coldata: panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s in `coldata.(*memColumn).Int64`

[ycybfhb]

Describe the problem

panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s in coldata.(*memColumn).Int64 And server closed the connection unexpectedly

To Reproduce

SQL to init database

[init.sql.txt](https://github.com/user-attachments/files/16941629/init.sql.txt)

SQL that causes error

```sql select case when (cast((cast(cast(null as "geography") as "geography") <= cast(cast(null as "geography") as "geography")) as bool)) then case when (subq_0.c7 is not NULL) then pg_catalog.has_type_privilege( cast(cast(null as text) as text), cast(subq_0.c3 as text)) else ((cast((cast(cast(null as "geography") as "geography") IS DISTINCT FROM cast(cast(null as "geography") as "geography")) as bool))) or ((ref_1.c_qokd > ( select ref_1.c_jt8ydrx7 as c0 from t_rca as ref_2 where false union all ( select 2105534522 as c0 from t_y as ref_3 where true ) limit 1))) end else ((cast((cast(cast(null as tsquery) as tsquery) = cast(cast(null as tsquery) as tsquery)) as bool))) and (false) end as c0, case when ((ref_1.c_ca >= ( select ref_4.c_ca as c0 from t_y as ref_4 where (ref_1.c_ywed between ref_1.c_ywed and ref_4.c_ywed) union ( select (select c1 from t_rca order by c1 limit 1 offset 1) as c0 from t_rca as ref_5 where (cast((cast(null as record) <= cast(null as record)) as bool)) ) limit 1))) or (((cast((cast(null as oid) <= cast(null as oid)) as bool))) or ((-642434416 in ( select ref_6.c_i9hbg1 as c0 from t_ow0g_ as ref_6 where false)))) then subq_0.c4 else ref_1.c_t9r1kl9y6m end as c1, subq_0.c1 as c2, cast((abs(coalesce( ref_1.c_ywed, ref_1.c_sc9oe0qu )%4294967296)-2147483648) as int4) as c3, ref_1.c_jqnxje42v as c4, subq_0.c7 as c5, (select c4 from t_rca order by c4 limit 1 offset 1) as c6, case when (cast((cast(null as unknown) IS NOT DISTINCT FROM cast(null as unknown)) as bool)) then cast((cast(cast(null as "timestamptz") as "timestamptz") < cast(cast((cast(cast(null as "timetz") as "timetz") + cast(cast(null as date) as date)) as "timestamptz") as "timestamptz")) as bool) else (case when (subq_0.c2 not in ( select ref_7.c_et6rlu as c0 from t_y as ref_7 where true)) then ref_1.c_hdnu9xzja else subq_0.c5 end not in ( select ref_8.c_vj_t3epb as c0 from t_ow0g_ as ref_8 where false)) end as c7, cast((ref_1.c_sc9oe0qu != case when (cast((cast(cast(null as "timestamptz") as "timestamptz") > cast(cast(null as "timestamptz") as "timestamptz")) as bool)) then cast(ref_1.c_sc9oe0qu as int8) else case when false then cast(ref_1.c_sc9oe0qu as int8) else cast(ref_1.c_ywed as int8) end end ) as bool) as c8, subq_0.c0 as c9 from ((select ref_0.c_ca as c0, ref_0.c_g9f9abs2 as c1, ref_0.c_p6f922bie as c2, ref_0.c_m50a as c3, -738062639 as c4, ref_0.c_et6rlu as c5, ref_0.c_t as c6, ref_0.c_as7 as c7 from t_y as ref_0 where true) as subq_0 right outer join t_y as ref_1 on ((ref_1.c_ca like 'qb%o8ewp'))) where (ref_1.c_hdnu9xzja is not NULL) union all ( select (cast((cast(cast(null as inet) as inet) IS NOT DISTINCT FROM cast(cast(null as inet) as inet)) as bool)) as c0, subq_1.c7 as c1, cast(null as float4) as c2, subq_1.c7 as c3, case when (cast((cast(cast(null as "numeric") as "numeric") < cast(cast(null as "numeric") as "numeric")) as bool)) then subq_1.c7 else subq_1.c7 end as c4, 3.14 as c5, (select c3 from t_rca order by c3 limit 1 offset 4) as c6, (cast((cast((cast((subq_1.c5 NOT LIKE subq_1.c5) as bool)) as bool) > cast((EXISTS ( select subq_1.c3 as c0, ref_18.c6 as c1, ref_18.c5 as