[SERVER-47846] CollMod (_collModInternal) unsafely accesses an IndexCatalogEntry that is destructed in an onRollback handler Created: 29/Apr/20 Updated: 29/Oct/23 Resolved: 06/May/20 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Storage |
| Affects Version/s: | None |
| Fix Version/s: | 4.4.0-rc5, 4.7.0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Dianna Hohensee (Inactive) | Assignee: | Eric Milkie |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||
| Operating System: | ALL | ||||||||||||||||
| Backport Requested: |
v4.4
|
||||||||||||||||
| Sprint: | Execution Team 2020-05-18 | ||||||||||||||||
| Participants: | |||||||||||||||||
| Linked BF Score: | 88 | ||||||||||||||||
| Description |
|
_collModInternal has a cmrNew variable that is used in a writeConflictRetry loop, but initialized before the loop begins. Usage of cmrNew must be very careful not to access memory that can become invalid (freed) after an onRollback call caused by a WriteConflictException. After |
| Comments |
| Comment by Githook User [ 06/May/20 ] |
|
Author: {'name': 'Eric Milkie', 'email': 'milkie@10gen.com', 'username': 'milkie'}Message: (cherry picked from commit 951a6c5f089fdb1c5e2cae1641a6ca20d8c2662c) |
| Comment by Githook User [ 06/May/20 ] |
|
Author: {'name': 'Eric Milkie', 'email': 'milkie@10gen.com', 'username': 'milkie'}Message: |