The grammar-based fuzzer ATNwalk found an assertion violation.

Please find below further details and how to reproduce it.

Best regards,

Maik Betka

######## Version ########

$ fossil info
project-name: SQLite
repository:   /home/rocky/sqlite3/sqlite.fossil
local-root:   /home/rocky/sqlite3/
config-db:    /home/rocky/.config/fossil.db
project-code: 2ab58778c2967968b94284e989e43dc11791f548
checkout:     cec49c7d93362f527f0b4744cd1ae95d44a79671 2023-05-23 11:47:56 UTC
parent:       81ffcf41d69ae73ee8c037f675e18e2b46a15bee 2023-05-22 20:36:55 UTC
tags:         trunk
comment:      Add test cases for the recovery extension. No changes to code.
              (user: dan)
check-ins:    28995

$ clang --version
clang version 14.0.6 (Red Hat 14.0.6-4.el9_1)
Target: x86_64-redhat-linux-gnu
Thread model: posix
InstalledDir: /usr/bin


######## Build ########

export ASAN_OPTIONS=detect_leaks=0
export CC="/usr/bin/clang"
export CFLAGS="-fsanitize=address \
    -DSQLITE_DEBUG=1 \
    -DSQLITE_ENABLE_UPDATE_DELETE_LIMIT=1 \
    -DSQLITE_ENABLE_RTREE=1 \
    -DSQLITE_MAX_LENGTH=134217728 \
    -DSQLITE_MAX_SQL_LENGTH=134217728 \
    -DSQLITE_MAX_MEMORY=266338304 \
    -DSQLITE_PRINTF_PRECISION_LIMIT=1048576 \
    -DSQLITE_MAX_PAGE_COUNT=32768" 

./configure
make sqlite3.c
${CC} ${CFLAGS} -I. shell.c sqlite3.c -o sqlite3


######## poc.sql ########

CREATE  TABLE  IF  NOT  EXISTS main.t2(mx_payload);
CREATE  INDEX main.index0 ON t2(likely(mx_payload) DESC );
SELECT max( DISTINCT ~likely(mx_payload)) FILTER ( WHERE likely( RAISE ( ABORT , 'ahh'))) FROM (t2 INDEXED  BY index0), ( SELECT  ALL likely(mx_payload) FROM t2 INDEXED  BY index0) AS t2 GROUP  BY likely(mx_payload) HAVING  CURRENT_DATE  IS likely(mx_payload);


######## Execute ########

cat poc.sql | ./sqlite3


######## Output ########

sqlite3: sqlite3.c:106499: Expr *sqlite3ExprSkipCollateAndLikely(Expr *): Assertion `pExpr->op==TK_FUNCTION' failed.
Aborted (core dumped)