-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Major - P3
-
Affects Version/s: None
-
Component/s: None
-
Labels:
-
2
-
BermudaTriangle- 2023-09-05, TheMoon-StorEng - 2023-09-19
Summary
I've got so far two sanitizer failures in __wt_lex_compare in my recent patch builds (in both cases, my changes are unrelated to the failure):
- An earlier failure: https://spruce.mongodb.com/task/wiredtiger_ubuntu2004_asan_unittest_test_patch_4ae81b794dc4a9229d94b2f70cf393287bda88c9_64ee453f3066157d889d7d0a_23_08_29_19_21_36/logs?execution=0
- One today: https://spruce.mongodb.com/task/wiredtiger_ubuntu2004_asan_unittest_test_patch_9989a9ee4b2e1cabec4ec1c8b927a5b295952459_64f0ba4cc9ec44321a55a7c6_23_08_31_16_05_33/logs?execution=0
Details
Here are the failure details from today's failure:
Unable to find source-code formatter for language: plain. Available languages are: actionscript, ada, applescript, bash, c, c#, c++, cpp, css, erlang, go, groovy, haskell, html, java, javascript, js, json, lua, none, nyan, objc, perl, php, python, r, rainbow, ruby, scala, sh, sql, swift, visualbasic, xml, yaml
[2023/08/31 16:26:21.507] ==13215==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000007f1242 at pc 0x7fc78471dad4 bp 0x7fff4c4efd50 sp 0x7fff4c4efd48 [2023/08/31 16:26:22.148] READ of size 1 at 0x0000007f1242 thread T0 [2023/08/31 16:26:22.148] #0 0x7fc78471dad3 in __wt_lex_compare /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/src/include/btree_cmp_inline.h:91:13 [2023/08/31 16:26:22.148] #1 0x7fc784712f82 in __txn_mod_compare /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/src/txn/txn.c:1550:13 [2023/08/31 16:26:22.148] #2 0x7fc78471c5a8 in __ut_txn_mod_compare /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/src/txn/txn.c:2728:13 [2023/08/31 16:26:23.064] #3 0x7fc783e68780 in msort_with_tmp /build/glibc-SzIz7B/glibc-2.31/stdlib/msort.c:124:9 [2023/08/31 16:26:23.064] #4 0x7fc783e686a1 in msort_with_tmp /build/glibc-SzIz7B/glibc-2.31/stdlib/msort.c:45:6 [2023/08/31 16:26:23.064] #5 0x7fc783e686a1 in msort_with_tmp /build/glibc-SzIz7B/glibc-2.31/stdlib/msort.c:54:3 [2023/08/31 16:26:23.064] #6 0x7fc783e68c9d in msort_with_tmp /build/glibc-SzIz7B/glibc-2.31/stdlib/msort.c:45:6 [2023/08/31 16:26:23.064] #7 0x7fc783e68c9d in qsort_r /build/glibc-SzIz7B/glibc-2.31/stdlib/msort.c:254:7 [2023/08/31 16:26:23.121] #8 0x4dd705 in qsort /data/mci/cf02dab68c6203199a2c4dcdba60629c/toolchain-builder/tmp/build-llvm-v4.sh-Hnp/llvm-project-llvmorg/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:9917:3 [2023/08/31 16:26:23.121] #9 0x69b7e4 in (anonymous namespace)::C_A_T_C_H_T_E_S_T_6() /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/test/unittest/tests/test_prepare_mod_sort.cpp:270:5 [2023/08/31 16:26:23.121] #10 0x558549 in Catch::TestInvokerAsFunction::invoke() const /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/cmake_build/_deps/catch2-src/single_include/catch2/catch.hpp:14328:9 [2023/08/31 16:26:23.121] #11 0x54fa47 in Catch::TestCase::invoke() const /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/cmake_build/_deps/catch2-src/single_include/catch2/catch.hpp:14167:15 [2023/08/31 16:26:23.121] #12 0x54f919 in Catch::RunContext::invokeActiveTestCase() /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/cmake_build/_deps/catch2-src/single_include/catch2/catch.hpp:13027:27 [2023/08/31 16:26:23.121] #13 0x54cf1a in Catch::RunContext::runCurrentTest(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >&) /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/cmake_build/_deps/catch2-src/single_include/catch2/catch.hpp:13000:17 [2023/08/31 16:26:23.121] #14 0x54bd52 in Catch::RunContext::runTest(Catch::TestCase const&) /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/cmake_build/_deps/catch2-src/single_include/catch2/catch.hpp:12761:13 [2023/08/31 16:26:23.121] #15 0x55393e in Catch::(anonymous namespace)::TestGroup::execute() /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/cmake_build/_deps/catch2-src/single_include/catch2/catch.hpp:13354:45 [2023/08/31 16:26:23.121] #16 0x55286e in