Closed Bug 1043775 Opened 7 years ago Closed 3 years ago
crash in CCli
Modal Loop::CCli Modal Loop with G Data AVKProxy
This bug was filed from the Socorro interface and is report bp-578b75ec-6ea5-4b74-95ac-559502140723. ============================================================= The crash is in COM plumbing, so it's unclear what's the issue, but it is 100% correlated with Banksafe64.dll from G Data AntiVirus Proxy (AVKProxy). It's Win64 only (so nightly channel only). We first started seeing the crash on 4 April 2013 with this DLL version: Image name: Banksafe64.dll Timestamp: Wed Feb 05 15:46:29 2014 (52F1A605) File version: 1.2.14036.226 Product version: 188.8.131.52 This is one of the top crashes on 34 so far, but rankings may not be reliable this early. If it persists, let's try to find a contact at G Data.
> We first started seeing the crash on 4 April 2013 That should say 2014.
This is now the #10 topcrasher on Nightly 34.0a1 with 94/15568 crashes in the last 7 days.
Crash Signature: [@ CCliModalLoop::CCliModalLoop(unsigned long, unsigned long, unsigned long, int)] → [@ CCliModalLoop::CCliModalLoop(unsigned long, unsigned long, unsigned long, int)] [@ CCliModalLoop::CCliModalLoop]
Crash volume for signature 'CCliModalLoop::CCliModalLoop': - nightly (version 51): 2 crashes from 2016-08-01. - aurora (version 50): 39 crashes from 2016-08-01. - beta (version 49): 75 crashes from 2016-08-02. - release (version 48): 40 crashes from 2016-07-25. - esr (version 45): 29 crashes from 2016-05-02. Crash volume on the last weeks (Week N is from 08-22 to 08-28): W. N-1 W. N-2 W. N-3 - nightly 1 0 0 - aurora 12 12 2 - beta 28 22 12 - release 8 8 11 - esr 2 4 3 Affected platform: Windows Crash rank on the last 7 days: Browser Content Plugin - nightly #446 - aurora #51 - beta #650 - release #1331 #224 - esr #1283
we still see these crash reports from gdata users on windows 7 like bp-6e7b3edb-2671-41fb-ae18-798871180209 which seems to be related to the windows jumplist functionality. thomas, do you think this is something you could help with?
We had a bug that caused this behavior, which we fixed 3.5 years ago. So crashes might be related to outdated installations of our software. Please note that it's quite possible that not all of the crashes with this signature are related to our product though. As far as I can see, only a small fraction of crash reports show evidence of our software being present. We have released our bugfix several years ago, so there's not much we can do anymore. The only possible solution I see to get rid of crashes caused by outdated version of our software might be to block GDKBFltDll64.dll 1.0.14141.240 and older on your side.
ah right, the crash i've stumbled upon recently (bp-6e7b3edb-2671-41fb-ae18-798871180209) has exactly that v1.0.14141.240 of the module - thanks for the heads-up.
would there be a way for us to somehow obtain an old unfixed version to check that blocklisting has no unintended consequences in this case?
The affected version can be found here: https://gdata-a.akamaihd.net/Q/SSI/INT_R_FUL_IS_184.108.40.206.exe Using the trial version should be sufficient. If you need a full license though, just contact me via mail.
this would be a prospective blocklisting patch. when i downloaded the program via the link in the last comment, i've ended up with a newer version (1.0.16122.355) of the dll already, so i can't really test how the blocklisting is behaving...
Sorry, I swapped two digits. This should work now: https://gdata-a.akamaihd.net/Q/SSI/INT_R_FUL_2015_IS_220.127.116.11.exe
Comment on attachment 8950998 [details] [diff] [review] bug1043775.patch with the gdata setup from comment #10 i could test that the patch is successful in getting the blocked dll out of the firefox process. i didn't notice any negative byproducts from browsing a couple of minutes in this state.
Attachment #8950998 - Flags: review?(mcastelluccio)
Attachment #8950998 - Flags: review?(mcastelluccio) → review+
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/mozilla-inbound/rev/6c863dc8093f Put old versions of GDATA GDKBFltDll64.dll on Dll blocklist. r=marco
I think we should uplift this, can you request it?
Comment on attachment 8950998 [details] [diff] [review] bug1043775.patch Approval Request Comment [Feature/Bug causing the regression]: third-party software hooking into the process [User impact if declined]: occasional crashes [Is this code covered by automated tests?]: n/a [Has the fix been verified in Nightly?]: verified locally that the blocklist entry is successful in getting the offending module out of our process [Needs manual test from QE? If yes, steps to reproduce]: n/a [List of other uplifts needed for the feature/fix]: n/a [Is the change risky?]: no [Why is the change risky/not risky?]: it's making use of the purpose-built dll blocklist. the block is in relation to a 3 year old module that has been superseded with a fixed version by the vendor. [String changes made/needed]: n/a
Attachment #8950998 - Flags: approval-mozilla-beta?
Comment on attachment 8950998 [details] [diff] [review] bug1043775.patch Let's get this into 59b12.
Attachment #8950998 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
You need to log in before you can comment on or make changes to this bug.