You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With Jun2016, I see no segfault or assertion (server keeps running), "just" an error:
"TypeException:user.main[1023]:'calc.==' undefined in: calc.==(X_26871:str,X_26873:int);"
And the server reports
"
WARNING To speedup calc.== a bulk operator implementation is needed
X_26473:bat[:bit] := mal.multiplex("calc":str,"==":str,X_26471:bat[:str],X_26472:bat[:int]);
WARNING To speedup calc.== a bulk operator implementation is needed
X_26485:bat[:bit] := mal.multiplex("calc":str,"==":str,X_26482:bat[:bit],X_26484:bat[:int]);
"
While not occurring with the default and Dec2016 branches,
the segfault indeed occurs with the Jun2016 branch:
WARNING To speedup calc.== a bulk operator implementation is needed
X_1137:bat[:bit] := mal.multiplex("calc":str,"==":str,X_1135:bat[:str],X_1136:bat[:int]);
WARNING To speedup calc.== a bulk operator implementation is needed
X_1142:bat[:bit] := mal.multiplex("calc":str,"==":str,X_1140:bat[:bit],X_1141:bat[:int]);
Thread 5 "mserver5" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffc0930700 (LWP 17487)]
0x00007fffe8177c87 in sa_reset (sa=0x7fff00000000) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/sql/common/sql_mem.c:65
65 for (i = 1; inr; i++) {
Missing separate debuginfos, use: dnf debuginfo-install R-core-3.3.1-2.fc24.x86_64 SuperLU-5.2.0-1.fc24.x86_64 armadillo-7.300.1-1.fc24.x86_64 arpack-3.3.0-2.b0f7a60git.fc24.x86_64 atlas-3.10.2-12.fc24.x86_64 blas-3.6.1-1.fc24.x86_64 boost-atomic-1.60.0-7.fc24.x86_64 boost-chrono-1.60.0-7.fc24.x86_64 boost-date-time-1.60.0-7.fc24.x86_64 boost-filesystem-1.60.0-7.fc24.x86_64 boost-iostreams-1.60.0-7.fc24.x86_64 boost-program-options-1.60.0-7.fc24.x86_64 boost-regex-1.60.0-7.fc24.x86_64 boost-system-1.60.0-7.fc24.x86_64 boost-thread-1.60.0-7.fc24.x86_64 bzip2-libs-1.0.6-20.fc24.x86_64 cfitsio-3.370-6.fc24.x86_64 cyrus-sasl-lib-2.1.26-26.2.fc24.x86_64 expat-2.1.1-2.fc24.x86_64 fontconfig-2.11.94-7.fc24.x86_64 freetype-2.6.3-2.fc24.x86_64 freexl-1.0.2-3.fc24.x86_64 gdal-libs-2.0.2-6.fc24.x86_64 geos-3.5.0-1.fc24.x86_64 giflib-4.1.6-15.fc24.x86_64 gsl-2.1-4.fc24.x86_64 hdf5-1.8.16-3.fc24.x86_64 jasper-libs-1.900.1-34.fc24.x86_64 jbigkit-libs-2.1-5.fc24.x86_64 keyutils-libs-1.5.9-8.fc24.x86_64 krb5-libs-1.14.4-4.fc24.x86_64 lapack-3.6.1-1.fc24.x86_64 laszip-2.2.0-6.fc24.x86_64 lcms2-2.8-2.fc24.x86_64 libICE-1.0.9-5.fc24.x86_64 libSM-1.2.2-4.fc24.x86_64 libX11-1.6.3-3.fc24.x86_64 libXau-1.0.8-6.fc24.x86_64 libatomic_ops-7.4.2-9.fc24.x86_64 libcom_err-1.42.13-4.fc24.x86_64 