Details
Major Description
After updating the forestdb to the current stable branch to uptake the fix for https://issues.couchbase.com/browse/MB-24063, forest db crashed due to memory overflow when compacting. Please also note that the fix is needed for a customer per https://issues.couchbase.com/browse/CBSE-4099 ticket.
The corresponding ticket in couchbase-lite-ios is here.
Trace:
- thread #1, queue = 'com.apple.main-thread', stop reason = Heap buffer overflow
frame #0: 0x000000010c24e330 libclang_rt.asan_iossim_dynamic.dylib`__asan::AsanDie()
frame #1: 0x000000010c263b18 libclang_rt.asan_iossim_dynamic.dylib`__sanitizer::Die() + 88
frame #2: 0x000000010c24bc41 libclang_rt.asan_iossim_dynamic.dylib`__asan::ScopedInErrorReport::~ScopedInErrorReport() + 321
frame #3: 0x000000010c24b6b8 libclang_rt.asan_iossim_dynamic.dylib`__asan::ReportGenericError(unsigned long, unsigned long, unsigned long, unsigned long, bool, unsigned long, unsigned int, bool) + 344
frame #4: 0x000000010c241116 libclang_rt.asan_iossim_dynamic.dylib`wrap_strcpy + 1958
frame #5: 0x000000010b530cc8 CBL Test`::fdb_check_file_reopen(handle=0x00006140000a1640, status=0x0000000000000000) at forestdb.cc:2996
frame #6: 0x000000010b548ee9 CBL Test`::fdb_get(handle=0x00006140000a1640, doc=0x00007fff549b5c80) at forestdb.cc:3126
frame #7: 0x000000010b2faa78 CBL Test`cbforest::KeyStore::read(this=0x000060200014b890, doc=0x00007fff549b5c80, options=kDefaultContent) const at KeyStore.cc:80
frame #8: 0x000000010b2fa866 CBL Test`cbforest::KeyStore::get(this=0x000060200014b890, key=(buf = 0x000000010bd01e80, size = 13), options=kDefaultContent) const at KeyStore.cc:61
frame #9: 0x000000010b2d88be CBL Test`cbforest::Database::updatePurgeCount(this=0x000061300008ff40) at Database.cc:228
frame #10: 0x000000010b2dc086 CBL Test`cbforest::Database::onCompact(this=0x000061300008ff40, status=32, kv_store_name=0x0000000000000000, doc=0x0000000000000000, last_oldfile_offset=18446744073709551615, last_newfile_offset=18446744073709551615) at Database.cc:405
frame #11: 0x000000010b2d0396 CBL Test`cbforest::Database::compactionCallback(fhandle=0x000060400020b150, status=32, kv_store_name=0x0000000000000000, doc=0x0000000000000000, last_oldfile_offset=18446744073709551615, last_newfile_offset=18446744073709551615, ctx=0x000061300008ff40) at Database.cc:385
frame #12: 0x000000010b56f67a CBL Test`_fdb_commit_and_remove_pending(handle=0x00006140000a1240, old_file=0x0000617000050500, new_file=0x000061700005f680) at forestdb.cc:4677
frame #13: 0x000000010b563060 CBL Test`_fdb_compact_file(handle=0x00006140000a1240, new_file=0x000061700005f680, new_bhandle=0x000060c000597a00, new_dhandle=0x00006060000cb540, new_trie=0x000060b000047210, new_seqtrie=0x000060b000050e20, new_seqtree=0x0000000000000000, new_staletree=0x0000606000185840, marker_bid=18446744073709551615, clone_docs=false) at forestdb.cc:7438
frame #14: 0x000000010b560071 CBL Test`::fdb_compact_file(fhandle=0x000060400020b150, new_filename="/Users/pasin/Library/Developer/CoreSimulator/Devices/E04D68E9-4052-4BD3-BBF3-5D2CBDF2595A/data/Containers/Data/Application/F984B578-4522-47B1-B91F-6EA45EDF40E9/tmp/CBL_iOS_Unit_Tests/db.cblite2/db.forest.1", in_place_compaction=false, marker_bid=18446744073709551615, clone_docs=false, new_encryption_key=0x0000000000000000) at forestdb.cc:7097
frame #15: 0x000000010b56fcf1 CBL Test`_fdb_compact(fhandle=0x000060400020b150, new_filename=0x0000000000000000, marker=18446744073709551615, clone_docs=false, new_encryption_key=0x0000000000000000) at forestdb.cc:7484
frame #16: 0x000000010b56f7ab CBL Test`::fdb_compact(fhandle=0x000060400020b150, new_filename=0x0000000000000000) at forestdb.cc:7498
frame #17: 0x000000010b2dbf38 CBL Test`cbforest::Database::compact(this=0x000061300008ff40) at Database.cc:366
frame #18: 0x000000010b2f1b01 CBL Test`::c4db_compact(database=0x000061300008ff40, outError=0x00007fff549b7ae0) at c4Database.cc:338
