Tim Armstrong created IMPALA-9961:
-------------------------------------
Summary: Invalid memory access in SimpleDataFormatTokenizer
Key: IMPALA-9961
URL: https://issues.apache.org/jira/browse/IMPALA-9961
Project: IMPALA
Issue Type: Bug
Components: Backend
Affects Versions: Impala 4.0
Reporter: Tim Armstrong
Assignee: Gabor Kaszab
Attachments: impalad_node1.ERROR
We suddenly had a bunch of ASAN builds failing with this stack trace.
{noformat}
==931==ERROR: AddressSanitizer: use-after-poison on address 0x621000f66904 at
pc 0x0000023e0cac bp 0x7fdadb57beb0 sp 0x7fdadb57bea8
READ of size 1 at 0x621000f66904 thread T27580
#0 0x23e0cab in
impala::datetime_parse_util::SimpleDateFormatTokenizer::GetDefaultFormatContext(char
const*, int, bool, bool)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/runtime/datetime-simple-date-format-parser.cc:345:7
#1 0x25b2e7d in impala::TimestampParser::ParseSimpleDateFormat(char const*,
int, boost::gregorian::date*, boost::posix_time::time_duration*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/runtime/timestamp-parse-util.cc:109:7
#2 0x24bb8ab in impala::TimestampValue::ParseSimpleDateFormat(char const*,
int)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/runtime/timestamp-value.cc:53:18
#3 0x7fdbdcaf5f3f (<unknown module>)
#4 0x30522ee in
impala::ScalarExpr::GetTimestampVal(impala::ScalarExprEvaluator*,
impala::TupleRow const*) const
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exprs/scalar-expr.inline.h:60:1
#5 0x304eff2 in impala::ScalarExprEvaluator::GetValue(impala::ScalarExpr
const&, impala::TupleRow const*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exprs/scalar-expr-evaluator.cc:318:41
#6 0x318d621 in
impala::KuduPartitionExpr::GetIntValInterpreted(impala::ScalarExprEvaluator*,
impala::TupleRow const*) const
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exprs/kudu-partition-expr.cc:104:23
#7 0x305147e in impala::ScalarExpr::GetIntVal(impala::ScalarExprEvaluator*,
impala::TupleRow const*) const
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exprs/scalar-expr.inline.h:56:1
#8 0x304f16d in impala::ScalarExprEvaluator::GetValue(impala::ScalarExpr
const&, impala::TupleRow const*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/exprs/scalar-expr-evaluator.cc:278:35
#9 0x255b807 in impala::KrpcDataStreamSender::Send(impala::RuntimeState*,
impala::RowBatch*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/runtime/krpc-data-stream-sender.cc:1014:67
#10 0x25387be in impala::FragmentInstanceState::ExecInternal()
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/runtime/fragment-instance-state.cc:422:5
#11 0x2534702 in impala::FragmentInstanceState::Exec()
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/runtime/fragment-instance-state.cc:106:14
#12 0x257813e in
impala::QueryState::ExecFInstance(impala::FragmentInstanceState*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/runtime/query-state.cc:815:24
#13 0x21f65c6 in boost::function0<void>::operator()() const
/data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/toolchain-packages-gcc7.5.0/boost-1.61.0-p2/include/boost/function/function_template.hpp:770:14
#14 0x2bc8a29 in
impala::Thread::SuperviseThread(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&,
std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >
const&, boost::function<void ()>, impala::ThreadDebugInfo const*,
impala::Promise<long, (impala::PromiseMode)0>*)
/data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/util/thread.cc:360:3
#15 0x2bd3e68 in void
boost::_bi::list5<boost::_bi::value<std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > >,
boost::_bi::value<std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > >, boost::_bi::value<boost::function<void ()> >,
boost::_bi::value<impala::ThreadDebugInfo*>,
boost::_bi::value<impala::Promise<long, (impala::PromiseMode)0>*>
>::operator()<void (*)(std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > const&, std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, boost::function<void
()>, impala::ThreadDebugInfo const*, impala::Promise<long,
(impala::PromiseMode)0>*), boost::_bi::list0>(boost::_bi::type<void>, void
(*&)(std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > const&, std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, boost::function<void
()>, impala::ThreadDebugInfo const*, impala::Promise<long,
(impala::PromiseMode)0>*), boost::_bi::list0&, int)
/data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/toolchain-packages-gcc7.5.0/boost-1.61.0-p2/include/boost/bind/bind.hpp:531:9
#16 0x2bd3cbb in boost::_bi::bind_t<void, void
(*)(std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > const&, std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, boost::function<void
()>, impala::ThreadDebugInfo const*, impala::Promise<long,
(impala::PromiseMode)0>*),
boost::_bi::list5<boost::_bi::value<std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > >,
boost::_bi::value<std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > >, boost::_bi::value<boost::function<void ()> >,
boost::_bi::value<impala::ThreadDebugInfo*>,
boost::_bi::value<impala::Promise<long, (impala::PromiseMode)0>*> >
>::operator()()
/data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/toolchain-packages-gcc7.5.0/boost-1.61.0-p2/include/boost/bind/bind.hpp:1222:16
#17 0x43b75e1 in thread_proxy
(/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/service/impalad+0x43b75e1)
#18 0x7fe41db18e24 in start_thread (/lib64/libpthread.so.0+0x7e24)
#19 0x7fe41a5ed34c in __clone (/lib64/libc.so.6+0xf834c)
{noformat}
[~gaborkaszab] I think you have looked at some of this code, maybe you have an
idea? It looks like there's a bounds check missing.
I tried to reproduce by running test_kudu under ASAN, but didn't hit the issue.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