libcurl-7.47.1-8.fc24.x86_64 libdap-3.17.2-1.fc24.x86_64 libgcc-6.2.1-2.fc24.x86_64 libgeotiff-1.4.0-7.fc24.x86_64 libgfortran-6.2.1-2.fc24.x86_64 libgomp-6.2.1-2.fc24.x86_64 libgta-1.0.7-3.fc24.x86_64 libicu-56.1-4.fc24.x86_64 libidn-1.33-1.fc24.x86_64 libjpeg-turbo-1.5.0-4.fc24.x86_64 liblas-1.8.0-13.fc24.x86_64 libnghttp2-1.7.1-1.fc24.x86_64 libpng-1.6.23-1.fc24.x86_64 libpsl-0.13.0-2.fc24.x86_64 libquadmath-6.2.1-2.fc24.x86_64 libselinux-2.5-9.fc24.x86_64 libspatialite-4.3.0a-2.fc24.x86_64 libssh2-1.7.0-5.fc24.x86_64 libstdc++-6.2.1-2.fc24.x86_64 libtiff-4.0.6-2.fc24.x86_64 libtool-ltdl-2.4.6-12.fc24.x86_64 libunistring-0.9.4-3.fc24.x86_64 libuuid-2.28.2-1.fc24.x86_64 libwebp-0.5.1-1.fc24.x86_64 libxcb-1.11.1-2.fc24.x86_64 libxml2-2.9.3-3.fc24.x86_64 mariadb-libs-10.1.18-1.fc24.x86_64 ncurses-libs-6.0-6.20160709.fc24.x86_64 netcdf-4.4.0-3.fc24.x86_64 nspr-4.13.0-1.fc24.x86_64 nss-3.27.0-1.1.fc24.x86_64 nss-softokn-freebl-3.27.0-1.0.fc24.x86_64 nss-util-3.27.0-1.0.fc24.x86_64 ogdi-3.2.0-0.26.beta2.fc24.x86_64 openblas-openmp-0.2.18-5.fc24.x86_64 openjpeg2-2.1.2-1.fc24.x86_64 openldap-2.4.44-1.fc24.x86_64 openssl-libs-1.0.2j-1.fc24.x86_64 pcre-8.39-3.fc24.x86_64 poppler-0.41.0-3.fc24.x86_64 postgresql-libs-9.5.4-1.fc24.x86_64 proj-4.9.2-2.fc24.x86_64 readline-6.3-8.fc24.x86_64 sqlite-libs-3.13.0-1.fc24.x86_64 tre-0.8.0-16.20140228gitc2f5d13.fc24.x86_64 unixODBC-2.3.4-2.fc24.x86_64 xerces-c-3.1.4-1.fc24.x86_64 xz-libs-5.2.2-2.fc24.x86_64 zlib-1.2.8-10.fc24.x86_64
(gdb) bt
0 0x00007fffe8177c87 in sa_reset (sa=0x7fff00000000) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/sql/common/sql_mem.c:65
1 0x00007fffe7fe80c8 in sqlcleanup (c=0x7fffb8010c40, err=0) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/sql/backends/monet5/sql.c:172
2 0x00007fffe800f221 in SQLparser (c=0x7fffe9db2330) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/sql/backends/monet5/sql_scenario.c:1326
3 0x00007ffff797d85a in runPhase (c=0x7fffe9db2330, phase=1) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/mal/mal_scenario.c:531
4 0x00007ffff797da01 in runScenarioBody (c=0x7fffe9db2330) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/mal/mal_scenario.c:566
5 0x00007ffff797dbac in runScenario (c=0x7fffe9db2330) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/mal/mal_scenario.c:595
6 0x00007ffff797f738 in MSserveClient (dummy=0x7fffe9db2330) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/mal/mal_session.c:457