c2, ref_18.c4 as c3, ref_17.c8 as c4, ref_17.c8 as c5, subq_1.c5 as c6, ref_18.c1 as c7, ref_18.c10 as c8, ref_18.c0 as c9, ref_18.c5 as c10, ref_17.c4 as c11 from (t_rca as ref_17 left outer join t_rca as ref_18 on ((EXISTS ( select ref_19.c_gdyk as c0, ref_18.c6 as c1, ref_19.c_gdyk as c2, ref_19.c_ie as c3, ref_19.c_gdyk as c4, 761488069 as c5, ref_19.c_gdyk as c6, ref_19.c__sm6t8__m as c7, -1784723071 as c8 from t_ow0g_ as ref_19 where ((false) or ((cast((cast(cast(null as "timestamp") as "timestamp") = cast(cast(null as "timestamp") as "timestamp")) as bool)))) and (true))))) where true)) as bool)) as bool)) as c7, (subq_1.c1 >= ( select ref_20.c_b3l3rlrs as c0 from t_y as ref_20 where (cast((cast(ref_20.c_m50a as text) != cast(subq_1.c3 as text)) as bool)) limit 1)) as c8, subq_1.c5 as c9 from (select pg_catalog.generate_series( cast(ref_9.c_rqlsk_aj as int8), cast(ref_10.c_jt8ydrx7 as int8)) as c0, ref_9.c_veh as c1, pg_catalog.st_force3d( cast(cast(null as "geometry") as "geometry")) as c2, ref_9.c_d38l4v64 as c3, ref_10.c_rbf9wr as c4, ref_9.c_uuw5d832 as c5, ref_9.c_hl3s8ojsmc as c6, ref_10.c_jqnxje42v as c7 from (t_bnqfnwa as ref_9 right outer join t_y as ref_10 on (((cast((cast(ref_10.c_t9r1kl9y6m as int8) > cast(ref_9.c_ts7n as int8)) as bool))) or ((ref_9.c_ibhkt4ifda not in ( false, (cast((cast(cast(null as inet) as inet) < cast(cast(null as inet) as inet)) as bool)), (ref_10.c_m50a not in ( ref_10.c_l1, ref_9.c_d38l4v64, ref_10.c_ca, ref_10.c_m50a, ref_9.c_d38l4v64)), true, (ref_10.c_l1 not like '__hd')))))) where (ref_9.c_ts7n in ( select ref_11.c_t9r1kl9y6m as c0 from t_y as ref_11 where true union ( select ref_12.c8 as c0 from t_rca as ref_12 where ((cast((cast(ref_12.c9 as text) NOT ILIKE cast(ref_12.c9 as text)) as bool))) or ((cast((cast(cast(null as "numeric") as "numeric") IS DISTINCT FROM cast(20.8 as float8)) as bool))) ))) limit 78) as subq_1 where (case when ((cast((cast(null as "timestamp") > cast(null as date)) as bool))) or ((true) or (true)) then subq_1.c0 else subq_1.c0 end not in ( select pg_catalog.strpos( cast(cast(null as bytea) as bytea), cast(cast(null as bytea) as bytea)) as c0 from (t_bnqfnwa as ref_13 full outer join (t_ow0g_ as ref_14 inner join t_bnqfnwa as ref_15 on (false)) on ((ref_14.c_gdyk not like 'm%2'))) where ((ref_14.c_i9hbg1 between ref_13.c_veh and ref_15.c_ts7n)) or ((ref_14.c_deesne_t like 't9z_2amq')) union ( select case when (ref_16.c10 in ( ref_16.c10, ref_16.c10, ref_16.c10, ref_16.c10, ref_16.c10)) then ref_16.c3 else ref_16.c4 end as c0 from t_rca as ref_16 where (cast((cast(cast(null as jsonb) as jsonb) @> cast(cast(null as jsonb) as jsonb)) as bool)) ))) ); ```

Expected behavior

Expect no crashes

Additional data / screenshots

Here is the crash stack trace:

I240910 05:00:57.396415 1 util/log/file_sync_buffer.go:238 ⋮ [config]   file created at: 2024/09/10 05:00:57
I240910 05:00:57.396432 1 util/log/file_sync_buffer.go:238 ⋮ [config]   running on machine: ‹36f40b00cf1d›
I240910 05:00:57.396440 1 util/log/file_sync_buffer.go:238 ⋮ [config]   binary: CockroachDB CCL v24.1.0 (x86_64-pc-linux-gnu, built 2024/05/15 21:28:29, go1.22.2 X:nocoverageredesign)
I240910 05:00:57.396446 1 util/log/file_sync_buffer.go:238 ⋮ [config]   arguments: [‹/cockroach/cockroach› ‹start› ‹--advertise-addr=crdb1:26357› ‹--http-addr=crdb1:8080› ‹--listen-addr=crdb1:26357› ‹--sql-addr=crdb1:26257› ‹--insecure› ‹--join=crdb1:26357,crdb2:26357,crdb3:26357›]
I240910 05:00:57.396461 1 util/log/file_sync_buffer.go:238 ⋮ [config]   log format (utf8=✓): crdb-v2
