Replace assert with chassert in AggregateFunctionArray constructor#102856
Conversation
The C `assert()` in AggregateFunctionArray's constructor calls `abort()` when the parameter consistency invariant is violated, killing the entire server process. The AST fuzzer occasionally generates queries with rare combinator+Nullable interaction paths that trigger this assertion (STID 4870-4f21, ~4 occurrences in 30 days). Replace with `chassert()` which throws a LOGICAL_ERROR exception in debug/sanitizer builds instead of crashing. This allows the server to continue serving other queries while still detecting and logging the invariant violation. In release builds, both macros are no-ops. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
cc @Avogar — could you review this? It replaces a C |
|
Workflow [PR], commit [48e6971] Summary: ✅ AI ReviewSummaryThis PR changes one line in ClickHouse Rules
Final Verdict
|
LLVM Coverage ReportChanged lines: 83.33% (5/6) · Uncovered code |
The assertion `parameters == nested_func->getParameters()` in AggregateFunctionArray has been firing ~4 times per month in CI (AST fuzzer and serverfuzz stress tests), triggered by specific combinator+Array+Nullable mutations that are extremely hard to reproduce locally. The previous chassert (converted from assert() in PR ClickHouse#102856) only provides the expression text with no information about WHAT the parameters actually are. This makes root cause investigation nearly impossible. Replace with an explicit LOGICAL_ERROR exception that logs: - The Array wrapper function name - The nested function name - Both parameter sets with their values and sizes This preserves the invariant check while providing actionable diagnostic information. The next CI occurrence will immediately reveal which code path produces the parameter mismatch. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The assertion `parameters == nested_func->getParameters()` in AggregateFunctionArray has been firing ~4 times per month in CI (AST fuzzer and serverfuzz stress tests), triggered by specific combinator+Array+Nullable mutations that are extremely hard to reproduce locally. The previous chassert (converted from assert() in PR ClickHouse#102856) only provides the expression text with no information about WHAT the parameters actually are. This makes root cause investigation nearly impossible. Replace with an explicit LOGICAL_ERROR exception that logs: - The Array wrapper function name - The nested function name - Both parameter sets with their values and sizes This preserves the invariant check while providing actionable diagnostic information. The next CI occurrence will immediately reveal which code path produces the parameter mismatch. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Changelog category (leave one):
Changelog entry (a]sentence-length human-readable entry for the changelog, not a copy of the PR title. Skip for non-user-facing changes):
Documentation checkbox (leave empty if not applicable):
Summary
The
AggregateFunctionArrayconstructor has anassert()(C standard library) that verifies parameter consistency between the outer Array wrapper and its nested function. The AST fuzzer occasionally generates queries with rare combinator + Nullable interaction paths that violate this invariant (STID 4870-4f21, persisting after PR #100679 which fixed the primary Nothing-function case).The C
assert()callsabort()which kills the entire server process (SIGABRT). This is disproportionate for a metadata inconsistency — the parameter mismatch does not cause data corruption or incorrect results.Fix
Replace
assert()withchassert():LOGICAL_ERRORexception (caught by query error handling, server survives)This is the standard ClickHouse pattern for query-path invariant checks (~2000+
chassertinstances in the codebase).CIDB Evidence
STID 4870-4f21 occurrences in the last 30 days:
Version info
26.4.1.982