Joe McDonnell created IMPALA-8743:
-------------------------------------
Summary: ASAN failure with BatchedBitReader::UnpackBatch
Key: IMPALA-8743
URL: https://issues.apache.org/jira/browse/IMPALA-8743
Project: IMPALA
Issue Type: Bug
Components: Backend
Affects Versions: Impala 3.3.0
Reporter: Joe McDonnell
ASAN builds have been failing during dataloading with the following ASAN
message:
{noformat}
==38571==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x62d004979292 at pc 0x0000034d2a1b bp 0x7fd3cf326d30 sp 0x7fd3cf326d28
READ of size 8 at 0x62d004979292 thread T2207
#0 0x34d2a1a in unsigned long impala::UnpackValue<12, 7>(unsigned char
const*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/bit-packing.inline.h:194:19
#1 0x34d2a1a in unsigned char const*
impala::BitPacking::UnpackUpTo31Values<unsigned int, 12>(unsigned char const*,
long, int, unsigned int*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/bit-packing.inline.h:309
#2 0x32edaa2 in std::pair<unsigned char const*, long>
impala::BitPacking::UnpackValues<unsigned int, 12>(unsigned char const*, long,
long, unsigned int*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/bit-packing.inline.h:90:14
#3 0x32eb3d6 in std::pair<unsigned char const*, long>
impala::BitPacking::UnpackValues<unsigned int>(int, unsigned char const*, long,
long, unsigned int*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/bit-packing.inline.h:62:5
#4 0x30c60f3 in int impala::BatchedBitReader::UnpackBatch<unsigned
int>(int, int, unsigned int*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/bit-stream-utils.inline.h:130:37
#5 0x30c58ca in impala::RleBatchDecoder<unsigned int>::FillLiteralBuffer()
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/rle-encoding.h:696:19
#6 0x3226566 in bool impala::RleBatchDecoder<unsigned
int>::DecodeLiteralValues<impala::StringValue>(int, impala::StringValue*, long,
impala::StrideWriter<impala::StringValue>*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/rle-encoding.h:638:9
#7 0x3225dc9 in
impala::DictDecoder<impala::StringValue>::DecodeNextValue(impala::StringValue*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/dict-encoding.h:590:9
#8 0x322d459 in
impala::DictDecoder<impala::StringValue>::GetNextValues(impala::StringValue*,
long, int)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/dict-encoding.h:530:15
#9 0x322d459 in bool impala::ScalarColumnReader<impala::StringValue,
(parquet::Type::type)6, true>::DecodeValues<(parquet::Encoding::type)2>(long,
long, impala::StringValue*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/parquet-column-readers.cc:849
#10 0x322d459 in impala::ScalarColumnReader<impala::StringValue,
(parquet::Type::type)6, true>::DecodeValues(long, long, impala::StringValue*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/parquet-column-readers.cc:837
#11 0x322d459 in impala::ScalarColumnReader<impala::StringValue,
(parquet::Type::type)6, true>::ReadSlotsNoConversion(long, int, unsigned char*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/parquet-column-readers.cc:762
#12 0x322a4d7 in impala::ScalarColumnReader<impala::StringValue,
(parquet::Type::type)6, true>::MaterializeValueBatchRepeatedDefLevel(int, int,
unsigned char*, int*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/parquet-column-readers.cc:653:14
#13 0x3231f0e in bool impala::ScalarColumnReader<impala::StringValue,
(parquet::Type::type)6, true>::ReadValueBatch<false>(int, int, unsigned char*,
int*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/parquet-column-readers.cc:493:28
#14 0x3022d9f in
impala::HdfsParquetScanner::AssembleRows(std::vector<impala::ParquetColumnReader*,
std::allocator<impala::ParquetColumnReader*> > const&, impala::RowBatch*,
bool*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/hdfs-parquet-scanner.cc
#15 0x301db51 in
impala::HdfsParquetScanner::GetNextInternal(impala::RowBatch*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/hdfs-parquet-scanner.cc:456:19
#16 0x301baf0 in impala::HdfsParquetScanner::ProcessSplit()
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/hdfs-parquet-scanner.cc:353:21
#17 0x27bca0d in
impala::HdfsScanNode::ProcessSplit(std::vector<impala::FilterContext,
std::allocator<impala::FilterContext> > const&, impala::MemPool*,
impala::io::ScanRange*, long*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/hdfs-scan-node.cc:514:21
