117d12a600f6cf61eb409933af6f92a3d7c22

Comment by Githook User [ 05/Aug/15 ]

Author:

{u'username': u'bjori', u'name': u'Hannes Magnusson', u'email': u'bjori@php.net'}

Message: Merge branch 'master' into 1.2.0-dev

  • master: (38 commits)
    various fixups for memory leaks and races in tests
    Fix memory leak in mongoc_uri_parse_option
    post-release bump
    1.1.10 Release
    CDRIVER-755 leaks in _mongoc_cluster_ismaster
    CDRIVER-745 test cluster node destroy, then disconnect
    CDRIVER-750 don't query recovering RS members
    spell "cyrus" correctly in install guide
    CDRIVER-745 crash in _mongoc_cluster_disconnect_node
    post-release bump
    CDRIVER-731: Do not trace SASL mutex callbacks
    debian changelog fixes for deb pkg
    1.1.9 Release
    redundant include
    CDRIVER-721 test reconnection
    CDRIVER-727 actually enable coverage in libmongoc
    update libbson to 1.1.9-dev
    CDRIVER-721 test rs and mongos, connected and not
    CDRIVER-721 additional tests
    CDRIVER-721 mongoc_client_destroy crash after connection fails
    ...

Conflicts:
CMakeLists.txt
NEWS
README.rst
build/autotools/Versions.m4
build/rpm/mongo-c-driver.spec
debian/changelog
doc/installing.page
doc/mongoc_version.page
src/libbson
src/mongoc/mongoc-cluster-private.h
src/mongoc/mongoc-cluster.c
src/mongoc/mongoc-read-prefs.c
src/mongoc/mongoc-uri.c
src/mongoc/mongoc-write-command.c
tests/mock-server.c
tests/mock-server.h
tests/test-libmongoc.c
tests/test-mongoc-client.c
tests/test-mongoc-cluster.c
tests/test-mongoc-database.c
tests/test-mongoc-read-prefs.c
tests/test-mongoc-uri.c
tests/test-sasl.c
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/e62117d12a600f6cf61eb409933af6f92a3d7c22

Comment by Githook User [ 05/Aug/15 ]

Author:

{u'username': u'bjori', u'name': u'Hannes Magnusson', u'email': u'bjori@php.net'}

Message: Merge branch 'master' into 1.2.0-dev

  • master: (38 commits)
    various fixups for memory leaks and races in tests
    Fix memory leak in mongoc_uri_parse_option
    post-release bump
    1.1.10 Release
    CDRIVER-755 leaks in _mongoc_cluster_ismaster
    CDRIVER-745 test cluster node destroy, then disconnect
    CDRIVER-750 don't query recovering RS members
    spell "cyrus" correctly in install guide
    CDRIVER-745 crash in _mongoc_cluster_disconnect_node
    post-release bump
    CDRIVER-731: Do not trace SASL mutex callbacks
    debian changelog fixes for deb pkg
    1.1.9 Release
    redundant include
    CDRIVER-721 test reconnection
    CDRIVER-727 actually enable coverage in libmongoc
    update libbson to 1.1.9-dev
    CDRIVER-721 test rs and mongos, connected and not
    CDRIVER-721 additional tests
    CDRIVER-721 mongoc_client_destroy crash after connection fails
    ...

Conflicts:
CMakeLists.txt
NEWS
README.rst
build/autotools/Versions.m4
build/rpm/mongo-c-driver.spec
debian/changelog
doc/installing.page
doc/mongoc_version.page
src/libbson
src/mongoc/mongoc-cluster-private.h
src/mongoc/mongoc-cluster.c
src/mongoc/mongoc-read-prefs.c
src/mongoc/mongoc-uri.c
src/mongoc/mongoc-write-command.c
tests/mock-server.c
tests/mock-server.h
tests/test-libmongoc.c
tests/test-mongoc-client.c
tests/test-mongoc-cluster.c
tests/test-mongoc-database.c
tests/test-mongoc-read-prefs.c
tests/test-mongoc-uri.c
tests/test-sasl.c
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/e62117d12a600f6cf61eb409933af6f92a3d7c22

Comment by Githook User [ 05/Aug/15 ]

Author:

{u'username': u'bjori', u'name': u'Hannes Magnusson', u'email': u'bjori@php.net'}

