search

duckdb / duckdb-fuzzer

Repository that contains automatic reports of issues found through fuzzing DuckDB
0 stars 0 forks source link

/home/runner/work/duckdb-fuzzer-ci/duckdb-fuzzer-ci/src/common/types/value.cpp:1337:16: runtime error: load of value 40, which is not a valid value for type 'bool' #3240

Closed fuzzerofducks closed 3 weeks ago

fuzzerofducks commented 1 month ago

Issue found by DuckFuzz on git commit hash ee349 using seed 10633964.

To Reproduce

call dbgen(sf=0.1);
WITH t10 (c6, c7, c8, c9) AS (SELECT DISTINCT c1, c2 FROM nation AS t5(c1, c2, c3, c4) ORDER BY c4 NULLS FIRST, c2 ASC NULLS LAST, c1 DESC LIMIT 2445)SELECT 7827, 7591, c13, TRY_CAST(1414 AS DATE) FROM read_ndjson(NULL, filename := NULL) AS t14(c11, c12, c13) PIVOT (list_median((NOT c3)) FOR (rank() OVER (PARTITION BY c7 ROWS BETWEEN CURRENT ROW AND (c1 IN ("first"(c11), COLUMNS(*), 5251, c12, 4034, c7, c3, list_sem(c2))) FOLLOWING)) IN ('2262-04-11 23:47:16.854775806'::TIMESTAMP_NS, 5050)) WHERE inet_server_addr() OFFSET #3;

Error Message

/home/runner/work/duckdb-fuzzer-ci/duckdb-fuzzer-ci/src/common/types/value.cpp:1337:16: runtime error: load of value 40, which is not a valid value for type 'bool'
Tmonster commented 4 weeks ago

Seems like this was caused again by the fuzzer shoving NULL values into all the functions it could find

the following is in the query.

FROM read_ndjson(NULL, filename := NULL)
Tishj commented 2 weeks ago

I'm a little confused reading the explanation and seeing the found error:

Binder Error: No function matches the given name and argument types 'dayofweek(TIMESTAMP WITH TIME ZONE)'. You might need to add explicit type casts.
        Candidate functions:
        dayofweek(DATE) -> BIGINT
        dayofweek(TIMESTAMP) -> BIGINT
        dayofweek(INTERVAL) -> BIGINT

LINE 1: ... LIMIT 1 OFFSET 2) !~~* subq_0.c3) OR (dayofweek(CAST(now() AS TIMESTAMP WITH ...

This doesn't sound to me like NULL is being inserted This just fails because ICU is not loaded, which is confirmed by this succeeding in the python sqllogictester because ICU is loaded by default there

Mytherin commented 2 weeks ago

I think that test is mostly just testing that the address sanitizer issue doesn't pop up as it did before.

Maybe we can disable the built-in extensions for the Python SQLLogicTester CI run? e.g. we can parse the extensions list from an environment variable in setup.py and set it to an empty list explicitly in the CI run? That way the regular test behavior is matched