#18 0x27bb669 in impala::HdfsScanNode::ScannerThread(bool, long)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/hdfs-scan-node.cc:415:7
#19 0x1e77f96 in boost::function0<void>::operator()() const
/data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/boost-1.57.0-p3/include/boost/function/function_template.hpp:766:14
#20 0x26a6656 in impala::Thread::SuperviseThread(std::string const&,
std::string const&, boost::function<void ()>, impala::ThreadDebugInfo const*,
impala::Promise<long, (impala::PromiseMode)0>*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/thread.cc:360:3
#21 0x26b1b48 in void boost::_bi::list5<boost::_bi::value<std::string>,
boost::_bi::value<std::string>, boost::_bi::value<boost::function<void ()> >,
boost::_bi::value<impala::ThreadDebugInfo*>,
boost::_bi::value<impala::Promise<long, (impala::PromiseMode)0>*>
>::operator()<void (*)(std::string const&, std::string const&,
boost::function<void ()>, impala::ThreadDebugInfo const*, impala::Promise<long,
(impala::PromiseMode)0>*), boost::_bi::list0>(boost::_bi::type<void>, void
(*&)(std::string const&, std::string const&, boost::function<void ()>,
impala::ThreadDebugInfo const*, impala::Promise<long,
(impala::PromiseMode)0>*), boost::_bi::list0&, int)
/data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/boost-1.57.0-p3/include/boost/bind/bind.hpp:525:9
#22 0x26b199b in boost::_bi::bind_t<void, void (*)(std::string const&,
std::string const&, boost::function<void ()>, impala::ThreadDebugInfo const*,
impala::Promise<long, (impala::PromiseMode)0>*),
boost::_bi::list5<boost::_bi::value<std::string>,
boost::_bi::value<std::string>, boost::_bi::value<boost::function<void ()> >,
boost::_bi::value<impala::ThreadDebugInfo*>,
boost::_bi::value<impala::Promise<long, (impala::PromiseMode)0>*> >
>::operator()()
/data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/boost-1.57.0-p3/include/boost/bind/bind_template.hpp:20:27
#23 0x403d209 in thread_proxy
(/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/service/impalad+0x403d209)
#24 0x7fdca4fb0e24 in start_thread (/lib64/libpthread.so.0+0x7e24)
#25 0x7fdca170a34c in __clone (/lib64/libc.so.6+0xf834c)
0x62d004979296 is located 0 bytes to the right of 36502-byte region
[0x62d004970400,0x62d004979296)
allocated by thread T2207 here:
#0 0x186b428 in malloc
/mnt/source/llvm/llvm-5.0.1.src-p1/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:67
#1 0x20c96e3 in impala::MemPool::FindChunk(long, bool)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/runtime/mem-pool.cc:132:45
#2 0x20e7ad8 in unsigned char* impala::MemPool::Allocate<true>(long, int)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/runtime/mem-pool.h:295:9
#3 0x20e7ad8 in impala::MemPool::TryAllocate(long)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/runtime/mem-pool.h:120
#4 0x30aaa3f in
impala::BaseScalarColumnReader::AllocateUncompressedDataPage(long, char const*,
unsigned char**)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/parquet-column-readers.cc:1550:30
#5 0x30a8523 in impala::BaseScalarColumnReader::ReadDataPage()
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/parquet-column-readers.cc:1471:7
#6 0x30ad722 in impala::BaseScalarColumnReader::NextPage()
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/parquet-column-readers.cc:1769:28
#7 0x3231e87 in bool impala::ScalarColumnReader<impala::StringValue,
(parquet::Type::type)6, true>::ReadValueBatch<false>(int, int, unsigned char*,
int*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/parquet-column-readers.cc:459:12
#8 0x3022d9f in
impala::HdfsParquetScanner::AssembleRows(std::vector<impala::ParquetColumnReader*,
std::allocator<impala::ParquetColumnReader*> > const&, impala::RowBatch*,
bool*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/hdfs-parquet-scanner.cc
#9 0x301db51 in
impala::HdfsParquetScanner::GetNextInternal(impala::RowBatch*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/hdfs-parquet-scanner.cc:456:19
#10 0x301baf0 in impala::HdfsParquetScanner::ProcessSplit()
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/parquet/hdfs-parquet-scanner.cc:353:21
#11 0x27bca0d in
impala::HdfsScanNode::ProcessSplit(std::vector<impala::FilterContext,
std::allocator<impala::FilterContext> > const&, impala::MemPool*,
impala::io::ScanRange*, long*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/hdfs-scan-node.cc:514:21
#12 0x27bb669 in impala::HdfsScanNode::ScannerThread(bool, long)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exec/hdfs-scan-node.cc:415:7