Message: Merge branch 'master' into 1.2.0-dev

  • master: (38 commits)
    various fixups for memory leaks and races in tests
    Fix memory leak in mongoc_uri_parse_option
    post-release bump
    1.1.10 Release
    CDRIVER-755 leaks in _mongoc_cluster_ismaster
    CDRIVER-745 test cluster node destroy, then disconnect
    CDRIVER-750 don't query recovering RS members
    spell "cyrus" correctly in install guide
    CDRIVER-745 crash in _mongoc_cluster_disconnect_node
    post-release bump
    CDRIVER-731: Do not trace SASL mutex callbacks
    debian changelog fixes for deb pkg
    1.1.9 Release
    redundant include
    CDRIVER-721 test reconnection
    CDRIVER-727 actually enable coverage in libmongoc
    update libbson to 1.1.9-dev
    CDRIVER-721 test rs and mongos, connected and not
    CDRIVER-721 additional tests
    CDRIVER-721 mongoc_client_destroy crash after connection fails
    ...

Conflicts:
CMakeLists.txt
NEWS
README.rst
build/autotools/Versions.m4
build/rpm/mongo-c-driver.spec
debian/changelog
doc/installing.page
doc/mongoc_version.page
src/libbson
src/mongoc/mongoc-cluster-private.h
src/mongoc/mongoc-cluster.c
src/mongoc/mongoc-read-prefs.c
src/mongoc/mongoc-uri.c
src/mongoc/mongoc-write-command.c
tests/mock-server.c
tests/mock-server.h
tests/test-libmongoc.c
tests/test-mongoc-client.c
tests/test-mongoc-cluster.c
tests/test-mongoc-database.c
tests/test-mongoc-read-prefs.c
tests/test-mongoc-uri.c
tests/test-sasl.c
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/e62117d12a600f6cf61eb409933af6f92a3d7c22

Comment by Githook User [ 05/Aug/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-721 test reconnection

Also implement mock_server_quit.
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/e24dd09e6bac1d6f596ac49a0bd077953381424e

Comment by Githook User [ 05/Aug/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-721 test rs and mongos, connected and not
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/04b90bf179d0f0ccf3cf139512b2d6b98484e897

Comment by Githook User [ 05/Aug/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-721 additional tests
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/7cb06d3895e224d728e1719c9035b57a69a98208

Comment by Githook User [ 05/Aug/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-721 mongoc_client_destroy crash after connection fails

Undo two bad changes introduced while fixing CDRIVER-695, and add
another safety check in _mongoc_cluster_node_destroy.
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/bea221041eb8886f8d851a76b3d80ac9a6443eee

Comment by A. Jesse Jiryu Davis [ 05/Aug/15 ]

Not a bug in 1.2 (samantha.ritter@10gen.com replaced the buggy code and data structures with the "topology" structures when she implemented Server Discovery And Monitoring), but I'm reopening this to remember to forward-port test_seed_list and test_recovering in test-mongoc-client.c to the 1.2.x branch.

Comment by Githook User [ 29/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-721 test reconnection

Also implement mock_server_quit.
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/e24dd09e6bac1d6f596ac49a0bd077953381424e

Comment by Githook User [ 29/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-721 test rs and mongos, connected and not
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/04b90bf179d0f0ccf3cf139512b2d6b98484e897

Comment by Githook User [ 26/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-721 additional tests
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/7cb06d3895e224d728e1719c9035b57a69a98208

Comment by Githook User [ 26/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-721 mongoc_client_destroy crash after connection fails

Undo two bad changes introduced while fixing CDRIVER-695, and add
another safety check in _mongoc_cluster_node_destroy.
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/bea221041eb8886f8d851a76b3d80ac9a6443eee

Comment by Githook User [ 26/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-721 additional tests
Branch: CDRIVER-721-crash-unavail-rs
https://github.com/mongodb/mongo-c-driver/commit/e3d8f9b4d8f598e7b7ac53cf0556b1632c982066

Comment by Githook User [ 26/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-721 mongoc_client_destroy crash after connection fails

Undo two bad changes introduced while fixing CDRIVER-695, and add
another safety check in _mongoc_cluster_node_destroy.
Branch: CDRIVER-721-crash-unavail-rs
https://github.com/mongodb/mongo-c-driver/commit/32cd79d9278dc365fa1cc8746294cd305cb78b29

Generated at Wed Feb 07 21:10:26 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.