admin/ast-project
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

---

Browse Source
This commit is contained in:
[Quy Anh] «Elliot» Nguyen
2026-06-24 13:47:14 +02:00
commit fd930e15cb
2377 changed files with 1213931 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
part1/bug-reproducers/1/README.md
+38
View File
@@ -0,0 +1,38 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
We reran the query multiple time, but the output does not change. It is a logic bug because the output is different
## Minimized query
```sql
CREATE TABLE T (
a INTEGER,
b TEXT,
c REAL
);
INSERT INTO T VALUES (substring(-pi(), random() % if(1, NULL, 100)),'' || ('a'),1.25), (2,'b',-3.5), (3,'c',0.0);
SELECT * FROM T WHERE NOT c < 2.0 ORDER BY c;
ALTER TABLE T RENAME COLUMN c TO c_r522;
INSERT INTO T SELECT * FROM T;
SELECT COUNT(*) FROM T;
```
## Actual output
```sql
0
```
## Expectation
```sql
6
```
## Flag
```
```
part1/bug-reproducers/1/original_test.sql
+11
View File
@@ -0,0 +1,11 @@
CREATE TABLE T (
a INTEGER,
b TEXT,
c REAL
);
INSERT INTO T VALUES (substring(-pi(), random() % if(1, NULL, 100)),'' || ('a'),1.25), (2,'b',-3.5), (3,'c',0.0);
SELECT * FROM T WHERE NOT c < 2.0 ORDER BY c;
ALTER TABLE T RENAME COLUMN c TO c_r522;
INSERT INTO T SELECT * FROM T;
SELECT COUNT(*) FROM T;
part1/bug-reproducers/1/reduced_test.sql
+7
View File
@@ -0,0 +1,7 @@
CREATE TABLE t(a, b, c);
INSERT INTO t VALUES (1,'a',1.25),(2,'b',-3.5),(3,'c',0.0);
ALTER TABLE t RENAME COLUMN c TO c_new;
INSERT INTO t SELECT * FROM t;
SELECT COUNT(*) FROM t;
part1/bug-reproducers/10/README.md
+64
View File
@@ -0,0 +1,64 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
We think that the patched version just ignores the third select statement, and therefore does not print out the second table.
## Minimized query
```sql
CREATE TABLE T (
a INTEGER,
b REAL,
c REAL
);
INSERT INTO T VALUES (if(ifnull(x'be83e7457352932f', round(2)), 1, 0, 1, 0, 1),2.0,10.5), (1,-3.5,20.25), (2,9e999,-1.0);
WITH d AS (SELECT a,SUM(b*c) AS e FROM T GROUP BY a) SELECT * FROM d;
BEGIN IMMEDIATE;
PRAGMA parser_trace = OFF;
PRAGMA empty_result_callbacks = TRUE;
CREATE TABLE t1(a INT, b INT);
CREATE TABLE t2(c INT, d INT);
CREATE TABLE t3(e TEXT, f TEXT);
INSERT INTO t1 VALUES('𝕊𝕢𝕝', 1);
INSERT INTO t2 VALUES(1, 2);
INSERT INTO t3 VALUES('abc', 'def');
SELECT * FROM t1, t2 LEFT JOIN t3 ON (t2.d=1) WHERE t2.c = +t1.a;
SELECT * FROM t1 LEFT JOIN t2 ON (t2.c=+t1.a) LEFT JOIN t3 ON (t2.d IS NULL);
SELECT * FROM t2;
SELECT MIN(b) OVER (PARTITION BY b ORDER BY b RANGE BETWEEN CURRENT ROW AND UNBOUNDED FOLLOWING EXCLUDE NO OTHERS) FROM t1;
COMMIT;
ALTER TABLE t2 RENAME TO /* PRAGMA count_changes = TRUE; */ t2_r1545;
INSERT OR FAIL INTO t3 VALUES ('x', 0);
ANALYZE;
DELETE FROM t1 WHERE rowid = 15 RETURNING *;
SELECT * FROM T AS a LEFT OUTER JOIN t1 AS b ON a.rowid = b.rowid;
```
## Actual output
```sql
???|1|||abc|def
1|2
1
```
## Expectation
```sql
|21.0
1|-70.875
2|-Inf
𝕊𝕢𝕝|1|||abc|def
1|2
1
|2.0|10.5|𝕊𝕢𝕝|1
1|-3.5|20.25||
2|Inf|-1.0||
```
## Flag
```
```
part1/bug-reproducers/10/original_test.sql
+27
View File
@@ -0,0 +1,27 @@
CREATE TABLE T (
a INTEGER,
b REAL,
c REAL
);
INSERT INTO T VALUES (if(ifnull(x'be83e7457352932f', round(2)), 1, 0, 1, 0, 1),2.0,10.5), (1,-3.5,20.25), (2,9e999,-1.0);
WITH d AS (SELECT a,SUM(b*c) AS e FROM T GROUP BY a) SELECT * FROM d;
BEGIN IMMEDIATE;
PRAGMA parser_trace = OFF;
PRAGMA empty_result_callbacks = TRUE;
CREATE TABLE t1(a INT, b INT);
CREATE TABLE t2(c INT, d INT);
CREATE TABLE t3(e TEXT, f TEXT);
INSERT INTO t1 VALUES('𝕊𝕢𝕝', 1);
INSERT INTO t2 VALUES(1, 2);
INSERT INTO t3 VALUES('abc', 'def');
SELECT * FROM t1, t2 LEFT JOIN t3 ON (t2.d=1) WHERE t2.c = +t1.a;
SELECT * FROM t1 LEFT JOIN t2 ON (t2.c=+t1.a) LEFT JOIN t3 ON (t2.d IS NULL);
SELECT * FROM t2;
SELECT MIN(b) OVER (PARTITION BY b ORDER BY b RANGE BETWEEN CURRENT ROW AND UNBOUNDED FOLLOWING EXCLUDE NO OTHERS) FROM t1;
COMMIT;
ALTER TABLE t2 RENAME TO /* PRAGMA count_changes = TRUE; */ t2_r1545;
INSERT OR FAIL INTO t3 VALUES ('x', 0);
ANALYZE;
DELETE FROM t1 WHERE rowid = 15 RETURNING *;
SELECT * FROM T AS a LEFT OUTER JOIN t1 AS b ON a.rowid = b.rowid;
part1/bug-reproducers/10/reduced_test.sql
+16
View File
@@ -0,0 +1,16 @@
CREATE TABLE t1(a INT, b INT);
CREATE TABLE t2(c INT, d INT);
CREATE TABLE t3(e TEXT, f TEXT);
INSERT INTO t1 VALUES('x',1);
INSERT INTO t2 VALUES(1,2);
SELECT *
FROM t1, t2
LEFT JOIN t3 ON (t2.d=1)
WHERE t2.c = +t1.a;
SELECT *
FROM t1
LEFT JOIN t2 ON (t2.c=+t1.a)
LEFT JOIN t3 ON (t2.d IS NULL);
part1/bug-reproducers/11/README.md
+72
View File
@@ -0,0 +1,72 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
We think this is a bug, where it is visible which features were disabled on the patched version, in this case especially with the ASCII flag
## Minimized query
```sql
BEGIN EXCLUSIVE;
PRAGMA case_sensitive_like = ON;
-- typeof(NULL)
PRAGMA full_column_names = NO;
PRAGMA count_changes = 1;
.mode
DROP TABLE IF EXISTS t1;
CREATE TABLE t1 (c0, c1 REAL PRIMARY KEY);
INSERT INTO t1(c0, c1) VALUES (0, 1), (0, 0);
UPDATE t1 SET c0 = NULL;
UPDATE OR REPLACE t1 SET c1 = 1;
SELECT DISTINCT * FROM t1 WHERE NOT NOT ((t1.c0 IS NULL)) ;
PRAGMA integrity_check;
CREATE INDEX IF NOT EXISTS idx_t1_1624 ON t1((c0 + 1)) WHERE +c0 > 0;
SELECT COUNT(c0) FROM t1;
SELECT SUM(c1) FROM t1;
COMMIT TRANSACTION;
CREATE INDEX IF NOT EXISTS idx_t1_2854 ON t1(lower(c1));
ANALYZE t1;
SELECT COUNT(*) FROM t1;
SELECT * FROM t1 WHERE c1 IN (SELECT c1 FROM t1 LIMIT 1);
VACUUM main;
DELETE FROM t1 WHERE c0 > (SELECT AVG(c0) FROM t1) RETURNING *;
```
## Actual output
```sql
current output mode: list
2
2
2
|1.0
ok
0
1.0
1
|1.0
```
## Expectation
```sql
current output mode: list --escape ascii
2
2
2
|1.0
ok
0
1.0
1
|1.0
```
## Flag
```
-noheader
```
part1/bug-reproducers/11/original_test.sql
+27
View File
@@ -0,0 +1,27 @@
BEGIN EXCLUSIVE;
PRAGMA case_sensitive_like = ON;
-- typeof(NULL)
PRAGMA full_column_names = NO;
PRAGMA count_changes = 1;
.mode
DROP TABLE IF EXISTS t1;
CREATE TABLE t1 (c0, c1 REAL PRIMARY KEY);
INSERT INTO t1(c0, c1) VALUES (0, 1), (0, 0);
UPDATE t1 SET c0 = NULL;
UPDATE OR REPLACE t1 SET c1 = 1;
SELECT DISTINCT * FROM t1 WHERE NOT NOT ((t1.c0 IS NULL)) ;
PRAGMA integrity_check;
CREATE INDEX IF NOT EXISTS idx_t1_1624 ON t1((c0 + 1)) WHERE +c0 > 0;
SELECT COUNT(c0) FROM t1;
SELECT SUM(c1) FROM t1;
COMMIT TRANSACTION;
CREATE INDEX IF NOT EXISTS idx_t1_2854 ON t1(lower(c1));
ANALYZE t1;
SELECT COUNT(*) FROM t1;
SELECT * FROM t1 WHERE c1 IN (SELECT c1 FROM t1 LIMIT 1);
VACUUM main;
DELETE FROM t1 WHERE c0 > (SELECT AVG(c0) FROM t1) RETURNING *;
part1/bug-reproducers/11/reduced_test.sql
+12
View File
@@ -0,0 +1,12 @@
CREATE TABLE t1(c0, c1 REAL PRIMARY KEY);
INSERT INTO t1 VALUES (0,1), (0,0);
UPDATE t1 SET c0=NULL;
UPDATE OR REPLACE t1 SET c1=1;
SELECT DISTINCT *
FROM t1
WHERE c0 IS NULL;
SELECT COUNT(*) FROM t1;
part1/bug-reproducers/12/README.md
+34
View File
@@ -0,0 +1,34 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
We believe the query is already reduced. The issue for this bug is most likely the "BETWEEN" keyword
## Minimized query
```sql
CREATE TABLE t0(c0);
INSERT INTO t0(c0) VALUES (NULL);
CREATE INDEX i0 ON t0(1) WHERE c0 NOT NULL;
SELECT 1 FROM t0 WHERE (t0.c0 IS FALSE) IS FALSE;
SELECT 1 FROM t0 WHERE (t0.c0 IS FALSE) BETWEEN FALSE AND TRUE;
```
## Actual output
```sql
1
```
## Expectation
```sql
1
1
```
## Flag
```
```
part1/bug-reproducers/12/original_test.sql
+5
View File
@@ -0,0 +1,5 @@
CREATE TABLE t0(c0);
INSERT INTO t0(c0) VALUES (NULL);
CREATE INDEX i0 ON t0(1) WHERE c0 NOT NULL;
SELECT 1 FROM t0 WHERE (t0.c0 IS FALSE) IS FALSE;
SELECT 1 FROM t0 WHERE (t0.c0 IS FALSE) BETWEEN FALSE AND TRUE;
part1/bug-reproducers/12/reduced_test.sql
+5
View File
@@ -0,0 +1,5 @@
CREATE TABLE t0(c0);
INSERT INTO t0(c0) VALUES (NULL);
CREATE INDEX i0 ON t0(1) WHERE c0 NOT NULL;
SELECT 1 FROM t0 WHERE (t0.c0 IS FALSE) IS FALSE;
SELECT 1 FROM t0 WHERE (t0.c0 IS FALSE) BETWEEN FALSE AND TRUE;
part1/bug-reproducers/2/README.md
+213
View File
@@ -0,0 +1,213 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
The queries added new columns with 123. Probably "INTERSECT" is wrong. It is a logic bug because the output is different
## Minimized query
```sql
ATTACH DATABASE ':memory:' AS aux12;
PRAGMA fullfsync;
PRAGMA automatic_index = ON;
PRAGMA wal_checkpoint;
.tables
CREATE TABLE t1(c1);
INSERT INTO t1 VALUES(if(2147483647, 12, 0, 12, 0, 12, 12)),(123),(1234),(NULL),('abc');
CREATE TABLE "t2"(c2);
INSERT INTO t2 VALUES(44),(55),(123);
CREATE TABLE t3(c3,c4);
INSERT INTO t3 VALUES(66,1),(123,2),(77,3);
CREATE VIEW t4 AS SELECT c3 FROM t3;
CREATE VIEW t5 AS SELECT c3 FROM t3 ORDER BY c4;
SELECT * FROM t1, t2 WHERE c1=(SELECT 123 INTERSECT SELECT c2 FROM t4) AND c1=123;
SELECT * FROM t1, t2 WHERE c1=(SELECT 123 INTERSECT SELECT c2 FROM t5) AND c1=123;
SELECT COUNT(*) FROM t1;
ANALYZE;
INSERT OR IGNORE INTO t1 VALUES ('');
SELECT * FROM t1 WHERE c1 = (SELECT SUM(c1) FROM t1);
INSERT INTO t2 DEFAULT VALUES;
SELECT COUNT(*) FROM t1;
ANALYZE;
WITH RECURSIVE cnt(x) AS (VALUES(1) UNION ALL SELECT x+1 FROM cnt WHERE x<63) SELECT * FROM cnt;
ANALYZE;
SELECT COUNT(*) FROM t3;
ANALYZE t2;
ANALYZE;
CREATE TEMP VIEW IF NOT EXISTS v_t1_9829 AS SELECT c1 FROM t1;
WITH cte AS (SELECT c3, LEAD(c3) OVER (ORDER BY c3) AS nxt FROM t3) SELECT * FROM cte;
SELECT * FROM t1 NATURAL JOIN t1;
REINDEX;
PRAGMA foreign_keys = YES;
VACUUM main;
CREATE TRIGGER IF NOT EXISTS trg_t1_6595 BEFORE UPDATE OF c1 ON t1 FOR EACH ROW BEGIN SELECT RAISE(IGNORE); END;
DETACH DATABASE aux12;
INSERT INTO t1 DEFAULT VALUES;
```
## Actual output
```sql
0
0|-1|-1
0
1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
3
66|77
77|123
123|
```
## Expectation
```sql
0
0|-1|-1
123|123
123|123
5
6
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
3
66|77
77|123
123|
12
123
1234
abc
```
## Flag
```
```
part1/bug-reproducers/2/original_test.sql
+40
View File
@@ -0,0 +1,40 @@
ATTACH DATABASE ':memory:' AS aux12;
PRAGMA fullfsync;
PRAGMA automatic_index = ON;
PRAGMA wal_checkpoint;
.tables
CREATE TABLE t1(c1);
INSERT INTO t1 VALUES(if(2147483647, 12, 0, 12, 0, 12, 12)),(123),(1234),(NULL),('abc');
CREATE TABLE "t2"(c2);
INSERT INTO t2 VALUES(44),(55),(123);
CREATE TABLE t3(c3,c4);
INSERT INTO t3 VALUES(66,1),(123,2),(77,3);
CREATE VIEW t4 AS SELECT c3 FROM t3;
CREATE VIEW t5 AS SELECT c3 FROM t3 ORDER BY c4;
SELECT * FROM t1, t2 WHERE c1=(SELECT 123 INTERSECT SELECT c2 FROM t4) AND c1=123;
SELECT * FROM t1, t2 WHERE c1=(SELECT 123 INTERSECT SELECT c2 FROM t5) AND c1=123;
SELECT COUNT(*) FROM t1;
ANALYZE;
INSERT OR IGNORE INTO t1 VALUES ('');
SELECT * FROM t1 WHERE c1 = (SELECT SUM(c1) FROM t1);
INSERT INTO t2 DEFAULT VALUES;
SELECT COUNT(*) FROM t1;
ANALYZE;
WITH RECURSIVE cnt(x) AS (VALUES(1) UNION ALL SELECT x+1 FROM cnt WHERE x<63) SELECT * FROM cnt;
ANALYZE;
SELECT COUNT(*) FROM t3;
ANALYZE t2;
ANALYZE;
CREATE TEMP VIEW IF NOT EXISTS v_t1_9829 AS SELECT c1 FROM t1;
WITH cte AS (SELECT c3, LEAD(c3) OVER (ORDER BY c3) AS nxt FROM t3) SELECT * FROM cte;
SELECT * FROM t1 NATURAL JOIN t1;
REINDEX;
PRAGMA foreign_keys = YES;
VACUUM main;
CREATE TRIGGER IF NOT EXISTS trg_t1_6595 BEFORE UPDATE OF c1 ON t1 FOR EACH ROW BEGIN SELECT RAISE(IGNORE); END;
DETACH DATABASE aux12;
INSERT INTO t1 DEFAULT VALUES;
part1/bug-reproducers/2/reduced_test.sql
+17
View File
@@ -0,0 +1,17 @@
CREATE TABLE t1(c1);
INSERT INTO t1 VALUES(123);
CREATE TABLE t2(c2);
INSERT INTO t2 VALUES(123);
CREATE TABLE t3(c3,c4);
INSERT INTO t3 VALUES(123,2);
CREATE VIEW v1 AS SELECT c3 FROM t3;
CREATE VIEW v2 AS SELECT c3 FROM t3 ORDER BY c4;
SELECT * FROM t1, t2
WHERE c1=(SELECT 123 INTERSECT SELECT c2 FROM v1);
SELECT * FROM t1, t2
WHERE c1=(SELECT 123 INTERSECT SELECT c2 FROM v2);
part1/bug-reproducers/3/README.md
+47
View File
@@ -0,0 +1,47 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
It is a logic bug because the output is different. We think the bug comes from the "SELECT" statement.
## Minimized query
```sql
SAVEPOINT sp2283;
SAVEPOINT sp8775;
CREATE TABLE t1(c, b, a, PRIMARY KEY(b, a)) WITHOUT ROWID;
INSERT INTO t1 VALUES(atan(-CAST(jsonb_array() AS BOOLEAN)), 2, 3), (4, 5, 6);
ALTER TABLE t1 DROP c;
CREATE TABLE main.x1234(a, b, c PRIMARY KEY) WITHOUT ROWID;
CREATE INDEX i1 ON x1234(b) WHERE ((a+5) % 10)==0;
ALTER TABLE x1234 ADD COLUMN extra_949 FLOAT DEFAULT NULL;
UPDATE t1 SET b = '' RETURNING *;
DELETE FROM t1 WHERE 1;
ALTER TABLE x1234 RENAME TO x1234_r6899;
WITH cte AS (SELECT * FROM t1 WHERE a = (SELECT MAX(a) FROM t1)) SELECT * FROM cte;
PRAGMA fullfsync;
ALTER TABLE t1 RENAME TO t1_r3;
RELEASE sp8775;
ROLLBACK TRANSACTION TO SAVEPOINT sp2283;
RELEASE SAVEPOINT sp2283;
```
## Actual output
```sql
0
```
## Expectation
```sql
|3
|6
0
```
## Flag
```
```
part1/bug-reproducers/3/original_test.sql
+18
View File
@@ -0,0 +1,18 @@
SAVEPOINT sp2283;
SAVEPOINT sp8775;
CREATE TABLE t1(c, b, a, PRIMARY KEY(b, a)) WITHOUT ROWID;
INSERT INTO t1 VALUES(atan(-CAST(jsonb_array() AS BOOLEAN)), 2, 3), (4, 5, 6);
ALTER TABLE t1 DROP c;
CREATE TABLE main.x1234(a, b, c PRIMARY KEY) WITHOUT ROWID;
CREATE INDEX i1 ON x1234(b) WHERE ((a+5) % 10)==0;
ALTER TABLE x1234 ADD COLUMN extra_949 FLOAT DEFAULT NULL;
UPDATE t1 SET b = '' RETURNING *;
DELETE FROM t1 WHERE 1;
ALTER TABLE x1234 RENAME TO x1234_r6899;
WITH cte AS (SELECT * FROM t1 WHERE a = (SELECT MAX(a) FROM t1)) SELECT * FROM cte;
PRAGMA fullfsync;
ALTER TABLE t1 RENAME TO t1_r3;
RELEASE sp8775;
ROLLBACK TRANSACTION TO SAVEPOINT sp2283;
RELEASE SAVEPOINT sp2283;
part1/bug-reproducers/3/reduced_test.sql
+11
View File
@@ -0,0 +1,11 @@
CREATE TABLE t1(c, b, a, PRIMARY KEY(b, a)) WITHOUT ROWID;
INSERT INTO t1 VALUES(atan(-CAST(jsonb_array() AS BOOLEAN)), 2, 3), (4, 5, 6);
ALTER TABLE t1 DROP c;
CREATE TABLE main.x1234(a, b, c PRIMARY KEY) WITHOUT ROWID;
CREATE INDEX i1 ON x1234(b) WHERE ((a+5) % 10)==0;
ALTER TABLE x1234 ADD COLUMN extra_949 FLOAT DEFAULT NULL;
UPDATE t1 SET b = '' RETURNING *;
DELETE FROM t1 WHERE 1;
ALTER TABLE x1234 RENAME TO x1234_r6899;
WITH cte AS (SELECT * FROM t1 WHERE a = (SELECT MAX(a) FROM t1)) SELECT * FROM cte;
part1/bug-reproducers/4/README.md
+69
View File
@@ -0,0 +1,69 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
It seems that the patched version does not support json. It is a logic bug because the output is different
## Minimized query
```sql
CREATE TABLE T1 (
A VARCHAR(20),
X VARCHAR(10),
PRIMARY KEY (A, X),
UNIQUE (X)
);
CREATE TABLE T2 (
A VARCHAR(20),
Y VARCHAR(10) UNIQUE,
PRIMARY KEY (A, Y)
);
INSERT INTO T1 VALUES ('a', 'm');
INSERT INTO T1 VALUES ('b', 'n');
INSERT INTO T2 VALUES ('b', 'k');
SELECT A FROM T1 UNION ALL SELECT A FROM T2 ORDER BY A;
PRAGMA trusted_schema = TRUE;
CREATE VIRTUAL TABLE t0 USING fts4("x", "y", "z");
CREATE TABLE T (
a INTEGER,
b REAL
);
INSERT INTO T VALUES (concat(json_type(1, '$'), 2, 3),1.5), (2,-2.5), (3,0.0);
CREATE INDEX c
ON T(b);
SELECT * FROM T WHERE b >= -2.5 OR b < 2.0;
DROP TABLE t0;
INSERT INTO T DEFAULT VALUES;
PRAGMA full_column_names = TRUE;
WITH cte AS (SELECT * FROM T WHERE b = (SELECT MAX(b) FROM T)) SELECT * FROM cte;
PRAGMA recursive_triggers = ON;
SELECT COUNT(*) FROM T;
```
## Actual output
```sql
a
b
b
1
```
## Expectation
```sql
a
b
b
2|-2.5
3|0.0
integer23|1.5
integer23|1.5
4
```
## Flag
```
```
part1/bug-reproducers/4/original_test.sql
+32
View File
@@ -0,0 +1,32 @@
CREATE TABLE T1 (
A VARCHAR(20),
X VARCHAR(10),
PRIMARY KEY (A, X),
UNIQUE (X)
);
CREATE TABLE T2 (
A VARCHAR(20),
Y VARCHAR(10) UNIQUE,
PRIMARY KEY (A, Y)
);
INSERT INTO T1 VALUES ('a', 'm');
INSERT INTO T1 VALUES ('b', 'n');
INSERT INTO T2 VALUES ('b', 'k');
SELECT A FROM T1 UNION ALL SELECT A FROM T2 ORDER BY A;
PRAGMA trusted_schema = TRUE;
CREATE VIRTUAL TABLE t0 USING fts4("x", "y", "z");
CREATE TABLE T (
a INTEGER,
b REAL
);
INSERT INTO T VALUES (concat(json_type(1, '$'), 2, 3),1.5), (2,-2.5), (3,0.0);
CREATE INDEX c
ON T(b);
SELECT * FROM T WHERE b >= -2.5 OR b < 2.0;
DROP TABLE t0;
INSERT INTO T DEFAULT VALUES;
PRAGMA full_column_names = TRUE;
WITH cte AS (SELECT * FROM T WHERE b = (SELECT MAX(b) FROM T)) SELECT * FROM cte;
PRAGMA recursive_triggers = ON;
SELECT COUNT(*) FROM T;
part1/bug-reproducers/4/reduced_test.sql
+16
View File
@@ -0,0 +1,16 @@
CREATE TABLE t(a INTEGER, b REAL);
INSERT INTO t VALUES (1,1.5),(2,-2.5),(3,0.0);
CREATE INDEX idx ON t(b);
SELECT * FROM t
WHERE b >= -2.5 OR b < 2.0;
INSERT INTO t DEFAULT VALUES;
WITH cte AS (
SELECT * FROM t WHERE b=(SELECT MAX(b) FROM t)
)
SELECT * FROM cte;
SELECT COUNT(*) FROM t;
part1/bug-reproducers/5/README.md
+53
View File
@@ -0,0 +1,53 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
We think the "INTERSECT SELECT" statement is the issue. It is a logic bug because the output is different
## Minimized query
```sql
.once log.txt
PRAGMA parser_trace = OFF;
PRAGMA wal_checkpoint('RESTART');
PRAGMA trusted_schema;
.imposter off
CREATE TABLE T1 (
A VARCHAR(20) PRIMARY KEY,
X VARCHAR(10) UNIQUE
);
CREATE TABLE T2 (
A VARCHAR(20) PRIMARY KEY,
Y VARCHAR(10) UNIQUE
);
INSERT INTO T1 VALUES ('a', 'm');
INSERT INTO T1 VALUES ('b', 'n');
INSERT INTO T1 VALUES ('c', 'o');
INSERT INTO T2 VALUES ('b', 'k');
INSERT INTO T2 VALUES ('c', 'l');
SELECT A FROM T1 INTERSECT SELECT A FROM T2;
ALTER TABLE T2 ADD COLUMN extra_8207 CHAR(10);
```
## Actual output
```sql
0|-1|-1
1
b
c
```
## Expectation
```sql
0|-1|-1
0
b
c
```
## Flag
```
```
part1/bug-reproducers/5/original_test.sql
+20
View File
@@ -0,0 +1,20 @@
.once log.txt
PRAGMA parser_trace = OFF;
PRAGMA wal_checkpoint('RESTART');
PRAGMA trusted_schema;
.imposter off
CREATE TABLE T1 (
A VARCHAR(20) PRIMARY KEY,
X VARCHAR(10) UNIQUE
);
CREATE TABLE T2 (
A VARCHAR(20) PRIMARY KEY,
Y VARCHAR(10) UNIQUE
);
INSERT INTO T1 VALUES ('a', 'm');
INSERT INTO T1 VALUES ('b', 'n');
INSERT INTO T1 VALUES ('c', 'o');
INSERT INTO T2 VALUES ('b', 'k');
INSERT INTO T2 VALUES ('c', 'l');
SELECT A FROM T1 INTERSECT SELECT A FROM T2;
ALTER TABLE T2 ADD COLUMN extra_8207 CHAR(10);
part1/bug-reproducers/5/reduced_test.sql
+11
View File
@@ -0,0 +1,11 @@
CREATE TABLE t1(a PRIMARY KEY, x UNIQUE);
CREATE TABLE t2(a PRIMARY KEY, y UNIQUE);
INSERT INTO t1 VALUES ('a','m'),('b','n'),('c','o');
INSERT INTO t2 VALUES ('b','k'),('c','l');
SELECT a FROM t1
INTERSECT
SELECT a FROM t2;
ALTER TABLE t2 ADD COLUMN extra_col;
part1/bug-reproducers/6/README.md
+64
View File
@@ -0,0 +1,64 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
It seems that the markdown flag is supported, but the "COALESCE" is buggy. It is a logic bug because the output is different
## Minimized query
```sql
CREATE TABLE T (
a TEXT,
b TEXT,
c REAL
);
INSERT INTO T VALUES ('a','b',concat_ws('|', 'a', NULL, 'b')), ('a','c',-1.0), ('b','d',0.0);
SELECT
COALESCE(a,'e') AS d,
COALESCE(b,'f') AS e,
SUM(c) AS f
FROM T
GROUP BY a,b;
WITH cte(a, b, c) AS (SELECT b, b, b FROM T) SELECT a, b, c FROM cte;
SELECT COUNT(*) FROM T;
SELECT RANK() OVER (ORDER BY c RANGE BETWEEN 1 PRECEDING AND 1 FOLLOWING) FROM T;
CREATE VIEW IF NOT EXISTS v_T_9129 AS SELECT b FROM T;
INSERT INTO T SELECT * FROM T;
```
## Actual output
```sql
| COUNT(*) |
|----------|
| 0 |
```
## Expectation
```sql
| d | e | f |
|---|---|------|
| a | b | 0.0 |
| a | c | -1.0 |
| b | d | 0.0 |
| a | b | c |
|---|---|---|
| b | b | b |
| c | c | c |
| d | d | d |
| COUNT(*) |
|----------|
| 3 |
| RANK() OVER (ORDER BY c RANGE BETWEEN 1 PRECEDING AND 1 FOLLOWING) |
|--------------------------------------------------------------------|
| 1 |
| 2 |
| 3 |
```
## Flag
```
-markdown
```
part1/bug-reproducers/6/original_test.sql
+18
View File
@@ -0,0 +1,18 @@
CREATE TABLE T (
a TEXT,
b TEXT,
c REAL
);
INSERT INTO T VALUES ('a','b',concat_ws('|', 'a', NULL, 'b')), ('a','c',-1.0), ('b','d',0.0);
SELECT
COALESCE(a,'e') AS d,
COALESCE(b,'f') AS e,
SUM(c) AS f
FROM T
GROUP BY a,b;
WITH cte(a, b, c) AS (SELECT b, b, b FROM T) SELECT a, b, c FROM cte;
SELECT COUNT(*) FROM T;
SELECT RANK() OVER (ORDER BY c RANGE BETWEEN 1 PRECEDING AND 1 FOLLOWING) FROM T;
CREATE VIEW IF NOT EXISTS v_T_9129 AS SELECT b FROM T;
INSERT INTO T SELECT * FROM T;
part1/bug-reproducers/6/reduced_test.sql
View File
part1/bug-reproducers/7/README.md
+52
View File
@@ -0,0 +1,52 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
We think the "COLLATE" keyword is causing bugs, it is a logic bug because the output is different
## Minimized query
```sql
PRAGMA secure_delete = ON;
CREATE TABLE t0(c0 REAL, c1 REAL GENERATED ALWAYS AS (c0));
INSERT INTO t0(c0) VALUES (-(-(unhex(1))));
SELECT * FROM t0 GROUP BY c0;
CREATE TABLE t1(a, b);
CREATE TABLE t2(c, d);
SELECT max(t1.a), (SELECT 'xyz' FROM (SELECT * FROM t2 WHERE 0) WHERE t1.b=1) FROM t1;
INSERT INTO t1 SELECT * FROM t1;
CREATE TABLE T (
a INTEGER,
b REAL
);
INSERT INTO T VALUES (1,1.5), (2,-7.25), (3,0.0);
SELECT a,b FROM T WHERE a >= 2 ORDER BY b;
ALTER TABLE t1 ADD COLUMN extra_7155 MEDIUMINT COLLATE RTRIM;
PRAGMA cache_spill = FALSE;
INSERT INTO t0 DEFAULT VALUES;
```
## Actual output
```sql
1
|
2|-7.25
3|0.0
```
## Expectation
```sql
1
|
|
2|-7.25
3|0.0
```
## Flag
```
```
part1/bug-reproducers/7/original_test.sql
+18
View File
@@ -0,0 +1,18 @@
PRAGMA secure_delete = ON;
CREATE TABLE t0(c0 REAL, c1 REAL GENERATED ALWAYS AS (c0));
INSERT INTO t0(c0) VALUES (-(-(unhex(1))));
SELECT * FROM t0 GROUP BY c0;
CREATE TABLE t1(a, b);
CREATE TABLE t2(c, d);
SELECT max(t1.a), (SELECT 'xyz' FROM (SELECT * FROM t2 WHERE 0) WHERE t1.b=1) FROM t1;
INSERT INTO t1 SELECT * FROM t1;
CREATE TABLE T (
a INTEGER,
b REAL
);
INSERT INTO T VALUES (1,1.5), (2,-7.25), (3,0.0);
SELECT a,b FROM T WHERE a >= 2 ORDER BY b;
ALTER TABLE t1 ADD COLUMN extra_7155 MEDIUMINT COLLATE RTRIM;
PRAGMA cache_spill = FALSE;
INSERT INTO t0 DEFAULT VALUES;
part1/bug-reproducers/7/reduced_test.sql
+10
View File
@@ -0,0 +1,10 @@
CREATE TABLE t0(
c0 REAL,
c1 REAL GENERATED ALWAYS AS (c0)
);
INSERT INTO t0(c0) VALUES (1);
SELECT * FROM t0 GROUP BY c0;
INSERT INTO t0 DEFAULT VALUES;
part1/bug-reproducers/8/README.md
+89
View File
@@ -0,0 +1,89 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
We believe that some features of the patched version have been disabled.
## Minimized query
```sql
PRAGMA secure_delete = ON;
PRAGMA foreign_keys = FALSE;
-- sign(1)
PRAGMA cell_size_check = 3370811959573763011;
PRAGMA page_size;
.recover
CREATE TABLE map_integer /**/ (id INT, name);
INSERT INTO map_integer VALUES(1,'a');
CREATE TABLE [map_text] (id TEXT, name);
INSERT INTO map_text VALUES('4','e');
CREATE TABLE data (id TEXT, name);
INSERT INTO data VALUES(1,'abc');
INSERT INTO data VALUES('4','xyz');
CREATE VIEW idmap as SELECT * FROM map_integer UNION SELECT * FROM map_text;
CREATE TABLE mzed AS SELECT * FROM idmap;
PRAGMA automatic_index=ON;
SELECT * FROM data JOIN idmap USING(id);
CREATE TEMP VIEW IF NOT EXISTS v_map_integer_924 AS SELECT id FROM map_integer;
SELECT NTILE(4) OVER (ORDER BY name GROUPS BETWEEN UNBOUNDED PRECEDING AND UNBOUNDED FOLLOWING) FROM map_integer;
CREATE VIEW IF NOT EXISTS v_map_integer_8760 AS SELECT name FROM map_integer;
CREATE TABLE T (
a TEXT,
b TEXT
);
INSERT INTO T VALUES ('a','b'), ('c','d');
SELECT * FROM T WHERE a = REPLACE('a;',';','') AND b = 'b';
WITH cte(x) AS (SELECT id FROM map_integer) SELECT x FROM cte;
REINDEX;
ALTER TABLE map_text RENAME COLUMN name TO name_r1633;
WITH cte AS (SELECT name, ROW_NUMBER() OVER (ORDER BY name) AS rn FROM data) SELECT * FROM cte WHERE rn <= 5;
ALTER TABLE data RENAME TO data_r811;
```
## Actual output
```sql
1
4096
PRAGMA foreign_keys=OFF;
BEGIN;
PRAGMA writable_schema = on;
PRAGMA writable_schema = off;
COMMIT;
1|abc|a
1
a|b
1
abc|1
xyz|2
```
## Expectation
```sql
1
4096
.dbconfig defensive off
BEGIN;
PRAGMA writable_schema = on;
PRAGMA foreign_keys = off;
PRAGMA encoding = 'UTF-8';
PRAGMA page_size = '4096';
PRAGMA auto_vacuum = '0';
PRAGMA user_version = '0';
PRAGMA application_id = '0';
PRAGMA writable_schema = off;
COMMIT;
4|xyz|e
1
a|b
1
abc|1
xyz|2
```
## Flag
```
```
part1/bug-reproducers/8/original_test.sql
+32
View File
@@ -0,0 +1,32 @@
PRAGMA secure_delete = ON;
PRAGMA foreign_keys = FALSE;
-- sign(1)
PRAGMA cell_size_check = 3370811959573763011;
