Open Bug 574339 Opened 14 years ago Updated 2 years ago

crash EXCEPTION_IN_PAGE_ERROR [@ xtolong] (v3.1, v3.1.1) processing extensions, [@ nsZipArchive::GetData] (Mac)

Categories

(Core :: Networking: JAR, defect, P5)

1.9.2 Branch
x86
All
defect

Tracking

()

People

(Reporter: wsmwk, Unassigned)

References

Details

(Keywords: crash, qawanted, Whiteboard: [tbird crash][startupcrash][necko-would-take])

Crash Data

crash [@ xtolong]. All thunderbird. No firefox, even in top 10 frames afaict. long term it's been a rare crash, but currently for 3.1 it's ~#30 last 30 days are all thunderbird 3.1 and 3.1b2. most but not all have german dictionary installed like bp-2ff9a08e-2446-48f3-87f3-d93232100606, bp-886116cf-921b-4402-bf31-8fcb92100608. some 3.0.4 in april were all startup crashes like bp-4fd20622-b5f7-4e7a-baf5-10aa92100516 which are almost all smajer. smajer is the only person whose crashes have addresses. unfortunately, smajer does not respond. https://crash-stats.mozilla.com/report/index/4fd20622-b5f7-4e7a-baf5-10aa92100516 https://crash-stats.mozilla.com/report/index/3c8ef729-4432-4a86-8346-afa852100516 https://crash-stats.mozilla.com/report/index/c227613a-3384-4a5f-959e-175fb2100516 https://crash-stats.mozilla.com/report/index/dc82f152-b3bc-40b4-a972-7e9982100516 https://crash-stats.mozilla.com/report/index/dc82f152-b3bc-40b4-a972-7e9982100516 https://crash-stats.mozilla.com/report/index/71522e7a-af60-4083-b1cb-0e4f92100516 https://crash-stats.mozilla.com/report/index/71522e7a-af60-4083-b1cb-0e4f92100516 (stack from the above crashid) 0 jar50.dll xtolong modules/libjar/nsZipArchive.cpp:1399 1 jar50.dll nsZipArchive::BuildFileList modules/libjar/nsZipArchive.cpp:880 2 jar50.dll nsZipArchive::OpenArchive modules/libjar/nsZipArchive.cpp:535 3 jar50.dll nsJAR::Open modules/libjar/nsJAR.cpp:184 4 jar50.dll nsZipReaderCache::GetZip modules/libjar/nsJAR.cpp:1163 5 jar50.dll nsJARInputThunk::EnsureJarStream modules/libjar/nsJARChannel.cpp:140 6 jar50.dll nsJARChannel::Open modules/libjar/nsJARChannel.cpp:673 7 thunderbird.exe nsStringBundle::LoadProperties intl/strres/src/nsStringBundle.cpp:128 8 thunderbird.exe nsStringBundle::FormatStringFromName intl/strres/src/nsStringBundle.cpp:227 9 thunderbird.exe nsCSSScanner::ReportUnexpectedParams layout/style/nsCSSScanner.cpp:454 10 thunderbird.exe nsCSSScanner::ReportUnexpectedToken layout/style/nsCSSScanner.cpp:510 11 thunderbird.exe CSSParserImpl::ParseColor layout/style/nsCSSParser.cpp:3644 12 thunderbird.exe CSSParserImpl::ParseVariant layout/style/nsCSSParser.cpp:4437 13 thunderbird.exe CSSParserImpl::ParseSingleValueProperty layout/style/nsCSSParser.cpp:5300 14 thunderbird.exe CSSParserImpl::ParseChoice layout/style/nsCSSParser.cpp:4684 15 thunderbird.exe CSSParserImpl::ParseOutline layout/style/nsCSSParser.cpp:7451 16 thunderbird.exe CSSParserImpl::ParseProperty layout/style/nsCSSParser.cpp:5074 17 thunderbird.exe CSSParserImpl::ParseDeclaration layout/style/nsCSSParser.cpp:3919 18 thunderbird.exe CSSParserImpl::ParseDeclarationBlock layout/style/nsCSSParser.cpp:3477 19 thunderbird.exe CSSParserImpl::ParseRuleSet layout/style/nsCSSParser.cpp:2320 20 thunderbird.exe CSSParserImpl::Parse layout/style/nsCSSParser.cpp:866 21 thunderbird.exe CSSLoaderImpl::ParseSheet layout/style/nsCSSLoader.cpp:1550 bp-21a5a970-3c0f-4ca5-a11c-24c782100609 states "tried to open address book" and has a stack which I think is different from most 0 thunderbird.exe xtolong modules/libjar/nsZipArchive.cpp:873 1 thunderbird.exe nsZipArchive::GetData modules/libjar/nsZipArchive.cpp:678 2 thunderbird.exe nsJARInputStream::InitFile modules/libjar/nsJARInputStream.cpp:91 3 thunderbird.exe nsJAR::GetInputStreamWithSpec modules/libjar/nsJAR.cpp:342 4 thunderbird.exe nsJAR::GetInputStream modules/libjar/nsJAR.cpp:316 5 thunderbird.exe nsJARInputThunk::EnsureJarStream modules/libjar/nsJARChannel.cpp:166 6 thunderbird.exe nsJARChannel::Open modules/libjar/nsJARChannel.cpp:676 7 thunderbird.exe NS_OpenURI objdir-tb/mozilla/dist/include/nsNetUtil.h:228 8 thunderbird.exe nsExpatDriver::OpenInputStreamFromExternalDTD parser/htmlparser/src/nsExpatDriver.cpp:825 9 thunderbird.exe nsExpatDriver::HandleExternalEntityRef parser/htmlparser/src/nsExpatDriver.cpp:734 10 thunderbird.exe Driver_HandleExternalEntityRef parser/htmlparser/src/nsExpatDriver.cpp:213 11 thunderbird.exe doProlog parser/expat/lib/xmlparse.c:4014
Product: Thunderbird → Core
QA Contact: general → general
Version: 3.0 → 1.9.2 Branch
#16 crash for v3.1 => topcrash and we should work toward getting this fixed for tbird 3.1.2 bp-95109c42-65b8-4d0a-88dc-37bf12100711 claims to have no extensions msged bp-3faa194d-64f5-4c95-8655-661942100717 (john) that's the only crashin 2 weeks with an email address
Keywords: qawanted, topcrash
Whiteboard: [tbird crash]
EXCEPTION_IN_PAGE_ERROR The thread tried to access a page that was not present, and the system was unable to load the page. For example, this exception might occur if a network connection is lost while running a program over the network. Roughly this means the backing store for the data being read went away. For instance using an extension from a network volume and the network volume disappears. Someone should be able to take the .dmp from: bp-3faa194d-64f5-4c95-8655-661942100717 and figure out if that's what's up.
Assignee: nobody → tglek
Blocks: 525755
Summary: crash [@ xtolong] processing extensions → crash EXCEPTION_IN_PAGE_ERROR [@ xtolong] processing extensions
Component: General → Networking: JAR
QA Contact: general → networking.jar
If the sourcelinks are right, this is using jar code from 1.9.1 which is ancient buggy and slow. EXCEPTION_IN_PAGE_ERROR suggests that something goes wrong while reading from endp. I don't see how endp could be pointing outside of bufsize. This looks like a startup crash, so I don't see how the network-share disappearing scenario is realistic here. This code isn't using mmap like the newer code, so a EXCEPTION_IN_PAGE_ERROR is odd.
Depends on: 598416
Taras, Mac signature is @ nsZipArchive::GetData(nsZipItem*). bp-96c1aefb-7163-4589-b289-1794c2100922 v3.1.4 bp-96f9dec5-59ce-4231-90bc-10a172100921 v3.1.1 windows @ xtolog crash sig is not found in v3.1.2 and higher. It morphed to @ int32_le_at, which explains bug 596826 comment 2. If you agree they are the same, then we can dup 596826.
