Closed
Bug 1264673
Opened 9 years ago
Closed 7 years ago
Startup crash at nsMsgMaildirStore::MoveNewlyDownloadedMessage due to null newHdr
Categories
(MailNews Core :: Backend, defect)
MailNews Core
Backend
Tracking
(thunderbird_esr5258+ fixed, thunderbird58 fixed, thunderbird59 fixed)
VERIFIED
FIXED
Thunderbird 59.0
People
(Reporter: rkent, Assigned: jorgk-bmo)
References
(Blocks 1 open bug)
Details
(Keywords: crash, Whiteboard: [startupcrash][TB 52.6 ESR])
Crash Data
Attachments
(1 file)
1.05 KB,
patch
|
m_kato
:
review+
jorgk-bmo
:
approval-comm-beta+
jorgk-bmo
:
approval-comm-esr52+
|
Details | Diff | Splinter Review |
This crash is appearing in Thunderbird 45.0b4 but I doubt it is unique to that. In http://mxr.mozilla.org/comm-esr45/source/mailnews/local/src/nsMsgMaildirStore.cpp a newHdr is created. If null, an error rv value is set. But that rv value never results in an error return, so later a null newHdr can be used resulting in the crash.
Reporter | ||
Updated•9 years ago
|
Severity: normal → critical
Crash Signature: nsMsgMaildirStore::MoveNewlyDownloadedMessage
status-firefox48:
affected → ---
Comment 1•9 years ago
|
||
~84% are within one minute of startup https://crash-stats.mozilla.com/signature/?date=%3E2015-10-01&product=Thunderbird&signature=nsMsgMaildirStore%3A%3AMoveNewlyDownloadedMessage&_columns=date&_columns=product&_columns=version&_columns=build_id&_columns=platform&_columns=reason&_columns=address&page=1#summary bp-72f146cf-0247-470b-be2d-2c49f2151019 0 xul.dll nsMsgMaildirStore::MoveNewlyDownloadedMessage(nsIMsgDBHdr*, nsIMsgFolder*, bool*) c:/builds/moz2_slave/tb-rel-c-esr38-w32_bld-0000000/build/mailnews/local/src/nsMsgMaildirStore.cpp:831 1 xul.dll nsParseNewMailState::ApplyFilterHit(nsIMsgFilter*, nsIMsgWindow*, bool*) c:/builds/moz2_slave/tb-rel-c-esr38-w32_bld-0000000/build/mailnews/local/src/nsParseMailbox.cpp:2064 2 xul.dll nsMsgFilterList::ApplyFiltersToHdr(int, nsIMsgDBHdr*, nsIMsgFolder*, nsIMsgDatabase*, char const*, unsigned int, nsIMsgFilterHitNotify*, nsIMsgWindow*) c:/builds/moz2_slave/tb-rel-c-esr38-w32_bld-0000000/build/mailnews/base/search/src/nsMsgFilterList.cpp:317 3 xul.dll nsParseNewMailState::ApplyFilters(bool*, nsIMsgWindow*, unsigned int) c:/builds/moz2_slave/tb-rel-c-esr38-w32_bld-0000000/build/mailnews/local/src/nsParseMailbox.cpp:1951 4 xul.dll nsParseNewMailState::PublishMsgHeader(nsIMsgWindow*) c:/builds/moz2_slave/tb-rel-c-esr38-w32_bld-0000000/build/mailnews/local/src/nsParseMailbox.cpp:1867 another major signature is https://crash-stats.mozilla.com/signature/?date=%3E2015-10-01&product=Thunderbird&signature=nsMsgMaildirStore%3A%3AGetNewMsgOutputStream
Crash Signature: nsMsgMaildirStore::MoveNewlyDownloadedMessage → [@ nsMsgMaildirStore::MoveNewlyDownloadedMessage]
Keywords: crash
Summary: crash at nsMsgMaildirStore::MoveNewlyDownloadedMessage due to null newHdr → Startup crash at nsMsgMaildirStore::MoveNewlyDownloadedMessage due to null newHdr
Whiteboard: [startupcrash]
Updated•8 years ago
|
Blocks: maildirblockers
Comment 2•7 years ago
|
||
#1 maildir crash. A current example bp-af5eef63-30d5-4f9a-bce1-bd5f00170810 per comment 0, easy to fix?
Flags: needinfo?(m_kato)
Comment 3•7 years ago
|
||
I believe that newHdr of newHdr->GetFlags is nullptr. destMailDB->CopyHdrFromExistingHdr returns error, but we have no right error path for nullptr check. (although ThrowAlertMsg is called...) I don't know why CopyHdrFromExistingHdr returns error.
Flags: needinfo?(m_kato)
Comment 4•7 years ago
|
||
So I think we should add error path for nullptr after calling ThrowAlertMsg.
Comment 5•7 years ago
|
||
(In reply to Makoto Kato [:m_kato] (slow due to PTO, back at Jan) from comment #4) > So I think we should add error path for nullptr after calling ThrowAlertMsg. jorg, do you agree?
Flags: needinfo?(jorgk)
Assignee | ||
Comment 6•7 years ago
|
||
(In reply to Wayne Mery (:wsmwk) from comment #5) > jorg, do you agree? Yes, although I don't understand this clumsy code. It sets rv and never acts on it and later overwrites it. Anyway, not worth a crash, so let's exit here.
Assignee: nobody → jorgk
Status: NEW → ASSIGNED
Flags: needinfo?(jorgk)
Attachment #8938761 -
Flags: review?(m_kato)
Updated•7 years ago
|
Attachment #8938761 -
Flags: review?(m_kato) → review+
Pushed by mozilla@jorgk.com: https://hg.mozilla.org/comm-central/rev/f9c68d3f6054 don't crash when no header was returned. r=m_kato
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•7 years ago
|
Target Milestone: --- → Thunderbird 59.0
Assignee | ||
Comment 9•7 years ago
|
||
Comment on attachment 8938761 [details] [diff] [review] 1264673-fix-crash.patch (v1) Let's uplift this.
Attachment #8938761 -
Flags: approval-comm-esr52?
Attachment #8938761 -
Flags: approval-comm-beta+
Assignee | ||
Comment 10•7 years ago
|
||
Beta (TB 58): https://hg.mozilla.org/releases/comm-beta/rev/c0c02dfd78b4
status-thunderbird58:
--- → fixed
status-thunderbird59:
--- → fixed
status-thunderbird_esr52:
--- → affected
Assignee | ||
Updated•7 years ago
|
Attachment #8938761 -
Flags: approval-comm-esr52? → approval-comm-esr52+
Assignee | ||
Comment 11•7 years ago
|
||
TB 52.6 ESR: https://hg.mozilla.org/releases/comm-esr52/rev/6448f59565a2174f0096bba7d0e88e96b68b5d70
tracking-thunderbird_esr52:
--- → 58+
Whiteboard: [startupcrash] → [startupcrash][TB 52.6 ESR]
Comment 12•7 years ago
|
||
Confirmed gone in 52.6.0. And may have fixed some other crash sigs, for example - Bug 791149 - startup crash in [@ nsParseMailMessageState::FinalizeHeaders - Bug 529253 - startup crash [@ nsJARChannel::OnStartRequest(nsIRequest*, nsISupports*) ] because nntp is violating AsyncOpe
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•