Loading...

Type: Bug
Resolution: Cannot Reproduce
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Sprint:
Storage 2017-08-21
Story Points:
None

Test format sanitizer failure on the PPC.

==9722==ERROR: AddressSanitizer: heap-use-after-free on address 0x0a20006b1510 at pc 0x000010569ba4 bp 0x3fff9a0ba7b0 sp 0x3fff9a0ba7d0
READ of size 8 at 0x0a20006b1510 thread T6584
Detaching after fork from child process 2522.
    #0 0x10569ba0 in __wt_txn_upd_visible_all /home/bostic/wiredtiger/./src/include/txn.i:335:20
    #1 0x10569860 in __wt_update_obsolete_check /home/bostic/wiredtiger/src/btree/row_modify.c:307:7
    #2 0x1056873c in __wt_update_serial /home/bostic/wiredtiger/./src/include/serial.i:330:13
    #3 0x105654d0 in __wt_row_modify /home/bostic/wiredtiger/src/btree/row_modify.c:126:3
    #4 0x106e5e70 in __cursor_row_modify /home/bostic/wiredtiger/src/btree/bt_cursor.c:360:10
    #5 0x106e9d00 in __btcur_update /home/bostic/wiredtiger/src/btree/bt_cursor.c:1064:9
    #6 0x106eb17c in __wt_btcur_update /home/bostic/wiredtiger/src/btree/bt_cursor.c:1167:10
    #7 0x105c1eb8 in __curfile_update /home/bostic/wiredtiger/src/cursor/cur_file.c:293:2
    #8 0x1064eb9c in __clsm_put /home/bostic/wiredtiger/src/lsm/lsm_cursor.c:1482:3
    #9 0x106403e4 in __clsm_update /home/bostic/wiredtiger/src/lsm/lsm_cursor.c:1591:2
    #10 0x1015a160 in row_update /home/bostic/wiredtiger/test/format/ops.c:1507:16
    #11 0x10151c44 in ops /home/bostic/wiredtiger/test/format/ops.c:829:11
    #12 0x10107658 in __asan::AsanThread::ThreadStart(unsigned long, __sanitizer::atomic_uintptr_t*) /home/dhows/downloads/llvm/projects/compiler-rt/lib/asan/asan_thread.cc:256
    #13 0x1003bec8 in asan_thread_start(void*) /home/dhows/downloads/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:296
    #14 0x3fffb7ee8940 in start_thread (/lib64/power8/libpthread.so.0+0x8940)
    #15 0x3fffb7c3763c in __clone (/lib64/power8/libc.so.6+0x11763c)

0x0a20006b1510 is located 0 bytes inside of 48-byte region [0x0a20006b1510,0x0a20006b1540)
freed by thread T6582 here:
    #0 0x100f30ac in __interceptor_cfree.localalias.0 /home/dhows/downloads/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:55
    #1 0x1029a748 in __wt_free_int /home/bostic/wiredtiger/src/os_common/os_alloc.c:311:2
    #2 0x10569f0c in __wt_update_obsolete_free /home/bostic/wiredtiger/src/btree/row_modify.c:350:3
    #3 0x105687c4 in __wt_update_serial /home/bostic/wiredtiger/./src/include/serial.i:333:3
    #4 0x105654d0 in __wt_row_modify /home/bostic/wiredtiger/src/btree/row_modify.c:126:3
    #5 0x106e5e70 in __cursor_row_modify /home/bostic/wiredtiger/src/btree/bt_cursor.c:360:10
    #6 0x106e9d00 in __btcur_update /home/bostic/wiredtiger/src/btree/bt_cursor.c:1064:9
    #7 0x106eb17c in __wt_btcur_update /home/bostic/wiredtiger/src/btree/bt_cursor.c:1167:10
    #8 0x105c1eb8 in __curfile_update /home/bostic/wiredtiger/src/cursor/cur_file.c:293:2
    #9 0x1064eb9c in __clsm_put /home/bostic/wiredtiger/src/lsm/lsm_cursor.c:1482:3
    #10 0x106403e4 in __clsm_update /home/bostic/wiredtiger/src/lsm/lsm_cursor.c:1591:2
    #11 0x1015a160 in row_update /home/bostic/wiredtiger/test/format/ops.c:1507:16
    #12 0x10151c44 in ops /home/bostic/wiredtiger/test/format/ops.c:829:11
    #13 0x10107658 in __asan::AsanThread::ThreadStart(unsigned long, __sanitizer::atomic_uintptr_t*) /home/dhows/downloads/llvm/projects/compiler-rt/lib/asan/asan_thread.cc:256
    #14 0x1003bec8 in asan_thread_start(void*) /home/dhows/downloads/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:296
    #15 0x3fffb7ee8940 in start_thread (/lib64/power8/libpthread.so.0+0x8940)
    #16 0x3fffb7c3763c in __clone (/lib64/power8/libc.so.6+0x11763c)