7 0x00007ffff797f18c in MSscheduleClient (command=0x7fffb80008d0 "\340`\f\270\377\177", challenge=0x7fffc092fd70 "noo75rWC", fin=0x7fffb8002980, fout=0x7fffb4002b60) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/mal/mal_session.c:342
8 0x00007ffff7a39dd5 in doChallenge (data=0x7fffb40008d0) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/modules/mal/mal_mapi.c:205
9 0x00007ffff739475f in thread_starter (arg=0x7fffb4004c50) at /ufs/manegold/_/Monet/HG/Jun2016/source/MonetDB/gdk/gdk_system.c:485
10 0x00007ffff48f25ca in start_thread () from /lib64/libpthread.so.0
11 0x00007ffff462bf6d in clone () from /lib64/libc.so.6
(gdb) li
60
61 sql_allocator *sa_reset( sql_allocator sa )
62 {
63 size_t i ;
64
65 for (i = 1; inr; i++) {
66 DELETE(sa->blks[i]);
67 }
68 sa->nr = 1;
69 sa->used = 0;
(gdb) p sa
$1 = (sql_allocator *) 0x7fff00000000
(gdb) p *sa
Cannot access memory at address 0x7fff00000000
(gdb) p i
$2 = 1
(gdb) up
1 0x00007fffe7fe80c8 in sqlcleanup (c=0x7fffb8010c40, err=0) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/sql/backends/monet5/sql.c:172
172 c->sa = sa_reset(c->sa);
(gdb) li
167 c->emod = 0;
168 }
169 / some statements dynamically disable caching */
170 c->sym = NULL;
171 if (c->sa)
172 c->sa = sa_reset(c->sa);
173 if (err >0)
174 c->session->status = -err;
175 if (err <0)
176 c->session->status = err;
(gdb) p c
$3 = (mvc *) 0x7fffb8010c40
(gdb) p *c
$4 = {errstr = '\000' <repeats 20 times>, "\005", '\000' <repeats 31 times>, "\005", '\000' <repeats 31 times>, "\005", '\000' <repeats 31 times>, "\005", '\000' <repeats 31 times>, "\005", '\000' <repeats 31 times>, "\005", '\000' <repeats 31 times>..., sa = 0x7fff00000000, qc = 0x7fffb8003a50, clientid = 0, scanner = {rs = 0x7fffb8002980, ws = 0x7fff00000000, log = 0x0, yynext = 0, yylast = 5, yysval = 8431,
yyval = 385, yycur = 0, yybak = 0 '\000', as = 0, key = 0, started = 0, mode = (LINE_N | unknown: 4), schema = 0x0, errstr = 0x0}, params = 0x0, forward = 0x500000000, vars = 0x7fffb80008d0, topvars = 0, sizevars = 32, frame = 1, use_views = 0, args = 0x500000000, argc = 0, argmax = 32, sym = 0x0, no_mitosis = 0, user_id = 3, role_id = 0, last_id = -1, rowcnt = -4294967296, timezone = 7200000, cache = 100,
caching = 0, history = 5, reply_size = -1, sizeheader = 0, debug = 0, emode = 0 '\000', emod = 0 '\000', session = 0x7fffb8003bb0, type = 0, pushdown = 5, label = 75, cascade_action = 0x0, opt_stats = {0, 0, 0, 5, 0, 0, 0, 0}, result_id = 0, results = 0x500000000}
(gdb)
valgrind gives some worrying errors in the Jun2016 branch. It looks like freeVariables() accesses data beyond the end of the array. glb->stk isn't as long as mb->vtop expects.
