Closed Bug 1611164 Opened 4 years ago Closed 4 years ago

SIGSEGV with sqlite 3.31.0

Categories

(Thunderbird :: Untriaged, defect)

Product:
Thunderbird
Component:
Untriaged
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: david, Unassigned)

References

Details

(Keywords: crash)

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:72.0) Gecko/20100101 Firefox/72.0

Steps to reproduce:

Update sqlite to v3.31.0.

Actual results:

Thunderbird crashes even using safe mode with the following backtrace:

Thread 27 "Cookie" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffe5213700 (LWP 7431)]
0x00007ffff0a58f00 in ?? () from /usr/lib/thunderbird/libxul.so
(gdb) bt
#0 0x00007ffff0a58f00 in () at /usr/lib/thunderbird/libxul.so
#1 0x00007ffff0a52339 in () at /usr/lib/thunderbird/libxul.so
#2 0x00007fffef082440 in sqlite3WalOpen () at /usr/lib/libsqlite3.so.0
#3 0x00007fffef041aa9 in () at /usr/lib/libsqlite3.so.0
#4 0x00007fffef044f35 in sqlite3PagerOpenWal () at /usr/lib/libsqlite3.so.0
#5 0x00007fffeefd742e in sqlite3BtreeBeginTrans () at /usr/lib/libsqlite3.so.0
#6 0x00007fffef04e547 in sqlite3InitOne () at /usr/lib/libsqlite3.so.0
#7 0x00007fffef04e6dd in sqlite3Init () at /usr/lib/libsqlite3.so.0
#8 0x00007fffef04e730 in sqlite3ReadSchema () at /usr/lib/libsqlite3.so.0
#9 0x00007fffef04c7b9 in sqlite3Pragma () at /usr/lib/libsqlite3.so.0
#10 0x00007fffef04734a in sqlite3Parser () at /usr/lib/libsqlite3.so.0
#11 0x00007fffef06679d in sqlite3RunParser () at /usr/lib/libsqlite3.so.0
#12 0x00007fffef04dbd2 in () at /usr/lib/libsqlite3.so.0
#13 0x00007fffef04e7d7 in () at /usr/lib/libsqlite3.so.0
#14 0x00007fffef04eb06 in sqlite3_prepare_v2 () at /usr/lib/libsqlite3.so.0
#15 0x00007fffef0345e3 in sqlite3_exec () at /usr/lib/libsqlite3.so.0
#16 0x00007ffff0a4cc01 in () at /usr/lib/thunderbird/libxul.so
#17 0x00007ffff0a4c287 in () at /usr/lib/thunderbird/libxul.so
#18 0x00007ffff0a4c6e3 in () at /usr/lib/thunderbird/libxul.so
#19 0x00007ffff0a5bd23 in () at /usr/lib/thunderbird/libxul.so
#20 0x00007ffff04d2c6e in () at /usr/lib/thunderbird/libxul.so
#21 0x00007ffff04e1089 in () at /usr/lib/thunderbird/libxul.so
#22 0x00007ffff03fca22 in () at /usr/lib/thunderbird/libxul.so
#23 0x00007ffff03fe696 in () at /usr/lib/thunderbird/libxul.so
#24 0x00007ffff074121a in () at /usr/lib/thunderbird/libxul.so
#25 0x00007ffff070d3b8 in () at /usr/lib/thunderbird/libxul.so
#26 0x00007ffff03fac35 in () at /usr/lib/thunderbird/libxul.so
#27 0x00007ffff7a2a4e8 in () at /usr/lib/libnspr4.so
#28 0x00007ffff7f664cf in start_thread () at /usr/lib/libpthread.so.0
#29 0x00007ffff7b462d3 in clone () at /usr/lib/libc.so.6

I'm sorry for not using a build with debug symbols, if noone is able to reproduce this, I might have to build TB with debug symbols but for now I hope that's good enough as building TB myself would take quite some time.

This happens even when removing my ~/.thunderbird directory, so I don't think some corrupted database is responsible. As soon as I downgrade to sqlite 3.30.1, everything works again.

I'm using ArchLinux and tried Thunderbird 68.4.1 and 68.3.1.

Expected results:

Thunderbird shouldn't crash.

Affects both Thunderbird and Firefox.

This isn't Arch specific, also seen on OpenMandriva and Debian.

This has also been reported to the sqlite guys.
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg118698.html

It's not happening with Firefox for me, so I guess some change between v71 and 72 must have fixed the issue.

Sounds like it's not our bug after reading https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949644#60

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Keywords: crash
Resolution: --- → INVALID
See Also: → http://bugs.debian.org/949644

People on the sqlite ML figured out this is caused by
https://bugzilla.mozilla.org/show_bug.cgi?id=1607902

So it is a FF/TB problem, and patches are already known. While those patches are probably not acceptable upstream because they break sqlite < 3.31, here's what we're doing in OpenMandriva to fix it (based on the commit referenced in bug 1607902 - adapted to apply to firefox 72.0.2 and thunderbird 68.4.1):

https://github.com/OpenMandrivaAssociation/firefox/blob/master/firefox-72.0.2-sqlite-3.31.patch
https://github.com/OpenMandrivaAssociation/thunderbird/blob/master/thunderbird-68.4.1-sqlite-3.31.patch

You need to log in before you can comment on or make changes to this bug.