previously allocated by thread T6582 here:
    #0 0x100f34ec in calloc /home/dhows/downloads/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:74
    #1 0x102989e4 in __wt_calloc /home/bostic/wiredtiger/src/os_common/os_alloc.c:52:11
    #2 0x10567254 in __wt_update_alloc /home/bostic/wiredtiger/src/btree/row_modify.c:273:3
    #3 0x10565000 in __wt_row_modify /home/bostic/wiredtiger/src/btree/row_modify.c:94:4
    #4 0x106e5e70 in __cursor_row_modify /home/bostic/wiredtiger/src/btree/bt_cursor.c:360:10
    #5 0x106e9d00 in __btcur_update /home/bostic/wiredtiger/src/btree/bt_cursor.c:1064:9
    #6 0x106eb17c in __wt_btcur_update /home/bostic/wiredtiger/src/btree/bt_cursor.c:1167:10
    #7 0x105c1eb8 in __curfile_update /home/bostic/wiredtiger/src/cursor/cur_file.c:293:2
    #8 0x1064eb9c in __clsm_put /home/bostic/wiredtiger/src/lsm/lsm_cursor.c:1482:3
    #9 0x106403e4 in __clsm_update /home/bostic/wiredtiger/src/lsm/lsm_cursor.c:1591:2
    #10 0x1015a160 in row_update /home/bostic/wiredtiger/test/format/ops.c:1507:16
    #11 0x10151c44 in ops /home/bostic/wiredtiger/test/format/ops.c:829:11
    #12 0x10107658 in __asan::AsanThread::ThreadStart(unsigned long, __sanitizer::atomic_uintptr_t*) /home/dhows/downloads/llvm/projects/compiler-rt/lib/asan/asan_thread.cc:256
    #13 0x1003bec8 in asan_thread_start(void*) /home/dhows/downloads/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:296
    #14 0x3fffb7ee8940 in start_thread (/lib64/power8/libpthread.so.0+0x8940)
    #15 0x3fffb7c3763c in __clone (/lib64/power8/libc.so.6+0x11763c)

Thread T6584 created by T0 here:
    #0 0x1003bc58 in pthread_create /home/dhows/downloads/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:305
    #1 0x102b49d8 in __wt_thread_create /home/bostic/wiredtiger/src/os_posix/os_thread.c:30:2
    #2 0x1014c4f8 in wts_ops /home/bostic/wiredtiger/test/format/ops.c:125:3
    #3 0x10164b18 in main /home/bostic/wiredtiger/test/format/t.c:209:5
    #4 0x3fffb7b4457c in generic_start_main.isra.0 (/lib64/power8/libc.so.6+0x2457c)
    #5 0x3fffb7b44770 in __libc_start_main (/lib64/power8/libc.so.6+0x24770)

Thread T6582 created by T0 here:
    #0 0x1003bc58 in pthread_create /home/dhows/downloads/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:305
    #1 0x102b49d8 in __wt_thread_create /home/bostic/wiredtiger/src/os_posix/os_thread.c:30:2
    #2 0x1014c4f8 in wts_ops /home/bostic/wiredtiger/test/format/ops.c:125:3
    #3 0x10164b18 in main /home/bostic/wiredtiger/test/format/t.c:209:5
    #4 0x3fffb7b4457c in generic_start_main.isra.0 (/lib64/power8/libc.so.6+0x2457c)
    #5 0x3fffb7b44770 in __libc_start_main (/lib64/power8/libc.so.6+0x24770)

SUMMARY: AddressSanitizer: heap-use-after-free /home/bostic/wiredtiger/./src/include/txn.i:335:20 in __wt_txn_upd_visible_all

related to

WT-2607 heap use after free on overflow read on PPC

Closed

WT-3637 Fix a heap use after free from evicting of a page that just split.

Closed

Details

Description

Attachments

Issue Links

Activity

People

Dates