Tracking issue for `cargo update` #1805

jtgeibel · 2019-08-17T01:49:48Z

We've tried twice now to land a broad cargo update against the backend, but both attempts resulted in segfaults in production. This was first attempted in #1263 (April 2018), and again in #1756 (June 2019).

I've been examining the differences between that first attempt, current master, and their common ancestor. Following is a list of crates which were bumped in that first attempt but which have not yet been superseded by a more recent version on master. My hope is that the problematic change will be within this set of crates.

I've added columns to capture the version bump from the 2nd attempt, and the most recent (possibly semver incompatible) published version. I've highlighted in bold the places where the version bump in the 2nd attempt was identical to the first.

	Master	1st attempt	2nd attempt	Most recent	Notes
~~aho-corasick~~	0.6.3	0.6.4	0.6.10	0.7.6	N/A after #1917
~~backtrace~~	0.3.3	0.3.5	0.3.26	0.3.34	#1861
~~docopt~~	0.8.1	0.8.3	0.8.3	1.1.0	only used in render-readmes binary #1812
~~filetime~~	0.1.14	0.1.15	0.1.15	0.2.7	old version pulled in via conduit-static - #2089
~~lazy_static~~	0.2.9	0.2.11	0.2.11	1.3.0	pulled in via old semver (via conduit) - #2099
~~maplit~~	1.0.0	1.0.1	1.0.1	1.0.1	#2089
~~num~~	0.1.40	0.1.42	gone	0.2.0	#1917
~~num-integer~~	0.1.35	0.1.36	0.1.41	0.1.41	#1917
~~num-iter~~	0.1.34	0.1.35	gone	0.1.39	#1917
~~openssl-probe~~	0.1.1	0.1.2	0.1.2	0.1.2	#2099
~~r2d2~~	0.8.1	0.8.2	0.8.4	0.8.6	#1899
~~regex~~	0.2.2	0.2.6	0.2.11	1.2.1	N/A after #1917
~~regex-syntax~~	0.4.1	0.4.2	gone	0.6.11	N/A after #1917
~~rustc-demangle~~	0.1.5	0.1.6	0.1.15	0.1.16	via backtrace #1861
~~thread_local~~	0.3.4	0.3.5	0.3.6	0.3.6	#1812
~~utf-8~~	0.7.1	0.7.2	0.7.5	0.7.5	via ammonia - #2089

I plan to start bumping crates on this list in an attempt to track down this old bug.

The text was updated successfully, but these errors were encountered:

sgrif · 2019-08-18T20:23:38Z

This list is only the direct dependencies that were updated, not transitive dependencies, right?

jtgeibel · 2019-08-20T01:53:20Z

I basically did a 3-way diff of the lines at the bottom of Cargo.lock, so this should cover the entire set of dependencies. The comparison algorithm in Beyond Compare did a decent job, but I still had to manually align and compare quite a few lines so it's possible I've missed a few crates above.

Docopt is only used directly in the `render_readme` binary, though this does transitively update some crates that are used in production. Refs rust-lang#1265, rust-lang#1805

Bump docopt 0.8 -> 1.1.0 Docopt is only used directly in the `render_readme` binary, though this does transitively update some crates that are used in production. Refs #1265, #1805

Docopt is only used directly in the `render_readme` binary, though this does transitively update some crates that are used in production. Refs rust-lang#1265, rust-lang#1805

This commit bumps a few additional packages that could be related to the segfaults seen in production. See rust-lang#1805 for more info. `cargo update -p backtrace -p rustc-demangle` ``` Updating backtrace v0.3.3 -> v0.3.38 Updating backtrace-sys v0.1.16 -> v0.1.31 Removing dbghelp-sys v0.2.0 Updating rustc-demangle v0.1.5 -> v0.1.16 ```

Bump `backtrace` and `rustc-demangle` This commit bumps a few additional packages that could be related to the segfaults seen in production. See #1805 for more info. `cargo update -p backtrace -p rustc-demangle` ``` Updating backtrace v0.3.3 -> v0.3.38 Updating backtrace-sys v0.1.16 -> v0.1.31 Removing dbghelp-sys v0.2.0 Updating rustc-demangle v0.1.5 -> v0.1.16 ```

