Fix possible NULL dereference during symbolizing inline frames by azat · Pull Request #58607 · ClickHouse/ClickHouse

azat · 2024-01-08T17:30:06Z

It is possible sometimes:

Details

2024.01.02 15:18:49.542342 [ 102142 ] {} <Fatal> BaseDaemon: Address: NULL pointer. Access: read. Address not mapped to object.
2024.01.02 15:18:49.542356 [ 102142 ] {} <Fatal> BaseDaemon: Stack trace: 0x0000000012817007 0x00000000120b3e88 0x000000001209c3e8 0x000000001209b7f3 0x000000001213d936 0x0000000011f71042 0x0000000011f6dd22 0x0000
000012496116 0x000000001249181c 0x00000000133197ec 0x000000001332bc79 0x0000000015d0eb14 0x0000000015d0fd11 0x0000000015e1b367 0x0000000015e195fc 0x00007f011cb31fa3 0x00007f011ca624cf
2024.01.02 15:18:50.052773 [ 102142 ] {} <Fatal> BaseDaemon: 2.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__memory/shared_ptr.h:603: shared_ptr<DB::Context, void>
2024.01.02 15:18:50.052829 [ 102142 ] {} <Fatal> BaseDaemon: 2.2. inlined from ./build_docker/./src/Planner/PlannerContext.h:56: DB::PlannerContext::getQueryContext() const
2024.01.02 15:18:50.052853 [ 102142 ] {} <Fatal> BaseDaemon: 2.3. inlined from ./build_docker/./src/Storages/StorageDistributed.cpp:666: DB::(anonymous namespace)::buildQueryTreeDistributed(DB::SelectQueryInfo&, s
td::shared_ptr<DB::StorageSnapshot> const&, DB::StorageID const&, std::shared_ptr<DB::IAST> const&)
2024.01.02 15:18:50.052872 [ 102142 ] {} <Fatal> BaseDaemon: 2. ./build_docker/./src/Storages/StorageDistributed.cpp:743: DB::StorageDistributed::read(DB::QueryPlan&, std::vector<String, std::allocator<String>> co
nst&, std::shared_ptr<DB::StorageSnapshot> const&, DB::SelectQueryInfo&, std::shared_ptr<DB::Context const>, DB::QueryProcessingStage::Enum, unsigned long, unsigned long) @ 0x0000000012817007 in /usr/lib/debug/usr
/bin/clickhouse.debug
2024.01.02 15:18:50.211769 [ 102142 ] {} <Fatal> BaseDaemon: 3.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__memory/shared_ptr.h:815: std::shared_ptr<DB::Context>::operator->[abi:v15000]()
 const
2024.01.02 15:18:50.211815 [ 102142 ] {} <Fatal> BaseDaemon: 3. ./build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:2488: DB::InterpreterSelectQuery::executeFetchColumns(DB::QueryProcessingStage::Enum, DB
::QueryPlan&) @ 0x00000000120b3e88 in /usr/lib/debug/usr/bin/clickhouse.debug
2024.01.02 15:18:50.295382 [ 102142 ] {} <Fatal> BaseDaemon: 4. ./build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:1444: DB::InterpreterSelectQuery::executeImpl(DB::QueryPlan&, std::optional<DB::Pipe>) @
 0x000000001209c3e8 in /usr/lib/debug/usr/bin/clickhouse.debug
2024.01.02 15:18:50.375779 [ 102142 ] {} <Fatal> BaseDaemon: 5.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/optional:260: ~__optional_destruct_base
2024.01.02 15:18:50.375820 [ 102142 ] {} <Fatal> BaseDaemon: 5. ./build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:868: DB::InterpreterSelectQuery::buildQueryPlan(DB::QueryPlan&) @ 0x000000001209b7f3 in
/usr/lib/debug/usr/bin/clickhouse.debug
2024.01.02 15:18:50.403975 [ 102142 ] {} <Fatal> BaseDaemon: 6. ./build_docker/./src/Interpreters/InterpreterSelectWithUnionQuery.cpp:0: DB::InterpreterSelectWithUnionQuery::buildQueryPlan(DB::QueryPlan&) @ 0x0000
00001213d936 in /usr/lib/debug/usr/bin/clickhouse.debug
2024.01.02 15:18:50.432051 [ 102142 ] {} <Fatal> BaseDaemon: 7.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__memory/shared_ptr.h:603: shared_ptr<DB::Context, void>
2024.01.02 15:18:50.432472 [ 102143 ] {} <Fatal> BaseDaemon: ########## Short fault info ############
2024.01.02 15:18:50.432500 [ 102143 ] {} <Fatal> BaseDaemon: (version 23.9.2.56 (official build), build id: 76109A79FA62B9BC630A6C39438DEA7D28147B68, git hash: a1bf3f1de55abf2354dc498ffbee270be043d633) (from threa
d 102142) Received signal 11
2024.01.02 15:18:50.432516 [ 102143 ] {} <Fatal> BaseDaemon: Signal description: Segmentation fault
2024.01.02 15:18:50.432526 [ 102143 ] {} <Fatal> BaseDaemon: Address: NULL pointer. Access: read. Address not mapped to object.
2024.01.02 15:18:50.432539 [ 102143 ] {} <Fatal> BaseDaemon: Stack trace: 0x00007f011cac5181 0x0000000015ccd934 0x000000000c76771e 0x000000000ca0fe32 0x000000000ca0ccf5 0x00007f011cb31fa3 0x00007f011ca624cf
2024.01.02 15:18:50.432547 [ 102143 ] {} <Fatal> BaseDaemon: ########################################
2024.01.02 15:18:50.432565 [ 102143 ] {} <Fatal> BaseDaemon: (version 23.9.2.56 (official build), build id: 76109A79FA62B9BC630A6C39438DEA7D28147B68, git hash: a1bf3f1de55abf2354dc498ffbee270be043d633) (from threa
d 102142) (no query) Received signal Segmentation fault (11)