PRAGMA page_size;
.recover
CREATE TABLE map_integer /**/ (id INT, name);
INSERT INTO map_integer VALUES(1,'a');
CREATE TABLE [map_text] (id TEXT, name);
INSERT INTO map_text VALUES('4','e');
CREATE TABLE data (id TEXT, name);
INSERT INTO data VALUES(1,'abc');
INSERT INTO data VALUES('4','xyz');
CREATE VIEW idmap as SELECT * FROM map_integer UNION SELECT * FROM map_text;
CREATE TABLE mzed AS SELECT * FROM idmap;
PRAGMA automatic_index=ON;
SELECT * FROM data JOIN idmap USING(id);
CREATE TEMP VIEW IF NOT EXISTS v_map_integer_924 AS SELECT id FROM map_integer;
SELECT NTILE(4) OVER (ORDER BY name GROUPS BETWEEN UNBOUNDED PRECEDING AND UNBOUNDED FOLLOWING) FROM map_integer;
CREATE VIEW IF NOT EXISTS v_map_integer_8760 AS SELECT name FROM map_integer;
CREATE TABLE T (
a TEXT,
b TEXT
);
INSERT INTO T VALUES ('a','b'), ('c','d');
SELECT * FROM T WHERE a = REPLACE('a;',';','') AND b = 'b';
WITH cte(x) AS (SELECT id FROM map_integer) SELECT x FROM cte;
REINDEX;
ALTER TABLE map_text RENAME COLUMN name TO name_r1633;
WITH cte AS (SELECT name, ROW_NUMBER() OVER (ORDER BY name) AS rn FROM data) SELECT * FROM cte WHERE rn <= 5;
ALTER TABLE data RENAME TO data_r811;
part1/bug-reproducers/8/reduced_test.sql
+20
View File
@@ -0,0 +1,20 @@
CREATE TABLE map_integer(id INT, name);
INSERT INTO map_integer VALUES(1,'a');
CREATE TABLE map_text(id TEXT, name);
INSERT INTO map_text VALUES('4','e');
CREATE TABLE data(id TEXT, name);
INSERT INTO data VALUES(1,'abc');
INSERT INTO data VALUES('4','xyz');
CREATE VIEW idmap AS
SELECT * FROM map_integer
UNION
SELECT * FROM map_text;
SELECT * FROM data
JOIN idmap USING(id);
ALTER TABLE map_text
RENAME COLUMN name TO name2;
part1/bug-reproducers/9/README.md
+50
View File
@@ -0,0 +1,50 @@
## Summary
<!--Explain briefly what goes wrong and explain why you believe this is a bug and not the intended behavior of SQLite (if it is not a crash).-->
We beliebe "timediff" causes the bug. It is a logic bug because the output is different
## Minimized query
```sql
CREATE TABLE t1(a, b);
CREATE /* CHAR(10) */ INDEX i1 ON t1(a);
INSERT INTO t1 VALUES('aaa', tanh(timediff(sign(0), 1)));
INSERT INTO t1 VALUES('ddd', 2);
INSERT INTO t1 VALUES('ccc', 3);
INSERT INTO t1 VALUES('eee', 4);
SELECT b FROM t1 WHERE a IN ('aaa', 'bbb', 'ccc');
SELECT a FROM t1 WHERE rowid IN (1, 3);
ALTER TABLE t1 DROP COLUMN b;
CREATE INDEX IF NOT EXISTS idx_t1_9614 ON t1(a COLLATE NOCASE) WHERE a IS NOT NULL;
SELECT * FROM t1;
```
## Actual output
```sql
3
ddd
eee
ddd
ccc
eee
```
## Expectation
```sql
3
aaa
ccc
aaa
ddd
ccc
eee
```
## Flag
```
```
part1/bug-reproducers/9/original_test.sql
+12
View File
@@ -0,0 +1,12 @@
CREATE TABLE t1(a, b);
CREATE /* CHAR(10) */ INDEX i1 ON t1(a);
INSERT INTO t1 VALUES('aaa', tanh(timediff(sign(0), 1)));
INSERT INTO t1 VALUES('ddd', 2);
INSERT INTO t1 VALUES('ccc', 3);
INSERT INTO t1 VALUES('eee', 4);
SELECT b FROM t1 WHERE a IN ('aaa', 'bbb', 'ccc');
SELECT a FROM t1 WHERE rowid IN (1, 3);
ALTER TABLE t1 DROP COLUMN b;
CREATE INDEX IF NOT EXISTS idx_t1_9614 ON t1(a COLLATE NOCASE) WHERE a IS NOT NULL;
SELECT * FROM t1;
part1/bug-reproducers/9/reduced_test.sql
+17
View File
@@ -0,0 +1,17 @@
CREATE TABLE t1(a, b);
CREATE INDEX i1 ON t1(a);
INSERT INTO t1 VALUES('aaa',1);
INSERT INTO t1 VALUES('ccc',3);
SELECT b FROM t1
WHERE a IN ('aaa','ccc');
ALTER TABLE t1 DROP COLUMN b;
CREATE INDEX idx2
ON t1(a COLLATE NOCASE)
WHERE a IS NOT NULL;
SELECT * FROM t1;