The __clayered_put function starts by resetting the stable constituent cursor with a call to __clayered_reset_cursors. When __clayered_put gets called by __clayered_update, however, its key argument is the key from the iface cursor. I believe that there are valid cursor states that point the iface cursor to the stable cursor, which would mean that the key argument gets invalidated by the __clayered_reset_cursors operation.
In that case, the later attempt to assign key to one of the constituents will be invalid.
I don't know if that operation can lead to an incorrect memory access in a user scenario, but with debug_mode.cursor_copy enabled, I'm getting consistent ASAN failures from the set operation.
- related to
-
WT-16968
Remove clearing WT_CURSTD_DEBUG_COPY_KEY and WT_CURSTD_DEBUG_COPY_VALUE in __clayered_open_cursors
-
- Closed
-