2024.01.02 15:18:50.432588 [ 102143 ] {} <Fatal> BaseDaemon: Address: NULL pointer. Access: read. Address not mapped to object.
2024.01.02 15:18:50.432601 [ 102143 ] {} <Fatal> BaseDaemon: Stack trace: 0x00007f011cac5181 0x0000000015ccd934 0x000000000c76771e 0x000000000ca0fe32 0x000000000ca0ccf5 0x00007f011cb31fa3 0x00007f011ca624cf
2024.01.02 15:18:50.432638 [ 102143 ] {} <Fatal> BaseDaemon: 2. ? @ 0x000000000015c181 in /usr/lib/x86_64-linux-gnu/libc-2.28.so
2024.01.02 15:18:50.446953 [ 102143 ] {} <Fatal> BaseDaemon: 3.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/string:1955: String::__init(char const*, unsigned long)
2024.01.02 15:18:50.446981 [ 102143 ] {} <Fatal> BaseDaemon: 3.2. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/string:843: basic_string<std::nullptr_t>
2024.01.02 15:18:50.446998 [ 102143 ] {} <Fatal> BaseDaemon: 3. ./build_docker/./base/base/demangle.cpp:25: demangle(char const*, int&) @ 0x0000000015ccd934 in /usr/lib/debug/usr/bin/clickhouse.debug
2024.01.02 15:18:50.458431 [ 102143 ] {} <Fatal> BaseDaemon: 4. ./build_docker/./src/Common/StackTrace.cpp:389: void toStringEveryLineImpl<std::function<void (std::basic_string_view<char, std::char_traits<char>>)>>(bool, StackTraceRefTriple const&, std::function<void (std::basic_string_view<char, std::char_traits<char>>)>&&) (.llvm.10713299015003964940) @ 0x000000000c76771e in /usr/lib/debug/usr/bin/clickhouse.debug
2024.01.02 15:18:50.474955 [ 102143 ] {} <Fatal> BaseDaemon: 5.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__functional/function.h:818: ~__policy_func
2024.01.02 15:18:50.474997 [ 102143 ] {} <Fatal> BaseDaemon: 5.2. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__functional/function.h:1174: ~function
2024.01.02 15:18:50.475010 [ 102143 ] {} <Fatal> BaseDaemon: 5. ./build_docker/./src/Daemon/BaseDaemon.cpp:415: SignalListener::onFault(int, siginfo_t const&, ucontext_t*, StackTrace const&, std::vector<std::array<void*, 45ul>, std::allocator<std::array<void*, 45ul>>> const&, unsigned int, DB::ThreadStatus*) const @ 0x000000000ca0fe32 in /usr/lib/debug/usr/bin/clickhouse.debug
2024.01.02 15:18:50.512270 [ 102143 ] {} <Fatal> BaseDaemon: 6.1. inlined from ./build_docker/./src/Daemon/BaseDaemon.cpp:284: operator()
2024.01.02 15:18:50.512591 [ 102143 ] {} <Fatal> BaseDaemon: 6.2. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__functional/invoke.h:394: decltype(std::declval<SignalListener::run()::'lambda'()>()()) std::__invoke[abi:v15000]<SignalListener::run()::'lambda'()>(SignalListener::run()::'lambda'()&&)
2024.01.02 15:18:50.512648 [ 102143 ] {} <Fatal> BaseDaemon: 6.3. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/thread:284: void std::__thread_execute[abi:v15000]<std::unique_ptr<std::__thread_struct, std::default_delete<std::__thread_struct>>, SignalListener::run()::'lambda'()>(std::tuple<std::unique_ptr<std::__thread_struct, std::default_delete<std::__thread_struct>>, SignalListener::run()::'lambda'()>&, std::__tuple_indices<>)
2024.01.02 15:18:50.512664 [ 102143 ] {} <Fatal> BaseDaemon: 6. ./build_docker/./contrib/llvm-project/libcxx/include/thread:295: void* std::__thread_proxy[abi:v15000]<std::tuple<std::unique_ptr<std::__thread_struct, std::default_delete<std::__thread_struct>>, SignalListener::run()::'lambda'()>>(void*) @ 0x000000000ca0ccf5 in /usr/lib/debug/usr/bin/clickhouse.debug
2024.01.02 15:18:50.512698 [ 102143 ] {} <Fatal> BaseDaemon: 7. start_thread @ 0x0000000000007fa3 in /usr/lib/x86_64-linux-gnu/libpthread-2.28.so
2024.01.02 15:18:50.512721 [ 102143 ] {} <Fatal> BaseDaemon: 8. ? @ 0x00000000000f94cf in /usr/lib/x86_64-linux-gnu/libc-2.28.so
2024.01.02 15:18:50.666148 [ 102143 ] {} <Fatal> BaseDaemon: Integrity check of the executable successfully passed (checksum: 3A99FBFAA2DA54D46975E9ABC04E53E0)
2024.01.02 15:18:50.746677 [ 102143 ] {} <Fatal> BaseDaemon: Report this error to https://github.com/ClickHouse/ClickHouse/issues

The problem is actually here -

ClickHouse/src/Common/StackTrace.cpp

Line 405 in 5e467b6

demangleAndCollapseNames(file_for_inline_frame, frame.name)));

Though to be precise here - https://github.com/azat/ClickHouse/blob/4d734cf1e5bc764024945209973ab1f317016932/src/Common/StackTrace.cpp#L389

Changelog category (leave one):

Bug Fix (user-visible misbehavior in an official stable release)

Changelog entry (a user-readable short description of the changes that goes to CHANGELOG.md):

Fix possible server crash during symbolizing inline frames

robot-ch-test-poll4 · 2024-01-08T17:33:57Z

This is an automated comment for commit 9b6c8cd with description of existing statuses. It's updated for the latest CI running

❌ Click here to open a full report in a separate page

Successful checks

Check name	Description	Status
AST fuzzer	Runs randomly generated queries to catch program errors. The build type is optionally given in parenthesis. If it fails, ask a maintainer for help	✅ success
CI running	A meta-check that indicates the running CI. Normally, it's in success or pending state. The failed status indicates some problems with the PR	✅ success
ClickBench	Runs [ClickBench](https://github.com/ClickHouse/ClickBench/) with instant-attach table	✅ success
ClickHouse build check	Builds ClickHouse in various configurations for use in further steps. You have to fix the builds that fail. Build logs often has enough information to fix the error, but you might have to reproduce the failure locally. The cmake options can be found in the build log, grepping for cmake. Use these options and follow the general build process	✅ success
Compatibility check	Checks that clickhouse binary runs on distributions with old libc versions. If it fails, ask a maintainer for help	✅ success
Docker image for servers	The check to build and optionally push the mentioned image to docker hub	✅ success
Docs check	There's no description for the check yet, please add it to tests/ci/ci_config.py:CHECK_DESCRIPTIONS	✅ success
Fast test	Normally this is the first check that is ran for a PR. It builds ClickHouse and runs most of stateless functional tests, omitting some. If it fails, further checks are not started until it is fixed. Look at the report to see which tests fail, then reproduce the failure locally as described here	✅ success
Flaky tests	Checks if new added or modified tests are flaky by running them repeatedly, in parallel, with more randomization. Functional tests are run 100 times with address sanitizer, and additional randomization of thread scheduling. Integrational tests are run up to 10 times. If at least once a new test has failed, or was too long, this check will be red. We don't allow flaky tests, read the doc	✅ success
Install packages	Checks that the built packages are installable in a clear environment	✅ success
Integration tests	The integration tests report. In parenthesis the package type is given, and in square brackets are the optional part/total tests	✅ success
Mergeable Check	Checks if all other necessary checks are successful	✅ success
SQLTest	There's no description for the check yet, please add it to tests/ci/ci_config.py:CHECK_DESCRIPTIONS	✅ success
SQLancer	Fuzzing tests that detect logical bugs with SQLancer tool	✅ success
Sqllogic	Run clickhouse on the sqllogic test set against sqlite and checks that all statements are passed	✅ success
Stateful tests	Runs stateful functional tests for ClickHouse binaries built in various configurations -- release, debug, with sanitizers, etc	✅ success
Style Check	Runs a set of checks to keep the code style clean. If some of tests failed, see the related log from the report	✅ success
Unit tests	Runs the unit tests for different release types	✅ success
Upgrade check	Runs stress tests on server version from last release and then tries to upgrade it to the version from the PR. It checks if the new server can successfully startup without any errors, crashes or sanitizer asserts	✅ success

Check name	Description	Status
Bugfix validate check	Checks that either a new test (functional or integration) or there some changed tests that fail with the binary built on master branch	❌ error
Performance Comparison	Measure changes in query performance. The performance test report is described in detail here. In square brackets are the optional part/total tests	❌ failure
Stateless tests	Runs stateless functional tests for ClickHouse binaries built in various configurations -- release, debug, with sanitizers, etc	❌ failure
Stress test	Runs stateless functional tests concurrently from several clients to detect concurrency-related errors	❌ failure

