-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Major - P3
-
Affects Version/s: None
-
Component/s: Extensions
-
Storage Engines
-
3
-
Megabat - 2024-05-14
To reproduce, you will need a MSan build (-DCMAKE_BUILD_TYPE=MSan) and the following test/format config should be good (seems that the important bit is disk.encryption=rotn-7:
############################################ # RUN PARAMETERS: V3 ############################################ assert.read_timestamp=0 backup=0 backup.incremental=off backup.incr_granularity=8876 block_cache=1 block_cache.cache_on_checkpoint=0 block_cache.cache_on_writes=0 block_cache.size=123 btree.huffman_value=0 buffer_alignment=1 cache=612 cache.evict_max=4 cache.minimum=20 checkpoint=off checkpoint.log_size=30 checkpoint.wait=15 debug.checkpoint_retention=8 debug.cursor_reposition=0 debug.eviction=0 debug.log_retention=9 debug.realloc_exact=0 debug.realloc_malloc=0 debug.slow_checkpoint=0 debug.table_logging=0 debug.update_restore_evict=0 disk.data_extend=0 disk.direct_io=0 disk.encryption=rotn-7 disk.mmap=1 disk.mmap_all=0 file_manager.close_handle_minimum=29 file_manager.close_idle_time=17 file_manager.close_scan_interval=15 format.abort=1 format.independent_thread_rng=1 format.major_timeout=0 import=0 logging=0 logging.compression=none logging.file_max=316249 logging.prealloc=0 logging.remove=0 ops.alter=1 ops.compaction=0 ops.hs_cursor=1 ops.bound_cursor=0 ops.prepare=0 ops.random_cursor=0 ops.salvage=0 ops.verify=1 quiet=1 random.data_seed=12800245 random.extra_seed=12501840 runs.in_memory=0 runs.ops=50000 runs.predictable_replay=0 runs.rows=10000 runs.tables=3 runs.threads=16 runs.timer=11 runs.verify_failure_dump=0 statistics.mode=all statistics_log.sources=off stress.aggressive_sweep=0 stress.checkpoint=0 stress.checkpoint_evict_page=0 stress.checkpoint_prepare=0 stress.evict_reposition=0 stress.failpoint_eviction_fail_after_reconciliation=0 stress.failpoint_hs_delete_key_from_ts=0 stress.hs_checkpoint_delay=0 stress.hs_search=0 stress.hs_sweep=0 stress.sleep_before_read_overflow_onpage=0 stress.split_1=0 stress.split_2=0 stress.split_3=0 stress.split_4=0 stress.split_5=0 stress.split_6=0 stress.split_7=0 stress.split_8=0 transaction.implicit=0 transaction.timestamps=1 wiredtiger.config=off wiredtiger.rwlock=1 wiredtiger.leak_memory=0 ############################################ # TABLE PARAMETERS: table 1 ############################################ table1.btree.compression=snappy table1.btree.dictionary=0 table1.btree.internal_key_truncation=0 table1.btree.internal_page_max=11 table1.btree.key_max=127 table1.btree.key_min=32 table1.btree.leaf_page_max=17 table1.btree.memory_page_max=6 table1.btree.prefix_len=0 table1.btree.prefix_compression=1 table1.btree.prefix_compression_min=3 table1.btree.reverse=0 table1.btree.split_pct=84 table1.btree.value_max=1254 table1.btree.value_min=8 table1.disk.checksum=unencrypted table1.disk.firstfit=1 table1.ops.pct.delete=5 table1.ops.pct.insert=4 table1.ops.pct.modify=77 table1.ops.pct.read=9 table1.ops.pct.write=5 table1.ops.truncate=0 table1.runs.mirror=1 table1.runs.source=table table1.runs.type=row-store ############################################ # TABLE PARAMETERS: table 2 ############################################ table2.btree.compression=zlib table2.btree.dictionary=0 table2.btree.internal_key_truncation=1 