On Wed, Apr 29, 2020 at 5:13 AM Marc Simpson marc@0branch.com wrote:
Hi folks,
It seems that I can reliably segfault recent Pike 8.1 installs when using sprintf-style SQLite queries:
$ echo ' create table demo(a, b); insert into demo(a, b) values(1, "abc")' | sqlite3 demo.db $ pike Pike v8.1 release 13 running Hilfe v3.5 [...] > Sql.Sql db = Sql.Sql("sqlite://demo.db"); > db->query("select * from demo"); (1) Result: ({ /* 1 element */ ([ /* 2 elements */ "a": "1", "b": "abc" ]) }) > db->query("select * from demo where a = :a", ([":a": 1 ])); (2) Result: ({ /* 1 element */ ([ /* 2 elements */ "a": "1", "b": "abc" ]) }) > db->query("select * from demo where a = %d", 1); Segmentation faultThis occurs on both macOS and Linux; on macOS, segfaults are observed when the SQLite module is linked against either MacPorts' SQLite 3 or the system wide dylib in /usr/lib.
Note that query() with a mapping argument doesn't segfault; furthermore, no such segfault occurs under Pike v8.0 release 702.
Please let me know whether this is reproducible (and/or whether more information is required).
Reproduced on a very recent build of Pike. Can be done in a more self-contained way using an in-memory database:
Pike v8.1 release 13 running Hilfe v3.5 (Incremental Pike Frontend) Ok.
Sql.Sql db = Sql.Sql("sqlite://:memory:"); db->query("create table demo (a, b)");
(1) Result: 0
db->query("insert into demo values (1, 'abc')");
(2) Result: 0
db->query("select * from demo where a = :a", ([":a": 1]));
(3) Result: ({ /* 1 element */ ([ /* 2 elements */ "a": "1", "b": "abc" ]) })
db->query("select * from demo where a = %d", 1);
Segmentation fault
Will do some bisection.
ChrisA