I240910 05:00:57.396466 1 util/log/file_sync_buffer.go:238 ⋮ [config]   line format: [IWEF]yymmdd hh:mm:ss.uuuuuu goid [chan@]file:line redactionmark \[tags\] [counter] msg
I240910 05:00:57.396133 1 util/log/flags.go:215  [-] 1  stderr capture started
panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s [recovered]
    panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s [recovered]
    panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s [recovered]
    panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s [recovered]
    panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s [recovered]
    panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s [recovered]
    panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s [recovered]
    panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s [recovered]
    panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s [recovered]
    panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s [recovered]
    panic: interface conversion: coldata.Column is coldata.Bools, not coldata.Int64s

goroutine 3745 [running]:
github.com/cockroachdb/cockroach/pkg/sql.(*connExecutor).closeWrapper(0xc00a1cd988, {0x7d27370, 0xc00a1b6c90}, {0x5b34900?, 0xc006116a50?})
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor.go:1230 +0x19d
github.com/cockroachdb/cockroach/pkg/sql.(*Server).ServeConn.func1({0x7d27370, 0xc00a1b6c90}, {0xc0029bdc00?})
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor.go:964 +0x45
panic({0x5b34900?, 0xc006116a50?})
    GOROOT/src/runtime/panic.go:770 +0x132
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError.func1()
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:110 +0x554
panic({0x5b34900?, 0xc006116a50?})
    GOROOT/src/runtime/panic.go:770 +0x132
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError.func1()
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:110 +0x554
panic({0x5b34900?, 0xc006116a50?})
    GOROOT/src/runtime/panic.go:770 +0x132
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError.func1()
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:110 +0x554
panic({0x5b34900?, 0xc006116a50?})
    GOROOT/src/runtime/panic.go:770 +0x132
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError.func1()
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:110 +0x554
panic({0x5b34900?, 0xc006116a50?})
    GOROOT/src/runtime/panic.go:770 +0x132
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError.func1()
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:110 +0x554
panic({0x5b34900?, 0xc006116a50?})
    GOROOT/src/runtime/panic.go:770 +0x132
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError.func1()
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:110 +0x554
panic({0x5b34900?, 0xc006116a50?})
    GOROOT/src/runtime/panic.go:770 +0x132
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError.func1()
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:110 +0x554
panic({0x5b34900?, 0xc006116a50?})
    GOROOT/src/runtime/panic.go:770 +0x132
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError.func1()
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:110 +0x554
panic({0x5b34900?, 0xc006116a50?})
    GOROOT/src/runtime/panic.go:770 +0x132
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError.func1()
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:110 +0x554
panic({0x5b34900?, 0xc006116a50?})
    GOROOT/src/runtime/panic.go:770 +0x132
github.com/cockroachdb/cockroach/pkg/col/coldata.(*memColumn).Int64(0xc00c4bccf0?)
