[YSQL][SQLsmith] Segmentation fault in YbDatumToText() #11363

def- · 2022-02-04T15:35:46Z

Jira Link: DB-928

Description

Found with SQLsmith, crashes in Postgres binary with datum as nullpointer:

Core was generated by `postgres: yugabyte yugabyte 127.0.0.1(59876) SELECT                           '.
Program terminated with signal 11, Segmentation fault.
#0  0x00000000005b27bc in YbDatumToText (datum=0, data=0x7ffe0e6f8970, bytes=0x7ffe0e6f8968) at ../../../../../../../src/postgres/src/backend/catalog/yb_catalog/yb_type.c:254
254		*data = VARDATA_ANY(datum);
(gdb) bt
#0  0x00000000005b27bc in YbDatumToText (datum=0, data=0x7ffe0e6f8970, bytes=0x7ffe0e6f8968) at ../../../../../../../src/postgres/src/backend/catalog/yb_catalog/yb_type.c:254
#1  0x00007fc8ee1270ec in yb::pggate::PgConstant::PgConstant(PgTypeEntity const*, bool, char const*, unsigned long, bool, yb::pggate::PgExpr::Opcode) (this=0x3bc77e0, type_entity=<optimized out>,
    collate_is_valid_non_c=<optimized out>, collation_sortkey=0x0, datum=0, is_null=false, opcode=PG_EXPR_CONSTANT) at ../../src/yb/yql/pggate/pg_expr.cc:544
#2  0x00007fc8ee1014e0 in yb::pggate::PgApiImpl::NewConstant(yb::pggate::PgStatement*, PgTypeEntity const*, bool, char const*, unsigned long, bool, yb::pggate::PgExpr**) (this=<optimized out>, stmt=0x3a8b800,
    type_entity=0x349b68 <YbTypeEntityTable+360>, collate_is_valid_non_c=<optimized out>, collation_sortkey=0x0, datum=0, is_null=<optimized out>, expr_handle=0x7ffe0e6f9028)
    at /opt/yb-build/thirdparty/yugabyte-db-thirdparty-v20211222064126-dd4872fe56-almalinux8-x86_64-clang12-linuxbrew/installed/uninstrumented/libcxx/include/c++/v1/memory:2622
#3  0x00007fc8ee0ef299 in YBCPgNewConstant (stmt=0x7ffe0e6f8968, type_entity=0x4, collate_is_valid_non_c=false, collation_sortkey=0x0, datum=0, is_null=true, expr_handle=0x7ffe0e6f9028)
    at ../../src/yb/yql/pggate/ybc_pggate.cc:784
#4  0x00000000005a5caa in ybcBindScanKeys (ybScan=0x3b6c3f8, scan_plan=0x7ffe0e6f9080)
    at /nfusr/dev-server/dfelsing/code/yugabyte-db/src/postgres/src/backend/executor/../../../../../../src/postgres/src/backend/executor/ybcExpr.c:64
#5  0x00000000005a4107 in ybcBeginScan (relation=<optimized out>, index=<optimized out>, xs_want_itup=false, nkeys=<optimized out>, key=<optimized out>, pg_scan_plan=0x4f3aaf0)
    at ../../../../../../../src/postgres/src/backend/access/yb_access/yb_scan.c:1325
#6  0x00000000005a901a in ybcinrescan (scan=0x3b6c258, scankey=0x4e8cd78, nscankeys=1, orderbys=<optimized out>, norderbys=<optimized out>)
    at ../../../../../../../src/postgres/src/backend/access/yb_access/yb_lsm.c:414
#7  0x0000000000766f17 in IndexOnlyNext (node=0x4c8b668) at ../../../../../../src/postgres/src/backend/executor/nodeIndexonlyscan.c:109
#8  0x0000000000746f17 in ExecScan (node=0x4c8b668, accessMtd=0x766af0 <IndexOnlyNext>, recheckMtd=0x7670f0 <IndexOnlyRecheck>) at ../../../../../../src/postgres/src/backend/executor/execScan.c:171
#9  0x0000000000769b25 in ExecMaterial (pstate=0x4c8b558) at ../../../../../../src/postgres/src/include/executor/executor.h:249
#10 0x000000000077225e in ExecProcNode (node=0x4c8b558) at ../../../../../../src/postgres/src/include/executor/executor.h:249
#11 ExecNestLoop (pstate=<optimized out>) at ../../../../../../src/postgres/src/backend/executor/nodeNestloop.c:160
#12 0x0000000000772196 in ExecProcNode (node=0x4c8a578) at ../../../../../../src/postgres/src/include/executor/executor.h:249
#13 ExecNestLoop (pstate=<optimized out>) at ../../../../../../src/postgres/src/backend/executor/nodeNestloop.c:109
#14 0x00000000007675c6 in ExecProcNode (node=0x4c8a3b8) at ../../../../../../src/postgres/src/include/executor/executor.h:249
#15 ExecLimit (pstate=0x4c8a1f8) at ../../../../../../src/postgres/src/backend/executor/nodeLimit.c:113
#16 0x0000000000746e59 in ExecScan (node=0x4c8a038, accessMtd=0x779a30 <SubqueryNext>, recheckMtd=0x779a60 <SubqueryRecheck>) at ../../../../../../src/postgres/src/backend/executor/execScan.c:171
#17 0x00000000007675c6 in ExecProcNode (node=0x4c8a038) at ../../../../../../src/postgres/src/include/executor/executor.h:249
#18 ExecLimit (pstate=0x3f39e38) at ../../../../../../src/postgres/src/backend/executor/nodeLimit.c:113
#19 0x000000000073a52e in standard_ExecutorRun (queryDesc=0x2fff918, direction=<optimized out>, count=0, execute_once=<optimized out>) at ../../../../../../src/postgres/src/include/executor/executor.h:249
#20 0x00007fc8e74df565 in pgss_ExecutorRun (queryDesc=0x2fff918, direction=ForwardScanDirection, count=0, execute_once=true) at ../../../../../src/postgres/contrib/pg_stat_statements/pg_stat_statements.c:947
#21 0x00007fc8e74d63da in ybpgm_ExecutorRun (queryDesc=0x2fff918, direction=ForwardScanDirection, count=0, execute_once=true) at ../../../../../src/postgres/contrib/yb_pg_metrics/yb_pg_metrics.c:499
#22 0x000000000093b936 in PortalRunSelect (portal=0x32d8118, forward=<optimized out>, count=0, dest=<optimized out>)
    at /nfusr/dev-server/dfelsing/code/yugabyte-db/src/postgres/src/backend/executor/../../../../../../src/postgres/src/backend/executor/execMain.c:305
#23 0x000000000093b416 in PortalRun (portal=0x32d8118, count=9223372036854775807, isTopLevel=true, run_once=<optimized out>, dest=0x4f3da00, altdest=0x4f3da00, completionTag=0x7ffe0e6f9980 "")
    at ../../../../../../src/postgres/src/backend/tcop/pquery.c:784
#24 0x00000000009376e6 in yb_exec_simple_query_impl (query_string=0x315e938) at ../../../../../../src/postgres/src/backend/tcop/postgres.c:1161
#25 0x0000000000937dbe in yb_exec_query_wrapper (exec_context=0x315e000, restart_data=<optimized out>, functor=0x936e40 <yb_exec_simple_query_impl>, functor_context=0x315e938)
    at ../../../../../../src/postgres/src/backend/tcop/postgres.c:4445
#26 0x000000000093469d in PostgresMain (argc=1, argv=<optimized out>, dbname=<optimized out>, username=0x31f7fe8 "yugabyte") at ../../../../../../src/postgres/src/backend/tcop/postgres.c:4479
#27 0x00000000008900ab in BackendRun (port=0x2fda1e0) at ../../../../../../src/postgres/src/backend/postmaster/postmaster.c:4470
#28 0x000000000088f7e2 in ServerLoop () at ../../../../../../src/postgres/src/backend/postmaster/postmaster.c:4136
#29 0x000000000088c021 in PostmasterMain (argc=<optimized out>, argv=0x2ff06c0) at ../../../../../../src/postgres/src/backend/postmaster/postmaster.c:1417
#30 0x00000000007ac843 in PostgresServerProcessMain (argc=23, argv=0x2ff06c0) at ../../../../../../src/postgres/src/backend/main/main.c:234
#31 0x00000000004de432 in main ()

Can be reproduced with:

CREATE TABLE public.table_create_ctas_nodata (
    col_smallint smallint,
    col_integer integer,
    col_bigint bigint,
    col_real real,
    col_double double precision,
    col_char character(7),
    col_varchar character varying(7),
    col_text text,
    col_bytea bytea,
    col_timestamp timestamp(2) without time zone,
    col_timestamp_tz timestamp with time zone,
    col_bool boolean,
    col_array_int integer[],
    col_array_text text[]
);

CREATE TABLE public.array_t2 (
    k integer NOT NULL,
    arr text[]
);
COPY public.array_t2 (k, arr) FROM stdin;
1       {x,q,z}
\.

CREATE TABLE public.tbl13 (
    a text,
    b date,
    c time without time zone
);

CREATE TABLE public.table_create_ctas (
    col_smallint smallint,
    col_integer integer,
    col_bigint bigint,
    col_real real,
    col_double double precision,
    col_char character(7),
    col_varchar character varying(7),
    col_text text,
    col_bytea bytea,
    col_timestamp timestamp(2) without time zone,
    col_timestamp_tz timestamp with time zone,
    col_bool boolean,
    col_array_int integer[],
    col_array_text text[]
);
COPY public.table_create_ctas (col_smallint, col_integer, col_bigint, col_real, col_double, col_char, col_varchar, col_text, col_bytea, col_timestamp, col_timestamp_tz, col_bool, col_array_int, col_array_text) FROM stdin;
19      9       9       9.89999962      9.90000000000000036     nine    nine    nine    \\x99f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-09-09 09:09:10     2019-09-09 17:09:09.9999+00     t       {9,9,9} {nine,nine,nine}
9       9       9       9.89999962      9.90000000000000036     nine    nine    nine    \\x99f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-09-09 09:09:10     2019-09-09 17:09:09.9999+00     t       {9,9,9} {nine,nine,nine}
6       6       6       6.5999999       6.59999999999999964     six     six     six     \\x66f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-06-06 06:06:06.67  2019-06-06 14:06:06.6666+00     t       {6,6,6} {six,six,six}
18      8       8       8.80000019      8.80000000000000071     eight   eight   eight   \\x88f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-08-08 08:08:08.89  2019-08-08 16:08:08.8888+00     t       {8,8,8} {eight,eight,eight}
8       8       8       8.80000019      8.80000000000000071     eight   eight   eight   \\x88f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-08-08 08:08:08.89  2019-08-08 16:08:08.8888+00     t       {8,8,8} {eight,eight,eight}
2       2       2       2.20000005      2.20000000000000018     two     two     two     \\x22f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-02-02 02:02:02.22  2019-02-02 10:02:02.2222+00     t       {2,2,2} {two,two,two}
7       7       7       7.69999981      7.70000000000000018     seven   seven   seven   \\x77f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-07-07 07:07:07.78  2019-07-07 15:07:07.7777+00     t       {7,7,7} {seven,seven,seven}
17      7       7       7.69999981      7.70000000000000018     seven   seven   seven   \\x77f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-07-07 07:07:07.78  2019-07-07 15:07:07.7777+00     t       {7,7,7} {seven,seven,seven}
12      2       2       2.20000005      2.20000000000000018     two     two     two     \\x22f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-02-02 02:02:02.22  2019-02-02 10:02:02.2222+00     t       {2,2,2} {two,two,two}
4       4       4       4.4000001       4.40000000000000036     four    four    four    \\x44f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-04-04 04:04:04.44  2019-04-04 12:04:04.4444+00     t       {4,4,4} {four,four,four}
13      3       3       3.29999995      3.29999999999999982     three   three   three   \\x33f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-03-03 03:03:03.33  2019-03-03 11:03:03.3333+00     t       {3,3,3} {three,three,three}
11      1       1       1.10000002      1.10000000000000009     one     one     one     \\x11f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-01-01 01:01:01.11  2019-01-01 09:01:01.1111+00     t       {1,1,1} {one,one,one}
16      6       6       6.5999999       6.59999999999999964     six     six     six     \\x66f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-06-06 06:06:06.67  2019-06-06 14:06:06.6666+00     t       {6,6,6} {six,six,six}
14      4       4       4.4000001       4.40000000000000036     four    four    four    \\x44f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-04-04 04:04:04.44  2019-04-04 12:04:04.4444+00     t       {4,4,4} {four,four,four}
3       3       3       3.29999995      3.29999999999999982     three   three   three   \\x33f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-03-03 03:03:03.33  2019-03-03 11:03:03.3333+00     t       {3,3,3} {three,three,three}
5       5       5       5.5     5.5     five    five    five    \\x55f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-05-05 05:05:05.56  2019-05-05 13:05:05.5555+00     t       {5,5,5} {five,five,five}
1       1       1       1.10000002      1.10000000000000009     one     one     one     \\x11f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-01-01 01:01:01.11  2019-01-01 09:01:01.1111+00     t       {1,1,1} {one,one,one}
15      5       5       5.5     5.5     five    five    five    \\x55f1e2d3c4b5a6079889706a5b4c3d2e1f   2019-05-05 05:05:05.56  2019-05-05 13:05:05.5555+00     t       {5,5,5} {five,five,five}
\.

CREATE TABLE public.airports (
    ident text NOT NULL,
    type text,
    name text,
    elevation_ft integer,
    continent text,
    iso_country text,
    iso_region text NOT NULL,
    municipality text,
    gps_code text,
    iata_code text,
    local_code text,
    coordinates text
);

ALTER TABLE ONLY public.airports
    ADD CONSTRAINT airports_pkey PRIMARY KEY (iso_region, ident);
CREATE INDEX airport_type_hash_idx ON public.airports USING lsm (type HASH, iso_country ASC, ident ASC);
CREATE INDEX airport_type_range_idx ON public.airports USING lsm (name ASC, type ASC, ident ASC);
CREATE INDEX airport_type_region_idx ON public.airports USING lsm ((type, iso_region) HASH, ident ASC);
CREATE INDEX airports_idx1 ON public.airports USING lsm (iso_region HASH, name DESC);
CREATE INDEX airports_idx2 ON public.airports USING lsm (iso_region ASC, gps_code ASC);
CREATE INDEX airports_idx3 ON public.airports USING lsm ((iso_region, type) HASH, coordinates ASC, ident ASC, name ASC) INCLUDE (gps_code);
CREATE INDEX airports_scatter_idx ON public.airports USING lsm ((iso_region, type) HASH, coordinates ASC, ident ASC, name ASC) INCLUDE (gps_code);

CREATE TABLE public.test (
    k integer NOT NULL,
    v1 integer DEFAULT 5,
    v2 integer DEFAULT 10
);

COPY public.test (k, v1, v2) FROM stdin;
5       5       \N
1       5       10
6       5       \N
4       \N      10
2       5       10
3       5       10
\.

CREATE TABLE public.client (
    name text,
    phonenum bigint,
    deadline date
);

CREATE TABLE public.digit (
    k integer NOT NULL,
    v text NOT NULL
);

COPY public.digit (k, v) FROM stdin;
5       five
1       one
6       six
4       four
2       two
3       three
\.

CREATE TABLE public.tbl5 (
    a integer,
    b text NOT NULL
);

select
  pg_catalog.json_build_array() as c0
from
  (select

          pg_catalog.sum(
            cast((select phonenum from public.client limit 1 offset 6)
               as int8)) over (partition by ref_0.a order by ref_1.k) as c0,
        ref_1.v1 as c1,
        ref_0.a as c2,
        ref_0.a as c3,
        public.gen_random_uuid() as c4,
        (select k from public.digit limit 1 offset 92)
           as c5,
        pg_catalog.transaction_timestamp() as c6
      from
        public.tbl5 as ref_0
          right join public.test as ref_1
            inner join public.airports as ref_2
            on (true)
          on ((((ref_1.v1 is NULL)
                  and (false))
                or (cast(null as "interval") <= cast(null as "interval")))
              and ((ref_2.local_code is NULL)
                and ((((select pg_catalog.min(col_timestamp_tz) from public.table_create_ctas)
                         >= (select pg_catalog.min(b) from public.tbl13)
                        )
                    and (cast(null as anyarray) && cast(null as anyarray)))
                  or ((select arr from public.array_t2 limit 1 offset 47)
                       = (select col_array_text from public.table_create_ctas limit 1 offset 39)
                      ))))
      where ((false)
          and (cast(null as pg_lsn) < cast(null as pg_lsn)))
        or (((select col_bigint from public.table_create_ctas_nodata limit 1 offset 77)
               = cast(null as int8))
          or (ref_2.type < (select a from public.tbl13 limit 1 offset 5)
              ))
      limit 51) as subq_0
where subq_0.c1 is not NULL
limit 69;

Code state: 24ec10d (Release build)
Coredump: core.9960.zip

The text was updated successfully, but these errors were encountered:

def- added kind/bug This issue is a bug area/ysql Yugabyte SQL (YSQL) labels Feb 4, 2022

def- assigned m-iancu Feb 4, 2022

def- mentioned this issue Feb 17, 2022

[Phase 1][colocation][DocDB][SQLsmith] Colocated table corruption after crash loop #11415

Closed

yugabyte-ci added the priority/medium Medium priority issue label Jun 8, 2022

kripasreenivasan added the qa_automation Bugs identified via itest-system, LST, Stress automation or causing automation failures label Sep 13, 2022

yugabyte-ci added the kind/failing-test Tests and testing infra label Oct 12, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[YSQL][SQLsmith] Segmentation fault in YbDatumToText() #11363

[YSQL][SQLsmith] Segmentation fault in YbDatumToText() #11363

def- commented Feb 4, 2022 •

edited by yugabyte-ci

Loading

[YSQL][SQLsmith] Segmentation fault in YbDatumToText() #11363

[YSQL][SQLsmith] Segmentation fault in YbDatumToText() #11363

Comments

def- commented Feb 4, 2022 • edited by yugabyte-ci Loading

Description

def- commented Feb 4, 2022 •

edited by yugabyte-ci

Loading