It is possible sometimes: <details> ``` 2024.01.02 15:18:49.542342 [ 102142 ] {} <Fatal> BaseDaemon: Address: NULL pointer. Access: read. Address not mapped to object. 2024.01.02 15:18:49.542356 [ 102142 ] {} <Fatal> BaseDaemon: Stack trace: 0x0000000012817007 0x00000000120b3e88 0x000000001209c3e8 0x000000001209b7f3 0x000000001213d936 0x0000000011f71042 0x0000000011f6dd22 0x0000 000012496116 0x000000001249181c 0x00000000133197ec 0x000000001332bc79 0x0000000015d0eb14 0x0000000015d0fd11 0x0000000015e1b367 0x0000000015e195fc 0x00007f011cb31fa3 0x00007f011ca624cf 2024.01.02 15:18:50.052773 [ 102142 ] {} <Fatal> BaseDaemon: 2.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__memory/shared_ptr.h:603: shared_ptr<DB::Context, void> 2024.01.02 15:18:50.052829 [ 102142 ] {} <Fatal> BaseDaemon: 2.2. inlined from ./build_docker/./src/Planner/PlannerContext.h:56: DB::PlannerContext::getQueryContext() const 2024.01.02 15:18:50.052853 [ 102142 ] {} <Fatal> BaseDaemon: 2.3. inlined from ./build_docker/./src/Storages/StorageDistributed.cpp:666: DB::(anonymous namespace)::buildQueryTreeDistributed(DB::SelectQueryInfo&, s td::shared_ptr<DB::StorageSnapshot> const&, DB::StorageID const&, std::shared_ptr<DB::IAST> const&) 2024.01.02 15:18:50.052872 [ 102142 ] {} <Fatal> BaseDaemon: 2. ./build_docker/./src/Storages/StorageDistributed.cpp:743: DB::StorageDistributed::read(DB::QueryPlan&, std::vector<String, std::allocator<String>> co nst&, std::shared_ptr<DB::StorageSnapshot> const&, DB::SelectQueryInfo&, std::shared_ptr<DB::Context const>, DB::QueryProcessingStage::Enum, unsigned long, unsigned long) @ 0x0000000012817007 in /usr/lib/debug/usr /bin/clickhouse.debug 2024.01.02 15:18:50.211769 [ 102142 ] {} <Fatal> BaseDaemon: 3.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__memory/shared_ptr.h:815: std::shared_ptr<DB::Context>::operator->[abi:v15000]() const 2024.01.02 15:18:50.211815 [ 102142 ] {} <Fatal> BaseDaemon: 3. ./build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:2488: DB::InterpreterSelectQuery::executeFetchColumns(DB::QueryProcessingStage::Enum, DB ::QueryPlan&) @ 0x00000000120b3e88 in /usr/lib/debug/usr/bin/clickhouse.debug 2024.01.02 15:18:50.295382 [ 102142 ] {} <Fatal> BaseDaemon: 4. ./build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:1444: DB::InterpreterSelectQuery::executeImpl(DB::QueryPlan&, std::optional<DB::Pipe>) @ 0x000000001209c3e8 in /usr/lib/debug/usr/bin/clickhouse.debug 2024.01.02 15:18:50.375779 [ 102142 ] {} <Fatal> BaseDaemon: 5.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/optional:260: ~__optional_destruct_base 2024.01.02 15:18:50.375820 [ 102142 ] {} <Fatal> BaseDaemon: 5. ./build_docker/./src/Interpreters/InterpreterSelectQuery.cpp:868: DB::InterpreterSelectQuery::buildQueryPlan(DB::QueryPlan&) @ 0x000000001209b7f3 in /usr/lib/debug/usr/bin/clickhouse.debug 2024.01.02 15:18:50.403975 [ 102142 ] {} <Fatal> BaseDaemon: 6. ./build_docker/./src/Interpreters/InterpreterSelectWithUnionQuery.cpp:0: DB::InterpreterSelectWithUnionQuery::buildQueryPlan(DB::QueryPlan&) @ 0x0000 00001213d936 in /usr/lib/debug/usr/bin/clickhouse.debug 2024.01.02 15:18:50.432051 [ 102142 ] {} <Fatal> BaseDaemon: 7.