[SERVER-9597] Call to Mongo() crashes v8 Created: 06/May/13  Updated: 11/Jul/16  Resolved: 22/May/13

Status: Closed
Project: Core Server
Component/s: JavaScript
Affects Version/s: 2.4.3
Fix Version/s: 2.4.5, 2.5.1

Type: Bug Priority: Major - P3
Reporter: Ron Warshawsky Assignee: Ben Becker
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Fedora 7
MongoDB

[root@localhost ~]# mongo
MongoDB shell version: 2.4.2


Operating System: ALL
Steps To Reproduce:

> dn = new Mongo().getDB("admin")
admin
 
> Mongo().getDB("admin")
 
#
# Fatal error in v8::Object::SetInternalField()
# Writing internal field out of bounds
#
 
Trace/breakpoint trap (core dumped)
[root@localhost ~]# mongo
MongoDB shell version: 2.4.2
connecting to: test
>

Participants:

 Description   

> Mongo().getDB("admin")  
 
#
# Fatal error in v8::Object::SetInternalField()
# Writing internal field out of bounds
#



 Comments   
Comment by auto [ 19/Jun/13 ]

Author:

{u'username': u'vrtx', u'name': u'Ben Becker', u'email': u'ben.becker@10gen.com'}

Message: SERVER-9597: In JavaScript, only allow Mongo() to be called as a constructor
Branch: v2.4
https://github.com/mongodb/mongo/commit/f6801d07821fa460d487f43d6e2ca195d81760ee

Comment by auto [ 22/May/13 ]

Author:

{u'username': u'vrtx', u'name': u'Ben Becker', u'email': u'ben.becker@10gen.com'}

Message: SERVER-9597: In JavaScript, only allow Mongo() to be called as a constructor
Branch: master
https://github.com/mongodb/mongo/commit/83900ac233c2a94e0f3e6a1628cf822f9bb88425

Comment by J Rassi [ 10/May/13 ]

Unrelated to getDB, in fact. Can reproduce with Mongo() (or on server with db.eval("Mongo()")). Considering new Mongo() doesn't exhibit this behavior, presumably the issue is related to the fact that the resulting object has prototypes for which "this" is incorrect.

Comment by Tad Marshall [ 06/May/13 ]

Reproduced in current code. This is unrelated to the "admin" database.

> Mongo().getDB("anything-at-all")
 
#
# Fatal error in v8::Object::SetInternalField()
# Writing internal field out of bounds
#
 
Trace/breakpoint trap (core dumped)

Generated at Thu Feb 08 03:20:54 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.