Comment 24573
Date: 2016-10-21 11:28:33 +0200
From: Bo Tang <>
Created attachment 485
another query for segmentation fault
Attached file: bug-7.sql (application/sql, 137 bytes)
Description: another query for segmentation fault
Comment 24574
Date: 2016-10-21 11:31:40 +0200
From: Bo Tang <>
For the later query, gdb backtrace shows:
0 0x00007ffff5d9b090 in __write_nocancel () from /lib64/libc.so.6
1 0x00007ffff79b2153 in socket_write (s=0x751370, buf=0x6bfe30, elmsize=1, cnt=26) at stream.c:2112
2 0x00007ffff79b4eca in bs_flush (ss=0x7323c0) at stream.c:3716
3 0x00007ffff79ae42e in mnstr_flush (s=0x7323c0) at stream.c:474
4 0x00007ffff7bcbc5a in mapi_execute_internal (hdl=0x1c503a60) at mapi.c:4166
5 0x00007ffff7bcbff9 in mapi_query (mid=0x750f30, cmd=0x47345f "CALL sys.settimeout(1)") at mapi.c:4217
6 0x000000000042178a in dut_monetdb::test (this=this@entry=0x6ab410,...) at monetdb.cc:217
7 0x0000000000411942 in main (argc=, argv=) at sqlsmith.cc:209
Comment 24577
Date: 2016-10-21 16:23:07 +0200
From: Bo Tang <>
Created attachment 487
this query also triggered Segmentation fault (core dumped)
Attached file: bug-9.sql (application/sql, 1958 bytes)
Description: this query also triggered Segmentation fault (core dumped)
Comment 24587
Date: 2016-10-24 16:03:50 +0200
From: Bo Tang <>
Created attachment 488
one more query for segmentation fault
Attached file: bug-10.sql (application/sql, 285 bytes)
Description: one more query for segmentation fault
Date: 2016-10-20 11:40:47 +0200
From: Bo Tang <>
To: SQL devs <>
Version: 11.23.13 (Jun2016-SP2)
CC: @drstmane
Last updated: 2017-03-03 10:24:55 +0100
Comment 24558
Date: 2016-10-20 11:40:47 +0200
From: Bo Tang <>
Created attachment 484
debug query
sqlsmith triggered the following assertion:
Segmentation fault (core dumped)
I re-run the attached query with mclient manually, it returned:
TypeException:user.update[1048]:'calc.==' undefined in: calc.==(X_1442:str,X_1444:int);
Comment 24560
Date: 2016-10-20 12:38:03 +0200
From: @drstmane
With Jun2016, I see no segfault or assertion (server keeps running), "just" an error:
"TypeException:user.main[1023]:'calc.==' undefined in: calc.==(X_26871:str,X_26873:int);"
And the server reports
"
WARNING To speedup calc.== a bulk operator implementation is needed
X_26473:bat[:bit] := mal.multiplex("calc":str,"==":str,X_26471:bat[:str],X_26472:bat[:int]);
WARNING To speedup calc.== a bulk operator implementation is needed
X_26485:bat[:bit] := mal.multiplex("calc":str,"==":str,X_26482:bat[:bit],X_26484:bat[:int]);
"
Comment 24561
Date: 2016-10-20 12:39:41 +0200
From: @drstmane
correction:
I used the Dec2016 branch (changeset 8733d8f211a8), not the Jun2016 branch.
Comment 24565
Date: 2016-10-20 14:49:12 +0200
From: @drstmane
While not occurring with the default and Dec2016 branches,
the segfault indeed occurs with the Jun2016 branch:
WARNING To speedup calc.== a bulk operator implementation is needed
X_1137:bat[:bit] := mal.multiplex("calc":str,"==":str,X_1135:bat[:str],X_1136:bat[:int]);
WARNING To speedup calc.== a bulk operator implementation is needed
X_1142:bat[:bit] := mal.multiplex("calc":str,"==":str,X_1140:bat[:bit],X_1141:bat[:int]);
Thread 5 "mserver5" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffc0930700 (LWP 17487)]
