Greetings!
I've been experiencing SEGV's from the Sqlite Tcl extension. I
originally started to receive some time ago when Arch Linux upgraded to
Tcl 8.6. Reverting back just Tcl to 8.5 made the dumps go away. I
proceeded to exclude Tcl from updating until Arch "self-destructed" for
me on an update and I returned to Fedora. I've been on F20 for some
time (which has Tcl 8.5) and in the last month moved to F21.
Immediately, the SEGV returned since F21 includes Tcl 8.6.
I think I've finally isolated the cause, but it appears to require Tcl
8.6 plus Itcl plus Sqlite plus a specific naming of variables. For me,
the following example code produces a core dump. (This under Linux
3.19.7-200.fc21.x86_64, Tcl 8.6.3, Itcl 4.0.0, sqlite-tcl 3.8.9.) As a
result, I'm not sure whether it is Tcl, Itcl, Sqlite that is at the
root (or me, for that matter), but since the dump occurs in Sqlite I
figure I should start here, not having found any prior resolution from
searching the web.
Here's the code:
#!/bin/sh
# \
exec tclsh "$0" "$@"
package require sqlite3
package require Itcl
if { [file exists "foo.db"] } {file delete "foo.db"}
sqlite3 db "foo.db"
db eval {
CREATE TABLE foo_table (
id integer primary key autoincrement,
v text
)}
itcl::class foo {
variable v
constructor {id} {
set v [db onecolumn {
SELECT v FROM foo_table
WHERE id=:id
}]
}
proc create {vv} {
set v $vv
db eval {
INSERT INTO foo_table
(v)
VALUES(:v)
}
set id [db last_insert_rowid]
return [foo ::#auto $id]
}
method get_v {} {
return $v
}
}
set obj [foo::create "boom"]
The trigger for the dump is apparently the overloading of an instance
variable with a local variable of the same name within a class proc. In
proc create, the dump occurs as coded but if I change variable v to be x
instead (in the set and db eval) the dump goes away.
Since the variable v is local to the proc and the proc has no access
to the instance variables, I'd not expect there to be a conflict.
There would seem to be something that changed in Tcl 8.6 (and/or
maybe in Itcl...F20 did not have Itcl4, but I do not remember if Arch
had gone to Itcl4 back in the day) that affects Sqlite Tcl extension.
Here's the back trace I get from the dump:
Program terminated with signal SIGSEGV, Segmentation fault.
#0 dbPrepareAndBind (ppPreStmt=<optimized out>, pzOut=<optimized out>,
zIn=<optimized out>,
pDb=<optimized out>)
at /usr/src/debug/sqlite-src-3080900/src/tclsqlite.c:1193
1193 const char *zType = (pVar->typePtr ?
pVar->typePtr->name : "");
(gdb) where
#0 dbPrepareAndBind (ppPreStmt=<optimized out>, pzOut=<optimized out>,
zIn=<optimized out>,
pDb=<optimized out>)
at /usr/src/debug/sqlite-src-3080900/src/tclsqlite.c:1193
#1 dbEvalStep (p=p at entry=0x7fff91886250)
at /usr/src/debug/sqlite-src-3080900/src/tclsqlite.c:1420
#2 0x00007fde22aab3a8 in DbObjCmd (cd=0x145e870, interp=0x12f77a0,
objc=<optimized out>,
objv=<optimized out>)
at /usr/src/debug/sqlite-src-3080900/src/tclsqlite.c:2286
#3 0x00007fde2a971b83 in Dispatch (data=<optimized out>,
interp=0x12f77a0, result=<optimized out>)
at /usr/src/debug/tcl8.6.3/generic/tclBasic.c:4359
#4 0x00007fde2a96e5e7 in TclNRRunCallbacks (interp=0x12f77a0,
result=0, rootPtr=0x133fbc0)
at /usr/src/debug/tcl8.6.3/generic/tclBasic.c:4392
#5 0x00007fde225b7d12 in Itcl_EvalMemberCode (interp=0x12f77a0,
imPtr=0x14b0950,
contextIoPtr=0x0, objc=2, objv=0x13054c0) at
generic/itclMethod.c:1276
#6 0x00007fde225b7e47 in NRExecProc (clientData=0x14b0950,
interp=0x12f77a0, objc=2,
objv=0x13054c0) at generic/itclMethod.c:1718
#7 0x00007fde2a971b83 in Dispatch (data=<optimized out>,
interp=0x12f77a0, result=<optimized out>)
at /usr/src/debug/tcl8.6.3/generic/tclBasic.c:4359
#8 0x00007fde2a96e5e7 in TclNRRunCallbacks (interp=0x12f77a0,
result=0, rootPtr=0x133fbc0)
at /usr/src/debug/tcl8.6.3/generic/tclBasic.c:4392
#9 0x00007fde2a971b83 in Dispatch (data=<optimized out>,
interp=0x12f77a0, result=<optimized out>)
at /usr/src/debug/tcl8.6.3/generic/tclBasic.c:4359
#10 0x00007fde2a96e5e7 in TclNRRunCallbacks
(interp=interp at entry=0x12f77a0, result=0, rootPtr=0x0)
at /usr/src/debug/tcl8.6.3/generic/tclBasic.c:4392
#11 0x00007fde2a96e67f in Tcl_EvalObjv (interp=interp at entry=0x12f77a0,
objc=objc at entry=2,
objv=objv at entry=0x13054c0, flags=flags at entry=2097168)
at /usr/src/debug/tcl8.6.3/generic/tclBasic.c:4123
#12 0x00007fde2a970615 in TclEvalEx (interp=interp at entry=0x12f77a0,
script=0x1352ff2 "foo::create \"boom\"]\n\t\t\n",
numBytes=<optimized out>,
flags=flags at entry=0, line=44, clNextOuter=<optimized out>,
outerScript=0x1352db0 "#!/bin/sh\n# \\\nexec tclsh \"$0\"
\"$@\"\n\npackage require sqlite3\npackage require Itcl\n\nif { [file
exists \"foo.db\"] } {file delete \"foo.db\"}\nsqlite3 db
\"foo.db\"\n\ndb eval {\n\tCREATE TABLE foo_table (\n\t\tid int"...)
at /usr/src/debug/tcl8.6.3/generic/tclBasic.c:5261 #13
0x00007fde2aa3df55 in TclSubstTokens (interp=interp at entry=0x12f77a0,
tokenPtr=tokenPtr at entry=0x1304ec8, count=1,
tokensLeftPtr=tokensLeftPtr at entry=0x0, line=line at entry=44,
clNextOuter=clNextOuter at entry=0x0, outerScript=0x1352db0 "#!/bin/sh\n#
\\\nexec tclsh \"$0\" \"$@\"\n\npackage require sqlite3\npackage
require Itcl\n\nif { [file exists \"foo.db\"] } {file delete
\"foo.db\"}\nsqlite3 db \"foo.db\"\n\ndb eval {\n\tCREATE TABLE
foo_table (\n\t\tid int"...)
at /usr/src/debug/tcl8.6.3/generic/tclParse.c:2247 #14
0x00007fde2a9702d0 in TclEvalEx (interp=interp at entry=0x12f77a0,
script=0x1352db0 "#!/bin/sh\n# \\\nexec tclsh \"$0\" \"$@\"\n\npackage
require sqlite3\npackage require Itcl\n\nif { [file exists
\"foo.db\"] } {file delete \"foo.db\"}\nsqlite3 db \"foo.db\"\n\ndb
eval {\n\tCREATE TABLE foo_table (\n\t\tid int"..., numBytes=<optimized
out>, flags=flags at entry=0, line=44, line at entry=1,
out>clNextOuter=clNextOuter at entry=0x0, outerScript=0x1352db0
out>"#!/bin/sh\n# \\\nexec tclsh \"$0\" \"$@\"\n\npackage require
out>sqlite3\npackage require Itcl\n\nif { [file exists \"foo.db\"] }
out>{file delete \"foo.db\"}\nsqlite3 db \"foo.db\"\n\ndb eval
out>{\n\tCREATE TABLE foo_table (\n\t\tid int"...)
out>at /usr/src/debug/tcl8.6.3/generic/tclBasic.c:5148 #15
out>0x00007fde2aa2aba0 in Tcl_FSEvalFileEx
(interp=interp at entry=0x12f77a0,
pathPtr=pathPtr at entry=0x133ed80, encodingName=<optimized out>)
at /usr/src/debug/tcl8.6.3/generic/tclIOUtil.c:1815
#16 0x00007fde2aa31cdc in Tcl_MainEx (argc=<optimized out>,
argc at entry=2, argv=0x7fff91886d38,
argv at entry=0x7fff91886d28, appInitProc=appInitProc at entry=0x400970
<Tcl_AppInit>,
interp=0x12f77a0) at /usr/src/debug/tcl8.6.3/generic/tclMain.c:417
#17 0x0000000000400864 in main (argc=2, argv=0x7fff91886d28)
at /usr/src/debug/tcl8.6.3/unix/tclAppInit.c:84
For what it's worth (since I know gdb sometimes has difficulty
accessing valid memory in a core dump), it would appear that an
invalid value in pVar is at the root of the SEGV:
(gdb) print pVar
$3 = (Tcl_Obj *) 0x100000003
(gdb) print pVar->typePtr
Cannot access memory at address 0x10000001b
Many thanks for your attention through this e-mail so far. Please let
me know if there is any additional information or assistance I can
provide. I've been changing my code to rename variables within class
procs to avoid triggering the SEGV so my code is working now and at
least I know what to look for should I get a dump.
Cheers!
