Details
-
Task
-
Status: Closed
-
Resolution: Fixed
-
None
-
None
-
None
Description
A test/format heap sanitizer run failed with:
=================================================================
|
==75307==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6120000fb890 at pc 0x5a869d bp 0x7f1e5cd528d0 sp 0x7f1e5cd528c8
|
READ of size 4 at 0x6120000fb890 thread T32
|
#0 0x5a869c in __recovery_cursor /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:57
|
WT-1 0x5a7712 in __txn_op_apply /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:166
|
WT-2 0x5a7712 in __txn_commit_apply /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:242
|
WT-3 0x5a7712 in __txn_log_recover /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:277
|
WT-4 0x57868d in __wt_log_scan /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/log/log.c:906
|
WT-5 0x5a6613 in __wt_txn_recover /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:447
|
WT-6 0x57572a in __wt_log_open /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/log/log.c:230
|
WT-7 0x54c830 in __wt_logmgr_create /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/conn/conn_log.c:193
|
WT-8 0x46a142 in __wt_connection_workers /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/conn/conn_open.c:234
|
WT-9 0x45f615 in wiredtiger_open /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/conn/conn_api.c:1339
|
WT-10 0x459b94 in wts_open /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/../../../test/format/wts.c:117
|
WT-11 0x449a69 in check_copy /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/../../../test/format/backup.c:41
|
WT-12 0x449a69 in hot_backup /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/../../../test/format/backup.c:150
|
WT-13 0x441903 in __asan::AsanThread::ThreadStart(unsigned long) (/home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/t+0x441903)
|
WT-14 0x339e807c52 in start_thread (/lib64/libpthread.so.0+0x339e807c52)
|
WT-15 0x339e0f5dbc in __clone (/lib64/libc.so.6+0x339e0f5dbc)
|
0x6120000fb890 is located 16 bytes to the right of 320-byte region [0x6120000fb740,0x6120000fb880)
|
allocated by thread T32 here:
|
#0 0x43b4a9 in realloc (/home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/t+0x43b4a9)
|
WT-1 0x48dc12 in __wt_realloc /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/os_posix/os_alloc.c:80
|
Thread T32 created by T0 here:
|
#0 0x4372f0 in __interceptor_pthread_create (/home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/t+0x4372f0)
|
WT-1 0x450ca1 in wts_ops /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/../../../test/format/ops.c:99
|
WT-2 0x456d92 in main /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/test/format/../../../test/format/t.c:189
|
SUMMARY: AddressSanitizer: heap-buffer-overflow /home/jenkins/jenkins/workspace/wiredtiger-test-format-stress-santizer/build_posix/../src/txn/txn_recover.c:57 __recovery_cursor
|
Shadow bytes around the buggy address:
|
0x0c24800176c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c24800176d0: 00 00 00 00 00 00 00 00 00 00 00 00 fa fa fa fa
|
0x0c24800176e0: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
|
0x0c24800176f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c2480017700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
=>0x0c2480017710: fa fa[fa]fa fa fa fa fa 00 00 00 00 00 00 00 00
|
0x0c2480017720: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c2480017730: 00 00 00 00 00 00 00 00 00 00 fa fa fa fa fa fa
|
0x0c2480017740: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
|
0x0c2480017750: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c2480017760: 00 00 00 00 00 00 00 00 00 00 fa fa fa fa fa fa
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Heap right redzone: fb
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack partial redzone: f4
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
ASan internal: fe
|
test/format configuration file:
auto_throttle=0
|
firstfit=0
|
# bitcnt not applicable to this run
|
bloom=1
|
bloom_bit_count=28
|
bloom_hash_count=20
|
bloom_oldest=0
|
cache=240
|
checkpoints=1
|
checksum=on
|
chunk_size=8
|
compaction=0
|
compression=none
|
data_extend=0
|
data_source=lsm
|
delete_pct=28
|
dictionary=0
|
file_type=row-store
|
hot_backups=1
|
huffman_key=0
|
huffman_value=0
|
insert_pct=68
|
internal_key_truncation=1
|
internal_page_max=17
|
key_gap=2
|
key_max=82
|
key_min=12
|
leaf_page_max=16
|
logging=1
|
merge_max=4
|
merge_threads=4
|
mmap=1
|
ops=100000
|
prefix_compression=1
|
prefix_compression_min=7
|
repeat_data_pct=74
|
reverse=0
|
rows=100000
|
runs=1
|
split_pct=81
|
statistics=0
|
threads=23
|
value_max=2972
|
value_min=10
|
# wiredtiger_config not applicable to this run
|
write_pct=34
|
Attachments
Issue Links
- related to
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed
-
- Closed