should be it

2025-10-24 19:21:19 -05:00
parent a4b23fc57c
commit f09560c7b1
14047 changed files with 3161551 additions and 1 deletions
--- a/external/duckdb/test/issues/fuzz/argminmax_strings.test
+++ b/external/duckdb/test/issues/fuzz/argminmax_strings.test
@@ -0,0 +1,20 @@
+# name: test/issues/fuzz/argminmax_strings.test
+# description: Issue #3373: heap-use-after-free at string_type.hpp:76:10
+# group: [fuzz]
+
+statement ok
+PRAGMA enable_verification
+
+statement ok
+CREATE TABLE i_class_id AS
+	SELECT
+		LIST(i_category_id::integer) AS i_category_id,
+		LIST(i_category_id::VARCHAR) AS channel,
+		LIST([i_category_id]) AS sum_sales,
+		LIST({'a': i_category_id}) AS number_sales
+	FROM range(1, 6, 1) t1(i_category_id);
+
+query II
+select argmin(i_category_id,i_category_id::VARCHAR), argmax(i_category_id, i_category_id::VARCHAR) from i_class_id;
+----
+[1, 2, 3, 4, 5]	[1, 2, 3, 4, 5]
--- a/external/duckdb/test/issues/fuzz/bitwise_shift_overflow.test
+++ b/external/duckdb/test/issues/fuzz/bitwise_shift_overflow.test
@@ -0,0 +1,99 @@
+# name: test/issues/fuzz/bitwise_shift_overflow.test
+# description: Issue #3365: Undefined behavior at bitwise.cpp:148:38
+# group: [fuzz]
+
+statement ok
+PRAGMA enable_verification
+
+# issue tests
+statement error
+SELECT 1000::bigint<<55;
+----
+<REGEX>:Out of Range Error.*Overflow in left shift.*
+
+statement error
+SELECT 256::bigint<<55;
+----
+<REGEX>:Out of Range Error.*Overflow in left shift.*
+
+query I
+SELECT 255::bigint<<55;
+----
+9187343239835811840
+
+query I
+SELECT 0::bigint<<999;
+----
+0
+
+# all integer types
+# tinyint
+statement error
+SELECT 10::tinyint<<4::tinyint;
+----
+<REGEX>:Out of Range Error.*Overflow in left shift.*
+
+query I
+SELECT 10::tinyint<<3::tinyint;
+----
+80
+
+# cannot left shift negative numbers
+statement error
+SELECT (-128)::tinyint<<0::tinyint;
+----
+<REGEX>:Out of Range Error.*Cannot left-shift.*
+
+statement error
+SELECT (-10)::tinyint<<4::tinyint;
+----
+<REGEX>:Out of Range Error.*Cannot left-shift.*
+
+statement error
+SELECT (-10)::tinyint<<3::tinyint;
+----
+<REGEX>:Out of Range Error.*Cannot left-shift.*
+
+# smallint
+statement error
+SELECT 1000::smallint<<6::smallint;
+----
+<REGEX>:Out of Range Error.*Overflow in left shift.*
+
+query I
+SELECT 1000::smallint<<5::smallint;
+----
+32000
+
+# integer
+statement error
+SELECT 1000::integer<<22::integer;
+----
+<REGEX>:Out of Range Error.*Overflow in left shift.*
+
+query I
+SELECT 1000::integer<<21::integer;
+----
+2097152000
+
+# bigint
+statement error
+SELECT 1000::bigint<<54::bigint;
+----
+<REGEX>:Out of Range Error.*Overflow in left shift.*
+
+query I
+SELECT 1000::bigint<<53::bigint;
+----
+9007199254740992000
+
+# hugeint
+statement error
+SELECT 1000::hugeint<<118::hugeint;
+----
+<REGEX>:Out of Range Error.*Overflow in left shift.*
+
+query I
+SELECT 1000::hugeint<<117::hugeint;
+----
+166153499473114484112975882535043072000
--- a/external/duckdb/test/issues/fuzz/encode_string_data_crash.test
+++ b/external/duckdb/test/issues/fuzz/encode_string_data_crash.test
@@ -0,0 +1,37 @@
+# name: test/issues/fuzz/encode_string_data_crash.test
+# description: Issue #3350: SEGV in duckdb::EncodeStringDataPrefix
+# group: [fuzz]
+
+statement ok
+PRAGMA enable_verification
+
+statement ok
+CREATE TABLE strings(b REAL, a INTEGER);
+
+statement ok
+INSERT INTO strings VALUES
+  (5, 10), (10, 20), (13, 26), (13, 26),
+  (15, 30), (20, 40), (22,80), (30, 90);
+
+statement ok
+CREATE TABLE id(c TEXT, strings_with_null INTEGER);
+
+statement ok
+INSERT INTO id VALUES('c', NULL);
+
+query I
+SELECT sum(a) OVER (
+    PARTITION BY (
+SELECT c FROM id WHERE strings_with_null=a
+    ) ORDER BY a
+  ) FROM strings
+ORDER BY 1
+----
+10
+30
+82
+82
+112
+152
+232
+322
--- a/external/duckdb/test/issues/fuzz/foreign_key_index_selection.test
+++ b/external/duckdb/test/issues/fuzz/foreign_key_index_selection.test
@@ -0,0 +1,43 @@
+# name: test/issues/fuzz/foreign_key_index_selection.test
+# description: Issue #3352: String null pointer in foreign key
+# group: [fuzz]
+
+statement ok
+PRAGMA enable_verification
+
+statement ok
+CREATE TABLE s1(t0 INTEGER, a TEXT, b TEXT);
+
+# key does not exist
+statement error
+CREATE TABLE c2(c0 INTEGER, c1 INTEGER UNIQUE, FOREIGN KEY (c0) REFERENCES s1(tz));
+----
+<REGEX>:Binder Error:.*Failed to create foreign key.*
+
+# key does not have an index on it
+statement error
+CREATE TABLE c2(c0 INTEGER, c1 INTEGER UNIQUE, FOREIGN KEY (c0) REFERENCES s1(t0));
+----
+<REGEX>:Binder Error:.*Failed to create foreign key.*
+
+statement ok
+CREATE TABLE s2(t0 INTEGER, a TEXT, b TEXT, UNIQUE (t0, a));
+
+# key does not have an index on it
+statement error
+CREATE TABLE c2(c0 INTEGER, c1 INTEGER UNIQUE, FOREIGN KEY (c0) REFERENCES s2(t0));
+----
+<REGEX>:Binder Error:.*Failed to create foreign key.*
+
+# this works
+statement ok
+CREATE TABLE s3(t0 INTEGER UNIQUE, a TEXT, b TEXT, UNIQUE (t0, a));
+
+statement ok
+CREATE TABLE c2(c0 INTEGER, c1 INTEGER UNIQUE, FOREIGN KEY (c0) REFERENCES s3(t0));
+
+statement ok
+INSERT INTO s3 VALUES (1, 'a', 'b');
+
+statement ok
+INSERT INTO c2 VALUES (1, 2);
--- a/external/duckdb/test/issues/fuzz/function_pointer_crash_in_subquery.test
+++ b/external/duckdb/test/issues/fuzz/function_pointer_crash_in_subquery.test
@@ -0,0 +1,17 @@
+# name: test/issues/fuzz/function_pointer_crash_in_subquery.test
+# description: Issue 3351: NullPointer at duckdb/src/function/function.cpp:368:29
+# group: [fuzz]
+
+statement ok
+PRAGMA enable_verification
+
+statement ok
+CREATE TABLE strings(a INTEGER);
+
+statement ok
+CREATE TABLE c0(test2 tinyint, s1 smallint, s2 integer, test1 bigint, i double, id real, c1 varchar);
+
+statement error
+SELECT * FROM c0 s1 INNER JOIN c0 s2 ON (SELECT s1.s2=s2 FROM c0 WHERE s2.s2=s2) ORDER BY s1.s2;
+----
+Binder Error: Cannot extract field 's2' from expression "s1"
--- a/external/duckdb/test/issues/fuzz/multi_rollup_assertion.test
+++ b/external/duckdb/test/issues/fuzz/multi_rollup_assertion.test
@@ -0,0 +1,14 @@
+# name: test/issues/fuzz/multi_rollup_assertion.test
+# description: Issue 3349: Assertion Failed: chunk.ColumnCount() == op.aggregates.size()
+# group: [fuzz]
+
+statement ok
+PRAGMA enable_verification
+
+statement ok
+create table strings (a VARCHAR, b VARCHAR);
+
+query III
+select b, b, count(*) from strings group by rollup (b, b) order by 1, 2, 3;
+----
+NULL	NULL	0
--- a/external/duckdb/test/issues/fuzz/nan_progress.test
+++ b/external/duckdb/test/issues/fuzz/nan_progress.test
@@ -0,0 +1,17 @@
+# name: test/issues/fuzz/nan_progress.test
+# description: Issue 3366: NaN in progress bar
+# group: [fuzz]
+
+statement ok
+SET enable_progress_bar=true;
+
+statement ok
+WITH RECURSIVE t AS
+(
+	SELECT 1 AS x
+UNION
+	SELECT t1.x + t2.x + t3.x AS x
+	FROM t t1, t t2, t t3
+	WHERE t1.x < 100
+)
+SELECT * FROM t ORDER BY 1;
--- a/external/duckdb/test/issues/fuzz/prepared_statement_crash.test
+++ b/external/duckdb/test/issues/fuzz/prepared_statement_crash.test
@@ -0,0 +1,12 @@
+# name: test/issues/fuzz/prepared_statement_crash.test
+# description: Issue #3364: heap-use-after-free in duckdb::LogicalType::operator==(duckdb::LogicalType const&)
+# group: [fuzz]
+
+statement ok
+PREPARE s1 AS SELECT CAST(? AS INTEGER), CAST(? AS STRING);
+
+statement ok
+SELECT MIN ( DISTINCT + CAST ( NULL AS INTEGER ) ) * COUNT ( * ) * - + 16 * CASE + + AVG ( ALL 97 ) WHEN ( + NULLIF ( SUM ( CAST ( NULL AS REAL ) ), 6 ) ) THEN 51 * 31 + - 6 WHEN + 48 * - 34 THEN NULL WHEN 91 * + ( SUM ( CAST ( NULL AS INTEGER ) ) ) THEN NULL END * - 4 + - 67;
