SQLite Forum

Crash while sqlite3_prepare_v2 with signal SIGFPE in SQLite version 3.31.01
Login

Crash while sqlite3_prepare_v2 with signal SIGFPE in SQLite version 3.31.01

(1.1) Originally by RomiG (RomioGeek) with edits by Richard Hipp (drh) on 2020-07-21 10:40:50 from 1.0 [link] [source]

Occasional crash (signal SIGFPE) is being observed while sqlite3_prepare_v2() is being performed for following SQLite query. Same query run fine usually but crashes once in a while. 

Query:
"SELECT column1, column2, column3, column4, column5, column6 FROM MetaDataTable WHERE column1=? COLLATE NOCASE  AND column2=? COLLATE NOCASE "

Back trace:
Program terminated with signal SIGFPE, Arithmetic exception.
#0 raise (sig=8) at ../sysdeps/unix/sysv/linux/raise.c:50

(gdb) bt
#0  raise (sig=8) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x48c26e3c in __aeabi_ldiv0 () at ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/libgcc/config/arm/lib1funcs.S:1545
#2  0x48b68b00 in findElementWithHash (pH=pH@entry=0xe2064, pKey=pKey@entry=0xa6c24be4 "NOCASE", pHash=pHash@entry=0x0)
    at ../sqlite-autoconf-3310100/sqlite3.c:32688
#3  0x48b760e4 in sqlite3HashFind (pKey=0xa6c24be4 "NOCASE", pH=0xe2064) at ../sqlite-autoconf-3310100/sqlite3.c:32843
#4  findCollSeqEntry (db=db@entry=0xe1ed0, zName=zName@entry=0xa6c24be4 "NOCASE", create=0) at ../sqlite-autoconf-3310100/sqlite3.c:48727
#5  0x48ba24fc in sqlite3FindCollSeq (create=0, zName=0xa6c24be4 "NOCASE", enc=1 '\001', db=0xe1ed0) at ../sqlite-autoconf-3310100/sqlite3.c:114317
#6  sqlite3GetCollSeq (pParse=pParse@entry=0xaefff098, enc=<optimized out>, pColl=0x0, zName=0xa6c24be4 "NOCASE")
    at ../sqlite-autoconf-3310100/sqlite3.c:48816
#7  0x48ba3d64 in sqlite3ExprCollSeq (pParse=0xaefff098, pExpr=<optimized out>) at ../sqlite-autoconf-3310100/sqlite3.c:98853
#8  0x48ba8884 in whereScanNext (pScan=0xaeffe734) at ../sqlite-autoconf-3310100/sqlite3.c:144115
#9  0x48ba8aa0 in sqlite3WhereFindTerm (pWC=pWC@entry=0xa6c21a38, iCur=iCur@entry=0, iColumn=iColumn@entry=0, notReady=0, op=op@entry=130, 
    pIdx=pIdx@entry=0x119f70) at ../sqlite-autoconf-3310100/sqlite3.c:144252
#10 0x48be2df0 in whereShortCut (pBuilder=0x0, pBuilder=0x0) at ../sqlite-autoconf-3310100/sqlite3.c:148298
#11 sqlite3WhereBegin (pParse=pParse@entry=0xaefff098, pTabList=0xa6c240b0, pTabList@entry=0x0, pWhere=pWhere@entry=0x0, pOrderBy=<optimized out>, 
    pResultSet=0xa6c22800, wctrlFlags=7888, wctrlFlags@entry=60280, iAuxArg=320) at ../sqlite-autoconf-3310100/sqlite3.c:17587
#12 0x48bd088c in sqlite3Select (pParse=pParse@entry=0xaefff098, p=<optimized out>, pDest=0x804000, pDest@entry=0xaeffeb70)
    at ../sqlite-autoconf-3310100/sqlite3.c:134081
#13 0x48c010a4 in yy_reduce (yyLookahead=<optimized out>, pParse=<optimized out>, yyLookaheadToken=..., yyruleno=1219997008, yypParser=0xaeffeb88)
    at ../sqlite-autoconf-3310100/sqlite3.c:155887
#14 sqlite3Parser (yyminor=..., yymajor=<optimized out>, yyp=0xaeffeb88) at ../sqlite-autoconf-3310100/sqlite3.c:26109
#15 sqlite3RunParser (pParse=pParse@entry=0xaefff098, zSql=<optimized out>, 
    zSql@entry=0x16e4f0 "SELECT column1, column2, column3, column4, column5, column6 FROM MetaDataTable WHERE column1=? COLLATE NOCASE  AND column2=? COLLATE NOCASE ", pzErrMsg=pzErrMsg@entry=0xaefff088) at ../sqlite-autoconf-3310100/sqlite3.c:27383
#16 0x48c0600c in sqlite3Prepare (db=db@entry=0xe1ed0, 
    zSql=zSql@entry=0x16e4f0 "SELECT column1, column2, column3, column4, column5, column6 FROM MetaDataTable WHERE column1=? COLLATE NOCASE  AND column2=? COLLATE NOCASE ", nBytes=nBytes@entry=171, prepFlags=prepFlags@entry=128, pReprepare=pReprepare@entry=0x0, 
    ppStmt=ppStmt@entry=0xaefff250, pzTail=pzTail@entry=0x0) at ../sqlite-autoconf-3310100/sqlite3.c:127575
#17 0x48c06394 in sqlite3LockAndPrepare (db=0xe1ed0, 
    zSql=0x16e4f0 "SELECT column1, column2, column3, column4, column5, column6 FROM MetaDataTable WHERE column1=? COLLATE NOCASE  AND column2=? COLLATE NOCASE ", nBytes=171, prepFlags=128, pOld=0x0, ppStmt=0xaefff250, pzTail=0x0) at ../sqlite-autoconf-3310100/sqlite3.c:127647
#18 0x48c064cc in sqlite3_prepare_v2 (db=<optimized out>, 
    zSql=zSql@entry=0x16e4f0 "SELECT column1, column2, column3, column4, column5, column6 FROM MetaDataTable WHERE column1=? COLLATE NOCASE  AND column2=? COLLATE NOCASE ", nBytes=<optimized out>, ppStmt=ppStmt@entry=0xaefff250, pzTail=pzTail@entry=0x0)
    at ../sqlite-autoconf-3310100/sqlite3.c:127731

(2.1) Originally by RomiG (RomioGeek) with edits by Richard Hipp (drh) on 2020-07-21 10:41:07 from 2.0 in reply to 1.0 [source]

Second time when i hit crash again on "findElementWithHash" SQLite API, it was with signal SIGSEGV and on a different select query which usually works fine. Crash is occasional in both the cases and crashes on "findElementWithHash".

Select Query:
"select column1, column2, column3 from CurrentTable where UPPER(column1)=UPPER(?);"

Back Trace:
Program terminated with signal SIGSEGV, Segmentation fault.
#0 sqlite3StrICmp (zRight=0x109c2c "UPPER", zLeft=<error reading variable: Cannot access memory at address 0xc>) at ../sqlite-autoconf-3310100/sqlite3.c:32794
32794 ../sqlite-autoconf-3310100/sqlite3.c: No such file or directory.
(gdb) bt
#0 sqlite3StrICmp (zRight=0x109c2c "UPPER", zLeft=<error reading variable: Cannot access memory at address 0xc>) at ../sqlite-autoconf-3310100/sqlite3.c:32794
#1 findElementWithHash (pH=0xe1e44, pH@entry=0x42d26224 <sqlite3FindFunction+76>, pKey=pKey@entry=0x109c2c "UPPER", pHash=pHash@entry=0x0) at ../sqlite-autoconf-3310100/sqlite3.c:32794
#2 0x42d26224 in sqlite3HashFind (pKey=0x109c2c "UPPER", pH=0x42d26224 <sqlite3FindFunction+76>) at ../sqlite-autoconf-3310100/sqlite3.c:32843
#3 sqlite3FindFunction (db=db@entry=0xe1cc0, zName=zName@entry=0x109c2c "UPPER", nArg=nArg@entry=1, enc=enc@entry=1 '\001', createFlag=createFlag@entry=0 '\000') at ../sqlite-autoconf-3310100/sqlite3.c:49015
#4 0x42d64b20 in resolveExprStep (pWalker=0xaeffe9e0, pExpr=0x109bf8) at ../sqlite-autoconf-3310100/sqlite3.c:97581
#5 0x42d2a1f0 in walkExpr (pWalker=pWalker@entry=0xaeffe9e0, pExpr=0x109bf8) at ../sqlite-autoconf-3310100/sqlite3.c:96627
#6 0x42d2a218 in walkExpr (pWalker=pWalker@entry=0xaeffe9e0, pExpr=pExpr@entry=0x109b78) at ../sqlite-autoconf-3310100/sqlite3.c:96631
#7 0x42d4f5ec in sqlite3WalkExpr (pExpr=0x109b78, pWalker=0xaeffe9e0) at ../sqlite-autoconf-3310100/sqlite3.c:99342
#8 sqlite3ResolveExprNames (pNC=pNC@entry=0xaeffea4c, pExpr=0x109b78) at ../sqlite-autoconf-3310100/sqlite3.c:33021
#9 0x42d57b5c in resolveSelectStep (pWalker=<optimized out>, p=0x1084f8) at ../sqlite-autoconf-3310100/sqlite3.c:98385
#10 0x42d2a05c in sqlite3WalkSelect (pWalker=pWalker@entry=0xaeffead0, p=p@entry=0x1084f8) at ../sqlite-autoconf-3310100/sqlite3.c:96749
#11 0x42d2c96c in sqlite3WalkSelect (p=0x1084f8, pWalker=0xaeffead0) at ../sqlite-autoconf-3310100/sqlite3.c:98613
#12 sqlite3ResolveSelectNames (pOuterNC=0x0, p=0x1084f8, pParse=0xaefff220) at ../sqlite-autoconf-3310100/sqlite3.c:33077
#13 sqlite3SelectPrep (pParse=0xaefff220, p=0x1084f8, pOuterNC=0x0) at ../sqlite-autoconf-3310100/sqlite3.c:2129
#14 0x42d7f008 in sqlite3Select (pParse=pParse@entry=0xaefff220, p=0x1084f8, pDest=0x4242a9b4 <gShmData>, pDest@entry=0xaeffecf8) at ../sqlite-autoconf-3310100/sqlite3.c:133637
#15 0x42db10a4 in yy_reduce (yyLookahead=<optimized out>, pParse=<optimized out>, yyLookaheadToken=..., yyruleno=136, yypParser=0xaeffed10) at ../sqlite-autoconf-3310100/sqlite3.c:155887
#16 sqlite3Parser (yyminor=..., yymajor=<optimized out>, yyp=0xaeffed10) at ../sqlite-autoconf-3310100/sqlite3.c:26109
#17 sqlite3RunParser (pParse=pParse@entry=0xaefff220, zSql=<optimized out>, zSql@entry=0x42e44268 "select column1, column2, column3 from CurrentTable where UPPER(column1)=UPPER(?);",
pzErrMsg=pzErrMsg@entry=0xaefff210) at ../sqlite-autoconf-3310100/sqlite3.c:27383
#18 0x42db600c in sqlite3Prepare (db=db@entry=0xe1cc0, zSql=zSql@entry=0x42e44268 "select column1, column2, column3 from CurrentTable where UPPER(column1)=UPPER(?);", nBytes=nBytes@entry=-1,
prepFlags=prepFlags@entry=128, pReprepare=pReprepare@entry=0x0, ppStmt=ppStmt@entry=0xaefff3d8, pzTail=pzTail@entry=0x0) at ../sqlite-autoconf-3310100/sqlite3.c:127575
#19 0x42db6394 in sqlite3LockAndPrepare (db=0xe1cc0, zSql=0x42e44268 "select column1, column2, column3 from CurrentTable where UPPER(column1)=UPPER(?);", nBytes=-1, prepFlags=128, pOld=0x0,
ppStmt=0xaefff3d8, pzTail=0x0) at ../sqlite-autoconf-3310100/sqlite3.c:127647
#20 0x42db64cc in sqlite3_prepare_v2 (db=<optimized out>, zSql=<optimized out>, nBytes=nBytes@entry=-1, ppStmt=ppStmt@entry=0xaefff3d0, pzTail=pzTail@entry=0x0) at ../sqlite-autoconf-3310100/sqlite3.c:127731

(3) By Larry Brasfield (LarryBrasfield) on 2020-07-21 16:17:02 in reply to 2.1 [link] [source]

You need to build your application with one of many available packages that instrument heap usage (and abusage) to be sure that you have not corrupted the heap. The kind of problem you report is, almost without exception, caused by corruption of the data structures comprising the heap's book-keeping. And if your allocations properly match up with deallocations, as the suggested tool may show, then you need to determine whether your application is stepping on that data via a write through a bad pointer.

The query you cite as having induced the failure during a sqlite3_prepare_v2() call is not one which reaches some strange, untested combination of conditions within the SQLite parser, semantic analyzer, or code generator. The genesis of the problem is exceedingly likely to be in your own code.

(4) By RomiG (RomioGeek) on 2020-07-23 05:27:35 in reply to 3 [link] [source]

Thanks for your response. I will check if there was any process heap corruption which lead to this issue.

(5) By Stephan Beal (stephan) on 2020-07-23 05:48:30 in reply to 4 [link] [source]

I will check if there was any process heap corruption which lead to this issue.

The thing is that heap corruption can lead to just about anything, and it is often not consistently reproducible, especially across environments. FWIW, i second Lee's suspicion that your problem is heap corruption via a double-free, memory over/under-run, use-after-free, or a similar misuse.

(6) By RomiG (RomioGeek) on 2020-07-26 13:57:52 in reply to 5 [link] [source]

Thanks Stephan and Larry for your inputs. As suspected, it was application heap corruption issue which was leading to this crash.

This thread can be closed!!