OS: Windows Vista → All
Summary: crash EXCEPTION_IN_PAGE_ERROR [@ xtolong] processing extensions → crash EXCEPTION_IN_PAGE_ERROR [@ xtolong] (v3.1, v3.1.1) processing extensions, [@ nsZipArchive::GetData(nsZipItem*)] (Mac)
I got a fix for windows in 598416, not really sure what to do on unix.
(In reply to comment #2) > The thread tried to access a page that was not present, and the system was > unable to load the page. For example, this exception might occur if a network > connection is lost while running a program over the network. firefox crash bp-48238592-f566-4075-977c-3aa472100908 echoes the above comment "Profile directory is on a network drive. The server was offline, and Windows cached all file acess. FF crashed during update and reconnecting to the fileserver. (I noticed the server was offline, after clicking to upgrade to Beta 5, but did not look to FF until I got the crash reporter, this took serveral minutes, while thefileserver was offline)" @ memcmp | nsZipArchive::GetItem(char const*) 0 mozcrt19.dll memcmp 1 xul.dll nsZipArchive::GetItem modules/libjar/nsZipArchive.cpp:322 2 xul.dll xul.dll@0xd52b03 3 xul.dll nsJAR::GetInputStreamWithSpec modules/libjar/nsJAR.cpp:319 4 xul.dll nsJAR::GetInputStream modules/libjar/nsJAR.cpp:305 5 xul.dll nsJARInputThunk::EnsureJarStream modules/libjar/nsJARChannel.cpp:165 similar stack in bp-64bfc764-edf0-4fc1-a811-288d92100911 nsZipArchive::GetItem(char const*) 0 xul.dll nsZipArchive::GetItem modules/libjar/nsZipArchive.cpp:321 1 xul.dll xul.dll@0xab0717 2 xul.dll nsJAR::GetInputStreamWithSpec modules/libjar/nsJAR.cpp:330 3 xul.dll nsJAR::GetInputStream modules/libjar/nsJAR.cpp:316 4 xul.dll nsJARInputThunk::EnsureJarStream modules/libjar/nsJARChannel.cpp:166 5 mozcrt19.dll malloc obj-firefox/memory/jemalloc/crtsrc/jemalloc.c:5790
Wayne, thanks for spotting this comment. Good to have a confirmation.
Crash Signature: [@ xtolong] [@ nsZipArchive::GetData(nsZipItem*)]
I do not have cycles to work on this
Assignee: tglek → nobody
Crash Signature: [@ xtolong] [@ nsZipArchive::GetData(nsZipItem*)] → [@ xtolong] [@ nsZipArchive::GetData(nsZipItem*)]
This is pretty low volume. Removing the top crash keyword.
Keywords: topcrash
Crash Signature: [@ xtolong] [@ nsZipArchive::GetData(nsZipItem*)] → [@ xtolong] [@ nsZipArchive::GetData(nsZipItem*)] [@ nsZipArchive::GetData]
is nsZipArchive::GetItem(char const*) another example? bp-b235c929-3a1e-4902-a03d-6ee132120728
Whiteboard: [tbird crash] → [tbird crash][startupcrash]
Whiteboard: [tbird crash][startupcrash] → [tbird crash][startupcrash][necko-would-take]
Priority: -- → P5

Can't be a P5 ("will accept patch") and critical.

Severity: critical → normal
Severity: normal → S3
Crash Signature: [@ xtolong] [@ nsZipArchive::GetData(nsZipItem*)] [@ nsZipArchive::GetData] → [@ xtolong] [@ nsZipArchive::GetData] [@ nsZipArchive::GetData]
Summary: crash EXCEPTION_IN_PAGE_ERROR [@ xtolong] (v3.1, v3.1.1) processing extensions, [@ nsZipArchive::GetData(nsZipItem*)] (Mac) → crash EXCEPTION_IN_PAGE_ERROR [@ xtolong] (v3.1, v3.1.1) processing extensions, [@ nsZipArchive::GetData] (Mac)
You need to log in before you can comment on or make changes to this bug.