#13 0x1e77f96 in boost::function0<void>::operator()() const
/data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/boost-1.57.0-p3/include/boost/function/function_template.hpp:766:14
#14 0x26a6656 in impala::Thread::SuperviseThread(std::string const&,
std::string const&, boost::function<void ()>, impala::ThreadDebugInfo const*,
impala::Promise<long, (impala::PromiseMode)0>*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/thread.cc:360:3
#15 0x26b1b48 in void boost::_bi::list5<boost::_bi::value<std::string>,
boost::_bi::value<std::string>, boost::_bi::value<boost::function<void ()> >,
boost::_bi::value<impala::ThreadDebugInfo*>,
boost::_bi::value<impala::Promise<long, (impala::PromiseMode)0>*>
>::operator()<void (*)(std::string const&, std::string const&,
boost::function<void ()>, impala::ThreadDebugInfo const*, impala::Promise<long,
(impala::PromiseMode)0>*), boost::_bi::list0>(boost::_bi::type<void>, void
(*&)(std::string const&, std::string const&, boost::function<void ()>,
impala::ThreadDebugInfo const*, impala::Promise<long,
(impala::PromiseMode)0>*), boost::_bi::list0&, int)
/data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/boost-1.57.0-p3/include/boost/bind/bind.hpp:525:9
#16 0x26b199b in boost::_bi::bind_t<void, void (*)(std::string const&,
std::string const&, boost::function<void ()>, impala::ThreadDebugInfo const*,
impala::Promise<long, (impala::PromiseMode)0>*),
boost::_bi::list5<boost::_bi::value<std::string>,
boost::_bi::value<std::string>, boost::_bi::value<boost::function<void ()> >,
boost::_bi::value<impala::ThreadDebugInfo*>,
boost::_bi::value<impala::Promise<long, (impala::PromiseMode)0>*> >
>::operator()()
/data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/boost-1.57.0-p3/include/boost/bind/bind_template.hpp:20:27
#17 0x403d209 in thread_proxy
(/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/service/impalad+0x403d209)
Thread T2207 created by T2203 here:
#0 0x17b28ad in __interceptor_pthread_create
/mnt/source/llvm/llvm-5.0.1.src-p1/projects/compiler-rt/lib/asan/asan_interceptors.cc:317
#1 0x403c5e9 in boost::thread::start_thread_noexcept()
(/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/service/impalad+0x403c5e9)
#2 0x45e0360d (<unknown module>)
Thread T2203 created by T2200 here:
#0 0x17b28ad in __interceptor_pthread_create
/mnt/source/llvm/llvm-5.0.1.src-p1/projects/compiler-rt/lib/asan/asan_interceptors.cc:317
#1 0x403c5e9 in boost::thread::start_thread_noexcept()
(/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/service/impalad+0x403c5e9)
#2 0x45e0360d (<unknown module>)
Thread T2200 created by T109 here:
#0 0x17b28ad in __interceptor_pthread_create
/mnt/source/llvm/llvm-5.0.1.src-p1/projects/compiler-rt/lib/asan/asan_interceptors.cc:317
#1 0x403c5e9 in boost::thread::start_thread_noexcept()
(/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/service/impalad+0x403c5e9)
#2 0x45e0360d (<unknown module>)
Thread T109 created by T0 here:
#0 0x17b28ad in __interceptor_pthread_create
/mnt/source/llvm/llvm-5.0.1.src-p1/projects/compiler-rt/lib/asan/asan_interceptors.cc:317
#1 0x403c5e9 in boost::thread::start_thread_noexcept()
(/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/service/impalad+0x403c5e9)
#2 0x45e0360d (<unknown module>)
SUMMARY: AddressSanitizer: heap-buffer-overflow
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/bit-packing.inline.h:194:19
in unsigned long impala::UnpackValue<12, 7>(unsigned char const*)
Shadow bytes around the buggy address:
0x0c5a80927200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c5a80927210: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c5a80927220: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c5a80927230: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c5a80927240: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c5a80927250: 00 00[06]fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c5a80927260: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c5a80927270: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c5a80927280: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c5a80927290: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c5a809272a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==38571==ABORTING{noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org
For additional commands, e-mail: issues-all-h...@impala.apache.org