+
+statement ok
+EXECUTE s1(42, 'dpfkg');
--- a/external/duckdb/test/issues/fuzz/recursive_view_expression_assertion.test
+++ b/external/duckdb/test/issues/fuzz/recursive_view_expression_assertion.test
@@ -0,0 +1,20 @@
+# name: test/issues/fuzz/recursive_view_expression_assertion.test
+# description: Issue #3354: Assertion Failed at expression_iterator.cpp:187
+# group: [fuzz]
+
+statement ok
+PRAGMA enable_verification
+
+statement ok
+PRAGMA threads=1
+
+statement ok
+create view strings as (with recursive t(a) as (select 1 union select a+1 from t where a < 3) select * from t order by a);
+
+# this is the original issue #3354 bug
+statement ok
+SELECT a, (SELECT a FROM strings i2 WHERE a=(SELECT SUM(a) FROM strings i2 WHERE i2.a>i1.a)) FROM strings i1 ORDER BY 1;
+
+# related issue #4445 bug
+statement ok
+SELECT a, (SELECT a FROM strings i2 RIGHT JOIN (SELECT SUM(a) sum_a FROM strings i2 WHERE i2.a>i1.a) sq ON i2.a = sq.sum_a) FROM strings i1 ORDER BY 1;
--- a/external/duckdb/test/issues/fuzz/sequence_overflow.test
+++ b/external/duckdb/test/issues/fuzz/sequence_overflow.test
@@ -0,0 +1,58 @@
+# name: test/issues/fuzz/sequence_overflow.test
+# description: Issue #3361: signed integer overflow in sequence
+# group: [fuzz]
+
+require skip_reload
+
+statement ok
+create sequence test INCREMENT BY -1 MINVALUE -9223372036854775808 MAXVALUE -9223372036854775800 CYCLE;
+
+query I
+SELECT nextval('test') from generate_series(0,20);
+----
+-9223372036854775800
+-9223372036854775801
+-9223372036854775802
+-9223372036854775803
+-9223372036854775804
+-9223372036854775805
+-9223372036854775806
+-9223372036854775807
+-9223372036854775808
+-9223372036854775800
+-9223372036854775801
+-9223372036854775802
+-9223372036854775803
+-9223372036854775804
+-9223372036854775805
+-9223372036854775806
+-9223372036854775807
+-9223372036854775808
+-9223372036854775800
+-9223372036854775801
+-9223372036854775802
+
+query I
+SELECT nextval('test') from generate_series(0,20);
+----
+-9223372036854775803
+-9223372036854775804
+-9223372036854775805
+-9223372036854775806
+-9223372036854775807
+-9223372036854775808
+-9223372036854775800
+-9223372036854775801
+-9223372036854775802
+-9223372036854775803
+-9223372036854775804
+-9223372036854775805
+-9223372036854775806
+-9223372036854775807
+-9223372036854775808
+-9223372036854775800
+-9223372036854775801
+-9223372036854775802
+-9223372036854775803
+-9223372036854775804
+-9223372036854775805
--- a/external/duckdb/test/issues/fuzz/sqlite_wrapper_crash.test
+++ b/external/duckdb/test/issues/fuzz/sqlite_wrapper_crash.test
@@ -0,0 +1,14 @@
+# name: test/issues/fuzz/sqlite_wrapper_crash.test
+# description: Issue #3353: NullPointer at sqlite3_api_wrapper.cpp:237:75
+# group: [fuzz]
+
+statement ok
+PRAGMA enable_verification
+
+statement ok
+CREATE TABLE strings (a INTEGER DEFAULT -1, b INTEGER DEFAULT -2, t0 INTEGER DEFAULT -3);
+
+statement ok
+DELETE FROM strings
+WHERE b IN (SELECT sum(a) FROM strings GROUP BY b)
+RETURNING *;
--- a/external/duckdb/test/issues/fuzz/stats_propagation_overflow.test
+++ b/external/duckdb/test/issues/fuzz/stats_propagation_overflow.test
@@ -0,0 +1,21 @@
+# name: test/issues/fuzz/stats_propagation_overflow.test
+# description: Issue #3367: signed integer overflow at propagate_and_compress.cpp:79:37
+# group: [fuzz]
+
+statement ok
+PRAGMA enable_verification
+
+statement ok
+CREATE TABLE test(a BIGINT);
+
+statement ok
+INSERT INTO test VALUES(-5361272612100082873);
+
+statement ok
+INSERT INTO test VALUES(3877673001272535186);
+
+query I
+SELECT a FROM test ORDER BY 1;
+----
+-5361272612100082873
+3877673001272535186