0x00007fffe8177c87 in sa_reset (sa=0x7fff00000000) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/sql/common/sql_mem.c:65
65 for (i = 1; inr; i++) {
Missing separate debuginfos, use: dnf debuginfo-install R-core-3.3.1-2.fc24.x86_64 SuperLU-5.2.0-1.fc24.x86_64 armadillo-7.300.1-1.fc24.x86_64 arpack-3.3.0-2.b0f7a60git.fc24.x86_64 atlas-3.10.2-12.fc24.x86_64 blas-3.6.1-1.fc24.x86_64 boost-atomic-1.60.0-7.fc24.x86_64 boost-chrono-1.60.0-7.fc24.x86_64 boost-date-time-1.60.0-7.fc24.x86_64 boost-filesystem-1.60.0-7.fc24.x86_64 boost-iostreams-1.60.0-7.fc24.x86_64 boost-program-options-1.60.0-7.fc24.x86_64 boost-regex-1.60.0-7.fc24.x86_64 boost-system-1.60.0-7.fc24.x86_64 boost-thread-1.60.0-7.fc24.x86_64 bzip2-libs-1.0.6-20.fc24.x86_64 cfitsio-3.370-6.fc24.x86_64 cyrus-sasl-lib-2.1.26-26.2.fc24.x86_64 expat-2.1.1-2.fc24.x86_64 fontconfig-2.11.94-7.fc24.x86_64 freetype-2.6.3-2.fc24.x86_64 freexl-1.0.2-3.fc24.x86_64 gdal-libs-2.0.2-6.fc24.x86_64 geos-3.5.0-1.fc24.x86_64 giflib-4.1.6-15.fc24.x86_64 gsl-2.1-4.fc24.x86_64 hdf5-1.8.16-3.fc24.x86_64 jasper-libs-1.900.1-34.fc24.x86_64 jbigkit-libs-2.1-5.fc24.x86_64 keyutils-libs-1.5.9-8.fc24.x86_64 krb5-libs-1.14.4-4.fc24.x86_64 lapack-3.6.1-1.fc24.x86_64 laszip-2.2.0-6.fc24.x86_64 lcms2-2.8-2.fc24.x86_64 libICE-1.0.9-5.fc24.x86_64 libSM-1.2.2-4.fc24.x86_64 libX11-1.6.3-3.fc24.x86_64 libXau-1.0.8-6.fc24.x86_64 libatomic_ops-7.4.2-9.fc24.x86_64 libcom_err-1.42.13-4.fc24.x86_64 libcurl-7.47.1-8.fc24.x86_64 libdap-3.17.2-1.fc24.x86_64 libgcc-6.2.1-2.fc24.x86_64 libgeotiff-1.4.0-7.fc24.x86_64 libgfortran-6.2.1-2.fc24.x86_64 libgomp-6.2.1-2.fc24.x86_64 libgta-1.0.7-3.fc24.x86_64 libicu-56.1-4.fc24.x86_64 libidn-1.33-1.fc24.x86_64 libjpeg-turbo-1.5.0-4.fc24.x86_64 liblas-1.8.0-13.fc24.x86_64 libnghttp2-1.7.1-1.fc24.x86_64 libpng-1.6.23-1.fc24.x86_64 libpsl-0.13.0-2.fc24.x86_64 libquadmath-6.2.1-2.fc24.x86_64 libselinux-2.5-9.fc24.x86_64 libspatialite-4.3.0a-2.fc24.x86_64 libssh2-1.7.0-5.fc24.x86_64 libstdc++-6.2.1-2.fc24.x86_64 libtiff-4.0.6-2.fc24.x86_64 libtool-ltdl-2.4.6-12.fc24.x86_64 libunistring-0.9.4-3.fc24.x86_64 libuuid-2.28.2-1.fc24.x86_64 libwebp-0.5.1-1.fc24.x86_64 libxcb-1.11.1-2.fc24.x86_64 libxml2-2.9.3-3.fc24.x86_64 mariadb-libs-10.1.18-1.fc24.x86_64 ncurses-libs-6.0-6.20160709.fc24.x86_64 netcdf-4.4.0-3.fc24.x86_64 nspr-4.13.0-1.fc24.x86_64 nss-3.27.0-1.1.fc24.x86_64 nss-softokn-freebl-3.27.0-1.0.fc24.x86_64 nss-util-3.27.0-1.0.fc24.x86_64 ogdi-3.2.0-0.26.beta2.fc24.x86_64 openblas-openmp-0.2.18-5.fc24.x86_64 openjpeg2-2.1.2-1.fc24.x86_64 openldap-2.4.44-1.fc24.x86_64 openssl-libs-1.0.2j-1.fc24.x86_64 pcre-8.39-3.fc24.x86_64 poppler-0.41.0-3.fc24.x86_64 postgresql-libs-9.5.4-1.fc24.x86_64 proj-4.9.2-2.fc24.x86_64 readline-6.3-8.fc24.x86_64 sqlite-libs-3.13.0-1.fc24.x86_64 tre-0.8.0-16.20140228gitc2f5d13.fc24.x86_64 unixODBC-2.3.4-2.fc24.x86_64 xerces-c-3.1.4-1.fc24.x86_64 xz-libs-5.2.2-2.fc24.x86_64 zlib-1.2.8-10.fc24.x86_64
(gdb) bt
0 0x00007fffe8177c87 in sa_reset (sa=0x7fff00000000) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/sql/common/sql_mem.c:65
1 0x00007fffe7fe80c8 in sqlcleanup (c=0x7fffb8010c40, err=0) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/sql/backends/monet5/sql.c:172
2 0x00007fffe800f221 in SQLparser (c=0x7fffe9db2330) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/sql/backends/monet5/sql_scenario.c:1326