Refs: rust-lang#1805

Bump r2d2 `cargo update -p r2d2` Refs: #1805

Refs: rust-lang#1805

Update chrono, dotenv, num-*, migrations_macros, and derive_deref Overall, this drops 16 old versions of dependencies. The `num-*` crates are on the list at #1805, but overall I think this is low risk to deploy together. * `cargo update -p num -p num-iter -p num-traits --aggressive` * `cargo update -p chrono` * `cargo update -p migrations_macros -p derive_deref` * Update to latest `dotenv`

@carols10cents

Bump a few more backend dependencies Bumping a few more dependencies from #1805. * `utf-8` from 0.7.1 to 0.7.5 * `maplit` 1.0.0 to 1.0.2 * `filetime` from 0.1.14 to 0.1.15 r? @carols10cents

@JohnTitor

Aggressively update conduit-hyper and reqwest This series does an aggressive update for `conduit-hyper` and then `reqwest`. This portion of the dependency tree has been updated recently and we aren't using `conduit-hyper` in production yet, so this should be fairly low risk even though it bumps a lot of crates. The commit messages show the detailed output of each command. cc #1805 r? @JohnTitor

jtgeibel added a commit to jtgeibel/crates.io that referenced this issue Aug 23, 2019

Bump docopt 0.8 -> 1.1.0

439db3a

Docopt is only used directly in the `render_readme` binary, though this does transitively update some crates that are used in production. Refs rust-lang#1265, rust-lang#1805

jtgeibel mentioned this issue Aug 23, 2019

Bump docopt 0.8 -> 1.1.0 #1812

Merged

smarnach pushed a commit to smarnach/crates.io that referenced this issue Aug 26, 2019

Bump docopt 0.8 -> 1.1.0

d62fb08

Docopt is only used directly in the `render_readme` binary, though this does transitively update some crates that are used in production. Refs rust-lang#1265, rust-lang#1805

jtgeibel mentioned this issue Oct 5, 2019

Bump backtrace and rustc-demangle #1861

Merged

carols10cents added the C-tracking-issue Category: A tracking issue for an RFC, an unstable feature, or an issue made of many parts label Nov 11, 2019

jtgeibel added a commit to jtgeibel/crates.io that referenced this issue Nov 15, 2019

Bump r2d2

4876857

Refs: rust-lang#1805

jtgeibel mentioned this issue Nov 15, 2019

Bump r2d2 #1899

Merged

bors added a commit that referenced this issue Nov 22, 2019

Auto merge of #1899 - jtgeibel:upgrade/r2d2, r=carols10cents

ae7834e

Bump r2d2 `cargo update -p r2d2` Refs: #1805

jtgeibel added a commit to jtgeibel/crates.io that referenced this issue Nov 23, 2019

cargo update -p num -p num-iter -p num-traits --aggressive

ba73bf6

Refs: rust-lang#1805

jtgeibel mentioned this issue Nov 23, 2019

Update chrono, dotenv, num-*, migrations_macros, and derive_deref #1917

Merged

jtgeibel mentioned this issue Jan 5, 2020

Bump a few more backend dependencies #2089

Merged

jtgeibel mentioned this issue Jan 7, 2020

Bump a few more backend dependencies #2099

Merged

bors closed this as completed in 503182e Jan 9, 2020

This was referenced Feb 19, 2020

Update tempfile and uuid to remove rand v0.5 #2195

Merged

Aggressively update conduit-hyper and reqwest #2213

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Tracking issue for `cargo update` #1805

Tracking issue for `cargo update` #1805

jtgeibel commented Aug 17, 2019 •

edited

Loading

sgrif commented Aug 18, 2019

jtgeibel commented Aug 20, 2019

Tracking issue for cargo update #1805

Tracking issue for cargo update #1805

Comments

jtgeibel commented Aug 17, 2019 • edited Loading

sgrif commented Aug 18, 2019

jtgeibel commented Aug 20, 2019

Tracking issue for `cargo update` #1805

Tracking issue for `cargo update` #1805

jtgeibel commented Aug 17, 2019 •

edited

Loading