[SERVER-77869] op_msg_fuzzer should disable global logging Created: 07/Jun/23  Updated: 29/Oct/23  Resolved: 12/Jun/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 7.1.0-rc0, 7.0.0-rc6

Type: Task Priority: Major - P3
Reporter: Spencer Jackson Assignee: Spencer Jackson
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Related
is related to SERVER-76852 Allow libfuzzer tasks in Evergreen to... Closed
Backwards Compatibility: Fully Compatible
Backport Requested:
v7.0
Sprint: Security 2023-06-12
Participants:

 Description   

op_msg_fuzzer invokes a large body of code, which may use logging. Because log message include thread names stored in thread local variables, logging uses thread local state. libfuzzer binaries do not have hooks into global shutdown. The only way to cleanly tear down state is to declare a global static destructor. These destructors run after thread local variables are destroyed. Accessing thread local variables in a destructor is UB. op_msg_fuzzer uses systems which log in shutdown. Thus, we should turn off logging.



 Comments   
Comment by Githook User [ 28/Jun/23 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-77869 Disable logging in op_msg_fuzzer

libfuzzer takes control over program lifecycle. It allows us to define
a fuzz function, and static variables. It does not allow us to define
a shutdown function. That means, our only opportunity to tear down
global state is in a static destructor. Static destructors fire after
thread local variables destruct. Unfortunately, our global state
includes systems which log on shutdown. Our logging system uses
thread_local variables. If we try to log in static destruction, that
will cause us to access destructed state.

We need to disable logging, in order to avoid this.

(cherry picked from commit a80eeedcaf69d32ecb29e3231b7af1f7601feb8f)
Branch: v7.0
https://github.com/mongodb/mongo/commit/cc7877356dc634a062180940ee4ea442a056adee

Comment by Githook User [ 11/Jun/23 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-77869 Disable logging in op_msg_fuzzer

libfuzzer takes control over program lifecycle. It allows us to define
a fuzz function, and static variables. It does not allow us to define
a shutdown function. That means, our only opportunity to tear down
global state is in a static destructor. Static destructors fire after
thread local variables destruct. Unfortunately, our global state
includes systems which log on shutdown. Our logging system uses
thread_local variables. If we try to log in static destruction, that
will cause us to access destructed state.

We need to disable logging, in order to avoid this.
Branch: master
https://github.com/mongodb/mongo/commit/a80eeedcaf69d32ecb29e3231b7af1f7601feb8f

Generated at Thu Feb 08 06:36:50 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.