kou commented on PR #14147: URL: https://github.com/apache/arrow/pull/14147#issuecomment-1263261877
Could you confirm this failure? https://github.com/apache/arrow/actions/runs/3155990217/jobs/5136453754#step:6:3035 ```text [----------] 2 tests from TestBooleanRLE [ RUN ] TestBooleanRLE.TestBooleanScanner [ OK ] TestBooleanRLE.TestBooleanScanner (4 ms) [ RUN ] TestBooleanRLE.TestBatchRead ================================================================= ==24088==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffd9a55539f at pc 0x7f4c6b9f033d bp 0x7ffd9a5528b0 sp 0x7ffd9a5528a8 WRITE of size 1 at 0x7ffd9a55539f thread T0 #0 0x7f4c6b9f033c in void arrow::bit_util::detail::GetValue_<bool>(int, bool*, int, unsigned char const*, int*, int*, unsigned long*) /arrow/cpp/src/arrow/util/bit_stream_utils.h:279:6 #1 0x7f4c6b9edb05 in int arrow::bit_util::BitReader::GetBatch<bool>(int, bool*, int) /arrow/cpp/src/arrow/util/bit_stream_utils.h:338:7 #2 0x7f4c6b9ec0e6 in int arrow::util::RleDecoder::GetBatch<bool>(bool*, int) /arrow/cpp/src/arrow/util/rle_encoding.h:320:37 #3 0x7f4c6b9dd98d in parquet::(anonymous namespace)::RleBooleanDecoder::Decode(bool*, int) /arrow/cpp/src/parquet/encoding.cc:2368:19 #4 0x7f4c6b676a35 in parquet::(anonymous namespace)::ColumnReaderImplBase<parquet::PhysicalType<(parquet::Type::type)0> >::ReadValues(long, bool*) /arrow/cpp/src/parquet/column_reader.cc:576:45 #5 0x7f4c6b65c99c in parquet::(anonymous namespace)::TypedColumnReaderImpl<parquet::PhysicalType<(parquet::Type::type)0> >::ReadBatch(long, short*, short*, bool*, long*) /arrow/cpp/src/parquet/column_reader.cc:1044:24 #6 0x7a3c21 in parquet::TestBooleanRLE_TestBatchRead_Test::TestBody() /arrow/cpp/src/parquet/reader_test.cc:240:14 #7 0x7f4c6d436a3a in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /build/cpp/googletest_ep-prefix/src/googletest_ep/googletest/src/gtest.cc:2607:10 #8 0x7f4c6d41b569 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /build/cpp/googletest_ep-prefix/src/googletest_ep/googletest/src/gtest.cc:2643:14 #9 0x7f4c6d3f4c42 in testing::Test::Run() /build/cpp/googletest_ep-prefix/src/googletest_ep/googletest/src/gtest.cc:2682:5 #10 0x7f4c6d3f5a08 in testing::TestInfo::Run() /build/cpp/googletest_ep-prefix/src/googletest_ep/googletest/src/gtest.cc:2861:11 #11 0x7f4c6d3f6223 in testing::TestSuite::Run() /build/cpp/googletest_ep-prefix/src/googletest_ep/googletest/src/gtest.cc:3015:28 #12 0x7f4c6d407004 in testing::internal::UnitTestImpl::RunAllTests() /build/cpp/googletest_ep-prefix/src/googletest_ep/googletest/src/gtest.cc:5855:44 #13 0x7f4c6d4398da in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /build/cpp/googletest_ep-prefix/src/googletest_ep/googletest/src/gtest.cc:2607:10 #14 0x7f4c6d41dd89 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /build/cpp/googletest_ep-prefix/src/googletest_ep/googletest/src/gtest.cc:2643:14 #15 0x7f4c6d406b60 in testing::UnitTest::Run() /build/cpp/googletest_ep-prefix/src/googletest_ep/googletest/src/gtest.cc:5438:10 #16 0x7f4c6d471210 in RUN_ALL_TESTS() /build/cpp/googletest_ep-prefix/src/googletest_ep/googletest/include/gtest/gtest.h:2490:46 #17 0x7f4c6d4711ec in main /build/cpp/googletest_ep-prefix/src/googletest_ep/googletest/src/gtest_main.cc:52:10 #18 0x7f4c4efc5082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) #19 0x47330d in _start (/build/cpp/debug/parquet-reader-test+0x47330d) Address 0x7ffd9a55539f is located in stack of thread T0 at offset 1503 in frame #0 0x79e64f in parquet::TestBooleanRLE_TestBatchRead_Test::TestBody() /arrow/cpp/src/parquet/reader_test.cc:188 This frame has 104 object(s): [32, 36) 'nvalues' (line 189) [48, 52) 'num_row_groups' (line 190) [64, 68) 'metadata_size' (line 191) [80, 96) 'group' (line 193) [112, 128) 'col' (line 196) [144, 160) 'ref.tmp' (line 196) [176, 192) 'gtest_ar' (line 199) [208, 216) 'ref.tmp9' (line 199) [240, 256) 'ref.tmp10' (line 199) [272, 280) 'ref.tmp30' (line 199) [304, 312) 'ref.tmp33' (line 199) [336, 352) 'gtest_ar47' (line 201) [368, 372) 'ref.tmp48' (line 201) [384, 400) 'ref.tmp49' (line 201) [416, 424) 'ref.tmp73' (line 201) [448, 456) 'ref.tmp76' (line 201) [480, 496) 'gtest_ar94' (line 203) [512, 516) 'ref.tmp95' (line 203) [528, 544) 'ref.tmp96' (line 203) [560, 568) 'ref.tmp120' (line 203) [592, 600) 'ref.tmp123' (line 203) [624, 640) 'gtest_ar141' (line 205) [656, 664) 'ref.tmp142' (line 205) [688, 696) 'ref.tmp160' (line 205) [720, 728) 'ref.tmp163' (line 205) [752, 760) 'col_chunk' (line 208) [784, 800) 'gtest_ar_' (line 209) [816, 817) 'ref.tmp190' (line 209) [832, 840) 'ref.tmp191' (line 209) [864, 872) 'agg.tmp' [896, 904) 'agg.tmp201' [928, 932) 'ref.tmp211' (line 209) [944, 952) 'ref.tmp218' (line 209) [976, 984) 'ref.tmp240' (line 209) [1008, 1016) 'ref.tmp243' (line 209) [1040, 1072) 'ref.tmp244' (line 209) [1104, 1120) 'gtest_ar_265' (line 213) [1136, 1137) 'ref.tmp266' (line 213) [1152, 1160) 'ref.tmp281' (line 213) [1184, 1192) 'ref.tmp284' (line 213) [1216, 1248) 'ref.tmp285' (line 213) [1280, 1288) 'curr_batch_read' (line 214) [1312, 1314) 'batch_size' (line 216) [1328, 1362) 'def_levels' (line 218) [1408, 1442) 'rep_levels' (line 219) [1488, 1503) 'values' (line 220) <== Memory access at offset 1503 overflows this variable [1520, 1528) 'levels_read' (line 222) [1552, 1568) 'gtest_ar316' (line 224) [1584, 1592) 'ref.tmp324' (line 224) [1616, 1624) 'ref.tmp327' (line 224) [1648, 1664) 'gtest_ar345' (line 228) [1680, 1684) 'ref.tmp346' (line 228) [1696, 1704) 'ref.tmp355' (line 228) [1728, 1736) 'ref.tmp358' (line 228) [1760, 1776) 'gtest_ar376' (line 231) [1792, 1860) 'ref.tmp377' (line 231) [1904, 1972) 'agg.tmp378' [2016, 2020) 'ref.tmp379' (line 231) [2032, 2036) 'ref.tmp380' (line 