crashes, segmentation fault, sqlite3VdbeAppendP4, if( p->db->mallocFailed )
(1) By manning on 2021-03-07 07:47:09 [link] [source]
ubuntu 19.10
clang -fsanitize=address -O1 -fno-omit-frame-pointer -g shell.c sqlite3.o ; ASAN_OPTIONS=detect_leaks=1:halt_on_path=./asan.log ./a.out
SQLite version 3.35.0 2021-01-09 19:10:04
Enter ".help" for usage hints.
Connected to a transient in-memory database.
Use ".open FILENAME" to reopen on a persistent database.
sqlite> CREATE TABLE v0 ( v1 CHECK( v1 = zeroblob ( NOT zeroblob ( NOT zeroblob ( DISTINCT 1.100000 + 10.100000 ) <= v1 ) = v1 ) NOT LIKE 'x' ) ) ; CREATE TRIGGER x AFTER INSERT ON v0 BEGIN INSERT OR REPLACE INTO v0 ( v1 , v1 , v1 ) VALUES ( 0 , NULL , 'v1' ) ON CONFLICT DO NOTHING ; END ; CREATE TRIGGER r1 AFTER INSERT ON v0 BEGIN SELECT v1 , count ( count () ) OVER( ORDER BY@v1 ) AS myname FROM v0 ; END ; INSERT INTO v0 ( v1 , v1 ) VALUES ( 127 , 10 ) ,( 0 , 10 ) ,( 10 , 3 ) ,( 9223372036854775807 , 10 ) ,( 12 , 8 ) ,( 2 , 2 ) ,( 'v1' , 8 ) ,( 'x' , 127 ) ,( 'MED BOX' , 10 ) ,( 'v1' , 1 ) ,( 'v0' , 10 ) ,( 'v1' , 10 ) ,( 'LG PKG' , 1 ) ,( 'x' , 1 ) ,( 'Brand#23' , 2 ) ,( 'v1' , 10 ) ; ALTER TABLE t2 RENAME TO t3 ;
AddressSanitizer:DEADLYSIGNAL
=================================================================
==4761==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x0000007856af bp 0x000000000000 sp 0x7ffd53dfafe0 T0)
==4761==The signal is caused by a WRITE memory access.
==4761==Hint: address points to the zero page.
#0 0x7856ae in sqlite3VdbeAppendP4 /home/song/sqlite/bld/sqlite3.c:79554:12
#1 0x7856ae in sqlite3ExprCodeTarget /home/song/sqlite/bld/sqlite3.c:104402:9
#2 0x79a2b2 in sqlite3ExprCodeExprList /home/song/sqlite/bld/sqlite3.c:105159:19
#3 0x7abf77 in innerLoopLoadRow /home/song/sqlite/bld/sqlite3.c:130996:3
#4 0x7abf77 in selectInnerLoop /home/song/sqlite/bld/sqlite3.c:131450:7
#5 0x772239 in sqlite3Select /home/song/sqlite/bld/sqlite3.c:137387:7
#6 0x767b36 in sqlite3Select /home/song/sqlite/bld/sqlite3.c:136676:7
#7 0x8f5d5b in codeTriggerProgram /home/song/sqlite/bld/sqlite3.c:138499:9
#8 0x8f5d5b in codeRowTrigger /home/song/sqlite/bld/sqlite3.c:138632:5
#9 0x8f768d in getRowTrigger /home/song/sqlite/bld/sqlite3.c:138689:12
#10 0x8f768d in sqlite3CodeRowTriggerDirect /home/song/sqlite/bld/sqlite3.c:138711:10
#11 0x8f7c17 in sqlite3CodeRowTrigger /home/song/sqlite/bld/sqlite3.c:138805:7
#12 0x8f2c7e in sqlite3Insert /home/song/sqlite/bld/sqlite3.c:122815:5
#13 0x859c33 in yy_reduce /home/song/sqlite/bld/sqlite3.c:159706:3
#14 0x859c33 in sqlite3Parser /home/song/sqlite/bld/sqlite3.c:160692:15
#15 0x859c33 in sqlite3RunParser /home/song/sqlite/bld/sqlite3.c:161974:5
#16 0x8661d9 in sqlite3Prepare /home/song/sqlite/bld/sqlite3.c:130157:5
#17 0x867bee in sqlite3LockAndPrepare /home/song/sqlite/bld/sqlite3.c:130231:10
#18 0x868451 in sqlite3_prepare_v2 /home/song/sqlite/bld/sqlite3.c:130316:8
#19 0x4dd0e3 in shell_exec /home/song/crashes/sqlite/bld/shell.c:13476:10
#20 0x5004e7 in runOneSqlLine /home/song/crashes/sqlite/bld/shell.c:20487:8
#21 0x4de43a in process_input /home/song/crashes/sqlite/bld/shell.c:20587:17
#22 0x4cd6c2 in main /home/song/crashes/sqlite/bld/shell.c:21387:12
#23 0x7f2af26ae1e2 in __libc_start_main /build/glibc-5mDdLG/glibc-2.30/csu/../csu/libc-start.c:308:16
#24 0x41ce9d in _start (/home/song/crashes/sqlite/bld/a.out+0x41ce9d)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/song/sqlite/bld/sqlite3.c:79554:12 in sqlite3VdbeAppendP4
==4761==ABORTING
macos 11.2.1
manning@MacBook-Pro-2 ~ % sqlite3
SQLite version 3.32.3 2020-06-18 14:16:19
Enter ".help" for usage hints.