Catch::Session::runInternal() /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/cmake_build/_deps/catch2-src/single_include/catch2/catch.hpp:13560:39 [2023/08/31 16:26:23.121] #17 0x5525a3 in Catch::Session::run() /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/cmake_build/_deps/catch2-src/single_include/catch2/catch.hpp:13516:24 [2023/08/31 16:26:23.121] #18 0x59f7be in int Catch::Session::run<char>(int, char const* const*) /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/cmake_build/_deps/catch2-src/single_include/catch2/catch.hpp:13238:30 [2023/08/31 16:26:23.121] #19 0x574da7 in main /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/test/unittest/tests/main.cpp:20:29 [2023/08/31 16:26:23.121] #20 0x7fc783e47082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16 [2023/08/31 16:26:23.121] #21 0x48297d in _start (/data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/cmake_build/test/unittest/unittests+0x48297d) [2023/08/31 16:26:23.121] 0x0000007f1242 is located 62 bytes to the left of global variable '__const._ZN12_GLOBAL__N_118rand_non_keyd_typeEv.types' defined in '/data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/test/unittest/tests/test_prepare_mod_sort.cpp' (0x7f1280) of size 16 [2023/08/31 16:26:23.121] 0x0000007f1242 is located 0 bytes to the right of global variable '<string literal>' defined in '/data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/test/unittest/tests/test_prepare_mod_sort.cpp:262:23' (0x7f1240) of size 2 [2023/08/31 16:26:23.121] '<string literal>' is ascii string '1' [2023/08/31 16:26:23.121] SUMMARY: AddressSanitizer: global-buffer-overflow /data/mci/87ab58475a74eccc05e8e77eddd7e8a9/wiredtiger/src/include/btree_cmp_inline.h:91:13 in __wt_lex_compare [2023/08/31 16:26:23.121] Shadow bytes around the buggy address: [2023/08/31 16:26:23.121] 0x0000800f61f0: f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9 03 f9 f9 f9 [2023/08/31 16:26:23.121] 0x0000800f6200: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 03 f9 f9 f9 [2023/08/31 16:26:23.121] 0x0000800f6210: f9 f9 f9 f9 00 04 f9 f9 f9 f9 f9 f9 00 00 00 00 [2023/08/31 16:26:23.121] 0x0000800f6220: 00 00 00 00 05 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [2023/08/31 16:26:23.121] 0x0000800f6230: 00 00 00 00 00 00 03 f9 f9 f9 f9 f9 00 00 00 00 [2023/08/31 16:26:23.121] =>0x0000800f6240: 05 f9 f9 f9 f9 f9 f9 f9[02]f9 f9 f9 f9 f9 f9 f9 [2023/08/31 16:26:23.121] 0x0000800f6250: 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [2023/08/31 16:26:23.121] 0x0000800f6260: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [2023/08/31 16:26:23.121] 0x0000800f6270: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [2023/08/31 16:26:23.121] 0x0000800f6280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [2023/08/31 16:26:23.121] 0x0000800f6290: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [2023/08/31 16:26:23.121] Shadow byte legend (one shadow byte represents 8 application bytes): [2023/08/31 16:26:23.121] Addressable: 00 [2023/08/31 16:26:23.121] Partially addressable: 01 02 03 04 05 06 07 [2023/08/31 16:26:23.121] Heap left redzone: fa [2023/08/31 16:26:23.121] Freed heap region: fd [2023/08/31 16:26:23.121] Stack left redzone: f1 [2023/08/31 16:26:23.121] Stack mid redzone: f2 [2023/08/31 16:26:23.121] Stack right redzone: f3 [2023/08/31 16:26:23.121] Stack after return: f5 [2023/08/31 16:26:23.121] Stack use after scope: f8 [2023/08/31 16:26:23.121] Global redzone: f9 [2023/08/31 16:26:23.121] Global init order: f6 [2023/08/31 16:26:23.121] Poisoned by user: f7 [2023/08/31 16:26:23.121] Container overflow: fc [2023/08/31 16:26:23.121] Array cookie: ac [2023/08/31 16:26:23.121] Intra object redzone: bb [2023/08/31 16:26:23.121] ASan internal: fe [2023/08/31 16:26:23.121] Left alloca redzone: ca [2023/08/31 16:26:23.121] Right alloca redzone: cb [2023/08/31 16:26:23.121] Shadow gap: cc [2023/08/31 16:26:23.121] ==13215==ABORTING
The failure in the previous patch build is similar, except that the sort function is __wt_qsort_r instead, as that was on a branch that did not have WT-11539 merged.