crashes, segmentation fault, sqlite3VdbeAppendP4, if( p->db->mallocFailed )
(1) By manning on 2021-03-07 07:47:09 [link] [source]
ubuntu 19.10 clang -fsanitize=address -O1 -fno-omit-frame-pointer -g shell.c sqlite3.o ; ASAN_OPTIONS=detect_leaks=1:halt_on_path=./asan.log ./a.out SQLite version 3.35.0 2021-01-09 19:10:04 Enter ".help" for usage hints. Connected to a transient in-memory database. Use ".open FILENAME" to reopen on a persistent database. sqlite> CREATE TABLE v0 ( v1 CHECK( v1 = zeroblob ( NOT zeroblob ( NOT zeroblob ( DISTINCT 1.100000 + 10.100000 ) <= v1 ) = v1 ) NOT LIKE 'x' ) ) ; CREATE TRIGGER x AFTER INSERT ON v0 BEGIN INSERT OR REPLACE INTO v0 ( v1 , v1 , v1 ) VALUES ( 0 , NULL , 'v1' ) ON CONFLICT DO NOTHING ; END ; CREATE TRIGGER r1 AFTER INSERT ON v0 BEGIN SELECT v1 , count ( count () ) OVER( ORDER BY@v1 ) AS myname FROM v0 ; END ; INSERT INTO v0 ( v1 , v1 ) VALUES ( 127 , 10 ) ,( 0 , 10 ) ,( 10 , 3 ) ,( 9223372036854775807 , 10 ) ,( 12 , 8 ) ,( 2 , 2 ) ,( 'v1' , 8 ) ,( 'x' , 127 ) ,( 'MED BOX' , 10 ) ,( 'v1' , 1 ) ,( 'v0' , 10 ) ,( 'v1' , 10 ) ,( 'LG PKG' , 1 ) ,( 'x' , 1 ) ,( 'Brand#23' , 2 ) ,( 'v1' , 10 ) ; ALTER TABLE t2 RENAME TO t3 ; AddressSanitizer:DEADLYSIGNAL ================================================================= ==4761==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x0000007856af bp 0x000000000000 sp 0x7ffd53dfafe0 T0) ==4761==The signal is caused by a WRITE memory access. ==4761==Hint: address points to the zero page. #0 0x7856ae in sqlite3VdbeAppendP4 /home/song/sqlite/bld/sqlite3.c:79554:12 #1 0x7856ae in sqlite3ExprCodeTarget /home/song/sqlite/bld/sqlite3.c:104402:9 #2 0x79a2b2 in sqlite3ExprCodeExprList /home/song/sqlite/bld/sqlite3.c:105159:19 #3 0x7abf77 in innerLoopLoadRow /home/song/sqlite/bld/sqlite3.c:130996:3 #4 0x7abf77 in selectInnerLoop /home/song/sqlite/bld/sqlite3.c:131450:7 #5 0x772239 in sqlite3Select /home/song/sqlite/bld/sqlite3.c:137387:7 #6 0x767b36 in sqlite3Select /home/song/sqlite/bld/sqlite3.c:136676:7 #7 0x8f5d5b in codeTriggerProgram /home/song/sqlite/bld/sqlite3.c:138499:9 #8 0x8f5d5b in codeRowTrigger /home/song/sqlite/bld/sqlite3.c:138632:5 #9 0x8f768d in getRowTrigger /home/song/sqlite/bld/sqlite3.c:138689:12 #10 0x8f768d in sqlite3CodeRowTriggerDirect /home/song/sqlite/bld/sqlite3.c:138711:10 #11 0x8f7c17 in sqlite3CodeRowTrigger /home/song/sqlite/bld/sqlite3.c:138805:7 #12 0x8f2c7e in sqlite3Insert /home/song/sqlite/bld/sqlite3.c:122815:5 #13 0x859c33 in yy_reduce /home/song/sqlite/bld/sqlite3.c:159706:3 #14 0x859c33 in sqlite3Parser /home/song/sqlite/bld/sqlite3.c:160692:15 #15 0x859c33 in sqlite3RunParser /home/song/sqlite/bld/sqlite3.c:161974:5 #16 0x8661d9 in sqlite3Prepare /home/song/sqlite/bld/sqlite3.c:130157:5 #17 0x867bee in sqlite3LockAndPrepare /home/song/sqlite/bld/sqlite3.c:130231:10 #18 0x868451 in sqlite3_prepare_v2 /home/song/sqlite/bld/sqlite3.c:130316:8 #19 0x4dd0e3 in shell_exec /home/song/crashes/sqlite/bld/shell.c:13476:10 #20 0x5004e7 in runOneSqlLine /home/song/crashes/sqlite/bld/shell.c:20487:8 #21 0x4de43a in process_input /home/song/crashes/sqlite/bld/shell.c:20587:17 #22 0x4cd6c2 in main /home/song/crashes/sqlite/bld/shell.c:21387:12 #23 0x7f2af26ae1e2 in __libc_start_main /build/glibc-5mDdLG/glibc-2.30/csu/../csu/libc-start.c:308:16 #24 0x41ce9d in _start (/home/song/crashes/sqlite/bld/a.out+0x41ce9d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/song/sqlite/bld/sqlite3.c:79554:12 in sqlite3VdbeAppendP4 ==4761==ABORTING macos 11.2.1 manning@MacBook-Pro-2 ~ % sqlite3 SQLite version 3.32.3 2020-06-18 14:16:19 Enter ".help" for usage hints. Connected to a transient in-memory database. Use ".open FILENAME" to reopen on a persistent database. sqlite> CREATE TABLE v0 ( v1 CHECK( v1 = zeroblob ( NOT zeroblob ( NOT zeroblob ( DISTINCT 1.100000 + 10.100000 ) <= v1 ) = v1 ) NOT LIKE 'x' ) ) ; CREATE TRIGGER x AFTER INSERT ON v0 BEGIN INSERT OR REPLACE INTO v0 ( v1 , v1 , v1 ) VALUES ( 0 , NULL , 'v1' ) ON CONFLICT DO NOTHING ; END ; CREATE TRIGGER r1 AFTER INSERT ON v0 BEGIN SELECT v1 , count ( count () ) OVER( ORDER BY@v1 ) AS myname FROM v0 ; END ; INSERT INTO v0 ( v1 , v1 ) VALUES ( 127 , 10 ) ,( 0 , 10 ) ,( 10 , 3 ) ,( 9223372036854775807 , 10 ) ,( 12 , 8 ) ,( 2 , 2 ) ,( 'v1' , 8 ) ,( 'x' , 127 ) ,( 'MED BOX' , 10 ) ,( 'v1' , 1 ) ,( 'v0' , 10 ) ,( 'v1' , 10 ) ,( 'LG PKG' , 1 ) ,( 'x' , 1 ) ,( 'Brand#23' , 2 ) ,( 'v1' , 10 ) ; ALTER TABLE t2 RENAME TO t3 ; zsh: segmentation fault sqlite3 manning@MacBook-Pro-2 ~ %
(2) By anonymous on 2021-03-07 08:18:42 in reply to 1 [link] [source]
In an attempt to reproduce the error on an Ubuntu system I stumbled on this: sqlite> CREATE TRIGGER r1 ...> AFTER INSERT ON v0 ...> BEGIN ...> SELECT v1 , count ( count () ) OVER( ORDER BY@v1 ) AS myname FROM v0 ; ...> END ; Error: trigger cannot use variables
(3) By manning on 2021-03-07 09:10:30 in reply to 2 [link] [source]
macos , SQLite version 3.32.3 sqlite> CREATE TABLE v0 ( v1 CHECK( v1 = zeroblob ( NOT zeroblob ( NOT zeroblob ( DISTINCT 1.100000 + 10.100000 ) <= v1 ) = v1 ) NOT LIKE 'x' ) ) ; CREATE TRIGGER x AFTER INSERT ON v0 BEGIN INSERT OR REPLACE INTO v0 ( v1 , v1 , v1 ) VALUES ( 0 , NULL , 'v1' ) ON CONFLICT DO NOTHING ; END ; CREATE TRIGGER r1 AFTER INSERT ON v0 BEGIN SELECT v1 , count ( count () ) OVER( ORDER BY@v1 ) AS myname FROM v0 ; END ; sqlite> It doesn't show errors.
(4) By Richard Hipp (drh) on 2021-03-07 11:52:18 in reply to 1 [source]
SQLite version 3.35.0 2021-01-09 19:10:04
The problem seems to have been previously fixed on 2021-01-21 by check-in 02264ab6a02d6cc9.