Connected to a transient in-memory database.
Use ".open FILENAME" to reopen on a persistent database.
sqlite> CREATE TABLE v0 ( v1 CHECK( v1 = zeroblob ( NOT zeroblob ( NOT zeroblob ( DISTINCT 1.100000 + 10.100000 ) <= v1 ) = v1 ) NOT LIKE 'x' ) ) ; CREATE TRIGGER x AFTER INSERT ON v0 BEGIN INSERT OR REPLACE INTO v0 ( v1 , v1 , v1 ) VALUES ( 0 , NULL , 'v1' ) ON CONFLICT DO NOTHING ; END ; CREATE TRIGGER r1 AFTER INSERT ON v0 BEGIN SELECT v1 , count ( count () ) OVER( ORDER BY@v1 ) AS myname FROM v0 ; END ; INSERT INTO v0 ( v1 , v1 ) VALUES ( 127 , 10 ) ,( 0 , 10 ) ,( 10 , 3 ) ,( 9223372036854775807 , 10 ) ,( 12 , 8 ) ,( 2 , 2 ) ,( 'v1' , 8 ) ,( 'x' , 127 ) ,( 'MED BOX' , 10 ) ,( 'v1' , 1 ) ,( 'v0' , 10 ) ,( 'v1' , 10 ) ,( 'LG PKG' , 1 ) ,( 'x' , 1 ) ,( 'Brand#23' , 2 ) ,( 'v1' , 10 ) ; ALTER TABLE t2 RENAME TO t3 ;
zsh: segmentation fault sqlite3
manning@MacBook-Pro-2 ~ %
(2) By anonymous on 2021-03-07 08:18:42 in reply to 1 [source]
In an attempt to reproduce the error on an Ubuntu system I stumbled on this: sqlite> CREATE TRIGGER r1 ...> AFTER INSERT ON v0 ...> BEGIN ...> SELECT v1 , count ( count () ) OVER( ORDER BY@v1 ) AS myname FROM v0 ; ...> END ; Error: trigger cannot use variables
(3) By manning on 2021-03-07 09:10:30 in reply to 2 [link] [source]
macos , SQLite version 3.32.3 sqlite> CREATE TABLE v0 ( v1 CHECK( v1 = zeroblob ( NOT zeroblob ( NOT zeroblob ( DISTINCT 1.100000 + 10.100000 ) <= v1 ) = v1 ) NOT LIKE 'x' ) ) ; CREATE TRIGGER x AFTER INSERT ON v0 BEGIN INSERT OR REPLACE INTO v0 ( v1 , v1 , v1 ) VALUES ( 0 , NULL , 'v1' ) ON CONFLICT DO NOTHING ; END ; CREATE TRIGGER r1 AFTER INSERT ON v0 BEGIN SELECT v1 , count ( count () ) OVER( ORDER BY@v1 ) AS myname FROM v0 ; END ; sqlite> It doesn't show errors.
(4) By Richard Hipp (drh) on 2021-03-07 11:52:18 in reply to 1 [link] [source]
SQLite version 3.35.0 2021-01-09 19:10:04
The problem seems to have been previously fixed on 2021-01-21 by check-in 02264ab6a02d6cc9.