table2.btree.internal_page_max=13 table2.btree.leaf_page_max=11 table2.btree.memory_page_max=6 table2.btree.repeat_data_pct=42 table2.btree.split_pct=80 table2.btree.value_max=3608 table2.btree.value_min=9 table2.disk.checksum=on table2.disk.firstfit=0 table2.ops.pct.delete=39 table2.ops.pct.insert=15 table2.ops.pct.modify=29 table2.ops.pct.read=3 table2.ops.pct.write=14 table2.ops.truncate=0 table2.runs.mirror=1 table2.runs.source=file table2.runs.type=variable-length column-store ############################################ # TABLE PARAMETERS: table 3 ############################################ table3.btree.compression=none table3.btree.dictionary=0 table3.btree.internal_key_truncation=1 table3.btree.internal_page_max=14 table3.btree.key_max=55 table3.btree.key_min=32 table3.btree.leaf_page_max=15 table3.btree.memory_page_max=6 table3.btree.prefix_len=0 table3.btree.prefix_compression=1 table3.btree.prefix_compression_min=8 table3.btree.reverse=0 table3.btree.split_pct=59 table3.btree.value_max=3202 table3.btree.value_min=0 table3.disk.checksum=on table3.disk.firstfit=0 table3.ops.pct.delete=48 table3.ops.pct.insert=33 table3.ops.pct.modify=11 table3.ops.pct.read=1 table3.ops.pct.write=7 table3.ops.truncate=0 table3.runs.mirror=0 table3.runs.source=table table3.runs.type=row-store ########################################
Stack trace:
==5510==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x7ff31324250d in do_rotate /home/ubuntu/wiredtiger/build_msan/../ext/encryptors/rotn/rotn_encrypt.c:152:27
#1 0x7ff313241555 in rotn_encrypt /home/ubuntu/wiredtiger/build_msan/../ext/encryptors/rotn/rotn_encrypt.c:202:9
#2 0x7ff312facb18 in __wt_encrypt /home/ubuntu/wiredtiger/build_msan/../src/support/crypto.c:89:5
#3 0x7ff312a7d3c8 in __wt_blkcache_write /home/ubuntu/wiredtiger/build_msan/../src/block_cache/block_io.c:339:9
#4 0x7ff312eec410 in __rec_write /home/ubuntu/wiredtiger/build_msan/../src/reconcile/rec_write.c:900:13
#5 0x7ff312eec09e in __wt_rec_cell_build_ovfl /home/ubuntu/wiredtiger/build_msan/../src/reconcile/rec_write.c:2801:9
#6 0x7ff312eb5a23 in __rec_cell_build_leaf_key /home/ubuntu/wiredtiger/build_msan/../src/reconcile/rec_row.c:160:21
#7 0x7ff312eb5847 in __rec_cell_build_leaf_key /home/ubuntu/wiredtiger/build_msan/../src/reconcile/rec_row.c:162:17
#8 0x7ff312eb492e in __wt_bulk_insert_row /home/ubuntu/wiredtiger/build_msan/../src/reconcile/rec_row.c:192:5
#9 0x7ff312c7a2cc in __curbulk_insert_row /home/ubuntu/wiredtiger/build_msan/../src/cursor/cur_bulk.c:256:11
#10 0x4a0a77 in table_load /home/ubuntu/wiredtiger/build_msan/../test/format/bulk.c:163:20
#11 0x49fd1b in wts_load /home/ubuntu/wiredtiger/build_msan/../test/format/bulk.c:270:13
#12 0x4daae3 in main /home/ubuntu/wiredtiger/build_msan/../test/format/t.c:366:9
#13 0x7ff311a57c86 in __libc_start_main /build/glibc-CVJwZb/glibc-2.27/csu/../csu/libc-start.c:310
#14 0x41d579 in _start (/home/ubuntu/wiredtiger/build_msan/test/format/t+0x41d579)
SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/ubuntu/wiredtiger/build_msan/../ext/encryptors/rotn/rotn_encrypt.c:152:27 in do_rotate
Exiting
I used the following command to trigger the issue:
MSAN_OPTIONS="abort_on_error=1:disable_coredump=0:print_stacktrace=1" MSAN_SYMBOLIZER_PATH=/opt/mongodbtoolchain/v4/bin/llvm-symbolizer ./format.sh -c CONFIG.stress -j $(nproc --all) -F