[SERVER-8366] mongoToV8Object crashes when converting from Native functions Created: 28/Jan/13  Updated: 15/Feb/13  Resolved: 12/Feb/13

Status: Closed
Project: Core Server
Component/s: JavaScript, Shell
Affects Version/s: 2.3.2
Fix Version/s: None

Type: Bug Priority: Critical - P2
Reporter: Andre de Frere Assignee: Ben Becker
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
duplicates SERVER-8220 db.eval('return print') crashes client Closed
Related
is related to SERVER-7087 Investigate exception propagation beh... Closed
Operating System: ALL
Steps To Reproduce:

>db.a.drop()
>db.a.insert(

{ a : ObjectId }

) //note the ObjectId is missing the brackets
>db.a.find()

Participants:

 Description   

If you insert a type of [native code] rather than the actual object, you will get a stack trace when trying to find()

Steps to reproduce:

>db.a.drop()
>db.a.insert( { a : ObjectId } ) //note the ObjectId is missing the parens
>db.a.find()

will return the following stack trace:

Mon Jan 28 18:22:36.764 terminate() called in shell, printing stack:
0x103ca22db 0x103bba85f 0x7fff95f783f5 0x7fff95f78450 0x7fff95f795b7 0x103c7d90d 0x103c7d96d 0x103c681ad 0x103c7031f 0x103c6d134 0x103ea36ac 0x103ea3112 0x103ee9402 0x1b7f14506362 0x1b7f1451701e 
 0   mongo                               0x0000000103ca22db _ZN5mongo15printStackTraceERSo + 43
 1   mongo                               0x0000000103bba85f _Z11myterminatev + 79
 2   libc++abi.dylib                     0x00007fff95f783f5 _ZL19safe_handler_callerPFvvE + 8
 3   libc++abi.dylib                     0x00007fff95f78450 __cxa_bad_typeid + 0
 4   libc++abi.dylib                     0x00007fff95f795b7 _ZL23__gxx_exception_cleanup19_Unwind_Reason_CodeP17_Unwind_Exception + 0
 5   mongo                               0x0000000103c7d90d _ZN5mongo9uassertedEiPKc + 269
 6   mongo                               0x0000000103c7d96d _ZN5mongo9uassertedEiRKSs + 29
 7   mongo                               0x0000000103c681ad _ZN5mongo7V8Scope11newFunctionEPKc + 493
 8   mongo                               0x0000000103c7031f _ZN5mongo7V8Scope16mongoToV8ElementERKNS_11BSONElementEb + 159
 9   mongo                               0x0000000103c6d134 _ZN5mongoL8namedGetEN2v85LocalINS0_6StringEEERKNS0_12AccessorInfoE + 500
 10  mongo                               0x0000000103ea36ac _ZN2v88internal8JSObject35GetPropertyAttributeWithInterceptorEPS1_PNS0_6StringEb + 822
 11  mongo                               0x0000000103ea3112 _ZN2v88internal10JSReceiver32GetPropertyAttributeWithReceiverEPS1_PNS0_6StringE + 252
 12  mongo                               0x0000000103ee9402 _ZN2v88internal19Runtime_HasPropertyENS0_9ArgumentsEPNS0_7IsolateE + 114
 13  ???                                 0x00001b7f14506362 0x0 + 30232615609186
 14  ???                                 0x00001b7f1451701e 0x0 + 30232615677982

mongoexport of that record looks like:

mongoexport -d test -c a
connected to: 127.0.0.1
{ "_id" : { "$oid" : "5107077784a4325090d550ec" }, "a" : function ObjectId() { [native code] } }

The same is true for other [native code] types tried (NumberLong for example)



 Comments   
Comment by Ben Becker [ 12/Feb/13 ]

Fixed by SERVER-8220.

Comment by Scott Hernandez (Inactive) [ 29/Jan/13 ]

Need a try/catch with namedGet in engine_v8.cpp

Generated at Thu Feb 08 03:17:15 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.