Hi, I ran into the following regression after upgrading from SQLite 3.7.14.1 to 3.7.16.2: the SQLite parser crashes when it encounters a subquery enclosed in double parentheses.
For example: $ sqlite3 SQLite version 3.7.16.2 2013-04-12 11:52:43 Enter ".help" for instructions Enter SQL statements terminated with a ";" sqlite> select * from ((select * from x)) y; Segmentation fault (It doesn't matter whether table "x" exists or not.) On SQLite 3.7.14.1, this worked correctly. The problem can be fixed by removing the redundant parentheses, but the parser shouldn't segfault when encountering this. The stack trace is as follows: > #0 0x00007ffff7b7b0b3 in selectExpander (pWalker=0x7fffffffb4a0, p=0x620278) > at sqlite3.c:98052 > #1 0x00007ffff7b4f69b in sqlite3WalkSelect (pWalker=0x7fffffffb4a0, > p=0x620278) at sqlite3.c:72631 > #2 0x00007ffff7b7baf1 in sqlite3SelectExpand (pParse=0x620808, > pSelect=0x620278) at sqlite3.c:98298 > #3 0x00007ffff7b7bc8d in sqlite3SelectPrep (pParse=0x620808, p=0x620278, > pOuterNC=0x0) at sqlite3.c:98383 > #4 0x00007ffff7b7c44a in sqlite3Select (pParse=0x620808, p=0x620278, > pDest=0x7fffffffb7f0) at sqlite3.c:98648 > #5 0x00007ffff7b8f719 in yy_reduce (yypParser=0x620ab8, yyruleno=112) at > sqlite3.c:111032 > #6 0x00007ffff7b926b2 in sqlite3Parser (yyp=0x620ab8, yymajor=1, > yyminor=..., pParse=0x620808) at sqlite3.c:112034 > #7 0x00007ffff7b933ef in sqlite3RunParser (pParse=0x620808, zSql=0x60f530 > "select * from ((select * from x)) y;", pzErrMsg=0x7fffffffbaa0) at > sqlite3.c:112859 > #8 0x00007ffff7b74436 in sqlite3Prepare (db=0x60f568, zSql=0x60f530 "select > * from ((select * from x)) y;", nBytes=-1, saveSqlFlag=1, pReprepare=0x0, > ppStmt=0x7fffffffbc08, > pzTail=0x7fffffffbc00) at sqlite3.c:94461 > #9 0x00007ffff7b74772 in sqlite3LockAndPrepare (db=0x60f568, zSql=0x60f530 > "select * from ((select * from x)) y;", nBytes=-1, saveSqlFlag=1, pOld=0x0, > ppStmt=0x7fffffffbc08, > pzTail=0x7fffffffbc00) at sqlite3.c:94553 > #10 0x00007ffff7b74929 in sqlite3_prepare_v2 (db=0x60f568, zSql=0x60f530 > "select * from ((select * from x)) y;", nBytes=-1, ppStmt=0x7fffffffbc08, > pzTail=0x7fffffffbc00) at sqlite3.c:94629 > #11 0x0000000000404b51 in shell_exec (db=0x60f568, zSql=0x60f530 "select * > from ((select * from x)) y;", xCallback=0x403038 <shell_callback>, > pArg=0x7fffffffbd40, pzErrMsg=0x7fffffffbce8) > at shell.c:1144 > #12 0x0000000000409dd9 in process_input (p=0x7fffffffbd40, in=0x0) at > shell.c:2728 > #13 0x000000000040b06b in main (argc=1, argv=0x7fffffffd3d8) at shell.c:3189 This is on NixOS Linux, 64-bit, GCC 4.6.3 and Glibc 2.17. Also confirmed with the 2013-04-26 SQLite snapshot. -- Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/ _______________________________________________ sqlite-users mailing list [email protected] http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
