[SERVER-29315] UBSAN error in clonable_ptr_test - runtime error: reference binding to null pointer Created: 22/May/17  Updated: 30/Oct/23  Resolved: 01/Jun/17

Status: Closed
Project: Core Server
Component/s: Internal Code
Affects Version/s: None
Fix Version/s: 3.5.9

Type: Bug Priority: Major - P3
Reporter: Benety Goh Assignee: ADAM Martin (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Platforms 2017-05-29, Platforms 2017-06-19
Participants:
Linked BF Score: 0

 Description   

This came up in the UBSAN builder:

[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:07.328+0000 Starting Program build/optdebug/mongo/base/clonable_ptr_test under executor with_server...
build/optdebug/mongo/base/clonable_ptr_test
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:07.349+0000 Program build/optdebug/mongo/base/clonable_ptr_test started with pid 10682.
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:07.406+0000 2017-05-20T19:35:07.406+0000 I -        [main] going to run suite: ClonablePtrSimpleTest
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:07.406+0000 2017-05-20T19:35:07.406+0000 I -        [main] 	 going to run test: simpleUsageExample
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:07.406+0000 /opt/mongodbtoolchain/v2/bin/../lib/gcc/x86_64-mongodb-linux/5.4.0/../../../../include/c++/5.4.0/bits/unique_ptr.h:291:9: runtime error: reference binding to null pointer of type '(anonymous namespace)::ClonableTest'
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:07.407+0000 2017-05-20T19:35:07.406+0000 I -        [main] 	 DONE running tests
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:07.407+0000 2017-05-20T19:35:07.406+0000 I -        [main] going to run suite: ClonablePtrSyntaxTests
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:07.407+0000 2017-05-20T19:35:07.406+0000 I -        [main] 	 going to run test: construction
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:07.407+0000 2017-05-20T19:35:07.406+0000 I -        [main] 	 going to run test: augmentedConstruction
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:07.408+0000 2017-05-20T19:35:07.406+0000 I -        [main] 	 going to run test: pointerOperations
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.037+0000     #0 0x559de5aa818d in std::unique_ptr<(anonymous namespace)::ClonableTest, std::default_delete<(anonymous namespace)::ClonableTest> >::operator*() const /opt/mongodbtoolchain/v2/bin/../lib/gcc/x86_64-mongodb-linux/5.4.0/../../../../include/c++/5.4.0/bits/unique_ptr.h:291:2
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.037+0000     #1 0x559de5aa818d in mongo::clonable_ptr<(anonymous namespace)::ClonableTest, mongo::clonable_ptr_detail::CloneFactory<(anonymous namespace)::ClonableTest>, std::unique_ptr>::operator*() const /data/mci/8cb05daaa5d41bd419de8c480469ce0d/src/src/mongo/base/clonable_ptr.h:434
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.038+0000     #2 0x559de5aa818d in void (anonymous namespace)::SyntaxTests::pointerOperations<(anonymous namespace)::ClonableTest>() /data/mci/8cb05daaa5d41bd419de8c480469ce0d/src/src/mongo/base/clonable_ptr_test.cpp:425
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.038+0000     #3 0x559de5aa818d in (anonymous namespace)::UnitTest__ClonablePtrSyntaxTests__pointerOperations::_doTest() /data/mci/8cb05daaa5d41bd419de8c480469ce0d/src/src/mongo/base/clonable_ptr_test.cpp:487
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.040+0000     #4 0x559de5ab8f9d in mongo::unittest::Test::run() /data/mci/8cb05daaa5d41bd419de8c480469ce0d/src/src/mongo/unittest/unittest.cpp:175:9
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.040+0000     #5 0x559de5aa7fda in void mongo::unittest::Suite::runTestObject<(anonymous namespace)::UnitTest__ClonablePtrSyntaxTests__pointerOperations>() /data/mci/8cb05daaa5d41bd419de8c480469ce0d/src/src/mongo/unittest/unittest.h:429:17
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.041+0000     #6 0x559de5aba9d8 in mongo::unittest::TestHolder::run() const /data/mci/8cb05daaa5d41bd419de8c480469ce0d/src/src/mongo/unittest/unittest.h:270:9
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.042+0000     #7 0x559de5aba9d8 in mongo::unittest::Suite::run(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, int) /data/mci/8cb05daaa5d41bd419de8c480469ce0d/src/src/mongo/unittest/unittest.cpp:292
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.042+0000     #8 0x559de5abbee9 in mongo::unittest::Suite::run(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, int) /data/mci/8cb05daaa5d41bd419de8c480469ce0d/src/src/mongo/unittest/unittest.cpp:350:30
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.043+0000     #9 0x559de5ab0fe9 in main /data/mci/8cb05daaa5d41bd419de8c480469ce0d/src/src/mongo/unittest/unittest_main.cpp:41:12
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.312+0000     #10 0x7f4f6f9ba82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291
[cpp_unit_test:clonable_ptr_test] 2017-05-20T19:35:08.312+0000     #11 0x559de5a83e38 in _start (/data/mci/8cb05daaa5d41bd419de8c480469ce0d/src/build/optdebug/mongo/base/clonable_ptr_test+0x348e38)

I think we can simply provide a valid object for the smart pointer on line 406 to resolve this UBSAN error.

https://github.com/mongodb/mongo/blob/59ab265df55f89a9329477c5ea76be4508fcb1a9/src/mongo/base/clonable_ptr_test.cpp#L425

404
template <typename Clonable>
405
void pointerOperations() {
406
    mongo::clonable_ptr<Clonable> a;
407
 
408
    // Test `.get()` functionality:
409
    {
410
        Clonable* p = a.get();
411
        (void)p;
412
    }
413
 
414
    // Test `->` functionality
415
    {
416
        // We don't actually want to call the dtor, but we want the compiler to check that we
417
        // have.
418
        if (false) {
419
            a->~Clonable();
420
        }
421
    }
422
 
423
    // Test `*` functionality
424
    {
425
        Clonable& r = *a;
426
        (void)r;
427
    }



 Comments   
Comment by Githook User [ 01/Jun/17 ]

Author:

{u'username': u'adamlsd', u'name': u'ADAM David Alan Martin', u'email': u'adam.martin@10gen.com'}

Message: SERVER-29315 Fix lint issue.
Branch: master
https://github.com/mongodb/mongo/commit/7c2e1764e52c623cc21876d1bea09a00f6d19da2

Comment by Githook User [ 01/Jun/17 ]

Author:

{u'username': u'adamlsd', u'name': u'ADAM David Alan Martin', u'email': u'adam.martin@10gen.com'}

Message: SERVER-29315 Fix `clonable_ptr_test` in UBSAN

The `clonable_ptr_test` has several test cases exclusively dedicated
to verifying the syntax of this component. These tests trigger
UBSAN errors on creating a reference to a dereferenced null pointer
even though the pointer is never used. This fix makes the tests
never run (by hiding them behind an if-false block), but still
compile, making them true compile-time-only tests. This is more
consistent with their intended behavior: syntax testing
Branch: master
https://github.com/mongodb/mongo/commit/13e508be0460174d843dabbcfd4375446d200867

Generated at Thu Feb 08 04:20:29 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.