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__memory/shared_ptr.h:603: shared_ptr<DB::Context, void> 2024.01.02 15:18:50.432472 [ 102143 ] {} <Fatal> BaseDaemon: ########## Short fault info ############ 2024.01.02 15:18:50.432500 [ 102143 ] {} <Fatal> BaseDaemon: (version 23.9.2.56 (official build), build id: 76109A79FA62B9BC630A6C39438DEA7D28147B68, git hash: a1bf3f1) (from threa d 102142) Received signal 11 2024.01.02 15:18:50.432516 [ 102143 ] {} <Fatal> BaseDaemon: Signal description: Segmentation fault 2024.01.02 15:18:50.432526 [ 102143 ] {} <Fatal> BaseDaemon: Address: NULL pointer. Access: read. Address not mapped to object. 2024.01.02 15:18:50.432539 [ 102143 ] {} <Fatal> BaseDaemon: Stack trace: 0x00007f011cac5181 0x0000000015ccd934 0x000000000c76771e 0x000000000ca0fe32 0x000000000ca0ccf5 0x00007f011cb31fa3 0x00007f011ca624cf 2024.01.02 15:18:50.432547 [ 102143 ] {} <Fatal> BaseDaemon: ######################################## 2024.01.02 15:18:50.432565 [ 102143 ] {} <Fatal> BaseDaemon: (version 23.9.2.56 (official build), build id: 76109A79FA62B9BC630A6C39438DEA7D28147B68, git hash: a1bf3f1) (from threa d 102142) (no query) Received signal Segmentation fault (11) ``` ``` 2024.01.02 15:18:50.432588 [ 102143 ] {} <Fatal> BaseDaemon: Address: NULL pointer. Access: read. Address not mapped to object. 2024.01.02 15:18:50.432601 [ 102143 ] {} <Fatal> BaseDaemon: Stack trace: 0x00007f011cac5181 0x0000000015ccd934 0x000000000c76771e 0x000000000ca0fe32 0x000000000ca0ccf5 0x00007f011cb31fa3 0x00007f011ca624cf 2024.01.02 15:18:50.432638 [ 102143 ] {} <Fatal> BaseDaemon: 2. ? @ 0x000000000015c181 in /usr/lib/x86_64-linux-gnu/libc-2.28.so 2024.01.02 15:18:50.446953 [ 102143 ] {} <Fatal> BaseDaemon: 3.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/string:1955: String::__init(char const*, unsigned long) 2024.01.02 15:18:50.446981 [ 102143 ] {} <Fatal> BaseDaemon: 3.2. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/string:843: basic_string<std::nullptr_t> 2024.01.02 15:18:50.446998 [ 102143 ] {} <Fatal> BaseDaemon: 3. ./build_docker/./base/base/demangle.cpp:25: demangle(char const*, int&) @ 0x0000000015ccd934 in /usr/lib/debug/usr/bin/clickhouse.debug 2024.01.02 15:18:50.458431 [ 102143 ] {} <Fatal> BaseDaemon: 4. ./build_docker/./src/Common/StackTrace.cpp:389: void toStringEveryLineImpl<std::function<void (std::basic_string_view<char, std::char_traits<char>>)>>(bool, StackTraceRefTriple const&, std::function<void (std::basic_string_view<char, std::char_traits<char>>)>&&) (.llvm.10713299015003964940) @ 0x000000000c76771e in /usr/lib/debug/usr/bin/clickhouse.debug 2024.01.02 15:18:50.474955 [ 102143 ] {} <Fatal> BaseDaemon: 5.1. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__functional/function.h:818: ~__policy_func 2024.01.02 15:18:50.474997 [ 102143 ] {} <Fatal> BaseDaemon: 5.2. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__functional/function.h:1174: ~function 2024.01.02 15:18:50.475010 [ 102143 ] {} <Fatal> BaseDaemon: 5. ./build_docker/./src/Daemon/BaseDaemon.cpp:415: SignalListener::onFault(int, siginfo_t const&, ucontext_t*, StackTrace const&, std::vector<std::array<void*, 45ul>, std::allocator<std::array<void*, 45ul>>> const&, unsigned int, DB::ThreadStatus*) const @ 0x000000000ca0fe32 in /usr/lib/debug/usr/bin/clickhouse.debug 2024.01.02 15:18:50.512270 [ 102143 ] {} <Fatal> BaseDaemon: 6.1. inlined from ./build_docker/./src/Daemon/BaseDaemon.cpp:284: operator() 2024.01.02 15:18:50.512591 [ 102143 ] {} <Fatal> BaseDaemon: 6.2. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/__functional/invoke.h:394: decltype(std::declval<SignalListener::run()::'lambda'()>()()) std::__invoke[abi:v15000]<SignalListener::run()::'lambda'()>(SignalListener::run()::'lambda'()&&) 2024.01.02 15:18:50.512648 [ 102143 ] {} <Fatal> BaseDaemon: 6.3. inlined from ./build_docker/./contrib/llvm-project/libcxx/include/thread:284: void std::__thread_execute[abi:v15000]<std::unique_ptr<std::__thread_struct, std::default_delete<std::__thread_struct>>, SignalListener::run()::'lambda'()>(std::tuple<std::unique_ptr<std::__thread_struct, std::default_delete<std::__thread_struct>>, SignalListener::run()::'lambda'()>&, std::__tuple_indices<>) 2024.01.02 15:18:50.512664 [ 102143 ] {} <Fatal> BaseDaemon: 6. ./build_docker/./contrib/llvm-project/libcxx/include/thread:295: void* std::__thread_proxy[abi:v15000]<std::tuple<std::unique_ptr<std::__thread_struct, std::default_delete<std::__thread_struct>>, SignalListener::run()::'lambda'()>>(void*) @ 0x000000000ca0ccf5 in /usr/lib/debug/usr/bin/clickhouse.debug 2024.01.02 15:18:50.512698 [ 102143 ] {} <Fatal> BaseDaemon: 7. start_thread @ 0x0000000000007fa3 in /usr/lib/x86_64-linux-gnu/libpthread-2.28.so 2024.01.02 15:18:50.512721 [ 102143 ] {} <Fatal> BaseDaemon: 8. ? @ 0x00000000000f94cf in /usr/lib/x86_64-linux-gnu/libc-2.28.so 2024.01.02 15:18:50.666148 [ 102143 ] {} <Fatal> BaseDaemon: Integrity check of the executable successfully passed (checksum: 3A99FBFAA2DA54D46975E9ABC04E53E0) 2024.01.02 15:18:50.746677 [ 102143 ] {} <Fatal> BaseDaemon: Report this error to https://github.com/ClickHouse/ClickHouse/issues ``` **The problem is actually here** - [1]. Though to be precise here - [2]. See also - [3]. [1]: https://github.com/ClickHouse/ClickHouse/blob/5e467b69c8f212b07375dd3008bcc02afbb64357/src/Common/StackTrace.cpp#L405 [2]: https://github.com/azat/ClickHouse/blob/4d734cf1e5bc764024945209973ab1f317016932/src/Common/StackTrace.cpp#L389 [3]: https://github.com/ClickHouse/ClickHouse/blob/5e467b69c8f212b07375dd3008bcc02afbb64357/src/Common/Dwarf.cpp#L1161 _(It is not obvious from the patch, so will post a snippet)_ </details> Signed-off-by: Azat Khuzhin <[email protected]>