    github.com/cockroachdb/cockroach/pkg/col/coldata/vec.go:308 +0x49
github.com/cockroachdb/cockroach/pkg/col/coldata.(*memColumn).Copy(0xc00298a740, {{0x7dbd440, 0xc00298aa00}, {0xc00aa17f88, 0x1, 0x1}, 0x0, 0x0, 0x1})
    github.com/cockroachdb/cockroach/bazel-out/k8-opt/bin/pkg/col/coldata/vec.eg.go:682 +0x5d8
github.com/cockroachdb/cockroach/pkg/sql/colexec.(*caseOp).Next.func4()
    github.com/cockroachdb/cockroach/pkg/sql/colexec/case.go:350 +0xdc
github.com/cockroachdb/cockroach/pkg/sql/colmem.(*Allocator).PerformOperation(0xc00c4c8b40, {0xc0029b90d0, 0x1, 0x10?}, 0xc0029b9018)
    github.com/cockroachdb/cockroach/pkg/sql/colmem/allocator.go:460 +0x8d
github.com/cockroachdb/cockroach/pkg/sql/colexec.(*caseOp).Next(0xc00a9f5d40)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/case.go:342 +0x738
github.com/cockroachdb/cockroach/pkg/sql/colexec.(*notExprSelOp).Next(0xc00c4bc420)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/not_expr_ops.go:147 +0x2e
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecbase.(*simpleProjectOp).Next(0xc00c4c6360)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecbase/simple_project.go:124 +0x33
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).next(...)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:118
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError(0xc00c4c8fc0?)
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:135 +0x57
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).Next(0xc00c4ba800)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:126 +0x4c
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils.(*vectorTypeEnforcer).Next(0xc00c4d25a0)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils/operator.go:157 +0x24
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecbase.(*ordinalityOp).Next(0xc00c4c9d00)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecbase/ordinality.go:51 +0x27
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).next(...)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:118
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError(0xc00c4c9d40?)
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:135 +0x57
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).Next(0xc00c4baa00)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:126 +0x4c
github.com/cockroachdb/cockroach/pkg/sql/colexec.(*Materializer).next(0xc015fe6a80)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/materializer.go:247 +0x6d
github.com/cockroachdb/cockroach/pkg/sql/colexec.(*Materializer).nextAdapter(...)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/materializer.go:272
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError(0x50b644?)
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:135 +0x57
github.com/cockroachdb/cockroach/pkg/sql/colexec.(*Materializer).Next(0xc015fe6a80)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/materializer.go:278 +0x46
github.com/cockroachdb/cockroach/pkg/sql/rowexec.(*inputStatCollector).Next(0xc00aa35300)
    github.com/cockroachdb/cockroach/pkg/sql/rowexec/stats.go:69 +0x3c
github.com/cockroachdb/cockroach/pkg/sql/rowexec.(*hashJoiner).receiveNext(0xc00c4b7c08, 0x1)
    github.com/cockroachdb/cockroach/pkg/sql/rowexec/hashjoiner.go:482 +0x79
github.com/cockroachdb/cockroach/pkg/sql/rowexec.(*hashJoiner).build(0xc00c4b7c08)
    github.com/cockroachdb/cockroach/pkg/sql/rowexec/hashjoiner.go:215 +0x28
github.com/cockroachdb/cockroach/pkg/sql/rowexec.(*hashJoiner).Next(0xc00c4b7c08)
    github.com/cockroachdb/cockroach/pkg/sql/rowexec/hashjoiner.go:184 +0x65
github.com/cockroachdb/cockroach/pkg/sql/colexec.(*Columnarizer).Next(0xc00aa5cc08)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/columnarizer.go:239 +0x11f
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).next(...)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:118
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError(0xc00c4da000?)
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:135 +0x57
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).Next(0xc00c4bab00)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:126 +0x4c
github.com/cockroachdb/cockroach/pkg/sql/colexec.(*UnorderedDistinct).Next(0xc00c4c4dc0)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/unordered_distinct.go:100 +0x2f
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecdisk.(*diskSpillerBase).Next.func1()
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecdisk/disk_spiller.go:202 +0x29
...8 frames elided...
