Tested this issue on Win-10 using chrome reported version #56.0.2924.76 and latest canary #58.0.2996.0.

Steps followed to reproduce this issue are as follows:

1. Downloaded the attached test.zip folder.
2. Added the avira test extension to chrome://extensions.
3. Disabled and enabled the avira test extension.
Note: Couldn't find the shortcut for avira test extension (to disable)  in the task bar after adding the extension.
4. Clicked on the background page link.
5. Didn't observe any random I/O errors.

awcalibr@ - Could you please verify the screencast and please let us know if anything missed from our side.

Thanks...!!

Deleted: 686484.mp4 2.5 MB

	686484.mp4 2.5 MB View Download

krajshree@, thanks for taking a look at that, but this issue is related to Avira antivirus itself, not a chrome extension. So you need to install Avira Antivirus and then enable Real Time protection. Avira Antivirus adds a small read icon with umbrella to the Windows Taskbar and if the umbrella is opened you have Real Time protection enabled and can start to run test.zip extension.

Thank you for providing more feedback. Adding requester "krajshree@chromium.org" for another review and adding "Needs-Review" label for tracking.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Any updates on this? I think some addons that use WebSQL might be affected if their users have Avira Antivirus with RealTime protection enabled. Perhaps the topic title is confusing, it should contain "Avira Antivirus" instead of just "Avira", I thought it was well known enough brand. To reproduce the issue the antivirus need to be installed, it can be downloaded from https://www.avira.com.

Able to reproduce this issue on windows 10using chrome dev M56-56.0.2924.76 and earlier version of chrome M30-30.0.1549.0. This is a non-regression issue and marking it as untriaged.

Attaching the screen-shot for reference.

Deleted: Issue 686484-M30.PNG 120 KB

	Issue 686484-M30.PNG 120 KB View Download

not surprisingly, but this is also reproducible on a web page, I'm attaching a html page with reproduction example, just open it in Chrome browser and look at the console, Avira Antivirus real-time protection must be enabled at that time.

Deleted: avira-rt.html 874 bytes

avira-rt.html 874 bytes View Download

As comment #4 indicates, this is a problem with the full Avira client, not the extension.  Adjusting labels accordingly.

shess@ - I notice in the sqlite source that it has optional retry logic for working around antivirus behavior (SQLITE_FCNTL_WIN32_AV_RETRY) - 25ms retry on certain operations.

Can I assume this is not applicable given we provide our own VFS? Have we looked into this in the past?

jsbell@, sorry, I missed your comment at the time.

Looking at the code referenced, I am terrified that it exists, but AFAICT it already has appropriate defaults.  The VFS API has two levels, the outer VFS level handles things like open and delete, while the I/O level applies to open files.  Our WebSQL VFS layer uses the regular SQLite I/O code, not even wrapped, while replacing-and-injecting with the VFS code.  In this case, it _sounds_ like the open (which we mess with) is working fine, but the inserts (which we don't mess with) don't work.

But I suppose it could be a problem with the -journal file?  In case of failure, ChromiumOpen() in the VFS will return SQLITE_CANTOPEN, but since the -journal is used as part of implementing transactions, it's possible that is converted to some other error.  778 is SQLITE_IOERR_WRITE, which isn't super descriptive.  I guess it could be tested by wiring ChromiumOpen() to tests flags (to see if it's for a -journal file) and inject random failures.  Maybe.

Do we know if other consumers of sqlite within chrome (like history or cookies) are also experiencing IO errors with this AV scanner?

I circled back to check if my SQLITE_CANTOPEN hypothesis is plausible.  Basically, I had -journal open return SQLITE_CANTOPEN randomly.  The avira-rt.html file has the wrong signature for the executeSql() error function (transaction is the first parameter, apparently), and after that change it shows message "could not execute statement (14 unable to open database file)", which is SQLITE_CANTOPEN.  So that hypothesis is wrong.

If someone wants to dig into it further, look in os_win.c winIoerrCanRetry1(), which gives a list of the codes SQLite considers retry-able.  The list is pretty small.  I guess maybe it would make sense to instrument sqlite3.c to figure out exactly where it is happening.

eeek, there's a winIoerrCanRetry2 too apparently winIoerrCanRetry1 wasn't enough?

It looks like sqlite3_log()'ing could help find where what is happening. It might be worth plumbing that output to the devtools console to help debug this and other problems?

winIoerrCanRetry2 is not defined, you can define it to add additional cases.

Sorry for the tangent, but has a bug been filed with Avira?

In case the question above is for me: We(Nimbus Web Inc.) tried to communicate with Avira via their support, however it looked like they didn't want to look into this issue. So I decided to submit a bug here to get more information, cause I had very superficial understanding of this issue and couldn't show them where the problem exactly is.

#18: Thank you for the quick response! 

Open

This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue.

Sorry for the inconvenience if the bug really should have been left as Available.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot