Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use-of-uninitialized-value: src/Columns/ColumnVector.cpp:440:9 #51648

Closed
qoega opened this issue Jun 30, 2023 · 0 comments · Fixed by #51804
Closed

use-of-uninitialized-value: src/Columns/ColumnVector.cpp:440:9 #51648

qoega opened this issue Jun 30, 2023 · 0 comments · Fixed by #51804
Assignees
@nickitat
Labels
major testing Special issue with list of bugs found by CI

Comments

@qoega
Copy link
Member

qoega commented Jun 30, 2023

https://s3.amazonaws.com/clickhouse-test-reports/51641/a705b08bd81658e878d7b7d214b057c661bbed69/fuzzer_astfuzzermsan/report.html

==162==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x5581d4138256 in DB::ColumnVector<unsigned long>::get64(unsigned long) const build_docker/./src/Columns/ColumnVector.cpp:440:9
    #1 0x5581a329678f in DB::impl::parseSipHashKey(DB::ColumnWithTypeAndName const&) FunctionsHashingMisc.cpp
    #2 0x5581a33f3133 in DB::TargetSpecific::Default::FunctionAnyHash<DB::SipHash64KeyedImpl, true, DB::impl::SipHashKey>::executeImpl(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName>> const&, std::__1::shared_ptr<DB::IDataType const> const&, unsigned long) const (/workspace/clickhouse+0x1139e133) (BuildId: f0df3dab103b1fc75daaab84587a1b3b78f41216)
    #3 0x5581a326ef39 in DB::ImplementationSelector<DB::IFunction>::selectAndExecute(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName>> const&, std::__1::shared_ptr<DB::IDataType const> const&, unsigned long) const (/workspace/clickhouse+0x11219f39) (BuildId: f0df3dab103b1fc75daaab84587a1b3b78f41216)
    #4 0x5581a33f2ab1 in DB::FunctionAnyHash<DB::SipHash64KeyedImpl, true, DB::impl::SipHashKey>::executeImpl(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName>> const&, std::__1::shared_ptr<DB::IDataType const> const&, unsigned long) const (/workspace/clickhouse+0x1139dab1) (BuildId: f0df3dab103b1fc75daaab84587a1b3b78f41216)
    #5 0x5581a1735ae1 in DB::IFunction::executeImplDryRun(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName>> const&, std::__1::shared_ptr<DB::IDataType const> const&, unsigned long) const (/workspace/clickhouse+0xf6e0ae1) (BuildId: f0df3dab103b1fc75daaab84587a1b3b78f41216)
    #6 0x5581a1735417 in DB::FunctionToExecutableFunctionAdaptor::executeDryRunImpl(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName>> const&, std::__1::shared_ptr<DB::IDataType const> const&, unsigned long) const (/workspace/clickhouse+0xf6e0417) (BuildId: f0df3dab103b1fc75daaab84587a1b3b78f41216)
    #7 0x5581ce0bf9b9 in DB::IExecutableFunction::executeWithoutLowCardinalityColumns(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName>> const&, std::__1::shared_ptr<DB::IDataType const> const&, unsigned long, bool) const build_docker/./src/Functions/IFunction.cpp:245:15
    #8 0x5581ce0c1aa4 in DB::IExecutableFunction::executeWithoutSparseColumns(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName>> const&, std::__1::shared_ptr<DB::IDataType const> const&, unsigned long, bool) const build_docker/./src/Functions/IFunction.cpp:302:22
    #9 0x5581ce0c7817 in DB::IExecutableFunction::execute(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName>> const&, std::__1::shared_ptr<DB::IDataType const> const&, unsigned long, bool) const build_docker/./src/Functions/IFunction.cpp:374:16
    #10 0x5581cfbdb364 in DB::executeActionForHeader(DB::ActionsDAG::Node const*, std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName>>) build_docker/./src/Interpreters/ActionsDAG.cpp:537:49
    #11 0x5581cfbdb364 in DB::ActionsDAG::updateHeader(DB::Block) const build_docker/./src/Interpreters/ActionsDAG.cpp:656:44
    #12 0x5581d771f062 in DB::ExpressionTransform::transformHeader(DB::Block, DB::ActionsDAG const&) build_docker/./src/Processors/Transforms/ExpressionTransform.cpp:8:23
    #13 0x5581d7c3722f in DB::ExpressionStep::ExpressionStep(DB::DataStream const&, std::__1::shared_ptr<DB::ActionsDAG> const&) build_docker/./src/Processors/QueryPlan/ExpressionStep.cpp:31:9
    #14 0x5581d2a59339 in std::__1::__unique_if<DB::ExpressionStep>::__unique_single std::__1::make_unique[abi:v15000]<DB::ExpressionStep, DB::DataStream const&, std::__1::shared_ptr<DB::ActionsDAG> const&>(DB::DataStream const&, std::__1::shared_ptr<DB::ActionsDAG> const&) build_docker/./contrib/llvm-project/libcxx/include/__memory/unique_ptr.h:714:32
    #15 0x5581d2a59339 in DB::InterpreterSelectQuery::executeExpression(DB::QueryPlan&, std::__1::shared_ptr<DB::ActionsDAG> const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:2795:28
    #16 0x5581d2a37b67 in DB::InterpreterSelectQuery::executeImpl(DB::QueryPlan&, std::__1::optional<DB::Pipe>) build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:1811:17
    #17 0x5581d2a304cc in DB::InterpreterSelectQuery::buildQueryPlan(DB::QueryPlan&) build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:899:5
    #18 0x5581d2c6a9ba in DB::InterpreterSelectWithUnionQuery::buildQueryPlan(DB::QueryPlan&) build_docker/./src/Interpreters/InterpreterSelectWithUnionQuery.cpp:303:38
    #19 0x5581d2c6d2bc in DB::InterpreterSelectWithUnionQuery::execute() build_docker/./src/Interpreters/InterpreterSelectWithUnionQuery.cpp:377:5
    #20 0x5581d381fc31 in DB::executeQueryImpl(char const*, char const*, std::__1::shared_ptr<DB::Context>, bool, DB::QueryProcessingStage::Enum, DB::ReadBuffer*) build_docker/./src/Interpreters/executeQuery.cpp:746:40
    #21 0x5581d3813aa1 in DB::executeQuery(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, std::__1::shared_ptr<DB::Context>, bool, DB::QueryProcessingStage::Enum) build_docker/./src/Interpreters/executeQuery.cpp:1168:30
    #22 0x5581d6cf88d7 in DB::TCPHandler::runImpl() build_docker/./src/Server/TCPHandler.cpp:421:24
    #23 0x5581d6d37c5e in DB::TCPHandler::run() build_docker/./src/Server/TCPHandler.cpp:2057:9
    #24 0x5581e15caddf in Poco::Net::TCPServerConnection::start() build_docker/./base/poco/Net/src/TCPServerConnection.cpp:43:3
    #25 0x5581e15cbc41 in Poco::Net::TCPServerDispatcher::run() build_docker/./base/poco/Net/src/TCPServerDispatcher.cpp:115:20
    #26 0x5581e1b38e45 in Poco::PooledThread::run() build_docker/./base/poco/Foundation/src/ThreadPool.cpp:188:14
    #27 0x5581e1b35c6d in Poco::(anonymous namespace)::RunnableHolder::run() build_docker/./base/poco/Foundation/src/Thread.cpp:45:11
    #28 0x5581e1b32bd1 in Poco::ThreadImpl::runnableEntry(void*) build_docker/./base/poco/Foundation/src/Thread_POSIX.cpp:335:27
    #29 0x7f2863bc3608 in start_thread /build/glibc-SzIz7B/glibc-2.31/nptl/pthread_create.c:477:8
    #30 0x7f2863ae8132 in __clone /build/glibc-SzIz7B/glibc-2.31/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

  Uninitialized value was created by a heap allocation
    #0 0x5581a16c73e2 in malloc (/workspace/clickhouse+0xf6723e2) (BuildId: f0df3dab103b1fc75daaab84587a1b3b78f41216)
    #1 0x5581b9a9a638 in Allocator<false, false>::allocNoTrack(unsigned long, unsigned long) build_docker/./src/Common/Allocator.h:237:27
    #2 0x5581b9a9a1c9 in Allocator<false, false>::alloc(unsigned long, unsigned long) build_docker/./src/Common/Allocator.h:103:16
    #3 0x5581b9b92b5a in void DB::PODArrayBase<8ul, 4096ul, Allocator<false, false>, 63ul, 64ul>::alloc<>(unsigned long) build_docker/./src/Common/PODArray.h:131:65
    #4 0x5581b9b92b5a in DB::PODArrayBase<8ul, 4096ul, Allocator<false, false>, 63ul, 64ul>::alloc_for_num_elements(unsigned long) build_docker/./src/Common/PODArray.h:125:9
    #5 0x5581b9b92b5a in DB::PODArray<unsigned long, 4096ul, Allocator<false, false>, 63ul, 64ul>::PODArray(unsigned long) build_docker/./src/Common/PODArray.h:341:15
    #6 0x5581d413c59c in DB::ColumnVector<unsigned long>::ColumnVector(unsigned long) build_docker/./src/Columns/ColumnVector.h:137:45
    #7 0x5581d413c59c in COW<DB::IColumn>::mutable_ptr<DB::ColumnVector<unsigned long>> COWHelper<DB::ColumnVectorHelper, DB::ColumnVector<unsigned long>>::create<unsigned long const&>(unsigned long const&) build_docker/./src/Common/COW.h:284:71
    #8 0x5581d413c59c in DB::ColumnVector<unsigned long>::replicate(DB::PODArray<unsigned long, 4096ul, Allocator<false, false>, 63ul, 64ul> const&) const build_docker/./src/Columns/ColumnVector.cpp:840:16
    #9 0x5581d3c06124 in DB::ColumnConst::convertToFullColumn() const build_docker/./src/Columns/ColumnConst.cpp:48:18
    #10 0x5581d3c09a4d in DB::ColumnConst::convertToFullColumnIfConst() const build_docker/./src/Columns/ColumnConst.h:39:16
    #11 0x5581ce9c4664 in DB::materializeBlock(DB::Block const&) build_docker/./src/Core/Block.cpp:813:64
    #12 0x5581d047e677 in DB::Aggregator::Params::getHeader(DB::Block const&, bool, std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>, std::__1::allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>>> const&, std::__1::vector<DB::AggregateDescription, std::__1::allocator<DB::AggregateDescription>> const&, bool) build_docker/./src/Interpreters/Aggregator.cpp:483:12
    #13 0x5581d7b7c133 in DB::Aggregator::Params::getHeader(DB::Block const&, bool) const build_docker/./src/Interpreters/Aggregator.h:1094:75
    #14 0x5581d7b7c133 in DB::AggregatingStep::AggregatingStep(DB::DataStream const&, DB::Aggregator::Params, std::__1::vector<DB::GroupingSetsParams, std::__1::allocator<DB::GroupingSetsParams>>, bool, unsigned long, unsigned long, unsigned long, unsigned long, bool, bool, DB::SortDescription, DB::SortDescription, bool, bool, bool) build_docker/./src/Processors/QueryPlan/AggregatingStep.cpp:113:38
    #15 0x5581d2a7e736 in std::__1::__unique_if<DB::AggregatingStep>::__unique_single std::__1::make_unique[abi:v15000]<DB::AggregatingStep, DB::DataStream const&, DB::Aggregator::Params, std::__1::vector<DB::GroupingSetsParams, std::__1::allocator<DB::GroupingSetsParams>>, bool&, DB::SettingFieldNumber<unsigned long> const&, DB::SettingFieldNumber<unsigned long> const&, unsigned long&, unsigned long&, bool&, DB::SettingFieldNumber<bool> const&, DB::SortDescription, DB::SortDescription, bool const&, DB::SettingFieldNumber<bool> const&, bool>(DB::DataStream const&, DB::Aggregator::Params&&, std::__1::vector<DB::GroupingSetsParams, std::__1::allocator<DB::GroupingSetsParams>>&&, bool&, DB::SettingFieldNumber<unsigned long> const&, DB::SettingFieldNumber<unsigned long> const&, unsigned long&, unsigned long&, bool&, DB::SettingFieldNumber<bool> const&, DB::SortDescription&&, DB::SortDescription&&, bool const&, DB::SettingFieldNumber<bool> const&, bool&&) build_docker/./contrib/llvm-project/libcxx/include/__memory/unique_ptr.h:714:32
    #16 0x5581d2a57591 in DB::InterpreterSelectQuery::executeAggregation(DB::QueryPlan&, std::__1::shared_ptr<DB::ActionsDAG> const&, bool, bool, std::__1::shared_ptr<DB::InputOrderInfo const>) build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:2686:29
    #17 0x5581d2a36db9 in DB::InterpreterSelectQuery::executeImpl(DB::QueryPlan&, std::__1::optional<DB::Pipe>) build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:1717:17
    #18 0x5581d2a304cc in DB::InterpreterSelectQuery::buildQueryPlan(DB::QueryPlan&) build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:899:5
    #19 0x5581d2c6a9ba in DB::InterpreterSelectWithUnionQuery::buildQueryPlan(DB::QueryPlan&) build_docker/./src/Interpreters/InterpreterSelectWithUnionQuery.cpp:303:38
    #20 0x5581d2c6d2bc in DB::InterpreterSelectWithUnionQuery::execute() build_docker/./src/Interpreters/InterpreterSelectWithUnionQuery.cpp:377:5
    #21 0x5581d381fc31 in DB::executeQueryImpl(char const*, char const*, std::__1::shared_ptr<DB::Context>, bool, DB::QueryProcessingStage::Enum, DB::ReadBuffer*) build_docker/./src/Interpreters/executeQuery.cpp:746:40
    #22 0x5581d3813aa1 in DB::executeQuery(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, std::__1::shared_ptr<DB::Context>, bool, DB::QueryProcessingStage::Enum) build_docker/./src/Interpreters/executeQuery.cpp:1168:30
    #23 0x5581d6cf88d7 in DB::TCPHandler::runImpl() build_docker/./src/Server/TCPHandler.cpp:421:24
    #24 0x5581d6d37c5e in DB::TCPHandler::run() build_docker/./src/Server/TCPHandler.cpp:2057:9

SUMMARY: MemorySanitizer: use-of-uninitialized-value build_docker/./src/Columns/ColumnVector.cpp:440:9 in DB::ColumnVector<unsigned long>::get64(unsigned long) const
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nickitat nickitat

Labels
major testing Special issue with list of bugs found by CI
Projects
None yet
Milestone
No milestone
3 participants
@qoega @nickitat @alexey-milovidov