Closed Bug 1018236 Opened 10 years ago Closed 10 years ago

crash in RtlFreeHeap | HeapFree (with McAfee Site Advisor 3.7.0.187)

Categories

(Firefox :: Extension Compatibility, defect)

Product:
Firefox
Component:
Extension Compatibility
Version:
29 Branch
Platform:
x86
Windows NT
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED FIXED
Tracking Flags:
Tracking Status
firefox29 - wontfix
firefox30 --- verified
firefox31 --- verified
firefox32 --- verified

People

(Reporter: tracy, Unassigned)

References

Details

(Keywords: crash, topcrash-win)

Crash Data

This bug was filed from the Socorro interface and is 
report bp-4e191d1b-3640-4d7b-a1d9-e0d552140528.
=============================================================

This is affecting only Win7 and Win Vista. It has risen to #22 on Fx 29.0.1, but affects 30, 31, 32 and esr as well.

There are two prominent stacks: one like the above with mcbrwctl.dll
and
https://crash-stats.mozilla.com/report/index/f751e79d-cba5-43a6-a97f-8178e2140524 with HookDll.dll

I've seen McAfee Site Advisor 3.7.0 extension in many reports, but not all of them. I found this about its roll out over time - 
https://community.mcafee.com/message/329747

Some reports show wrc@avast.com 	9.0.2018.95 installed.
We use a custom allocator so there shouldn't be calls to HeapFree from Mozilla code. This is likely a catch-all bucket for crashes in external code. (Maybe HeapFree should be on the append list for better breakouts)

Tracy, did you see HookDll frequently or was that more of an exception? I see a large surge starting on 5/28 that are all mcbrwctl. That was probably the release date for this McAfee update that was built on the 24th:

https://crash-analysis.mozilla.com/crash_analysis/20140529/20140529_Firefox_29.0.1-interesting-modules-with-versions.txt.gz
  RtlFreeHeap | HeapFree|EXCEPTION_ACCESS_VIOLATION_READ (696 crashes)
     99% (688/696) vs.   2% (2811/126348) mcbrwctl.dll
          0% (0/696) vs.   0% (1/126348) 3.6.2.196
          0% (0/696) vs.   0% (47/126348) 3.6.5.135
          0% (0/696) vs.   0% (1/126348) 3.6.6.120
          0% (0/696) vs.   0% (234/126348) 3.6.6.121
          0% (2/696) vs.   1% (1122/126348) 3.6.6.129
          0% (0/696) vs.   0% (4/126348) 3.7.0.174
          0% (0/696) vs.   0% (31/126348) 3.7.0.179
          0% (0/696) vs.   0% (340/126348) 3.7.0.186
         99% (686/696) vs.   1% (1031/126348) 3.7.0.187

    Image path: c:\Program Files\McAfee\SiteAdvisor\mcbrwctl.dll
    Image name: mcbrwctl.dll
    Timestamp:        Sat May 24 03:24:09 2014 (537F6819)
    File version:     3.7.0.187
If anyone has contacts at McAfee, we should have them take a look. I haven't tried myself, but this ought to be more reproducible by running Firefox under pageheap.
Release Managers, do you have a contact for McAfee?
Flags: needinfo?(release-mgmt)
(In reply to David Major [:dmajor] (UTC+12) from comment #1)
> (Maybe HeapFree should be on the append list for better breakouts)

If it should, please file a Socorro bug similar to bug 994913.
I filed bug 1018575 for the append list.
Depends on: 1018575
Crash Signature: [@ RtlFreeHeap | HeapFree] → [@ RtlFreeHeap | HeapFree] [@ RtlFreeHeap | mcbrwctl.dll@0x6d49e]
I sent a message to one of my McAfee contacts.
This has climbed into the top ten in volume on Fx30beta.  We have a small window before 30RC goes to build as it's on hold for another third party issue.

David, it was a random manual sampling, but mcbrwctl.dll was more common than those with HookDll.dll
Keywords: topcrash-win
Let's see if Jorge's contact responds here.
Flags: needinfo?(release-mgmt)
Current ranks: 
#2 in 29.0.1
#6 in 30.0b
#7 in 31.0a2
#61 in 32.0a1
status-firefox29: --- → affected
status-firefox30: --- → affected
status-firefox31: --- → affected
status-firefox32: --- → affected
tracking-firefox29: --- → ?
tracking-firefox30: --- → ?
tracking-firefox31: --- → ?
tracking-firefox32: --- → ?
FAF* complaints rising, with signatures pointing at this bug.

Upside: It's exposing people I know who are running Windows still.

(* "Friends and family")
Here's some updated correlations for 29.0.1 on Windows. Doesn't seem like there's a newer version of McAfee out yet that would fix it:

  RtlFreeHeap | HeapFree|EXCEPTION_ACCESS_VIOLATION_READ (3078 crashes)
    100% (3073/3078) vs.   4% (5662/129694) mcbrwctl.dll
          0% (0/3078) vs.   0% (1/129694) 3.6.3.549
          0% (0/3078) vs.   0% (1/129694) 3.6.4.160
          0% (0/3078) vs.   0% (1/129694) 3.6.5.115
          0% (0/3078) vs.   0% (28/129694) 3.6.5.135
          0% (0/3078) vs.   0% (116/129694) 3.6.6.121
          0% (1/3078) vs.   1% (1146/129694) 3.6.6.129
          0% (0/3078) vs.   0% (1/129694) 3.7.0.174
          0% (0/3078) vs.   0% (20/129694) 3.7.0.179
          0% (0/3078) vs.   0% (81/129694) 3.7.0.186
        100% (3072/3078) vs.   3% (4267/129694) 3.7.0.187
    100% (3073/3078) vs.   4% (5673/129694) NPMcFFPlg32.dll
          0% (0/3078) vs.   0% (1/129694) 3.6.3.127
          0% (0/3078) vs.   0% (1/129694) 3.6.5.105
          0% (0/3078) vs.   0% (30/129694) 3.6.5.118
          0% (0/3078) vs.   0% (118/129694) 3.6.6.110
          0% (1/3078) vs.   1% (1151/129694) 3.6.6.112
          0% (0/3078) vs.   0% (1/129694) 3.7.0.127
        100% (3072/3078) vs.   3% (4371/129694) 3.7.0.128
Looks like this thread is talking about this as well: https://community.mcafee.com/thread/67402

And in there, a McAfee representative says they started releasing a 3.7.0.190 on June 3 that "should prevent these crashes".

It looks to me like crash volume was somewhat down yesterday, it's interesting that the new version doesn't show up in the correlations, but it just might mean that people with that new version do not seem to be crashing with any signature (yet).
Summary: crash in RtlFreeHeap | HeapFree → crash in RtlFreeHeap | HeapFree (with McAfee Site Advisor 3.7.0.187)
OK, I'll call this fixed by McAfee SiteAdvisor 3.7.0.190 as crash volume is going down across channels and the new version does not have those crashes (yet).

  RtlFreeHeap | HeapFree|EXCEPTION_ACCESS_VIOLATION_READ (1096 crashes)
     99% (1090/1096) vs.   3% (3443/129952) mcbrwctl.dll
          0% (0/1096) vs.   0% (1/129952) 3.6.4.160
          0% (0/1096) vs.   0% (34/129952) 3.6.5.135
          0% (0/1096) vs.   0% (96/129952) 3.6.6.121
          0% (0/1096) vs.   1% (1213/129952) 3.6.6.129
          0% (0/1096) vs.   0% (2/129952) 3.7.0.174
          0% (0/1096) vs.   0% (22/129952) 3.7.0.179
          0% (0/1096) vs.   0% (73/129952) 3.7.0.186
         99% (1090/1096) vs.   1% (1645/129952) 3.7.0.187
          0% (0/1096) vs.   0% (357/129952) 3.7.0.190
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.