-
Type:
Task
-
Resolution: Done
-
Affects Version/s: None
-
Component/s: None
-
None
-
None
-
None
A test/format heap sanitizer run failed with:
=================================================================
==75307==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6120000fb890 at pc 0x5a869d bp 0x7f1e5cd528d0 sp 0x7f1e5cd528c8
READ of size 4 at 0x6120000fb890 thread T32
#0 0x5a869c in __recovery_cursor /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:57
WT-1 0x5a7712 in __txn_op_apply /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:166
WT-2 0x5a7712 in __txn_commit_apply /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:242
WT-3 0x5a7712 in __txn_log_recover /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:277
WT-4 0x57868d in __wt_log_scan /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/log/log.c:906
WT-5 0x5a6613 in __wt_txn_recover /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:447
WT-6 0x57572a in __wt_log_open /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/log/log.c:230
WT-7 0x54c830 in __wt_logmgr_create /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/conn/conn_log.c:193
WT-8 0x46a142 in __wt_connection_workers /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/conn/conn_open.c:234
WT-9 0x45f615 in wiredtiger_open /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/conn/conn_api.c:1339
WT-10 0x459b94 in wts_open /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/../../../test/format/wts.c:117
WT-11 0x449a69 in check_copy /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/../../../test/format/backup.c:41
WT-12 0x449a69 in hot_backup /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/../../../test/format/backup.c:150
WT-13 0x441903 in __asan::AsanThread::ThreadStart(unsigned long) (/home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/t+0x441903)
WT-14 0x339e807c52 in start_thread (/lib64/libpthread.so.0+0x339e807c52)
WT-15 0x339e0f5dbc in __clone (/lib64/libc.so.6+0x339e0f5dbc)
0x6120000fb890 is located 16 bytes to the right of 320-byte region [0x6120000fb740,0x6120000fb880)
allocated by thread T32 here:
#0 0x43b4a9 in realloc (/home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/t+0x43b4a9)
WT-1 0x48dc12 in __wt_realloc /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/os_posix/os_alloc.c:80
Thread T32 created by T0 here:
#0 0x4372f0 in __interceptor_pthread_create (/home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/t+0x4372f0)
WT-1 0x450ca1 in wts_ops /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/../../../test/format/ops.c:99
WT-2 0x456d92 in main /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/../../../test/format/t.c:189
SUMMARY: AddressSanitizer: heap-buffer-overflow /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:57 __recovery_cursor
Shadow bytes around the buggy address:
0x0c24800176c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c24800176d0: 00 00 00 00 00 00 00 00 00 00 00 00 fa fa fa fa
0x0c24800176e0: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
0x0c24800176f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c2480017700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c2480017710: fa fa[fa]fa fa fa fa fa 00 00 00 00 00 00 00 00
0x0c2480017720: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c2480017730: 00 00 00 00 00 00 00 00 00 00 fa fa fa fa fa fa
0x0c2480017740: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
0x0c2480017750: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c2480017760: 00 00 00 00 00 00 00 00 00 00 fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
ASan internal: fe
test/format configuration file:
auto_throttle=0 firstfit=0 # bitcnt not applicable to this run bloom=1 bloom_bit_count=28 bloom_hash_count=20 bloom_oldest=0 cache=240 checkpoints=1 checksum=on chunk_size=8 compaction=0 compression=none data_extend=0 data_source=lsm delete_pct=28 dictionary=0 file_type=row-store hot_backups=1 huffman_key=0 huffman_value=0 insert_pct=68 internal_key_truncation=1 internal_page_max=17 key_gap=2 key_max=82 key_min=12 leaf_page_max=16 logging=1 merge_max=4 merge_threads=4 mmap=1 ops=100000 prefix_compression=1 prefix_compression_min=7 repeat_data_pct=74 reverse=0 rows=100000 runs=1 split_pct=81 statistics=0 threads=23 value_max=2972 value_min=10 # wiredtiger_config not applicable to this run write_pct=34
- related to
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed