search

dragonflydb / dragonfly

A modern replacement for Redis and Memcached
https://www.dragonflydb.io/
Other
25.59k stars 939 forks source link

Dragonfly crash when running random commands #3359

Closed chakaz closed 2 months ago

chakaz commented 3 months ago

Run Dragonfly:

./dragonfly --dbfilename= --proactor_threads=2 --logtostdout

Then run this script:

#!/bin/bash

for cmd in BITOP BITPOS BLMOVE BLMPOP BLPOP BRPOP BRPOPLPUSH BZMPOP BZPOPMAX BZPOPMIN CLIENT CLUSTER COMMAND CONFIG COPY DBSIZE DEBUG DECR DECRBY DEL DISCARD DUMP ECHO EVAL EVALSHA EVALSHA_RO EVAL_RO EXEC EXISTS EXPIRE EXPIREAT EXPIRETIME FAILOVER FCALL FCALL_RO FLUSHALL FLUSHDB FUNCTION GEOADD GEODIST GEOHASH GEOPOS GEORADIUS GEORADIUSBYMEMBER GEORADIUSBYMEMBER_RO GEORADIUS_RO GEOSEARCH GEOSEARCHSTORE GET GETBIT GETDEL GETEX GETRANGE GETSET HDEL HELLO HEXISTS HGET HGETALL HINCRBY HINCRBYFLOAT HKEYS HLEN HMGET HMSET HRANDFIELD HSCAN HSET HSETNX HSTRLEN HVALS INCR INCRBY INCRBYFLOAT INFO KEYS LASTSAVE LATENCY LCS LINDEX LINSERT LLEN LMOVE LMPOP LOLWUT LPOP LPOS LPUSH LPUSHX LRANGE LREM LSET LTRIM MEMORY MGET MIGRATE MODULE MONITOR MOVE MSET MSETNX MULTI OBJECT PERSIST PEXPIRE PEXPIREAT PEXPIRETIME PFADD PFCOUNT PFDEBUG PFMERGE PFSELFTEST PING PSETEX PSUBSCRIBE PSYNC PTTL PUBLISH PUBSUB PUNSUBSCRIBE QUIT RANDOMKEY READONLY READWRITE RENAME RENAMENX REPLCONF REPLICAOF RESET RESTORE RESTORE-ASKING ROLE RPOP RPOPLPUSH RPUSH RPUSHX SADD SAVE SCAN SCARD SCRIPT SDIFF SDIFFSTORE SELECT SET SETBIT SETEX SETNX SETRANGE SHUTDOWN SINTER SINTERCARD SINTERSTORE SISMEMBER SLAVEOF SLOWLOG SMEMBERS SMISMEMBER SMOVE SORT SORT_RO SPOP SPUBLISH SRANDMEMBER SREM SSCAN SSUBSCRIBE STRLEN SUBSCRIBE SUBSTR SUNION SUNIONSTORE SUNSUBSCRIBE SWAPDB SYNC TIME TOUCH TTL TYPE UNLINK UNSUBSCRIBE UNWATCH WAIT WAITAOF WATCH XACK XADD XAUTOCLAIM XCLAIM XDEL XGROUP XINFO XLEN XPENDING XRANGE XREAD XREADGROUP XREVRANGE XSETID XTRIM ZADD ZCARD ZCOUNT ZDIFF ZDIFFSTORE ZINCRBY ZINTER ZINTERCARD ZINTERSTORE ZLEXCOUNT ZMPOP ZMSCORE ZPOPMAX ZPOPMIN ZRANDMEMBER ZRANGE ZRANGEBYLEX ZRANGEBYSCORE ZRANGESTORE ZRANK ZREM ZREMRANGEBYLEX ZREMRANGEBYRANK ZREMRANGEBYSCORE ZREVRANGE ZREVRANGEBYLEX ZREVRANGEBYSCORE ZREVRANK ZSCAN ZSCORE ZUNION ZUNIONSTORE; do
  RESULT=$(redis-cli $cmd)
  echo $RESULT
done

Boom:

F20240722 13:02:44.134325 1950478 transaction.cc:277] Check failed: absl::StartsWith(cid_->name(), "EVAL") GETEX
*** Check failure stack trace: ***
    @     0x55707392875b  google::LogMessage::Fail()
    @     0x5570739286a1  google::LogMessage::SendToLog()
    @     0x557073927e76  google::LogMessage::Flush()
    @     0x55707392bcee  google::LogMessageFatal::~LogMessageFatal()
    @     0x55707321670f  dfly::Transaction::InitByKeys()
    @     0x557073217847  dfly::Transaction::InitByArgs()
    @     0x557072b71099  dfly::Service::DispatchCommand()
    @     0x5570733c1a93  _ZZN6facade10Connection10ParseRedisEPNS_16SinkReplyBuilderEENKUlvE_clEv
    @     0x5570733cbb9a  _ZSt13__invoke_implIvRKZN6facade10Connection10ParseRedisEPNS0_16SinkReplyBuilderEEUlvE_JEET_St14__invoke_otherOT0_DpOT1_
    @     0x5570733cb49b  _ZSt8__invokeIRKZN6facade10Connection10ParseRedisEPNS0_16SinkReplyBuilderEEUlvE_JEENSt15__invoke_resultIT_JDpT0_EE4typeEOS8_DpOS9_
    @     0x5570733caa3c  _ZSt6invokeIRKZN6facade10Connection10ParseRedisEPNS0_16SinkReplyBuilderEEUlvE_JEENSt13invoke_resultIT_JDpT0_EE4typeEOS8_DpOS9_
    @     0x5570733c9caa  _ZN4absl12lts_2024011619functional_internal12InvokeObjectIZN6facade10Connection10ParseRedisEPNS3_16SinkReplyBuilderEEUlvE_vJEEET0_NS1_7VoidPtrEDpNS1_8ForwardTIT1_E4typeE
    @     0x5570733cec87  absl::lts_20240116::FunctionRef<>::operator()()
    @     0x5570733c193f  facade::Connection::DispatchSingle()
    @     0x5570733c1f53  facade::Connection::ParseRedis()
    @     0x5570733c08b5  facade::Connection::ConnectionFlow()
    @     0x5570733bee27  facade::Connection::HandleRequests()
    @     0x55707387e09f  util::ListenerInterface::RunSingleConnection()
    @     0x55707387c54c  _ZZZN4util17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvENKUlvE_clEv
    @     0x5570738834fa  _ZSt13__invoke_implIvZZN4util17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvEUlvE_JEET_St14__invoke_otherOT0_DpOT1_
    @     0x557073882a6a  _ZSt8__invokeIZZN4util17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvEUlvE_JEENSt15__invoke_resultIT_JDpT0_EE4typeEOS5_DpOS6_
    @     0x557073881eee  _ZSt12__apply_implIZZN4util17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvEUlvE_St5tupleIJEEJEEDcOT_OT0_St16integer_sequenceImJXspT1_EEE
    @     0x557073881f28  _ZSt5applyIZZN4util17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvEUlvE_St5tupleIJEEEDcOT_OT0_
    @     0x557073881fad  _ZN4util3fb26detail15WorkerFiberImplIZZNS_17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvEUlvE_JEE4run_EON5boost7context5fiberE
    @     0x557073881397  _ZZN4util3fb26detail15WorkerFiberImplIZZNS_17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvEUlvE_JEEC4INS0_19FixedStackAllocatorEEESt17basic_string_viewIcSt11char_traitsIcEERKN5boost7context12preallocatedEOT_OS5_ENKUlONSE_5fiberEE_clESM_
    @     0x5570738886d7  _ZSt13__invoke_implIN5boost7context5fiberERZN4util3fb26detail15WorkerFiberImplIZZNS3_17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvEUlvE_JEEC4INS4_19FixedStackAllocatorEEESt17basic_string_viewIcSt11char_traitsIcEERKNS1_12preallocatedEOT_OS9_EUlOS2_E_JS2_EESK_St14__invoke_otherOT0_DpOT1_
    @     0x5570738872de  _ZSt8__invokeIRZN4util3fb26detail15WorkerFiberImplIZZNS0_17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvEUlvE_JEEC4INS1_19FixedStackAllocatorEEESt17basic_string_viewIcSt11char_traitsIcEERKN5boost7context12preallocatedEOT_OS6_EUlONSF_5fiberEE_JSM_EENSt15__invoke_resultISJ_JDpT0_EE4typeESK_DpOSR_
    @     0x5570738863b1  _ZSt6invokeIRZN4util3fb26detail15WorkerFiberImplIZZNS0_17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvEUlvE_JEEC4INS1_19FixedStackAllocatorEEESt17basic_string_viewIcSt11char_traitsIcEERKN5boost7context12preallocatedEOT_OS6_EUlONSF_5fiberEE_JSM_EENSt13invoke_resultISJ_JDpT0_EE4typeESK_DpOSR_
    @     0x557073884a92  _ZN5boost7context6detail12fiber_recordINS0_5fiberEN4util3fb219FixedStackAllocatorEZNS5_6detail15WorkerFiberImplIZZNS4_17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvEUlvE_JEEC4IS6_EESt17basic_string_viewIcSt11char_traitsIcEERKNS0_12preallocatedEOT_OSB_EUlOS3_E_E3runEPv
    @     0x557073883620  _ZN5boost7context6detail11fiber_entryINS1_12fiber_recordINS0_5fiberEN4util3fb219FixedStackAllocatorEZNS6_6detail15WorkerFiberImplIZZNS5_17ListenerInterface13RunAcceptLoopEvENKUlvE0_clEvEUlvE_JEEC4IS7_EESt17basic_string_viewIcSt11char_traitsIcEERKNS0_12preallocatedEOT_OSC_EUlOS4_E_EEEEvNS1_10transfer_tE
    @     0x7f6c2664924f  make_fcontext
*** SIGABRT received at time=1721642564 on cpu 1 ***
PC: @     0x7f6c25c989fc  (unknown)  pthread_kill
    @     0x5570739af193         64  absl::lts_20240116::WriteFailureInfo()
    @     0x5570739af3ed         96  absl::lts_20240116::AbslFailureSignalHandler()
    @     0x7f6c25c44520  (unknown)  (unknown)
fish: Job 1, './dragonfly --dbfilename= --pro…' terminated by signal SIGABRT (Abort)
dranikpg commented 2 months ago

Looks like GETEX doesn't properly sanitize it's input before initializing transactions