Re: [sqlite] Segmentation Fault When Using Window Function

Thu, 08 Nov 2018 13:05:28 -0800 

In case you are not following the ticket at
https://www.sqlite.org/src/tktview/787fa716be3a7f650cac1b1413f12f95f5e7639d,
we have simplified the test case to the following:

CREATE TABLE t5(a, b, c, d);
CREATE INDEX t5a ON t5(a);
CREATE INDEX t5b ON t5(b);
CREATE TABLE t6(e);
INSERT INTO t6 VALUES(1);
INSERT INTO t5 VALUES(1,1,1,1), (2,2,2,2);
SELECT * FROM t5 WHERE (a=1 OR b=2) AND c IN (
  SELECT e FROM (SELECT DISTINCT e FROM t6) WHERE e=1
);

The above fails going back to SQLite version 3.8.11 (2015-07-27).

On 11/7/18, Jeremy Evans <c...@jeremyevans.net> wrote:
> The following SQL causes a segmentation fault on:
>
> * OpenBSD -current (3.25.1 and 3.25.3)
> * MacOS 10.14 (3.25.2)
>
> No segmentation fault using the precompiled Windows binary, though.
>
> CREATE TABLE `artists` (
>   `id` integer NOT NULL PRIMARY KEY AUTOINCREMENT,
>   `name` varchar(255)
> );
> CREATE TABLE `albums` (
>   `id` integer NOT NULL PRIMARY KEY AUTOINCREMENT,
>   `name` varchar(255),
>   `artist_id` integer REFERENCES `artists`
> );
> INSERT INTO `artists` (`name`) VALUES ('Ar');
> INSERT INTO `albums` (`name`, `artist_id`) VALUES ('Al', 1);
> SELECT `artists`.*
> FROM `artists`
> INNER JOIN `artists` AS 'b' ON (`b`.`id` = `artists`.`id`)
> WHERE (`artists`.`id` IN (
>   SELECT `albums`.`artist_id`
>   FROM `albums`
>   WHERE ((`name` = 'Al')
>     AND (`albums`.`artist_id` IS NOT NULL)
>     AND (`albums`.`id` IN (
>       SELECT `id`
>       FROM (
>         SELECT `albums`.`id`,
>                row_number() OVER (
>                  PARTITION BY `albums`.`artist_id`
>                  ORDER BY `name`
>                ) AS 'x'
>         FROM `albums`
>         WHERE (`name` = 'Al')
>       ) AS 't1'
>       WHERE (`x` = 1)
>     ))
>     AND (`albums`.`id` IN (1, 2)))
> ));
>
> gdb output from OpenBSD-current:
>
> (gdb) bt
> #0  0x000016ae6e4a888d in sqlite3VdbeExec (p=0x16ae5cb282c8) at
> sqlite3.c:87803
> #1  0x000016ae6e46dd33 in sqlite3Step (p=0x16ae5cb282c8) at sqlite3.c:81043
> #2  0x000016ae6e46d95a in sqlite3_step (pStmt=0x16ae5cb282c8) at
> sqlite3.c:81106
> #3  0x000016abb6a3a6e6 in ?? () from /usr/local/bin/sqlite3
> #4  0x000016abb6a20e6d in ?? () from /usr/local/bin/sqlite3
> #5  0x000016abb6a3d0da in ?? () from /usr/local/bin/sqlite3
> #6  0x000016abb6a21b6a in ?? () from /usr/local/bin/sqlite3
> #7  0x000016abb6a17717 in ?? () from /usr/local/bin/sqlite3
> #8  0x000016abb6a10056 in ?? () from /usr/local/bin/sqlite3
> #9  0x0000000000000000 in ?? ()
> (gdb) info locals
> pC = (VdbeCursor *) 0x0
> pCrsr = (BtCursor *) 0x16ae5cb29ac8
> res = 1
> azType = 0x16ae6e5a8c00
> aLTb = 0x16ae6e422130 "\001"
> aEQb = 0x16ae6e422136 ""
> aGTb = 0x16ae6e42213c "\001"
> and_logic = 0x16ae6e422142 ""
> or_logic = 0x16ae6e42214b ""
> aFlag = 0x16ae6e422154
> aZero = 0x16ae6e5ac3e0 ""
> vfsFlags = 1054
> aOp = (Op *) 0x16ae54417008
> pOp = (Op *) 0x16ae54417ff8
> rc = 0
> db = (sqlite3 *) 0x16ae921ec408
> resetSchemaOnFault = 0 '\0'
> encoding = 1 '\001'
> iCompare = 1
> nVmStep = 291
> nProgressLimit = 4294967295
> aMem = (Mem *) 0x16ae544184b0
> pIn1 = (Mem *) 0x16ae54418600
> pIn2 = (Mem *) 0x16ae544187f8
> pIn3 = (Mem *) 0x16ae54418590
> pOut = (Mem *) 0x16ae54418a60
>
> If other gdb information would be helpful, please let me know.
>
> Thanks,
> Jeremy
> _______________________________________________
> sqlite-users mailing list
> sqlite-users@mailinglists.sqlite.org
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
>


-- 
D. Richard Hipp
d...@sqlite.org
_______________________________________________
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Reply via email to