The PoC is generated by my DBMS fuzzer.

CREATE TABLE v0 ( v1 SMALLINT CHECK ( CONTAINS ( ‘del’ , ‘reabbreviating’ , ‘diamonds’ ) ) ) ;

backtrace:

#0 0xdeab6a (box_equal+0xba) #1 0x773df3 (sqlo_cname_ot+0x53) #2 0x6e0161 (sqlo_df+0x461) #3 0x6e0d6c (sqlo_df+0x106c) #4 0x6e067f (sqlo_df+0x97f) #5 0x70ea77 (sqlo_top_2+0x267) #6 0x70e4a5 (sqlo_top_1+0x135) #7 0x70ffa6 (sqlo_top_select+0x156) #8 0x6b9b6f (sql_stmt_comp+0x8bf) #9 0x6bc9d2 (sql_compile_1+0x1a62) #10 0x4e213f (ddl_table_check_constraints_define_triggers+0x1af) #11 0x4e462d (ddl_table_constraints+0xd0d) #12 0x4e5331 (sql_ddl_node_input_1+0xbc1) #13 0x4e57ee (sql_ddl_node_input+0x10e) #14 0x7bcb0b (ddl_node_input_1+0x19b) #15 0x7bd1e7 (qn_without_ac_at+0xc7) #16 0x7af05e (qn_input+0x3ce) #17 0x7c1be9 (qr_dml_array_exec+0x839) #18 0x7ce602 (sf_sql_execute+0x15d2) #19 0x7cecde (sf_sql_execute_w+0x17e) #20 0x7d799d (sf_sql_execute_wrapper+0x3d) #21 0xe214bc (future_wrapper+0x3fc) #22 0xe28dbe (_thread_boot+0x11e) #23 0x7f4182517609 (start_thread+0xd9) #24 0x7f41822e7133 (clone+0x43)

ways to reproduce (write poc to the file /tmp/test.sql first):

remove the old one

docker container rm virtdb_test -f

start virtuoso through docker

docker run --name virtdb_test -itd --env DBA_PASSWORD=dba openlink/virtuoso-opensource-7:7.2.11

wait the server starting

sleep 10

check whether the simple query works

echo “SELECT 1;” | docker exec -i virtdb_test isql 1111 dba

run the poc

cat /tmp/test.sql | docker exec -i virtdb_test isql 1111 dba