Issue 4069: Crash in SafeBrowsingService::HandleChunkForDatabase
http://code.google.com/p/chromium/issues/detail?id=4069
New issue report by [EMAIL PROTECTED]:
This was reported to me tonight through support. I haven't analyzed this
much, but I will upload crashdump to my home directory
soon. From the dump file it seems Paul is the appropriate person, but feel
free to reassign if necessary.
*** WARNING: Unable to verify timestamp for chrome.exe
Unable to load image C:\Program Files\Common Files\iS3\Anti-
Spyware\iS3lsp.dll, Win32 error 0n2
*** WARNING: Unable to verify timestamp for iS3lsp.dll
*** ERROR: Module load completed but symbols could not be loaded for
iS3lsp.dll
FAULTING_IP:
chrome_1000000!sqlite3BtreeParseCellPtr+78 [c:\b\slave\chrome-official-
2\build\src\third_party\sqlite\btree.c @ 484]
0152ddb5 0fb608 movzx ecx,byte ptr [eax]
EXCEPTION_RECORD: ffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 0152ddb5
(chrome_1000000!sqlite3BtreeParseCellPtr+0x00000078)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000000
Parameter[1]: 03c351d9
Attempt to read from address 03c351d9
DEFAULT_BUCKET_ID: APPLICATION_FAULT
PROCESS_NAME: chrome.exe
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced
memory at "0x%08lx". The memory could not be "%s".
READ_ADDRESS: 03c351d9
BUGCHECK_STR: ACCESS_VIOLATION
LAST_CONTROL_TRANSFER: from 0152de67 to 0152ddb5
STACK_TEXT:
01fdf4d4 0152de67 0214ca88 03c351d9 01fdf4e8
chrome_1000000!sqlite3BtreeParseCellPtr+0x78 [c:\b\slave\chrome-official-
2\build\src\third_party\sqlite\btree.c @ 484]
01fdf508 0152df85 0214ca88 03c351d9 0000000b
chrome_1000000!cellSizePtr+0x15 [c:\b\slave\chrome-official-
2\build\src\third_party\sqlite\btree.c @ 554]
01fdf540 015309d4 00000000 0214ca88 03c09a10
chrome_1000000!defragmentPage+0x9a [c:\b\slave\chrome-official-
2\build\src\third_party\sqlite\btree.c @ 629]
01fdf58c 01531b22 00000011 03c3a2d0 00000000 chrome_1000000!insertCell+0x61
[c:\b\slave\chrome-official-
2\build\src\third_party\sqlite\btree.c @ 4095]
01fdf5b4 0154afb5 03c26918 0000000a 00000000
chrome_1000000!sqlite3BtreeInsert+0x16d [c:\b\slave\chrome-official-
2\build\src\third_party\sqlite\btree.c @ 5178]
01fdf878 015285c8 02532d68 00000000 01fdf8a4
chrome_1000000!sqlite3VdbeExec+0x2f47 [c:\b\slave\chrome-official-
2\build\src\third_party\sqlite\vdbe.c @ 3881]
01fdf8a0 0152870d 00000020 02532d68 0178ca04
chrome_1000000!sqlite3Step+0x114 [c:\b\slave\chrome-official-
2\build\src\third_party\sqlite\vdbeapi.c @ 250]
01fdf8c4 014f6e34 03c21748 00000020 0178ca04
chrome_1000000!sqlite3_step+0x80 [c:\b\slave\chrome-official-
2\build\src\third_party\sqlite\vdbeapi.c @ 305]
01fdf968 012ff8e6 00000010 00e1c808 02602630
chrome_1000000!SQLStatement::step+0x61 [c:\b\slave\chrome-official-
2\build\src\chrome\common\sqlite_utils.cc @ 210]
01fdfa38 01300047 00e1c808 4a88d839 01fdfa58
chrome_1000000!SafeBrowsingDatabaseImpl::WriteInfo+0x1a1
[c:\b\slave\chrome-
official-
2\build\src\chrome\browser\safe_browsing\safe_browsing_database_impl.cc @
425]
01fdfa68 012ffdd8 4a88d839 00000000 00e1c934
chrome_1000000!SafeBrowsingDatabaseImpl::UpdateInfo+0xa4
[c:\b\slave\chrome-
official-
2\build\src\chrome\browser\safe_browsing\safe_browsing_database_impl.cc @
662]
01fdfac8 012ffc8f 00e1c808 025009c0 00e1c934
chrome_1000000!SafeBrowsingDatabaseImpl::ProcessAddChunks+0x85
[c:\b\slave\chrome-
official-
2\build\src\chrome\browser\safe_browsing\safe_browsing_database_impl.cc @
569]
01fdfaf0 012ffad3 00000011 00e1c808 00000003
chrome_1000000!SafeBrowsingDatabaseImpl::ProcessChunks+0x3d
[c:\b\slave\chrome-
official-
2\build\src\chrome\browser\safe_browsing\safe_browsing_database_impl.cc @
516]
01fdfb0c 012ffc4b 03bdbe08 00dad8a0 01fdfeb0
chrome_1000000!SafeBrowsingDatabaseImpl::RunThrottledWork+0x1e
[c:\b\slave\chrome-
official-
2\build\src\chrome\browser\safe_browsing\safe_browsing_database_impl.cc @
461]
01fdfb50 0124dec7 00000001 025009c0 03bdbe08
chrome_1000000!SafeBrowsingDatabaseImpl::InsertChunks+0x12a
[c:\b\slave\chrome-
official-
2\build\src\chrome\browser\safe_browsing\safe_browsing_database_impl.cc @
504]
01fdfbfc 0124f48e 03bdbe14 025009c0 0100bc15
chrome_1000000!SafeBrowsingService::HandleChunkForDatabase+0x7d
[c:\b\slave\chrome-
official-2\build\src\chrome\browser\safe_browsing\safe_browsing_service.cc
@ 459]
01fdfc08 0100bc15 01fdfce8 01fdfeb0 0100bd2d
chrome_1000000!RunnableMethod<SafeBrowsingService,void (__thiscall
SafeBrowsingService::*)(std::basic_string<char,std::char_traits<char>,std::
allocator<char> > const
&,std::deque<SBChunk,std::allocator<SBChunk> >
*),Tuple2<std::basic_string<char,std::char_traits<char>,std::allocator<char
>
>,std::deque<SBChunk,std::allocator<SBChunk> > *> >::Run+0x13
[c:\b\slave\chrome-official-2\build\src\base\task.h @ 313]
01fdfcac 0100bc51 03bdbe08 00e1c748 0100be46
chrome_1000000!MessageLoop::RunTask+0x79 [c:\b\slave\chrome-official-
2\build\src\base\message_loop.cc @ 304]
01fdfcb8 0100be46 00e1c6b8 00e1c6a8 01fdfeb0
chrome_1000000!MessageLoop::DeferOrRunPendingTask+0x28 [c:\b\slave\chrome-
official-
2\build\src\base\message_loop.cc @ 314]
01fdfce8 01017ff1 01fdfeb0 01fdfeb0 00000000
chrome_1000000!MessageLoop::DoWork+0x6e [c:\b\slave\chrome-official-
2\build\src\base\message_loop.cc @ 403]
01fdfd9c 0100b958 01fdfeb0 01fdfeb0 01fdfeb0
chrome_1000000!base::MessagePumpDefault::Run+0x119 [c:\b\slave\chrome-
official-
2\build\src\base\message_pump_default.cc @ 50]
01fdfe40 0100b8c7 7b7d318f 00e19458 01fdfeb0
chrome_1000000!MessageLoop::RunInternal+0x8b [c:\b\slave\chrome-official-
2\build\src\base\message_loop.cc @ 193]
01fdfe78 0100b86a 01fdfa10 00000001 7c80a000
chrome_1000000!MessageLoop::RunHandler+0x4f [c:\b\slave\chrome-official-
2\build\src\base\message_loop.cc @ 176]
01fdfe98 014830b2 0012dbc8 0144a5a8 806e4427
chrome_1000000!MessageLoop::Run+0x15 [c:\b\slave\chrome-official-
2\build\src\base\message_loop.cc @ 150]
01fdff70 0100da5f 015930aa 00e19458 7b7d305b
chrome_1000000!base::Thread::ThreadMain+0x7e [c:\b\slave\chrome-official-
2\build\src\base\thread.cc @ 159]
01fdff74 015930aa 00e19458 7b7d305b 0012dbc8 chrome_1000000!`anonymous
namespace'::ThreadFunc+0x9 [c:\b\slave\chrome-official-
2\build\src\base\platform_thread_win.cc @ 29]
01fdffac 0159314f 0144a5a8 7c80b683 00e19ec0
chrome_1000000!_callthreadstartex+0x1b
[f:\sp\vctools\crt_bld\self_x86\crt\src\threadex.c @ 348]
01fdffb4 7c80b683 00e19ec0 0012dbc8 0144a5a8
chrome_1000000!_threadstartex+0x7f
[f:\sp\vctools\crt_bld\self_x86\crt\src\threadex.c @ 326]
01fdffec 00000000 015930d0 00e19ec0 00000000 kernel32!BaseThreadStart+0x37
FOLLOWUP_IP:
chrome_1000000!sqlite3BtreeParseCellPtr+78 [c:\b\slave\chrome-official-
2\build\src\third_party\sqlite\btree.c @ 484]
0152ddb5 0fb608 movzx ecx,byte ptr [eax]
FAULTING_SOURCE_CODE:
480: if( pPage->intKey ){
481: n += getVarint(&pCell[n], (u64 *)&pInfo->nKey);
482: }else{
483: u32 x;
> 484: n += getVarint32(&pCell[n], &x);
485: pInfo->nKey = x;
486: nPayload += x;
487: }
488: pInfo->nPayload = nPayload;
489: pInfo->nHeader = n;
SYMBOL_STACK_INDEX: 0
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: chrome_1000000
IMAGE_NAME: chrome.dll
DEBUG_FLR_IMAGE_TIMESTAMP: 4906bc12
FAULTING_THREAD: 000017e0
SYMBOL_NAME: chrome_1000000!sqlite3BtreeParseCellPtr+78
STACK_COMMAND: ~12s; .ecxr ; kb
FAILURE_BUCKET_ID:
ACCESS_VIOLATION_chrome_1000000!sqlite3BtreeParseCellPtr+78
BUCKET_ID: ACCESS_VIOLATION_chrome_1000000!sqlite3BtreeParseCellPtr+78
Followup: MachineOwner
---------
Issue attributes:
Status: Assigned
Owner: [EMAIL PROTECTED]
Labels: Type-Bug Pri-1 OS-All Area-BrowserBackend
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Chromium-bugs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/chromium-bugs?hl=en
-~----------~----~----~----~------~----~------~--~---
