Re: [sqlite] a bug report

Tue, 11 Jan 2011 03:21:34 -0800 

Hi Richard,

I don't know if I have collected accurate and enough information for you, 
please check and let me know.

As you said, I'm calling sqlite apis to add callbacks, without any kind of 
changes to sourcecode. The routine I'm using:

1. implement my own separate function, let's say, MY_FUNC.
2. call " sqlite3_create_function" to put it in
3. pass a querry like "select MY_FUNC(field1, field2) from table" to the db by 
calling " execQuery", field1 and field2 are both in text
4. MY_FUNC will get called, use "sqlite3_value_text(argv[0])" and 
"sqlite3_value_text(argv[1])" to read field1 and field2, and database blows up 
right there.

>From your reply, one thing is unclear. It doesn't crash on the line 453, but 
>458. "isLookaside" does return a false when p == 0 && db is valid, so it jumps 
>to line 458 and somehow couldn't even step into sqlite3MemSize before the 
>exception was thrown out.

"
if( p==0 ){
        return 0;
}
"

Above added lines did fix it, though I don't know why you took it out in 3.7.4.

Thanks,
Youfei
 
 
 

-----Original Message-----
From: drhsql...@gmail.com [mailto:drhsql...@gmail.com] On Behalf Of Richard Hipp
Sent: Saturday, January 08, 2011 8:07 AM
To: General Discussion of SQLite Database; Chen, Youfei
Subject: Re: [sqlite] a bug report

The relevant code in 3.7.4 (with assert() statements removed) is as
follows (line numbers o the left):

434 static int isLookaside(sqlite3 *db, void *p){
435   return p && p>=db->lookaside.pStart && p<db->lookaside.pEnd;
436 }
450 int sqlite3DbMallocSize(sqlite3 *db, void *p){
452   if( db && isLookaside(db, p) ){
453     return db->lookaside.sz;
454   }else{
458     return sqlite3GlobalConfig.m.xSize(p);
459   }
460 }

The isLookaside() function should return false if p==0.   So I do not
see how you might have segfaulted on the db->lookaside.sz expression
of line 453.  And even then, I don't see how such a segfault is
possible if db is still a valid pointer.

Can you please send a stack trace from the point where the original
3.7.4 segfaults?

Also:  What do you mean when you say "I added callback function
pointers to my sqlite database"?  Have you modified the code
someplace?  Or are you using one of the many SQLite APIs that sets
callback functions?  If the latter, can you please tell us which
routines you are using?


On Fri, Jan 7, 2011 at 6:00 PM, <youfei.c...@emc.com> wrote:
>
> Hi SQLite Team
>
>
>
> I added callback function pointers for my sqlite database and the
> program crashed in the function sqlite3DbMallocSize. Same code works
> fine with older release such as 3.6.15.
>
>
>
> I debugged and got the place where the exception was thrown.
>
>
>
> in 3.7.4
>
> SQLITE_PRIVATE int sqlite3DbMallocSize(sqlite3 *db, void *p){
>
>            assert( db==0 || sqlite3_mutex_held(db->mutex) );
>
>            else if( db && isLookaside(db, p) ){
>
>                        return db->lookaside.sz;
>
>            }else{
>
>                        assert( sqlite3MemdebugHasType(p, MEMTYPE_DB) );
>
>                        assert( sqlite3MemdebugHasType(p,
> MEMTYPE_LOOKASIDE|MEMTYPE_HEAP) );
>
>                        assert( db!=0 || sqlite3MemdebugNoType(p,
> MEMTYPE_LOOKASIDE) );
>
>                        return sqlite3GlobalConfig.m.xSize(p);
>
>            }
>
> }
>
>
>
> while in 3.6.15 it was implemented as
>
>
>
> SQLITE_PRIVATE int sqlite3DbMallocSize(sqlite3 *db, void *p){
>
>  assert( db==0 || sqlite3_mutex_held(db->mutex) );
>
>  if( p==0 ){
>
>    return 0;
>
>  }else if( isLookaside(db, p) ){
>
>    return db->lookaside.sz;
>
>  }else{
>
>    return sqlite3GlobalConfig.m.xSize(p);
>
>  }
>
> }
>
>
>
> So, in order to get my app fly, I modified 3.7.4 sqlite code by adding a
> few more lines (in red):
>
>
>
> SQLITE_PRIVATE int sqlite3DbMallocSize(sqlite3 *db, void *p){
>
>            assert( db==0 || sqlite3_mutex_held(db->mutex) );
>
>            if( p == 0 ) // youfei fixed to prevent  illegal memory
> access when callbacks get called
>
>            {
>
>                        return 0;
>
>            }
>
>            else if( db && isLookaside(db, p) ){
>
>                        return db->lookaside.sz;
>
>            }else{
>
>                        assert( sqlite3MemdebugHasType(p, MEMTYPE_DB) );
>
>                        assert( sqlite3MemdebugHasType(p,
> MEMTYPE_LOOKASIDE|MEMTYPE_HEAP) );
>
>                        assert( db!=0 || sqlite3MemdebugNoType(p,
> MEMTYPE_LOOKASIDE) );
>
>                        return sqlite3GlobalConfig.m.xSize(p);
>
>            }
>
> }
>
>
>
> In my code, *p is 0 when sqlite3DbMallocSize gets called, so a memory
> access violation exception is thrown by "return
> sqlite3GlobalConfig.m.xSize(p);". Previous release covers it well while
> the latest does not. After the modification my program gets back to
> work. Please verify my change and let me know if it's a bug missed by
> you experts?
>
>
>
> Thanks,
>
> Youfei
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> Youfei Chen | EMC Corporation <http://www.emc.com/>  | 176 South Street
> Hopkinton, MA 01748
> <http://maps.google.com/maps?f=q&hl=en&geocode=&q=176+South+Street+Hopki
> nton,+MA+01748>  | Direct #: (508)293-6402 | Extension: 76402 | Email:
> youfei.c...@emc.com <mailto:chen_you...@emc.com>
>
>
>
> _______________________________________________
> sqlite-users mailing list
> sqlite-users@sqlite.org
> http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users



--
D. Richard Hipp
d...@sqlite.org


_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Reply via email to