3 0x00007ffff797d85a in runPhase (c=0x7fffe9db2330, phase=1) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/mal/mal_scenario.c:531
4 0x00007ffff797da01 in runScenarioBody (c=0x7fffe9db2330) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/mal/mal_scenario.c:566
5 0x00007ffff797dbac in runScenario (c=0x7fffe9db2330) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/mal/mal_scenario.c:595
6 0x00007ffff797f738 in MSserveClient (dummy=0x7fffe9db2330) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/mal/mal_session.c:457
7 0x00007ffff797f18c in MSscheduleClient (command=0x7fffb80008d0 "\340`\f\270\377\177", challenge=0x7fffc092fd70 "noo75rWC", fin=0x7fffb8002980, fout=0x7fffb4002b60) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/mal/mal_session.c:342
8 0x00007ffff7a39dd5 in doChallenge (data=0x7fffb40008d0) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/monetdb5/modules/mal/mal_mapi.c:205
9 0x00007ffff739475f in thread_starter (arg=0x7fffb4004c50) at /ufs/manegold/_/Monet/HG/Jun2016/source/MonetDB/gdk/gdk_system.c:485
10 0x00007ffff48f25ca in start_thread () from /lib64/libpthread.so.0
11 0x00007ffff462bf6d in clone () from /lib64/libc.so.6
(gdb) li
60
61 sql_allocator *sa_reset( sql_allocator sa )
62 {
63 size_t i ;
64
65 for (i = 1; inr; i++) {
66 DELETE(sa->blks[i]);
67 }
68 sa->nr = 1;
69 sa->used = 0;
(gdb) p sa
$1 = (sql_allocator *) 0x7fff00000000
(gdb) p *sa
Cannot access memory at address 0x7fff00000000
(gdb) p i
$2 = 1
(gdb) up
1 0x00007fffe7fe80c8 in sqlcleanup (c=0x7fffb8010c40, err=0) at /ufs/manegold//Monet/HG/Jun2016/source/MonetDB/sql/backends/monet5/sql.c:172
172 c->sa = sa_reset(c->sa);
(gdb) li
167 c->emod = 0;
168 }
169 / some statements dynamically disable caching */
170 c->sym = NULL;
171 if (c->sa)
172 c->sa = sa_reset(c->sa);
173 if (err >0)
174 c->session->status = -err;
175 if (err <0)
176 c->session->status = err;
(gdb) p c
$3 = (mvc *) 0x7fffb8010c40
(gdb) p *c
$4 = {errstr = '\000' <repeats 20 times>, "\005", '\000' <repeats 31 times>, "\005", '\000' <repeats 31 times>, "\005", '\000' <repeats 31 times>, "\005", '\000' <repeats 31 times>, "\005", '\000' <repeats 31 times>, "\005", '\000' <repeats 31 times>..., sa = 0x7fff00000000, qc = 0x7fffb8003a50, clientid = 0, scanner = {rs = 0x7fffb8002980, ws = 0x7fff00000000, log = 0x0, yynext = 0, yylast = 5, yysval = 8431,
yyval = 385, yycur = 0, yybak = 0 '\000', as = 0, key = 0, started = 0, mode = (LINE_N | unknown: 4), schema = 0x0, errstr = 0x0}, params = 0x0, forward = 0x500000000, vars = 0x7fffb80008d0, topvars = 0, sizevars = 32, frame = 1, use_views = 0, args = 0x500000000, argc = 0, argmax = 32, sym = 0x0, no_mitosis = 0, user_id = 3, role_id = 0, last_id = -1, rowcnt = -4294967296, timezone = 7200000, cache = 100,
caching = 0, history = 5, reply_size = -1, sizeheader = 0, debug = 0, emode = 0 '\000', emod = 0 '\000', session = 0x7fffb8003bb0, type = 0, pushdown = 5, label = 75, cascade_action = 0x0, opt_stats = {0, 0, 0, 5, 0, 0, 0, 0}, result_id = 0, results = 0x500000000}
(gdb)
Comment 24568
Date: 2016-10-20 15:27:11 +0200
From: @sjoerdmullender
valgrind gives some worrying errors in the Jun2016 branch. It looks like freeVariables() accesses data beyond the end of the array. glb->stk isn't as long as mb->vtop expects.