frame #19: 0x000000010b268cfd CBL Test`::-[CBL_ForestDBStorage compact:](self=0x00006060004af6c0, _cmd="compact:", outError=0x0000000000000000) at CBL_ForestDBStorage.mm:247
frame #20: 0x000000010b83de17 CBL Test`-[CBLDatabase compact:](self=0x000060f00005c7a0, _cmd="compact:", outError=0x0000000000000000) at CBLDatabase.m:233 - frame #21: 0x00000001290af747 CBL iOS Unit Tests`-[DatabaseAttachment_Tests test10_Attachments](self=0x00006060003c28a0, _cmd="test10_Attachments") at DatabaseAttachment_Tests.m:173
frame #22: 0x0000000111e4760c CoreFoundation`_invoking__ + 140
frame #23: 0x0000000111e474e0 CoreFoundation`-[NSInvocation invoke] + 320
frame #24: 0x0000000123efde35 XCTest`__24-[XCTestCase invokeTest]_block_invoke + 591
frame #25: 0x0000000123f4659d XCTest`-[XCUITestContext performInScope:] + 183
frame #26: 0x0000000123efdbdb XCTest`-[XCTestCase invokeTest] + 141
frame #27: 0x000000012891a50e CBL iOS Unit Tests`-[CBLTestCaseWithDB invokeTest](self=0x00006060003c28a0, _cmd="invokeTest") at CBLTestCase.m:169
frame #28: 0x00000001290966f4 CBL iOS Unit Tests`-[DatabaseAttachment_Tests invokeTest](self=0x00006060003c28a0, _cmd="invokeTest") at DatabaseAttachment_Tests.m:43
frame #29: 0x0000000123efeb9c XCTest`__26-[XCTestCase performTest:]_block_invoke.369 + 42
frame #30: 0x0000000123f4b2a3 XCTest`+[XCTContext runInContextForTestCase:block:] + 163
frame #31: 0x0000000123efe538 XCTest`-[XCTestCase performTest:] + 608
frame #32: 0x0000000123efa53e XCTest`__27-[XCTestSuite performTest:]_block_invoke + 363
frame #33: 0x0000000123ef9ea5 XCTest`-[XCTestSuite _performProtectedSectionForTest:testSection:] + 26
frame #34: 0x0000000123efa0a2 XCTest`-[XCTestSuite performTest:] + 239
frame #35: 0x0000000123efa53e XCTest`__27-[XCTestSuite performTest:]_block_invoke + 363
frame #36: 0x0000000123ef9ea5 XCTest`-[XCTestSuite _performProtectedSectionForTest:testSection:] + 26
frame #37: 0x0000000123efa0a2 XCTest`-[XCTestSuite performTest:] + 239
frame #38: 0x0000000123efa53e XCTest`__27-[XCTestSuite performTest:]_block_invoke + 363
frame #39: 0x0000000123ef9ea5 XCTest`-[XCTestSuite _performProtectedSectionForTest:testSection:] + 26
frame #40: 0x0000000123efa0a2 XCTest`-[XCTestSuite performTest:] + 239
frame #41: 0x0000000123f527c5 XCTest`__44-[XCTTestRunSession runTestsAndReturnError:]_block_invoke + 40
frame #42: 0x0000000123f0d712 XCTest`-[XCTestObservationCenter _observeTestExecutionForBlock:] + 475
frame #43: 0x0000000123f52664 XCTest`-[XCTTestRunSession runTestsAndReturnError:] + 281
frame #44: 0x0000000123ee9b98 XCTest`-[XCTestDriver runTestsAndReturnError:] + 314
frame #45: 0x0000000123f4a50e XCTest`_XCTestMain + 619
frame #46: 0x0000000111e662ac CoreFoundation`_CFRUNLOOP_IS_CALLING_OUT_TO_A_BLOCK_ + 12
frame #47: 0x0000000111e4aadb CoreFoundation`__CFRunLoopDoBlocks + 203
frame #48: 0x0000000111e4a2b4 CoreFoundation`__CFRunLoopRun + 1300
frame #49: 0x0000000111e49b29 CoreFoundation`CFRunLoopRunSpecific + 409
frame #50: 0x0000000112a1a9c6 GraphicsServices`GSEventRunModal + 62
frame #51: 0x000000010ea5e9a4 UIKit`UIApplicationMain + 159
frame #52: 0x000000010b2469df CBL Test`main(argc=7, argv=0x00007fff549bf850) at main.m:18
frame #53: 0x0000000114a0e621 libdyld.dylib`start + 1
Please let us know if there is anything that we could or need to do to prevent this issue.
Attachments
| For Gerrit Dashboard: MB-25808 | ||||||
|---|---|---|---|---|---|---|
| # | Subject | Branch | Project | Status | CR | V |
| 82992,1 | MB-25808: Space allocated in malloc does not take into account the null character copied by strcpy | master | forestdb | Status: ABANDONED | 0 | 0 |
| 82994,3 | MB-25808: Heap overflow when compacting forestDB | stable | forestdb | Status: MERGED | +2 | -1 |
| 82999,1 | Issue MB-25808: | stable | forestdb | Status: ABANDONED | 0 | -1 |
| 83004,1 | [BP] MB-25808: Heap overflow when compacting forestDB | spock | forestdb | Status: ABANDONED | 0 | -1 |