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils.(*vectorTypeEnforcer).Next(0xc00c4d2820)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils/operator.go:157 +0x24
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecbase.(*castOpNullAny).Next(0xc00aa47570)
    github.com/cockroachdb/cockroach/bazel-out/k8-opt/bin/pkg/sql/colexec/colexecbase/cast.eg.go:1199 +0x33
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils.(*vectorTypeEnforcer).Next(0xc00c4d2870)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils/operator.go:157 +0x24
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecbase.constFloat64Op.Next({{{{0x7d2f678, 0xc00c4d2870}}, {{0x7d27370, 0xc00c4bc930}}}, 0xc00c4da500, 0x9, 0x40091eb851eb851f})
    github.com/cockroachdb/cockroach/bazel-out/k8-opt/bin/pkg/sql/colexec/colexecbase/const.eg.go:407 +0x69
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils.(*vectorTypeEnforcer).Next(0xc00c4d28c0)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils/operator.go:157 +0x24
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecbase.constNullOp.Next({{{{0x7d2f678, 0xc00c4d28c0}}, {{0x7d27370, 0xc00c4bc930}}}, 0xa})
    github.com/cockroachdb/cockroach/bazel-out/k8-opt/bin/pkg/sql/colexec/colexecbase/const.eg.go:611 +0x3b
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils.(*vectorTypeEnforcer).Next(0xc00c4d2910)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils/operator.go:157 +0x24
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecbase.(*castOpNullAny).Next(0xc00aa475e0)
    github.com/cockroachdb/cockroach/bazel-out/k8-opt/bin/pkg/sql/colexec/colexecbase/cast.eg.go:1199 +0x33
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils.(*vectorTypeEnforcer).Next(0xc00c4d2960)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils/operator.go:157 +0x24
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecproj.(*defaultCmpProjOp).Next(0xc00aa47650)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecproj/bazel-out/k8-opt/bin/pkg/sql/colexec/colexecproj/default_cmp_proj_op.eg.go:37 +0x32
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils.(*BatchSchemaSubsetEnforcer).Next(0xc00aa476c0)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils/operator.go:224 +0x28
github.com/cockroachdb/cockroach/pkg/sql/colexec.(*bufferOp).advance(...)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/buffer.go:48
github.com/cockroachdb/cockroach/pkg/sql/colexec.(*caseOp).Next(0xc00c4d40d0)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/case.go:195 +0x42
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils.(*vectorTypeEnforcer).Next(0xc00c4d2e10)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils/operator.go:157 +0x24
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecproj.projGTBoolBoolOp.Next({{{{{...}}, {{...}}}, 0xc00c4da600, 0xc, 0xd, 0x18, 0x0}})
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecproj/bazel-out/k8-opt/bin/pkg/sql/colexec/colexecproj/proj_non_const_ops.eg.go:42287 +0x78
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils.(*vectorTypeEnforcer).Next(0xc00c4d2eb0)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecutils/operator.go:157 +0x24
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecproj.projGEInt32Int32Op.Next({{{{{...}}, {{...}}}, 0xc00c4dac00, 0x0, 0x3, 0x19, 0x0}})
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecproj/bazel-out/k8-opt/bin/pkg/sql/colexec/colexecproj/proj_non_const_ops.eg.go:48237 +0x78
github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecbase.(*simpleProjectOp).Next(0xc00c4c6840)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/colexecbase/simple_project.go:124 +0x33
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).next(...)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:118
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError(0xc00c4dac40?)
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:135 +0x57
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).Next(0xc00c4bac00)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:126 +0x4c
github.com/cockroachdb/cockroach/pkg/sql/colexec.(*SerialUnorderedSynchronizer).Next(0xc00c4c68a0)
    github.com/cockroachdb/cockroach/pkg/sql/colexec/serial_unordered_synchronizer.go:103 +0x49
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).next(...)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:118
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError(0xc00c4dad00?)
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:135 +0x57
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).Next(0xc00c4bad00)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:126 +0x4c
github.com/cockroachdb/cockroach/pkg/sql/colexecop.(*noopOperator).Next(0x9dccf05654456?)
    github.com/cockroachdb/cockroach/pkg/sql/colexecop/operator.go:430 +0x1c
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).next(...)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:118
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError(0xc00c4dad80?)