Comment 24573
Date: 2016-10-21 11:28:33 +0200
From: Bo Tang <>
Created attachment 485
another query for segmentation fault
Comment 24574
Date: 2016-10-21 11:31:40 +0200
From: Bo Tang <>
For the later query, gdb backtrace shows:
0 0x00007ffff5d9b090 in __write_nocancel () from /lib64/libc.so.6
1 0x00007ffff79b2153 in socket_write (s=0x751370, buf=0x6bfe30, elmsize=1, cnt=26) at stream.c:2112
2 0x00007ffff79b4eca in bs_flush (ss=0x7323c0) at stream.c:3716
3 0x00007ffff79ae42e in mnstr_flush (s=0x7323c0) at stream.c:474
4 0x00007ffff7bcbc5a in mapi_execute_internal (hdl=0x1c503a60) at mapi.c:4166
5 0x00007ffff7bcbff9 in mapi_query (mid=0x750f30, cmd=0x47345f "CALL sys.settimeout(1)") at mapi.c:4217
6 0x000000000042178a in dut_monetdb::test (this=this@entry=0x6ab410,...) at monetdb.cc:217
7 0x0000000000411942 in main (argc=, argv=) at sqlsmith.cc:209
Comment 24577
Date: 2016-10-21 16:23:07 +0200
From: Bo Tang <>
Created attachment 487
this query also triggered Segmentation fault (core dumped)
Comment 24587
Date: 2016-10-24 16:03:50 +0200
From: Bo Tang <>
Created attachment 488
one more query for segmentation fault
Comment 24647
Date: 2016-11-03 10:19:09 +0100
From: MonetDB Mercurial Repository <>
Changeset 0a940b3f3f28 made by Niels Nes niels@cwi.nl in the MonetDB repo, refers to this bug.
For complete details, see http//devmonetdborg/hg/MonetDB?cmd=changeset;node=0a940b3f3f28
Changeset description:
Comment 24650
Date: 2016-11-07 09:34:42 +0100
From: @sjoerdmullender
(In reply to MonetDB Mercurial Repository from comment 9)
This does not fix the problem I referred to in comment 4.
Comment 24651
Date: 2016-11-07 10:32:47 +0100
From: MonetDB Mercurial Repository <>
Changeset 6c8b4094bb16 made by Sjoerd Mullender sjoerd@acm.org in the MonetDB repo, refers to this bug.
For complete details, see http//devmonetdborg/hg/MonetDB?cmd=changeset;node=6c8b4094bb16
Changeset description:
Comment 24652
Date: 2016-11-07 10:35:20 +0100
From: @sjoerdmullender
(In reply to MonetDB Mercurial Repository from comment 11)
This is actually a fix for comment 4, not for the calc.== undefined issue.
Comment 24963
Date: 2017-02-03 14:56:23 +0100
From: @sjoerdmullender
None of the queries results in a crash or even warnings about calc.== in the Dec2016 branch.
Comment 25131
Date: 2017-03-03 10:24:55 +0100
From: @sjoerdmullender
Dec2016-SP2 has been released, incorporating the fix.
The text was updated successfully, but these errors were encountered: