Hi all. For query: ```SQL CREATE TABLE v0 ( v2 INTEGER ); CREATE TABLE v3 ( v5 INTEGER ); WITH v0 AS ( SELECT * FROM v3 ) UPDATE v0 SET v2 = 'x' FROM v3; ``` Segmentation Fault triggered. Address Sanitizer outputs the following information: ``` AddressSanitizer:DEADLYSIGNAL ================================================================= ==3922846==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x0000007d7f8c bp 0x7fff139364d0 sp 0x7fff13936380 T0) ==3922846==The signal is caused by a READ memory access. ==3922846==Hint: address points to the zero page. #0 0x7d7f8c in sqlite3ExprVectorSize /home/hong/sqlite-asan-build/sqlite3.c:101589:18 #1 0x7d7f8c in sqlite3ExprIsVector /home/hong/sqlite-asan-build/sqlite3.c:101579:10 #2 0x7d7f8c in substExpr /home/hong/sqlite-asan-build/sqlite3.c:135568:11 #3 0x7d7310 in substExprList /home/hong/sqlite-asan-build/sqlite3.c:135635:25 #4 0x7d7310 in substSelect /home/hong/sqlite-asan-build/sqlite3.c:135648:5 #5 0x6d726d in flattenSubquery /home/hong/sqlite-asan-build/sqlite3.c:136313:7 #6 0x6d726d in sqlite3Select /home/hong/sqlite-asan-build/sqlite3.c:138246:9 #7 0x862613 in updateFromSelect /home/hong/sqlite-asan-build/sqlite3.c:141142:3 #8 0x7136e0 in sqlite3Update /home/hong/sqlite-asan-build/sqlite3.c:141555:9 #9 0x6902b8 in yy_reduce /home/hong/sqlite-asan-build/sqlite3.c:161919:3 #10 0x56e010 in sqlite3Parser /home/hong/sqlite-asan-build/sqlite3.c:162963:15 #11 0x56e010 in sqlite3RunParser /home/hong/sqlite-asan-build/sqlite3.c:164259:5 #12 0x663e3d in sqlite3Prepare /home/hong/sqlite-asan-build/sqlite3.c:131652:5 #13 0x56a6af in sqlite3LockAndPrepare /home/hong/sqlite-asan-build/sqlite3.c:131727:10 #14 0x53e804 in sqlite3_prepare_v2 /home/hong/sqlite-asan-build/sqlite3.c:131812:8 #15 0x4f5482 in shell_exec /home/hong/sqlite-asan-build/shell.c:13602:10 #16 0x52a90f in runOneSqlLine /home/hong/sqlite-asan-build/shell.c:20626:8 #17 0x4f9e8b in process_input /home/hong/sqlite-asan-build/shell.c:20726:17 #18 0x4d6e10 in main /home/hong/sqlite-asan-build/shell.c #19 0x7fc161e9e0b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16 #20 0x41c63d in _start (/home/hong/sqlite-asan-build/sqlite3+0x41c63d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/hong/sqlite-asan-build/sqlite3.c:101589:18 in sqlite3ExprVectorSize ==3922846==ABORTING ``` This behavior can be reproduced by one of the latest development version, fossil: b480aacb3430a789d98ffd81a1886bbbc3cda5b0e736ec9a3e2b463db2a3b3ad, but seems not affecting the stable release: tested with SQLite version 3.32.3 with correct run through. Look forward to your reply.