sqlcipher have native crash

[androidhw]

Our android app is using sqlcipher, and it's version is 3.5.4. We found our app crashed on Android7.1.1 device, and the log is below:

signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x40400008 r0 40400000 r1 00000001 r2 714275f0 r3 c0a00000 r4 40400000 r5 a13d851c r6 a13d8704 r7 aa6ba308 r8 00000000 r9 00000000 sl b422e318 fp aa697b88 ip a4dafbf4 sp a2edfce8 lr a4ca75a7 pc a4ca7588 cpsr 800e0030 d0 0000000000000000 d1 0000000000000000 d2 0000000000000000 d3 0000000000000000 d4 0000000000000000 d5 0000000000000000 d6 0000000000000000 d7 0000000000000000 d8 0000000000000000 d9 0000000000000000 d10 0000000000000000 d11 0000000000000000 d12 0000000000000000 d13 0000000000000000 d14 0000000000000000 d15 0000000000000000 d16 0000000000000000 d17 0000000000000000 d18 00000000130e7bc0 d19 00000000131011d0 d20 0000000000000000 d21 000000000000016f d22 3ff0000000000000 d23 392f1976b7ed8fc0 d24 4008000000000000 d25 3fdb6db6db6fabff d26 3fd55555518f264d d27 bfad1faf00000000 d28 0000000000000000 d29 0000000000000000 d30 0000000000000000 d31 00001366a5d50ed2 scr 80000093

backtrace:

00 pc 00033588 /system/lib/libsqlcipher.so

#01 pc 000335a3  /system/lib/libsqlcipher.so
#02 pc 0005aa01  /system/lib/libsqlcipher.so
#03 pc 0006a227  /system/lib/libsqlcipher.so
#04 pc 00076987  /system/lib/libsqlcipher.so
#05 pc 0007a057  /system/lib/libsqlcipher.so (sqlite3_step+662)
#06 pc 00092e0f  /system/lib/libsqlcipher.so
#07 pc 00538455  /data/dalvik-cache/arm/system@priv-app@xxx@xxx.apk@classes.dex (offset 0x536000)

Please tell me why this issue happen, thanks.

[developernotes]

Hello @androidhw,

Are you able to reproduce the error within the SQLCipher for Android test suite? What SQL statements are running when you receive the crash? Are you able to reproduce this on both an emulator, and/or a specific device?

[androidhw]

Hi developernotes , the problem is occured in the android wear system, it is a system that released by google for watch. The probability of this problem is very low . do you have the symbol of sqlcipher ?then may be can find the trace context when the problem is occured.

[androidhw]

it is can not reproduce the error within the SQLCipher for Android test suite

[developernotes]

Hi @androidhw

We have not tested SQLCipher for Android specifically with Android Wear. Are you able to create a small demo application that reproduces the behavior? You might also consider trying the latest 3.5.6 release to see if that addresses the issue you are seeing.

[androidhw]

Hi developernotes, The probability of this problem is very low, can you give us a debug version and the symbol of version?then we reproduces the problem.then may be find the root cause of the problem .thanks

[raymond-wx]

Hi developernotes , I have tried to rebuild the android-database-sqlcipher with NDK 11c, and get the call stack with line number:

Stack frame #01 pc 00060ddb  /system/lib/libsqlcipher.so: Routine allocateCursor at android-database-sqlcipher/jni/../external/sqlcipher/sqlite3.c:77385
Stack frame #02 pc 00076c9f  /system/lib/libsqlcipher.so: Routine sqlite3VdbeExec at android-database-sqlcipher/jni/../external/sqlcipher/sqlite3.c:80655
Stack frame #03 pc 0007a057  /system/lib/libsqlcipher.so: Routine sqlite3Step at android-database-sqlcipher/jni/../external/sqlcipher/sqlite3.c:75900
Stack frame #04 pc 0006a59f  /system/lib/libsqlcipher.so : Routine sqlite3_finalize at android-database-sqlcipher/jni/../external/sqlcipher/sqlite3.c:75408
Stack frame #05 pc 000934a7/system/lib/libsqlcipher.so: Routine native_fill_window at android-database-sqlcipher/jni/net_sqlcipher_database_SQLiteQuery.cpp:171
Stack frame #06 pc 0012b36f/data/dalvik-cache/arm/system@priv-app@HwWearable@HwWearable.apk@classes.dex (offset 0x627000)

it seems the statment value was not correct, but I can't found how it do not work

[raymond-wx]

Another simliar stack is

Stack frame #00 pc 0003b24c  /system/lib/libsqlcipher.so: Routine releaseMemArray at android-database-sqlcipher/jni/../external/sqlcipher/sqlite3.c:72277
Stack frame #01 pc 00069e31  /system/lib/libsqlcipher.so: Routine closeAllCursors at android-database-sqlcipher/jni/../external/sqlcipher/sqlite3.c:72877
Stack frame #02 pc 0006a4b3  /system/lib/libsqlcipher.so: Routine sqlite3VdbeReset at android-database-sqlcipher/jni/../external/sqlcipher/sqlite3.c:73616
Stack frame #03 pc 0006a549  /system/lib/libsqlcipher.so: Routine sqlite3VdbeFinalize at android-database-sqlcipher/jni/../external/sqlcipher/sqlite3.c:73691
Stack frame #04 pc 0006a59f  /system/lib/libsqlcipher.so (sqlite3_finalize+58): Routine sqlite3_finalize at android-database-sqlcipher/jni/../external/sqlcipher/sqlite3.c:75408
Stack frame #05 pc 000925d5  /system/lib/libsqlcipher.so: Routine native_finalize at android-database-sqlcipher/jni/net_sqlcipher_database_SQLiteCompiledSql.cpp:99
Stack frame #06 pc 00662f6f  /data/dalvik-cache/arm/system@priv-app@HwWearable@HwWearable.apk@classes.dex (offset 0x627000)

[raymond-wx]

@developernotes could you give us more comment about this issue?

[developernotes]

Hello @raymond-wx

Are you able to isolate the issue down to a specific reproducible query that would execute on an Android watch?

[raymond-wx]

Hi @developernotes unfortunately, we are trying to add logs to get the query content when the issue is reproduced, but if we add some log it won't be reproduced.

I guess there is a timing issue, when someone call native_finalize but not set the statement var to 0, other thread call the native_finalize same time with a freed statement.

But we have checked all usage of native_finalize, all of these have a lock. It is so wired.

[developernotes]

Hi @raymond-wx

Since you are attempting local builds of the source, we have a pending pull request (currently awaiting a contributor agreement) that might be related to what you are seeing. Can you try applying that patch locally to see if it addresses the issue you are experiencing?

[raymond-wx]

hi @developernotes Thanks, we will try this PR, but we didn't found any android finalize exception in the log, we add more log print and get the following log

03-24 16:16:09.341590 1150 1589 V SQLiteCompiledSql: Released DbObj (id#-1463994264) back to DB cache 03-24 16:16:09.341644 1150 1589 V SQLiteProgram: mCompiledSql.release 03-24 16:16:09.341695 1150 1589 V SQLiteProgram: enter close 22222 03-24 16:16:09.343069 1150 1274 D CursorWindow: Closing window 0x958e6180 03-24 16:16:09.343784 1150 1274 V SQLiteProgram: enter releaseCompiledSqlIfNotInCache-1748995448 03-24 16:16:09.343872 1150 1274 V SQLiteCompiledSql: closed and deallocated DbObj (id#-1748995448) 03-24 16:16:09.343928 1150 1274 I SQLiteCompiledSql: releaseSqlStatement-1748995448 03-24 16:16:09.343991 1150 1274 V Cursor : enter native_finalize 0x97c07288

[engdinesh]

Hi @developernotes , i am getting this error : could not load library "libsqlcipher.so" needed by "libacomo.so"; caused by load_library(linker.cpp:746): library "libsqlcipher.so" not found

[developernotes]

Hi @techlectdinesh

It appears the libacomo.so native library (either yours, or from a third-party) relies on SQLCipher for Android and is not present in your project. This is not likely a SQLCipher for Android issue. I would suggest finding out how to integrate libacomo.so into your project properly.

[developernotes]

Hello @androidhw, @raymond-wx,

Were you able to isolate the SQL query that is causing the issue? You might be able to utilize the PRAGAMA cipher_profile; command documented here to aid in capturing the exact query. If you are able to isolate it, we would be happy to investigate further with a reproducible test case within the SQLCipher for Android test suite.

[developernotes]

Hello @androidhw, @raymond-wx,

Since we have not heard back, I am going to close this ticket. If you still experiencing an issue we would be happy to investigate this further. Please fee free to open a new ticket and provide supporting information regarding your issue, preferably with a reproducible test case within the SQLCipher for Android test suite. Thanks!