vdimir

Have you considered assigning a non-null value in the mentioned line:

inline_frame.name = nullptr;

For me, both solutions are okay (the current one may even be better since there may be other places where null values may come from), but I am just interested in why you chose that particular approach

azat · 2024-01-09T12:37:20Z

Have you considered assigning a non-null value in the mentioned line:

I don't see any benefits of assigning non-null if there is no information in DWARF

…d update) * ClickHouse/ClickHouse#63865 from azat/fix-query-profiler-SIGSEGV Fix SIGSEGV due to CPU/Real profiler * ClickHouse/ClickHouse#60468 from ClickHouse/libunwind-fix-crash Fix crash in libunwind while interpreting debug info * ClickHouse/ClickHouse#65509 Update libunwind to 18.1.7 * ClickHouse/ClickHouse#66850 from ClickHouse/revert-libunwind-patch Revert libunwind patch * ClickHouse/ClickHouse#66977 from ClickHouse/uwo Apply libunwind fix * ClickHouse/ClickHouse#68312 from ClickHouse/muslwind Apply libunwind changes needed for musl * ClickHouse/ClickHouse#76107 from ClickHouse/owo Apply libunwind fix for DwarfFDECache * ClickHouse/ClickHouse#76136 from ClickHouse/revert-76107-owo Revert "Apply libunwind fix for DwarfFDECache" * ClickHouse/ClickHouse#76178 from ClickHouse/unw Apply libunwind fix for DwarfFDECache, attempt 2 * Update libunwind to aec8e58 * ClickHouse/ClickHouse#67152 from ClickHouse/ohno Uncomment accidentally commented out code in QueryProfiler * ClickHouse/ClickHouse#64058 aarch64 sigaltstack size fix * ClickHouse/ClickHouse#58607 Added null guards to avoid potential demangle crashes --------- Co-authored-by: Nikita Mikhaylov <[email protected]> Co-authored-by: Alexey Milovidov <[email protected]> Co-authored-by: Michael Kolupaev <[email protected]> Co-authored-by: Antonio Andelic <[email protected]> Co-authored-by: Max Kainov <[email protected]>

…d update) (#11324) * ClickHouse/ClickHouse#63865 from azat/fix-query-profiler-SIGSEGV Fix SIGSEGV due to CPU/Real profiler * ClickHouse/ClickHouse#60468 from ClickHouse/libunwind-fix-crash Fix crash in libunwind while interpreting debug info * ClickHouse/ClickHouse#65509 Update libunwind to 18.1.7 * ClickHouse/ClickHouse#66850 from ClickHouse/revert-libunwind-patch Revert libunwind patch * ClickHouse/ClickHouse#66977 from ClickHouse/uwo Apply libunwind fix * ClickHouse/ClickHouse#68312 from ClickHouse/muslwind Apply libunwind changes needed for musl * ClickHouse/ClickHouse#76107 from ClickHouse/owo Apply libunwind fix for DwarfFDECache * ClickHouse/ClickHouse#76136 from ClickHouse/revert-76107-owo Revert "Apply libunwind fix for DwarfFDECache" * ClickHouse/ClickHouse#76178 from ClickHouse/unw Apply libunwind fix for DwarfFDECache, attempt 2 * Update libunwind to aec8e58 * ClickHouse/ClickHouse#67152 from ClickHouse/ohno Uncomment accidentally commented out code in QueryProfiler * ClickHouse/ClickHouse#64058 aarch64 sigaltstack size fix * ClickHouse/ClickHouse#58607 Added null guards to avoid potential demangle crashes --------- Co-authored-by: Nikita Mikhaylov <[email protected]> Co-authored-by: Alexey Milovidov <[email protected]> Co-authored-by: Michael Kolupaev <[email protected]> Co-authored-by: Antonio Andelic <[email protected]> Co-authored-by: Max Kainov <[email protected]>

robot-ch-test-poll4 added the pr-bugfix Pull request with bugfix, not backported by default label Jan 8, 2024

azat force-pushed the stacktrace-fix-inline-frames branch from b5d7d40 to 9b6c8cd Compare January 8, 2024 18:16

vdimir approved these changes Jan 9, 2024

View reviewed changes

vdimir self-assigned this Jan 9, 2024

vdimir merged commit 21e4e05 into ClickHouse:master Jan 9, 2024

azat deleted the stacktrace-fix-inline-frames branch January 9, 2024 12:37

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix possible NULL dereference during symbolizing inline frames#58607

Fix possible NULL dereference during symbolizing inline frames#58607
vdimir merged 1 commit intoClickHouse:masterfrom
azat:stacktrace-fix-inline-frames

azat commented Jan 8, 2024 •

edited

Loading

Uh oh!

robot-ch-test-poll4 commented Jan 8, 2024 •

edited by robot-clickhouse-ci-1

Loading

Uh oh!

vdimir left a comment

Uh oh!

azat commented Jan 9, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

azat commented Jan 8, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Changelog category (leave one):

Changelog entry (a user-readable short description of the changes that goes to CHANGELOG.md):

Uh oh!

robot-ch-test-poll4 commented Jan 8, 2024 • edited by robot-clickhouse-ci-1 Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

vdimir left a comment

Choose a reason for hiding this comment

Uh oh!

azat commented Jan 9, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

azat commented Jan 8, 2024 •

edited

Loading

robot-ch-test-poll4 commented Jan 8, 2024 •

edited by robot-clickhouse-ci-1

Loading