231) [2048, 2052) 'ref.tmp381' (line 231) [2064, 2068) 'ref.tmp382' (line 231) [2080, 2084) 'ref.tmp383' (line 231) [2096, 2100) 'ref.tmp384' (line 231) [2112, 2116) 'ref.tmp385' (line 231) [2128, 2132) 'ref.tmp386' (line 231) [2144, 2148) 'ref.tmp387' (line 231) [2160, 2164) 'ref.tmp388' (line 231) [2176, 2180) 'ref.tmp389' (line 231) [2192, 2196) 'ref.tmp390' (line 231) [2208, 2212) 'ref.tmp391' (line 231) [2224, 2228) 'ref.tmp392' (line 231) [2240, 2244) 'ref.tmp393' (line 231) [2256, 2260) 'ref.tmp394' (line 231) [2272, 2276) 'ref.tmp395' (line 231) [2288, 2296) 'ref.tmp423' (line 231) [2320, 2328) 'ref.tmp426' (line 231) [2352, 2368) 'gtest_ar444' (line 235) [2384, 2444) 'ref.tmp445' (line 235) [2480, 2540) 'agg.tmp446' [2576, 2580) 'ref.tmp447' (line 235) [2592, 2596) 'ref.tmp448' (line 235) [2608, 2612) 'ref.tmp449' (line 235) [2624, 2628) 'ref.tmp450' (line 235) [2640, 2644) 'ref.tmp451' (line 235) [2656, 2660) 'ref.tmp452' (line 235) [2672, 2676) 'ref.tmp453' (line 235) [2688, 2692) 'ref.tmp454' (line 235) [2704, 2708) 'ref.tmp455' (line 235) [2720, 2724) 'ref.tmp456' (line 235) [2736, 2740) 'ref.tmp457' (line 235) [2752, 2756) 'ref.tmp458' (line 235) [2768, 2772) 'ref.tmp459' (line 235) [2784, 2788) 'ref.tmp460' (line 235) [2800, 2804) 'ref.tmp461' (line 235) [2816, 2824) 'ref.tmp487' (line 235) [2848, 2856) 'ref.tmp490' (line 235) [2880, 2896) 'gtest_ar519' (line 241) [2912, 2920) 'ref.tmp527' (line 241) [2944, 2952) 'ref.tmp530' (line 241) [2976, 2992) 'gtest_ar_552' (line 245) [3008, 3009) 'ref.tmp553' (line 245) [3024, 3032) 'ref.tmp570' (line 245) [3056, 3064) 'ref.tmp573' (line 245) [3088, 3120) 'ref.tmp574' (line 245) HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-overflow /arrow/cpp/src/arrow/util/bit_stream_utils.h:279:6 in void arrow::bit_util::detail::GetValue_<bool>(int, bool*, int, unsigned char const*, int*, int*, unsigned long*) Shadow bytes around the buggy address: 0x1000334a2a20: f8 f2 f2 f2 00 f2 f2 f2 00 f2 f2 f2 f8 f2 f8 f2 0x1000334a2a30: f2 f2 f8 f2 f2 f2 f8 f2 f2 f2 f8 f8 f8 f8 f2 f2 0x1000334a2a40: f2 f2 f8 f8 f2 f2 f8 f2 f8 f2 f2 f2 f8 f2 f2 f2 0x1000334a2a50: f8 f8 f8 f8 f2 f2 f2 f2 00 f2 f2 f2 02 f2 00 00 0x1000334a2a60: 00 00 02 f2 f2 f2 f2 f2 00 00 00 00 02 f2 f2 f2 =>0x1000334a2a70: f2 f2 00[07]f2 f2 00 f2 f2 f2 f8 f8 f2 f2 f8 f2 0x1000334a2a80: f2 f2 f8 f2 f2 f2 f8 f8 f2 f2 f8 f2 f8 f2 f2 f2 0x1000334a2a90: f8 f2 f2 f2 f8 f8 f2 f2 f8 f8 f8 f8 f8 f8 f8 f8 0x1000334a2aa0: f8 f2 f2 f2 f2 f2 00 00 00 00 00 00 00 00 04 f2 0x1000334a2ab0: f2 f2 f2 f2 f8 f2 f8 f2 f8 f2 f8 f2 f8 f2 f8 f2 0x1000334a2ac0: f8 f2 f8 f2 f8 f2 f8 f2 f8 f2 f8 f2 f8 f2 f8 f2 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==24088==ABORTING /build/cpp/src/parquet ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: github-unsubscr...@arrow.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