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:135 +0x57
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*batchInfoCollector).Next(0xc00c4bae00)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/stats.go:126 +0x4c
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*BatchFlowCoordinator).nextAdapter(...)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/flow_coordinator.go:250
github.com/cockroachdb/cockroach/pkg/sql/colexecerror.CatchVectorizedRuntimeError(0xc009c76808?)
    github.com/cockroachdb/cockroach/pkg/sql/colexecerror/error.go:135 +0x57
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*BatchFlowCoordinator).next(...)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/flow_coordinator.go:254
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*BatchFlowCoordinator).Run(0xc00c4c54a0, {0x7d27338?, 0xc00aa66c30?})
    github.com/cockroachdb/cockroach/pkg/sql/colflow/flow_coordinator.go:286 +0x17f
github.com/cockroachdb/cockroach/pkg/sql/colflow.(*vectorizedFlow).Run(0xc009c0df40, {0x7d27338, 0xc00aa66c30}, 0x0)
    github.com/cockroachdb/cockroach/pkg/sql/colflow/vectorized_flow.go:320 +0x1f3
github.com/cockroachdb/cockroach/pkg/sql.(*DistSQLPlanner).Run(0xc001b99cc0, {0x7d27370, 0xc00a9f8750}, 0xc00a9f5110, 0xc00a3060a0, 0xc00aa59b00, 0xc009c76808, 0xc00a1ce4e0, 0xc00a61daa0)
    github.com/cockroachdb/cockroach/pkg/sql/distsql_running.go:925 +0xba7
github.com/cockroachdb/cockroach/pkg/sql.(*DistSQLPlanner).PlanAndRun(0xc001b99cc0, {0x7d27370, 0xc00a9f8750}, 0xc00a1ce4e0, 0xc00a9f5110, 0xc00a3060a0, {{0x7d29fa0, 0xc014910a20}, 0x0}, 0xc009c76808, ...)
    github.com/cockroachdb/cockroach/pkg/sql/distsql_running.go:1987 +0x215
github.com/cockroachdb/cockroach/pkg/sql.(*DistSQLPlanner).PlanAndRunAll.func3(0xc00a61db40?, 0x470001?, {0x7d27370?, 0xc00a9f8750?}, 0xc00a9f8750?, 0xc00a1ce010?, 0xc00a61dbb0?)
    github.com/cockroachdb/cockroach/pkg/sql/distsql_running.go:1701 +0xbb
github.com/cockroachdb/cockroach/pkg/sql.(*DistSQLPlanner).PlanAndRunAll(0xc001b99cc0, {0x7d27370, 0xc00a9f8750}, 0xc00a1ce4e0, 0xc00a9f5110, 0xc00a1ce010, 0xc009c76808, 0xc00a9f87b0)
    github.com/cockroachdb/cockroach/pkg/sql/distsql_running.go:1704 +0x225
github.com/cockroachdb/cockroach/pkg/sql.(*connExecutor).execWithDistSQLEngine(0xc00a1cd988, {0x7d27370, 0xc00a9f8750}, 0xc00a1ce010, 0x3?, {0x7f9db49ba8b0?, 0xc0158c3730?}, 0x0, 0xc016575598, {0x7cde400, ...})
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor_exec.go:2490 +0x485
github.com/cockroachdb/cockroach/pkg/sql.(*connExecutor).dispatchToExecutionEngine(0xc00a1cd988, {0x7d27370, 0xc00a303170}, 0xc00a1ce010, {0x7f9db49ba8b0, 0xc0158c3730})
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor_exec.go:2020 +0x129e
github.com/cockroachdb/cockroach/pkg/sql.(*connExecutor).execStmtInOpenState(0xc00a1cd988, {0x7d27370, 0xc00a303170}, {{0x7d4dee0, 0xc00a304ff0}, {0x0, 0x0, 0x0}, {0xc007ad2500, 0x2038}, ...}, ...)
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor_exec.go:1166 +0x45c5
github.com/cockroachdb/cockroach/pkg/sql.(*connExecutor).execStmt.func1({0x7d27370?, 0xc00a303020?})
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor_exec.go:146 +0xb0
github.com/cockroachdb/cockroach/pkg/sql.(*connExecutor).execWithProfiling(0xb84ce10?, {0x7d27370?, 0xc00a303020?}, {0x7d4dee0?, 0xc00a304ff0?}, 0x200000000?, 0x0?)
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor_exec.go:3491 +0x2ec
github.com/cockroachdb/cockroach/pkg/sql.(*connExecutor).execStmt(0xc00a1cd988, {0x7d27370, 0xc00a303020}, {{0x7d4dee0, 0xc00a304ff0}, {0x0, 0x0, 0x0}, {0xc007ad2500, 0x2038}, ...}, ...)
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor_exec.go:145 +0x5a9
github.com/cockroachdb/cockroach/pkg/sql.(*connExecutor).execCmd.func1(0xc00a227820, 0xc00a2278f0, 0xc00a1cd988, 0xc00a227518, 0xc0029bd978, 0xc0029bd968, 0xc0029bd998, 0xc00a2279b0)
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor.go:2290 +0x3f1
github.com/cockroachdb/cockroach/pkg/sql.(*connExecutor).execCmd(0xc00a1cd988)
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor.go:2295 +0xa56
github.com/cockroachdb/cockroach/pkg/sql.(*connExecutor).run(0xc00a1cd988, {0x7d27370, 0xc00a1b6c90}, 0x3c?, 0xc001b5db00?, 0xc00a1137c0?)
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor.go:2212 +0x208
github.com/cockroachdb/cockroach/pkg/sql.(*Server).ServeConn(0xc016523720?, {0x7d27370?, 0xc00a1b6c90?}, {0xc00a1ab009?}, 0x4?, 0xc00a1b6b10?)
    github.com/cockroachdb/cockroach/pkg/sql/conn_executor.go:966 +0xda
github.com/cockroachdb/cockroach/pkg/sql/pgwire.(*conn).processCommands(0xc0158c3008, {0x7d27370, 0xc00a1b6c90}, {0x1, 0x2, {0x1, {0x649b76b, 0x3}, {0xc009d1fa90, 0x10}, ...}, ...}, ...)
    github.com/cockroachdb/cockroach/pkg/sql/pgwire/conn.go:247 +0x411
github.com/cockroachdb/cockroach/pkg/sql/pgwire.(*Server).serveImpl.func3()
    github.com/cockroachdb/cockroach/pkg/sql/pgwire/server.go:992 +0xec
created by github.com/cockroachdb/cockroach/pkg/sql/pgwire.(*Server).serveImpl in goroutine 3744
    github.com/cockroachdb/cockroach/pkg/sql/pgwire/server.go:989 +0x5fb

Environment:

• CockroachDB version: v24.1.0
• Server OS: Linux a002 6.5.0-18-generic #18~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Wed Feb 7 11:40:03 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
• Client app: postgresql odbc/psql

docker compose file:

version: '3.5'

services:
  crdb1:
    image: cockroachdb/cockroach:v24.1.0
    command: "start --advertise-addr=crdb1:26357 --http-addr=crdb1:8080 --listen-addr=crdb1:26357 --sql-addr=crdb1:26257 --insecure --join=crdb1:26357,crdb2:26357,crdb3:26357"
    volumes:
      - "crdb1_data:/cockroach/cockroach-data"
    networks:
      crnet:
        ipv4_address: 10.0.5.11

  crdb2:
    image: cockroachdb/cockroach:v24.1.0
    command: "start --advertise-addr=crdb2:26357 --http-addr=crdb2:8080 --listen-addr=crdb2:26357 --sql-addr=crdb2:26257 --insecure --join=crdb1:26357,crdb2:26357,crdb3:26357"
    volumes:
      - "crdb2_data:/cockroach/cockroach-data"
    networks:
      crnet:
        ipv4_address: 10.0.5.12

  crdb3:
    image: cockroachdb/cockroach:v24.1.0
    command: "start --advertise-addr=crdb3:26357 --http-addr=crdb3:8080 --listen-addr=crdb3:26357 --sql-addr=crdb3:26257 --insecure --join=crdb1:26357,crdb2:26357,crdb3:26357"
    volumes:
      - "crdb3_data:/cockroach/cockroach-data"
    networks:
      crnet:
        ipv4_address: 10.0.5.13

  crdb_single:
    image: cockroachdb/cockroach:v24.1.0

    command: start-single-node --insecure
    volumes:
      - "crdb_single_data:/cockroach/cockroach-data"
    networks:
      crnet:
        ipv4_address: 10.0.5.21

volumes:
  crdb1_data:
  crdb2_data:
  crdb3_data:
  crdb_single_data:

networks:
  crnet:
    driver: bridge
    ipam:
      config:
        - subnet: 10.0.5.0/24
          gateway: 10.0.5.254

about us

We are the BASS team from the School of Cyber Science and Technology at Beihang University. Our main focus is on system software security, operating systems, and program analysis research, as well as the development of automated program testing frameworks for detecting software defects. Using our self-developed database vulnerability testing tool, we have identified the above-mentioned possible vulnerabilities that may lead to database crashes.

