...
BugZero found this defect 2856 days ago.
At shutdown time, after acquiring a Global X lock, shutdownTask() calls shutdownGlobalStorageEngineCleanly(). On WiredTiger, this calls __conn_close(), which proceeds to close all open sessions. Problematically, the destructor for ScopedTransaction calls abandonSnapshot(), which calls _txnClose(). _txnClose accesses a session, managed by the WiredTigerSessionCache. Because no DB locks are held by ScopedTransaction, accessing sessions in ScopedTransaction by threads other than the one in shutdownTask() can race with the closing of these sessions by the WT shutdown code. This can possibly result in a null pointer exception at shutdown time.
ramon.fernandez commented on Thu, 24 Aug 2017 13:45:13 +0000: Author: {'username': u'dgottlieb', 'name': u'Daniel Gottlieb', 'email': u'daniel.gottlieb@mongodb.com'} Message:SERVER-27411: Abandon snapshots before locks are released. The storage engine may only be accessed by clients holding the Global lock in at least MODE_IS. Otherwise, during shutdown or in the future, Recover to a Timestamp, there can be a race where the storage engine is accessed while it is being destroyed or expects acquiescence from the system. Branch:master https://github.com/mongodb/mongo/commit/3b8719aecf7541ee83738d9241bfcbc1281b6ed2 daniel.gottlieb@10gen.com commented on Wed, 23 Aug 2017 02:04:35 +0000: commit 3b8719aecf7541ee83738d9241bfcbc1281b6ed2 (HEAD -> master, origin/master, origin/HEAD) Author: Daniel Gottlieb Date: Tue Aug 22 21:39:06 2017 -0400 SERVER-27411: Abandon snapshots before locks are released. The storage engine may only be accessed by clients holding the Global lock in at least MODE_IS. Otherwise, during shutdown or in the future, Recover to a Timestamp, there can be a race where the storage engine is accessed while it is being destroyed or expects acquiescence from the system.