[sqlsmith] Failed assertion in numeric aggregate - Mailing list pgsql-hackers

Hi,

updating master from be7f7ee..39b691f, the following assertion is
triggered frequently by sqlsmith:

TRAP: BadArgument("!(((context) != ((void *)0) && (((((const Node*)((context)))->type) == T_AllocSetContext))))", File:
"mcxt.c",Line: 1010)
 

Digging in the coredumps, it looks like set_var_from_num() is invoked on
an uninitialized NumericVar.  Sample gdb session below.

Below is also one of the generated queries that eventually triggers it
for me when invoked a dozen times or so.

regards,
Andreas

--8<---------------cut here---------------start------------->8---
select subq_0.c0 as c0, subq_0.c0 as c1, 5 as c2, (select pg_catalog.min(class) from public.f_star)    as c3
from (select       sample_2.cc as c0     from       public.shoelace_arrive as ref_0         inner join public.hub as
sample_1          right join public.e_star as sample_2           on (sample_1.name = sample_2.class )         on
(ref_0.arr_name= sample_2.class )     limit 63) as subq_0
 
where ((subq_0.c0 is not NULL)   and ((select pg_catalog.var_pop(enumsortorder) from pg_catalog.pg_enum)        is not
NULL))and (((select pg_catalog.var_samp(random) from public.bt_txt_heap)        is NULL)   or ((select m from
public.money_datalimit 1 offset 1)        <> (select pg_catalog.min(salary) from public.rtest_empmass)       ));
 
--8<---------------cut here---------------end--------------->8---

(gdb) bt
#0  0x00007ff011f221c8 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1  0x00007ff011f2364a in __GI_abort () at abort.c:89
#2  0x00000000007ef1b1 in ExceptionalCondition (conditionName=conditionName@entry=0x9d26c8 "!(((context) != ((void *)0)
&&(((((const Node*)((context)))->type) == T_AllocSetContext))))", errorType=errorType@entry=0x835c25 "BadArgument",
fileName=fileName@entry=0x9d2640"mcxt.c", lineNumber=lineNumber@entry=1010) at assert.c:54
 
#3  0x0000000000813561 in pfree (pointer=<optimized out>) at mcxt.c:1010
#4  0x0000000000773169 in alloc_var (var=var@entry=0x7ffe3a6d18d0, ndigits=ndigits@entry=6) at numeric.c:5387
#5  0x0000000000774230 in set_var_from_num (num=0x1e49180, dest=0x7ffe3a6d18d0) at numeric.c:5608
#6  0x000000000077be2c in numeric_poly_deserialize (fcinfo=<optimized out>) at numeric.c:4196
#7  0x00000000005ec48c in combine_aggregates (aggstate=0x1e255d8, pergroup=<optimized out>) at nodeAgg.c:986
#8  0x00000000005edcc5 in agg_retrieve_direct (aggstate=0x1e255d8) at nodeAgg.c:2095
#9  ExecAgg (node=node@entry=0x1e255d8) at nodeAgg.c:1837
#10 0x00000000005e0078 in ExecProcNode (node=node@entry=0x1e255d8) at execProcnode.c:503
#11 0x000000000060173c in ExecSetParamPlan (node=<optimized out>, econtext=0x1e2e710) at nodeSubplan.c:995
#12 0x00000000005e4f75 in ExecEvalParamExec (exprstate=<optimized out>, econtext=<optimized out>, isNull=0x7ffe3a6d1b3f
"",isDone=<optimized out>) at execQual.c:1140
 
#13 0x00000000005e14c6 in ExecEvalNullTest (nstate=0x1e2ec50, econtext=0x1e2e710, isNull=0x7ffe3a6d1b3f "", isDone=0x0)
atexecQual.c:3902
 
#14 0x00000000005e0656 in ExecEvalOr (orExpr=<optimized out>, econtext=0x1e2e710, isNull=0x7ffe3a6d1b3f "",
isDone=<optimizedout>) at execQual.c:2809
 
#15 0x00000000005e7089 in ExecQual (qual=<optimized out>, econtext=econtext@entry=0x1e2e710,
resultForNull=resultForNull@entry=0'\000') at execQual.c:5379
 
#16 0x00000000005fd6b1 in ExecResult (node=node@entry=0x1e2e5f8) at nodeResult.c:82
#17 0x00000000005e01f8 in ExecProcNode (node=node@entry=0x1e2e5f8) at execProcnode.c:392
#18 0x00000000005dc27e in ExecutePlan (dest=0x7ff0129e22b0, direction=<optimized out>, numberTuples=0,
sendTuples=<optimizedout>, operation=CMD_SELECT, use_parallel_mode=<optimized out>, planstate=0x1e2e5f8,
estate=0x1e1aba8)at execMain.c:1567
 
#19 standard_ExecutorRun (queryDesc=0x1d563b8, direction=<optimized out>, count=0) at execMain.c:338
#20 0x00000000006faad8 in PortalRunSelect (portal=portal@entry=0x1def878, forward=forward@entry=1 '\001', count=0,
count@entry=9223372036854775807,dest=dest@entry=0x7ff0129e22b0) at pquery.c:948
 
#21 0x00000000006fc04e in PortalRun (portal=portal@entry=0x1def878, count=count@entry=9223372036854775807,
isTopLevel=isTopLevel@entry=1'\001', dest=dest@entry=0x7ff0129e22b0, altdest=altdest@entry=0x7ff0129e22b0,
completionTag=completionTag@entry=0x7ffe3a6d1fa0"") at pquery.c:789
 
#22 0x00000000006f8deb in exec_simple_query (query_string=0x1dc2e58 "select  \n  subq_0.c0 as c0, \n  subq_0.c0 as c1,
\n 5 as c2, \n  (select pg_catalog.min(class) from public.f_star)\n     as c3\nfrom \n  (select  \n        sample_2.cc
asc0\n      from \n        public.shoel"...) at postgres.c:1094
 
#23 PostgresMain (argc=<optimized out>, argv=argv@entry=0x1d64730, dbname=0x1d64590 "regression", username=<optimized
out>)at postgres.c:4070
 
#24 0x000000000046cf81 in BackendRun (port=0x1d4ffd0) at postmaster.c:4260
#25 BackendStartup (port=0x1d4ffd0) at postmaster.c:3934
#26 ServerLoop () at postmaster.c:1691
#27 0x0000000000693634 in PostmasterMain (argc=argc@entry=3, argv=argv@entry=0x1d2c5d0) at postmaster.c:1299
#28 0x000000000046e0d6 in main (argc=3, argv=0x1d2c5d0) at main.c:228
(gdb) frame 5
#5  0x0000000000774230 in set_var_from_num (num=0x1e49180, dest=0x7ffe3a6d18d0) at numeric.c:5608
(gdb) p *dest
$14 = {ndigits = 30883864, weight = 0, sign = 31626200, dscale = 0, buf = 0x1e2a3f0, digits = 0x0}
(gdb)