Closed Bug 536308 Opened 16 years ago Closed 15 years ago

crash [@ arena_dalloc_small | arena_dalloc | free | sqlite3_free | pcache1TruncateUnsafe] and [@ pcache1TruncateUnsafe ]

Categories

(Core :: SQLite and Embedded Database Bindings, defect)

Product:
Core
Component:
SQLite and Embedded Database Bindings
Version:
1.9.1 Branch
Platform:
x86
Windows Vista
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED INVALID
Tracking Flags:
Tracking Status
status1.9.2 --- wontfix
status1.9.1 --- wontfix

People

(Reporter: wsmwk, Unassigned)

Details

(Keywords: crash, topcrash, Whiteboard: [tbird topcrash])

Crash Data

... sqlite3_free | pcache1TruncateUnsafe is a topcrash for thunderbird 3.0.0, and the two sigs together are 2.2% of crashes. unable to find an equivalent stack for Mac #8 crash [[@ arena_dalloc_small | arena_dalloc | free | sqlite3_free | pcache1TruncateUnsafe ] goes back as least as far as 3.0b2 bp-51f23499-2365-4dcf-82e6-7de6a2091217 0 mozcrt19.dll arena_dalloc_small objdir-tb/mozilla/memory/jemalloc/src/jemalloc.c:4442 1 mozcrt19.dll arena_dalloc objdir-tb/mozilla/memory/jemalloc/src/jemalloc.c:4565 2 mozcrt19.dll free objdir-tb/mozilla/memory/jemalloc/src/jemalloc.c:6404 3 sqlite3.dll sqlite3_free db/sqlite3/src/sqlite3.c:16108 4 sqlite3.dll pcache1TruncateUnsafe db/sqlite3/src/sqlite3.c:30491 5 sqlite3.dll pcache1Truncate db/sqlite3/src/sqlite3.c:30801 6 sqlite3.dll sqlite3PcacheTruncate db/sqlite3/src/sqlite3.c:29946 7 sqlite3.dll sqlite3PagerClose db/sqlite3/src/sqlite3.c:33944 8 sqlite3.dll sqlite3BtreeClose db/sqlite3/src/sqlite3.c:39651 9 sqlite3.dll sqlite3_close db/sqlite3/src/sqlite3.c:95348 10 thunderbird.exe mozilla::storage::Connection::Close storage/src/mozStorageConnection.cpp:521 #41 crash [@ pcache1TruncateUnsafe] bp-7fd6d1e7-dacc-4988-81cc-7229d2091212 0 sqlite3.dll pcache1TruncateUnsafe db/sqlite3/src/sqlite3.c:30490 1 sqlite3.dll pcache1Truncate db/sqlite3/src/sqlite3.c:30801 2 sqlite3.dll sqlite3PcacheTruncate db/sqlite3/src/sqlite3.c:29946 3 sqlite3.dll sqlite3PagerClose db/sqlite3/src/sqlite3.c:33944 4 sqlite3.dll sqlite3BtreeClose db/sqlite3/src/sqlite3.c:39651 5 sqlite3.dll sqlite3_close db/sqlite3/src/sqlite3.c:95348 6 thunderbird.exe mozilla::storage::Connection::Close storage/src/mozStorageConnection.cpp:521
Summary: crash [arena_dalloc_small | arena_dalloc | free | sqlite3_free | pcache1TruncateUnsafe] and [@ pcache1TruncateUnsafe ] → crash [@ arena_dalloc_small | arena_dalloc | free | sqlite3_free | pcache1TruncateUnsafe] and [@ pcache1TruncateUnsafe ]
Component: Search → Storage
Product: Thunderbird → Toolkit
QA Contact: search → storage
Version: 3.0 → 1.9.1 Branch
sdwilsh, asuth, is additional data needed to move this forward for 1.9.1 and 1.9.2? #2 crash for thunderbird 3.0.1. there are a few for FF 3.6, eg bp-ba6c445f-c02c-48c9-83a9-13d002100122
blocking1.9.1: --- → ?
Whiteboard: [tbird topcrash]
Are we seeing this on trunk at all? I've upgraded SQLite there, and there are a number of crash fixes in it.
The short answer is no. But then there is little hope, let alone a guarantee, of seeing "release crashes" on trunk 3.2a1pre (or one step removed in 3.1a1pr) given the number of users on the non-release branches. 3.2a1pre has only 24 of the top 300 slots populated http://crash-stats.mozilla.com/topcrasher/byversion/Thunderbird/3.2a1pre 3.1a1pre has only 26 of the top 300 slots populated http://crash-stats.mozilla.com/topcrasher/byversion/Thunderbird/3.1a1pre Still, it is my hope to determine via someone's skills if this is fixed in 1.9.2, or whether we need to dig further for steps, testcases, etc.
Well, 1.9.1 and 1.9.2 are running the same version of SQLite, so I'd expect it existing there.
Not blocking a 1.9.1 release but will take a patch.
blocking1.9.1: ? → ---
status1.9.1: --- → wanted
status1.9.2: --- → wanted
Flags: blocking-thunderbird3.1?
Just so we're all on the same page, the Thunderbird 3.1a1 mozilla release branch has the same version as mozilla-central trunk/1.9.3, SQLite 3.6.22.
I don't think we'd block 3.1 on this at this point, given that we don't know if it's actually a significant problem in 1.9.1. Wayne & others, if we do get confirmation of that (presumably we'll be able to get more testers later in the cycle), feel free to renominate.
Flags: blocking-thunderbird3.1?
(In reply to comment #8) > (unlike bug sqlite3DbMallocRaw [1] which still is reported on trunk, but on 3.0.1 ranking dropped like a stone) wrong reference - I meant bug 537063 - mozilla::storage::Row::initialize(sqlite3_stmt*)
(In reply to comment #8) > storage dudes, where does that leaves us? The solution to all theoretical SQLite problems is to upgrade to the latest SQLite, and this is what we are doing for Thunderbird. In practice, memory related bugs like this always sound like code other than SQLite's fault. Thunderbird 3.0.2 has SQLite 3.6.22. (3.0 and 3.0.1 had 3.6.20) Thunderbird 3.1a1 had SQLite 3.6.22. I'll make sure Thunderbird 3.1b1 has 3.6.22. Nightlies may be on 3.6.20 if they're not using the 3.1a1 mozilla-1.9.2 Thunderbird release branch.
3.1/1.9.2 nightlies are not using that relbranch, so presumably they are still on 3.6.20.
Where do we stand on this?
I am invalidating and if we need a bug to track the signature in the future it should stay in the thunderbird or mailnews products.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → INVALID
er, and I'm invalidating because this just looks like heap corruption being surfaced because sqlite is on the stack using the allocator and has nothing inherently to do with sqlite or mozStorage.
I guess "wontfix" is a better branch resolution since the crash does still show up in crash-stats I believe.
status1.9.1: --- → wontfix
status1.9.2: --- → wontfix
Crash Signature: [@ arena_dalloc_small | arena_dalloc | free | sqlite3_free | pcache1TruncateUnsafe] [@ pcache1TruncateUnsafe ]
Product: Toolkit → Core
You need to log in before you can comment on or make changes to this bug.