Running the CONFIG in WT-6568 uncovered a memory leak when run with ASAN. The changes in WT-6568 did not cause the leak, I believe. I think that it just fixed the use-after-free bug that we'd hit much, much sooner. This has only reproduced twice for me, running 5 parallel test/format, and it fails after a few hundred iterations (200-300 iterations of 5 processes for about 1300 successful runs before we hit it). I have not been successful reproducing under valgrind yet.
The error is:
==8843==ERROR: LeakSanitizer: detected memory leaks Direct leak of 72 byte(s) in 1 object(s) allocated from: #0 0x4c767a in calloc (/mnt/data0/sue/wt.6568.mjc/build_posix/test/format/t+0x4c767a) #1 0x77992a in __wt_calloc /mnt/data0/sue/wt.6568.mjc/build_posix/../src/os_common/os_alloc.c:50:14 #2 0xb1d4e5 in __split_ref_move /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_split.c:247:9 #3 0xb1bc68 in __split_internal /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_split.c:1019:13 #4 0xb03859 in __split_parent_climb /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_split.c:1332:15 #5 0xafbf53 in __split_multi_lock /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_split.c:2163:13 #6 0xafbce8 in __wt_split_multi /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_split.c:2181:5 #7 0x6d13f7 in __evict_page_dirty_update /mnt/data0/sue/wt.6568.mjc/build_posix/../src/evict/evict_page.c:394:13 #8 0x6cb54a in __wt_evict /mnt/data0/sue/wt.6568.mjc/build_posix/../src/evict/evict_page.c:218:9 #9 0x6ab399 in __evict_page /mnt/data0/sue/wt.6568.mjc/build_posix/../src/evict/evict_lru.c:2278:5 #10 0x6a78b2 in __wt_cache_eviction_worker /mnt/data0/sue/wt.6568.mjc/build_posix/../src/evict/evict_lru.c:2394:23 #11 0xa50bf7 in __wt_cache_eviction_check /mnt/data0/sue/wt.6568.mjc/build_posix/../src/include/cache_inline.h:512:13 #12 0xa50108 in __cursor_enter /mnt/data0/sue/wt.6568.mjc/build_posix/../src/include/cursor_inline.h:164:9 #13 0xa38a44 in __cursor_func_init /mnt/data0/sue/wt.6568.mjc/build_posix/../src/include/cursor_inline.h:406:13 #14 0xa36df2 in __wt_btcur_search /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_cursor.c:544:9 #15 0xa40e71 in __wt_btcur_modify /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_cursor.c:1442:9 #16 0x63f3ec in __curfile_modify /mnt/data0/sue/wt.6568.mjc/build_posix/../src/cursor/cur_file.c:335:5 #17 0x521356 in row_modify /mnt/data0/sue/wt.6568.mjc/build_posix/test/format/../../../test/format/ops.c:1476:16 #18 0x51798e in ops /mnt/data0/sue/wt.6568.mjc/build_posix/test/format/../../../test/format/ops.c:896:23 #19 0x7fb51bfa36da in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da) Indirect leak of 10 byte(s) in 1 object(s) allocated from: #0 0x4c7483 in __interceptor_malloc (/mnt/data0/sue/wt.6568.mjc/build_posix/test/format/t+0x4c7483) #1 0x779c3e in __wt_malloc /mnt/data0/sue/wt.6568.mjc/build_posix/../src/os_common/os_alloc.c:81:14 #2 0x77b2df in __wt_memdup /mnt/data0/sue/wt.6568.mjc/build_posix/../src/os_common/os_alloc.c:239:5 #3 0xb1d6b1 in __split_ref_move /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_split.c:249:9 #4 0xb1bc68 in __split_internal /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_split.c:1019:13 #5 0xb03859 in __split_parent_climb /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_split.c:1332:15 #6 0xafbf53 in __split_multi_lock /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_split.c:2163:13 #7 0xafbce8 in __wt_split_multi /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_split.c:2181:5 #8 0x6d13f7 in __evict_page_dirty_update /mnt/data0/sue/wt.6568.mjc/build_posix/../src/evict/evict_page.c:394:13 #9 0x6cb54a in __wt_evict /mnt/data0/sue/wt.6568.mjc/build_posix/../src/evict/evict_page.c:218:9 #10 0x6ab399 in __evict_page /mnt/data0/sue/wt.6568.mjc/build_posix/../src/evict/evict_lru.c:2278:5 #11 0x6a78b2 in __wt_cache_eviction_worker /mnt/data0/sue/wt.6568.mjc/build_posix/../src/evict/evict_lru.c:2394:23 #12 0xa50bf7 in __wt_cache_eviction_check /mnt/data0/sue/wt.6568.mjc/build_posix/../src/include/cache_inline.h:512:13 #13 0xa50108 in __cursor_enter /mnt/data0/sue/wt.6568.mjc/build_posix/../src/include/cursor_inline.h:164:9 #14 0xa38a44 in __cursor_func_init /mnt/data0/sue/wt.6568.mjc/build_posix/../src/include/cursor_inline.h:406:13 #15 0xa36df2 in __wt_btcur_search /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_cursor.c:544:9 #16 0xa40e71 in __wt_btcur_modify /mnt/data0/sue/wt.6568.mjc/build_posix/../src/btree/bt_cursor.c:1442:9 #17 0x63f3ec in __curfile_modify /mnt/data0/sue/wt.6568.mjc/build_posix/../src/cursor/cur_file.c:335:5 #18 0x521356 in row_modify /mnt/data0/sue/wt.6568.mjc/build_posix/test/format/../../../test/format/ops.c:1476:16 #19 0x51798e in ops /mnt/data0/sue/wt.6568.mjc/build_posix/test/format/../../../test/format/ops.c:896:23 #20 0x7fb51bfa36da in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da) SUMMARY: AddressSanitizer: 82 byte(s) leaked in 2 allocation(s).
- is duplicated by
-
WT-5065 SegFault while freeing WT_REF address during page eviction
- Closed