Uploaded image for project: 'WiredTiger'
  1. WiredTiger
  2. WT-7883

Remove incorrect wt_free statement

    XMLWordPrintableJSON

Details

    Description

      Here's some valgrind output:

      ==27531== Invalid write of size 4
      		 
      ==27531==    at 0x523703E: pthread_mutex_lock (pthread_mutex_lock.c:157)
      		 
      ==27531==    by 0x82E304F: __wt_spin_lock (mutex_inline.h:170)
      		 
      ==27531==    by 0x82E304F: __wt_conn_dhandle_close (conn_dhandle.c:340)
      		 
      ==27531==    by 0x83DC21A: __wt_session_release_dhandle (session_dhandle.c:263)
      		 
      ==27531==    by 0x837B6EC: __meta_track_unroll (meta_track.c:187)
      		 
      ==27531==    by 0x837B6EC: __wt_meta_track_off (meta_track.c:305)
      		 
      ==27531==    by 0x83BA593: __schema_create (schema_create.c:974)
      		 
      ==27531==    by 0x83BA593: __wt_schema_create (schema_create.c:990)
      		 
      ==27531==    by 0x83D8419: __wt_session_create (session_api.c:710)
      		 
      ==27531==    by 0x83D8619: __session_create (session_api.c:753)
      		 
      ==27531==    by 0x7FF9B31: _wrap_Session_create (wiredtiger_wrap.c:6053)
      		 
      ==27531==    by 0x5667D1: _PyCFunction_FastCallDict (in /home/ubuntu/mongo/py3/bin/python3)
      		 
      ==27531==    by 0x50A5C2: ??? (in /home/ubuntu/mongo/py3/bin/python3)
      		 
      ==27531==    by 0x50BFB3: _PyEval_EvalFrameDefault (in /home/ubuntu/mongo/py3/bin/python3)
      		 
      ==27531==    by 0x509757: ??? (in /home/ubuntu/mongo/py3/bin/python3)
      		 
      ==27531==  Address 0x9fa3478 is 184 bytes inside a block of size 440 free'd
      		 
      ==27531==    at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
      		 
      ==27531==    by 0x838031A: __wt_free_int (os_alloc.c:303)
      		 
      ==27531==    by 0x83F277E: __tiered_open (tiered_handle.c:580)
      		 
      ==27531==    by 0x83F277E: __wt_tiered_open (tiered_handle.c:598)
      		 
      ==27531==    by 0x82E3E4C: __wt_conn_dhandle_open (conn_dhandle.c:579)
      		 
      ==27531==    by 0x83DC7D0: __wt_session_get_dhandle (session_dhandle.c:510)
      		 
      ==27531==    by 0x83BD95B: __schema_get_tiered_uri (schema_list.c:24)
      		 
      ==27531==    by 0x83BD95B: __wt_schema_get_tiered_uri (schema_list.c:40)
      		 
      ==27531==    by 0x83BB62B: __create_tiered (schema_create.c:878)
      		 
      ==27531==    by 0x83BB62B: __schema_create (schema_create.c:965)
      		 
      ==27531==    by 0x83BB62B: __wt_schema_create (schema_create.c:990)
      		 
      ==27531==    by 0x83BC0D7: __create_colgroup (schema_create.c:410)
      		 
      ==27531==    by 0x83BB440: __create_table (schema_create.c:779)
      		 
      ==27531==    by 0x83BB440: __schema_create (schema_create.c:961)
      		 
      ==27531==    by 0x83BB440: __wt_schema_create (schema_create.c:990)
      		 
      ==27531==    by 0x83D8419: __wt_session_create (session_api.c:710)
      		 
      ==27531==    by 0x83D8619: __session_create (session_api.c:753)
      		 
      ==27531==    by 0x7FF9B31: _wrap_Session_create (wiredtiger_wrap.c:6053)
      		 
      ==27531==  Block was alloc'd at
      		 
      ==27531==    at 0x4C31B25: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
      		 
      ==27531==    by 0x83800DF: __wt_calloc (os_alloc.c:50)
      		 
      ==27531==    by 0x82E2BBD: __wt_conn_dhandle_alloc (conn_dhandle.c:191)
      		 
      ==27531==    by 0x83DC75F: __session_find_shared_dhandle (session_dhandle.c:415)
      		 
      ==27531==    by 0x83DC75F: __session_get_dhandle (session_dhandle.c:445)
      		 
      ==27531==    by 0x83DC75F: __wt_session_get_dhandle (session_dhandle.c:474)
      		 
      ==27531==    by 0x83BAD7D: __create_file (schema_create.c:266)
      		 
      ==27531==    by 0x83BAD7D: __schema_create (schema_create.c:953)
      		 
      ==27531==    by 0x83BAD7D: __wt_schema_create (schema_create.c:990)
      		 
      ==27531==    by 0x83F1F1A: __tiered_create_local (tiered_handle.c:144)
      		 
      ==27531==    by 0x83F1F1A: __tiered_switch (tiered_handle.c:411)
      		 
      ==27531==    by 0x83F1F1A: __wt_tiered_switch (tiered_handle.c:438)
      		 
      ==27531==    by 0x83F29C5: __tiered_open (tiered_handle.c:560)
      		 
      ==27531==    by 0x83F29C5: __wt_tiered_open (tiered_handle.c:598)
      		 
      ==27531==    by 0x82E3E4C: __wt_conn_dhandle_open (conn_dhandle.c:579)
      		 
      ==27531==    by 0x83DC7D0: __wt_session_get_dhandle (session_dhandle.c:510)
      		 
      ==27531==    by 0x83BD95B: __schema_get_tiered_uri (schema_list.c:24)
      		 
      ==27531==    by 0x83BD95B: __wt_schema_get_tiered_uri (schema_list.c:40)
      		 
      ==27531==    by 0x83BB62B: __create_tiered (schema_create.c:878)
      		 
      ==27531==    by 0x83BB62B: __schema_create (schema_create.c:965)
      		 
      ==27531==    by 0x83BB62B: __wt_schema_create (schema_create.c:990)
      		 
      ==27531==    by 0x83BC0D7: __create_colgroup (schema_create.c:410)

      This came up when debugging a different problem - this could be reproduced by having local_open() return an error.

      Note that __tiered_open (tiered_handle.c:580) is freeing the storage that is later used.  This line is:

              __wt_free(session, tiered->tiers);

      But tiers is declared as: 

       struct __wt_tiered {
      		 
         ...
      		 
         WT_TIERED_TIERS tiers[WT_TIERED_MAX_TIERS]; /* Tiers array */

      i.e. not dynamic storage.  Not sure what the free is going to do, but it's probably not good.

      Attachments

        Activity

          People

            sue.loverso@mongodb.com Susan LoVerso
            donald.anderson@mongodb.com Donald Anderson
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: