Address a corner-case associated with the call-function-once optimization

of check-in [663f5dd32d9db832] that was causing a (harmless) use of an uninitialized bytecode register. dbsqlfuzz 8a44f675401a8b1f68a43bf813c4f4f72ad8f0ea FossilOrigin-Name: b37ac2d020873b78efa164036db4056406a67330679f850775da520cd8027cb9
author: drh <> 2024-06-03 18:04:10 +0000
committer: drh <> 2024-06-03 18:04:10 +0000
commit: 8741ca0819910e447d9637a4ecf8fcc7c0d556b7 (patch)
tree: 48a6448179adca0477c0960664e5726178437690
parent: 586b2b2a540873f41c8b1581a5f2a0651b57743f (diff)
download: sqlite-8741ca0819910e447d9637a4ecf8fcc7c0d556b7.tar.gz
sqlite-8741ca0819910e447d9637a4ecf8fcc7c0d556b7.zip
4 files changed, 39 insertions, 9 deletions
diff --git a/manifest b/manifest
index 363a1881a..cdd193c94 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Omit\san\sunused\s#define.
-D 2024-06-03T12:36:43.671
+C Address\sa\scorner-case\sassociated\swith\sthe\scall-function-once\soptimization\nof\scheck-in\s[663f5dd32d9db832]\sthat\swas\scausing\sa\s(harmless)\suse\sof\san\nuninitialized\sbytecode\sregister.\ndbsqlfuzz\s8a44f675401a8b1f68a43bf813c4f4f72ad8f0ea
+D 2024-06-03T18:04:10.740
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -755,7 +755,7 @@ F src/printf.c 8b250972305e14b365561be5117ed0fd364e4fd58968776df1ce64c6280b90f9
 F src/random.c 606b00941a1d7dd09c381d3279a058d771f406c5213c9932bbd93d5587be4b9c
 F src/resolve.c 22f1fa3423b377c02ae78d451cfeb1c2d96dcf0389c0642cbdcd19d3bfd7ae01
 F src/rowset.c 8432130e6c344b3401a8874c3cb49fefe6873fec593294de077afea2dce5ec97
-F src/select.c cbdaf9cb2d9a697ee9ce1484f27d2e96762d33cc19259aedfb818a68b9d3be10
+F src/select.c 3b818d1b476c7108fdbbf6853c92fe4a933940474c77546f812e14f8aa2be03d
 F src/shell.c.in a4d5957a853d6065549a1f2d8f46ded9940f72835e0328bbad292560f36b4d45
 F src/sqlite.h.in 892d0c427608ad7128a0fe44e972d6c4197225f5077f64f07792ffa44c6ecd77
 F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8
@@ -1074,7 +1074,7 @@ F test/descidx2.test a0ba347037ff3b811f4c6ceca5fd0f9d5d72e74e59f2d9de346a9d2f6ad
 F test/descidx3.test 953c831df7ea219c73826dfbf2f6ee02d95040725aa88ccb4fa43d1a1999b926
 F test/diskfull.test 106391384780753ea6896b7b4f005d10e9866b6e
 F test/distinct.test 691c9e850b0d0b56b66e7e235453198cb4cf0760e324b7403d3c5abbeab0a014
-F test/distinct2.test c936bb8652258c04bf066706284f5cd54ec693817399dbd6503c49d41ace626e
+F test/distinct2.test 931a242fccaa05f17232e23acc9b2debe42901d90db723ddca038f7758951b5f
 F test/distinctagg.test 40d7169ae5846caaf62c6e307d2ca3c333daf9b6f7cde888956a339a97afe85f
 F test/e_blobbytes.test 4c01dfe4f12087b92b20705a3fdfded45dc4ed16d5a211fed4e1d2786ba68a52
 F test/e_blobclose.test 692fc02a058476c2222a63d97e3f3b2b809c1842e5525ded7f854d540ac2e075
@@ -2194,8 +2194,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 296eeb26c816bc734530cf446922f25be970b901c884df1a98083502f0d1e9f5
-R c2b235abe104a50bb52435bc7dd8e30a
+P 9c2de28a146e4cdfa4c05bf8dbd4ebb1156c71104001edf68e6dd5db21deb91f
+R d4496a035a38c25977bb772e3914abf4
 U drh
-Z 6a462a5c042ea727edcd9a050ecce1bd
+Z 1c72e2560aacb242bc05d4316fc90305
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index f21948cf0..cd909058c 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-9c2de28a146e4cdfa4c05bf8dbd4ebb1156c71104001edf68e6dd5db21deb91f
-\ No newline at end of file
+b37ac2d020873b78efa164036db4056406a67330679f850775da520cd8027cb9
+\ No newline at end of file
diff --git a/src/select.c b/src/select.c
index 9ff5c6c53..4671dfa6d 100644
--- a/src/select.c
+++ b/src/select.c
@@ -8331,7 +8331,11 @@ int sqlite3Select(
         }
 
         if( iOrderByCol ){
-          sqlite3ExprToRegister(p->pEList->a[iOrderByCol-1].pExpr, iAMem+j);
+          Expr *pX = p->pEList->a[iOrderByCol-1].pExpr;
+          Expr *pBase = sqlite3ExprSkipCollateAndLikely(pX);
+          if( ALWAYS(pBase!=0) && pBase->op!=TK_AGG_COLUMN ){
+            sqlite3ExprToRegister(pX, iAMem+j);
+          }
         }
       }
       sqlite3VdbeAddOp4(v, OP_Compare, iAMem, iBMem, pGroupBy->nExpr,
diff --git a/test/distinct2.test b/test/distinct2.test
index ca88f5a28..023e2e333 100644
--- a/test/distinct2.test
+++ b/test/distinct2.test
@@ -336,4 +336,30 @@ do_execsql_test 5040 {
   SELECT a FROM cnt WHERE a>45 GROUP BY 1;
 } {46 47 48 49 50}
 
+
+# 2024-06-03 dbsqlfuzz 8a44f675401a8b1f68a43bf813c4f4f72ad8f0ea
+# Use of uninitialized bytecode register due to the call-function-once
+# optimization at check-in 663f5dd32d9db832
+#
+db null NULL
+do_execsql_test 5050 {
+  CREATE TABLE t0(a TEXT); INSERT INTO t0 VALUES('abcd');
+  CREATE TABLE t1(b TEXT);
+  CREATE TABLE t2(c TEXT);
+  CREATE TABLE t3(d TEXT); INSERT INTO t3 VALUES('wxyz');
+  CREATE VIEW  v4(e) AS SELECT (SELECT t2.c FROM t0, t1 GROUP BY 1) FROM t2;
+  SELECT v4.e FROM t3 LEFT JOIN v4 ON true GROUP BY 1;
+} NULL
+do_execsql_test 5060 {
+  DROP VIEW v4;
+  CREATE VIEW  v4(e) AS SELECT (SELECT t2.c COLLATE nocase FROM t0, t1 GROUP BY 1) FROM t2;
+  SELECT v4.e FROM t3 LEFT JOIN v4 ON true GROUP BY 1;
+} NULL
+
+do_execsql_test 5070 {
+  DROP VIEW v4;
+  CREATE VIEW  v4(e) AS SELECT (SELECT unlikely(t2.c COLLATE nocase) FROM t0, t1 GROUP BY 1) FROM t2;
+  SELECT v4.e FROM t3 LEFT JOIN v4 ON true GROUP BY 1;
+} NULL
+
 finish_test
author	drh <>	2024-06-03 18:04:10 +0000
committer	drh <>	2024-06-03 18:04:10 +0000
commit	8741ca0819910e447d9637a4ecf8fcc7c0d556b7 (patch)
tree	48a6448179adca0477c0960664e5726178437690
parent	586b2b2a540873f41c8b1581a5f2a0651b57743f (diff)
download	sqlite-8741ca0819910e447d9637a4ecf8fcc7c0d556b7.tar.gz sqlite-8741ca0819910e447d9637a4ecf8fcc7c0d556b7.zip