Segmentation fault in output_quoted_string function
(1) By Song Liu (songliu) on 2023-04-28 00:09:44 [source]
I found a segment fault while SQLite (latest, a63346d6a0c0ca7b) executes the following queries.
.mode column
.mode quote
.eqp 3
.limit LE 0
PRAGMA j
Here is the ASAN report:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==970188==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x0000005a43d3 bp 0x7fffffff9cd0 sp 0x7fffffff9c80 T0)
==970188==The signal is caused by a READ memory access.
==970188==Hint: address points to the zero page.
#0 0x5a43d3 in output_quoted_string /data/song/projects/testbug/sqlite_bisect/shell.c:17049:17
#1 0x5a213e in shell_callback /data/song/projects/testbug/sqlite_bisect/shell.c:17946:11
#2 0x5a9fe3 in exec_prepared_stmt /data/song/projects/testbug/sqlite_bisect/shell.c:19258:15
#3 0x52fcfc in shell_exec /data/song/projects/testbug/sqlite_bisect/shell.c:19500:13
#4 0x5b62b0 in runOneSqlLine /data/song/projects/testbug/sqlite_bisect/shell.c:26601:8
#5 0x532c3e in process_input /data/song/projects/testbug/sqlite_bisect/shell.c:26787:15
#6 0x50ad32 in main /data/song/projects/testbug/sqlite_bisect/shell.c:27708:12
#7 0x7ffff7b72082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
#8 0x41d69d in _start (/data/song/projects/testbug/sqlite3-asan+0x41d69d)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /data/song/projects/testbug/sqlite_bisect/shell.c:17049:17 in output_quoted_string
==970188==ABORTING
My compilation flags:
export CFLAGS="-g -DSQLITE_DEBUG
-DSQLITE_ENABLE_TREETRACE
-DSQLITE_ENABLE_WHERETRACE
-DSQLITE_ENABLE_CURSOR_HINTS
-DSQLITE_COUNTOFVIEW_OPTIMIZATION
-DSQLITE_ENABLE_STAT4"
./configure --enable-all --enable-debug --disable-shared && make
(2) By Larry Brasfield (larrybr) on 2023-04-28 00:59:32 in reply to 1 [link] [source]
Check-in 2881978d7b catches this problem (with a ";" added to last input line) sooner, avoiding the address fault.