[SERVER-2075] userqueryop cursor becoming null after yield shouldn't cause seg fault Created: 08/Nov/10  Updated: 12/Jul/16  Resolved: 08/Nov/10

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 1.7.3

Type: Bug Priority: Major - P3
Reporter: Aaron Staple Assignee: Eliot Horowitz (Inactive)
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Operating System: ALL
Participants:

 Description   

mongod: /opt/extra/include/boost/smart_ptr/shared_ptr.hpp:418: T* boost::shared_ptr< <template-parameter-1-1> >::operator->() const [with T = mongo::Cursor]: Assertion `px != 0' failed.
Mon Nov 8 15:42:59 Backtrace:
0x83a369 0x34de230f30 0x34de230ec5 0x34de232970 0x34de22a11f 0x611d5c 0x613682 0x743706 0x750399 0x750edb 0x753074 0x753ad7 0x6004f1 0x7097ea 0x71149e 0x83bb89 0x84fb20 0x34dee06407 0x34de2d4b0d
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(_ZN5mongo10abruptQuitEi+0x399) [0x83a369]
/lib64/libc.so.6 [0x34de230f30]
/lib64/libc.so.6(gsignal+0x35) [0x34de230ec5]
/lib64/libc.so.6(abort+0x110) [0x34de232970]
/lib64/libc.so.6(__assert_fail+0xef) [0x34de22a11f]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(_ZN5mongo11UserQueryOp6finishEb+0x58c) [0x611d5c]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(_ZN5mongo11UserQueryOp4nextEv+0x402) [0x613682]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(_ZN5mongo12QueryPlanSet6Runner6nextOpERNS_7QueryOpE+0x56) [0x743706]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(_ZN5mongo12QueryPlanSet6Runner3runEv+0x859) [0x750399]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(_ZN5mongo12QueryPlanSet5runOpERNS_7QueryOpE+0x5b) [0x750edb]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(_ZN5mongo16MultiPlanScanner9runOpOnceERNS_7QueryOpE+0x64) [0x753074]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(_ZN5mongo16MultiPlanScanner5runOpERNS_7QueryOpE+0x17) [0x753ad7]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(ZN5mongo8runQueryERNS_7MessageERNS_12QueryMessageERNS_5CurOpES1+0x1031) [0x6004f1]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod [0x7097ea]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(_ZN5mongo16assembleResponseERNS_7MessageERNS_10DbResponseERKNS_8SockAddrE+0x150e) [0x71149e]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(_ZN5mongo10connThreadEPNS_13MessagingPortE+0x299) [0x83bb89]
/home/yellow/buildbot/Linux_64bit_v8/mongo/mongod(thread_proxy+0x80) [0x84fb20]
/lib64/libpthread.so.0 [0x34dee06407]
/lib64/libc.so.6(clone+0x6d) [0x34de2d4b0d]



 Comments   
Comment by Eliot Horowitz (Inactive) [ 08/Nov/10 ]

Ah ok - pretty sure kristina had a dup case that was the same that's now fixed

Comment by Aaron Staple [ 08/Nov/10 ]

Comment - it was causing the buildbot parallel tests to fail - in the parallel/del.js test.

Comment by auto [ 08/Nov/10 ]

Author:

{'login': 'erh', 'name': 'Eliot Horowitz', 'email': 'eliot@10gen.com'}

Message: fix cursor usage when possible deleted
SERVER-1721 SERVER-2075
/mongodb/mongo/commit/9bfffc98e6a13954a1699ea0ab58b7feefb9939f

Comment by Eliot Horowitz (Inactive) [ 08/Nov/10 ]

Do you have a way to reproduce?

Comment by Aaron Staple [ 08/Nov/10 ]

Ok, so it's actually this commit that caused this:
<https://github.com/mongodb/mongo/commit/fa89431e6c97e88a5adf6d09cfb66394cec4ecb4>

In the current code there are some places in finish() where _c is now used unsafely.

Comment by Eliot Horowitz (Inactive) [ 08/Nov/10 ]

ok - let me know what you find

Comment by Aaron Staple [ 08/Nov/10 ]

Actually, that may not be right. I'm looking more carefully.

Comment by Aaron Staple [ 08/Nov/10 ]

This is a result of the following new code:

if ( _capped )

{ msgassertedNoTrace( 13338, str::stream() << "capped cursor overrun during query: " << _pq.ns() ); }

else

{ // we don't fail query since we're fine with returning partial data if collection dropped }

Eliot, let me know if I should work on it further.

Generated at Thu Feb 08 02:58:54 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.