Jira issue: CRDB-42036

[blathers-crl[bot]]

Hi @ycybfhb, please add branch-* labels to identify which branch(es) this C-bug affects.

_{:owl: Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf.}

[blathers-crl[bot]]

Hello, I am Blathers. I am here to help you get the issue triaged.

Hoot - a bug! Though bugs are the bane of my existence, rest assured the wretched thing will get the best of care here.

I have CC'd a few people who may be able to assist you:

• @cockroachdb/sql-queries (found keywords: Vectorized,DistSQL,Plan)
• @cockroachdb/sql-foundations (found keywords: pg_)

If we have not gotten back to your issue within a few business days, you can try the following:

• Join our community slack channel and ask on #cockroachdb.
• Try find someone from here if you know they worked closely on the area and CC them.

_{:owl: Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf.}

[michae2]

Initial reduction:

CREATE TABLE t_y (
  c_b3l3rlrs INT4, c_ca STRING, c_t9r1kl9y6m INT4, c_jqnxje42v INT4, c_jt8ydrx7 INT4, c_m50a STRING, c_l1 STRING
);

INSERT
INTO
  t_y (c_b3l3rlrs, c_ca, c_t9r1kl9y6m, c_jqnxje42v, c_jt8ydrx7, c_m50a, c_l1)
VALUES
  (0, NULL, 0, 0, 1768704522, '', NULL);

CREATE TABLE t_bnqfnwa (
  c_rqlsk_aj INT4, c_veh INT4, c_ibhkt4ifda BOOL, c_ts7n INT4, c_uuw5d832 STRING, c_d38l4v64 STRING
);

INSERT
INTO
  t_bnqfnwa (c_rqlsk_aj, c_veh, c_ibhkt4ifda, c_ts7n, c_uuw5d832, c_d38l4v64)
VALUES
  (0, 0, true, -129, '', '');

SELECT
  subq_1.c7, subq_1.c1 >= (SELECT ref_20.c_b3l3rlrs FROM t_y AS ref_20 WHERE ref_20.c_m50a != subq_1.c3), subq_1.c5
FROM
  (
    SELECT
      generate_series(ref_9.c_rqlsk_aj, ref_10.c_jt8ydrx7) AS c0,
      ref_9.c_veh AS c1,
      ref_9.c_d38l4v64 AS c3,
      ref_9.c_uuw5d832 AS c5,
      ref_10.c_jqnxje42v AS c7
    FROM
      t_bnqfnwa AS ref_9
      RIGHT JOIN t_y AS ref_10 ON
          ref_10.c_t9r1kl9y6m > ref_9.c_ts7n
          OR ref_9.c_ibhkt4ifda NOT IN (ref_10.c_m50a NOT IN (ref_10.c_l1, ref_10.c_ca),)
    LIMIT
      2
  )
    AS subq_1
WHERE
  subq_1.c0 NOT IN (SELECT NULL FROM t_bnqfnwa);

Looks like this dates back to v23.1.

[mgartner]

This is a stubborn one - I couldn't reduce it much more:

CREATE TABLE abcdef (
  a STRING,
  b INT4,
  c INT4,
  d INT4,
  e STRING,
  f STRING
);

INSERT INTO abcdef (a, b, c, d, e, f) VALUES ('a', 0, 0, 0, 'e', 'f');

CREATE TABLE ghijkl (
  g INT4,
  h INT4,
  i BOOL,
  j INT4,
  k STRING,
  l STRING
);

INSERT INTO ghijkl (g, h, i, j, k, l) VALUES (0, 0, true, -1, 'k', 'l');

SELECT c7, c1 >= (SELECT c FROM abcdef WHERE e != c3), c5
FROM (
  SELECT
    generate_series(g, d) AS c0,
    h AS c1,
    l AS c3,
    k AS c5,
    c AS c7
  FROM ghijkl
  LEFT JOIN abcdef ON b > j OR i NOT IN (e NOT IN (f, a),)
  LIMIT 2
)
WHERE c0 NOT IN (SELECT NULL FROM ghijkl);