Sahil Takiar has uploaded this change for review. ( http://gerrit.cloudera.org:8080/11844
Change subject: IMPALA-7777: Fix crash due to arithmetic overflows in Exchange Node ...................................................................... IMPALA-7777: Fix crash due to arithmetic overflows in Exchange Node Fixes an arithmetic overflow in ExchangeNode::GetNextMerging. Prior to this patch, the code read: int rows_to_keep = num_rows_skipped_ - offset_; Where num_rows_skipped_ and offset_ were of type int64_t. The result was cast to an int which can lead to an overflow if the result exceeds the value of 2^31. The value of rows_to_keep would be passed into row-batch.h::CopyRows which would crash due to a DCHECK_LE error. This crash arises when the value of the OFFSET is a large number, for example, the query: select int_col from functional.alltypes order by 1 limit 1 offset 9223372036854775800; Would crash the Impalad executor for this query. The fix is to change rows_to_keep to an int64_t to avoid the overflow, which prevents the DCHECK_LE from failing. Change-Id: I8bb8064aae6ad25c8a19f6a8869086be7e70400a --- M be/src/exec/exchange-node.cc M be/src/runtime/row-batch.h M testdata/workloads/functional-query/queries/QueryTest/top-n.test 3 files changed, 10 insertions(+), 2 deletions(-) git pull ssh://gerrit.cloudera.org:29418/Impala-ASF refs/changes/44/11844/1 -- To view, visit http://gerrit.cloudera.org:8080/11844 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: I8bb8064aae6ad25c8a19f6a8869086be7e70400a Gerrit-Change-Number: 11844 Gerrit-PatchSet: 1 Gerrit-Owner: Sahil Takiar <[email protected]> Gerrit-Reviewer: Lars Volker <[email protected]>
