提交 · a94e223ceea9265b697768382893b1839d899c0b · 2dot5 / ClickHouse

12 2月, 2021 1 次提交

Fix null dereference with join_use_nulls=1 · f6cfcd4d

由 Azat Khuzhin 提交于 2月 11, 2021

Found with MSan [1], the following query triggers null dereference:

```sql
SELECT
    Y.id - 1
FROM X
RIGHT JOIN Y ON (X.id + 1) = Y.id
SETTINGS join_use_nulls=1; -- { serverError 53 }
```

```
Received signal 11
(version 21.3.1.5916, build id: 2E9E84AA32AEAAC7C8B6EB45DA3EC0B4F15E9ED4) (from thread 100) (query_id: 9ab8cb0d-be8d-445e-8498-930a7268488b) Received signal Segmentation fault (11)
Address: 0x10 Access: read. Address not mapped to object.
Stack trace: 0x2d079d65 0x29bf1f30 0x12b12220 0x12b13098 0x12b17b08 0x12b20459 0x2ae37913 0x2ae352d9 0x2c746072 0x2c7585dd 0x2c7483e3 0x2c74e63d 0x2c7483e3 0x2c74e63d 0x2c7483e3 0x2c74e63d 0x2c7483e3 0x2c74e63d 0x2c7483e3 0x2c74e63d 0x2c7483e3 0x2c74e63d 0x2c7483e3 0x2c74e63d 0x2c7483e3 0x2c74e63d 0x2c7483e3 0x2c74e63d
4. ./obj-x86_64-linux-gnu/../contrib/boost/boost/smart_ptr/intrusive_ptr.hpp:0: DB::ColumnConst::ColumnConst(COW<DB::IColumn>::immutable_ptr<DB::IColumn> const&, unsigned long) @ 0x2d079d65 in /workspace/clickhouse
5. ./obj-x86_64-linux-gnu/../src/Common/COW.h:0: DB::createBlockWithNestedColumns(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName> > const&) @ 0x29bf1f30 in /workspace/clickhouse
6. DB::FunctionOverloadResolverAdaptor::getReturnTypeDefaultImplementationForNulls(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName> > const&, std::__1::function<std::__1::shared_ptr<DB::IDataType const> (std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName> > const&)> const&) @ 0x12b12220 in /workspace/clickhouse
7. DB::FunctionOverloadResolverAdaptor::getReturnTypeWithoutLowCardinality(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName> > const&) const @ 0x12b13098 in /workspace/clickhouse
8. DB::FunctionOverloadResolverAdaptor::getReturnType(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName> > const&) const @ 0x12b17b08 in /workspace/clickhouse
9. DB::FunctionOverloadResolverAdaptor::build(std::__1::vector<DB::ColumnWithTypeAndName, std::__1::allocator<DB::ColumnWithTypeAndName> > const&) const @ 0x12b20459 in /workspace/clickhouse
```

  [1]: https://clickhouse-test-reports.s3.yandex.net/19451/64c0bf98290362fa216c05b070aa122a12af3c25/fuzzer_msan/report.html#fail1

f6cfcd4d

07 8月, 2020 1 次提交
- V
  
  Updated gitignore-files. · cb153d26
  由 vladimir golovchenko 提交于 8月 06, 2020
  
  cb153d26
02 4月, 2020 1 次提交
- I
  Move all folders inside /dbms one level up (#9974) · 97f2a221
  由 Ivan 提交于 4月 02, 2020
```
* Move some code outside dbms/src folder
* Fix paths
```
  97f2a221
06 6月, 2018 1 次提交
- A
  
  Squashed #2471 · 51044279
  由 Alexey Milovidov 提交于 6月 05, 2018
  
  51044279
08 6月, 2016 1 次提交
- A
  
  MTRSADMIN-2058: move mysql tables from mtcomon to mtmisc · 524edd42
  由 Alexandr Orlov 提交于 6月 08, 2016
  
  524edd42
07 6月, 2016 3 次提交
- P
  
  mobile-logs-api-generator: implemented ttl. [#MOBMET-3666] · 9fffee91
  由 peshkurov 提交于 6月 07, 2016
  
  9fffee91
- P
  
  mobile-logs-api-server: added gzip. [#MOBMET-3693] · 40624fc1
  由 peshkurov 提交于 6月 07, 2016
  
  40624fc1
- A
  
  Decreased warning threshold [#MOBMET-3248] · 1c86e582
  由 Alexey Vasiliev 提交于 6月 07, 2016
  
  1c86e582
27 5月, 2016 1 次提交
- A
  
  Merge branch 'master' of github.yandex-team.ru:Metrika/ClickHouse · e9e7a445
  由 Alexey Milovidov 提交于 5月 26, 2016
  
  e9e7a445
26 5月, 2016 1 次提交
- A
  
  Tiny modifications [#METR-20000]. · f0d3ff78
  由 Alexey Milovidov 提交于 5月 25, 2016
  
  f0d3ff78
05 4月, 2014 1 次提交
- A
  
  Added gitignore [#METR-2807]. · 8f225d50
  由 Alexey Milovidov 提交于 4月 05, 2014
  
  8f225d50