Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Unresolved
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: Btree
Labels:
None

Assigned Teams:

Storage Engines - Persistence
Total Hours with Assigned Team:
101.677
Epic Link:
Investigation of spurious errors related to the block manager
Sprint:
SE Persistence backlog
Story Points:
None

Motivation

~~WT-14750~~ / PR #12079 introduced the sentinel WT_PAGE_TYPE_COUNT but only uses it in _rec_write. WiredTiger has many other places that switch (page->type) and fall into default: WT_ERR(wt_illegal_value(...)) — e.g. bt_curnext.c:840 / [:878|], the matching wt_btcur_prev, wt_row_search, cursor*_next/prev, and several others. There are roughly 15+ such call sites.

Each of those sites today produces an opaque "encountered an illegal file format or internal value: 0xN" message with no further context. We just hit one of them in production (mongod 8.0.23, __wt_btcur_next:878, type byte 0x0) and could only say "the byte was zero" — see the related diagnostics ticket for the read-side / page-dump work.

Proposal

Introduce a small inline helper and use it consistently:

static WT_INLINE bool
__wt_page_type_valid(uint8_t t)
{
    return (t != WT_PAGE_INVALID && t < WT_PAGE_TYPE_COUNT);
}

Then, before every switch (page->type) in the btree walkers and search paths, add an explicit check:

if (!__wt_page_type_valid(page->type))
    WT_RET(__wt_illegal_value(session, page->type));

Benefits over the current default: approach:

The check is uniform and explicit at every site (easier to grep, easier to audit, and harder to omit in new code).
It pairs naturally with the page-dump diagnostic from the related ticket — a single helper that triggers the dump.
It catches stray future values (e.g. between WT_PAGE_ROW_LEAF and WT_PAGE_TYPE_COUNT) that a default: arm misses if someone forgets to update the switch.

Scope

Add _wt_page_type_valid (header-only, alongside _wt_page_type_str in str_inline.h).
Audit and update all switch (page->type) sites in src/btree, src/cursor, and adjacent areas. Replace existing default: WT_ERR(_wt_illegal_value(...)) with the explicit pre-switch guard (keep the default: as a defensive _wt_illegal_value or WT_ASSERT_ALWAYS(false)).
No behavior change on the happy path; only a more consistent error surface.

Definition of done

New helper present and used at every switch (page->type) site in btree/cursor code.
Existing tests pass; no perf regression in microbenchmarks of cursor next/prev / search.
A short code-comment or doc note linking this helper to ~~WT-14750~~'s WT_PAGE_TYPE_COUNT, so future contributors know to extend the sentinel when new page types are added.

References

~~WT-14750~~ / PR #12079 — introduced WT_PAGE_TYPE_COUNT.
Companion ticket WT-17660 — read-side type validation and page/block dump on the illegal-value path. This ticket generalizes the protection across all switches.

is related to

WT-14750 Failure in __wt_page_inmem: "encountered an illegal file format or internal value: 0x0"

Closed

WT-17660 Improve diagnostics on illegal page type: validate at read time and dump page/block on failure

Open

Assignee:: [DO NOT USE] Backlog - Storage Engines Team
Reporter:: Etienne Petrel
Votes:: 0 Vote for this issue
Watchers:: 1 Start watching this issue

Created:: May 26 2026 09:13:53 PM UTC
Updated:: May 26 2026 10:57:40 PM UTC

Details

Description

Motivation

Proposal

Scope

Definition of done

References

Attachments

Issue Links

Activity

People

Dates