Closed Bug 1243836 Opened 7 years ago Closed 6 years ago
crash in _chkstk | ns
Cookie Service::Get Enumerator with Onet Toolbar extension
This bug was filed from the Socorro interface and is report bp-2d4e1860-c7a4-43a3-8f3b-799102160127. ============================================================= 0 xul.dll _chkstk f:/dd/vctools/crt/crtw32/startup/i386/chkstk.asm:99 1 xul.dll nsCookieService::GetEnumerator(nsISimpleEnumerator**) netwerk/cookie/nsCookieService.cpp 2 xul.dll NS_InvokeByIndex xpcom/reflect/xptcall/md/win32/xptcinvoke.cpp 3 xul.dll XPCWrappedNative::GetAttribute(XPCCallContext&) js/xpconnect/src/xpcprivate.h 4 xul.dll XPC_WN_GetterSetter(JSContext*, unsigned int, JS::Value*) js/xpconnect/src/XPCWrappedNativeJSOps.cpp 5 xul.dll js::Invoke(JSContext*, JS::CallArgs const&, js::MaybeConstruct) js/src/vm/Interpreter.cpp 6 xul.dll nsTArray_base<nsTArrayInfallibleAllocator, nsTArray_CopyWithMemutils>::ShrinkCapacity<nsTArrayInfallibleAllocator>(unsigned int, unsigned int) xpcom/glue/nsTArray-inl.h 7 xul.dll mozilla::dom::ElementBinding::setAttribute obj-firefox/dom/bindings/ElementBinding.cpp 8 xul.dll XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) js/xpconnect/src/XPCWrappedNativeJSOps.cpp 9 xul.dll js::TypeScript::Monitor(JSContext*, JSScript*, unsigned char*, JS::Value const&) js/src/vm/TypeInference-inl.h 10 xul.dll nsAString_internal::Assign(wchar_t const*, unsigned int, mozilla::fallible_t const&) xpcom/string/nsTSubstring.cpp this crash signature is noticeably increasing in 44 and due to it crashing at startup 2/3 of the time this is at #10 of the crash score board for 44.0 at the moment. looking into reports manually (no correlation data available as of yet) they all seem to have the following amo listed addon installed: OnetToolbar 184.108.40.206-signed https://addons.mozilla.org/firefox/addon/onet/ therefore particularly polish user agents are affected: 1 pl 150 69.12 % 2 en-US 43 19.82 % 3 fr 13 5.99 % 4 en-GB 4 1.84 % 5 ru 3 1.38 % on a spot check i couldn't reproduce the issue by installing the addon myself, but it also didn't seem to work at all, based on what i was able to gather about its functionality from its description at amo.
can we blocklist the extension under these circumstances?
now the correlation data is in: _chkstk | nsCookieService::GetEnumerator|EXCEPTION_STACK_OVERFLOW (64 crashes) 100% (64/64) vs. 0% (66/30495) email@example.com
I sent a message to the developers. The add-on hasn't been updated in a couple of years, so it's possible that it's been abandoned. I'll give them some time to respond before making any decisions about this.
The add-on is now marked as incompatible with Firefox 44 and above, so it should be disabled for anyone who currently has it installed. Please reopen if the crashes persist in the coming weeks.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
This spiked recently in Firefox 46, it's #53 top crasher. Manually inspecting some reports reveals that they have `toolbar.addon%40onet.pl:220.127.116.11-signed.1-signed` installed.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
it's a thousand crashes on release last week. it doesn't seem like marking the addon as incompatible helped.
Most likely because we did a repackaging of all add-ons and that bumped up the maxVersion. I have extended the override to cover 1.*. Sorry about that.
Please reopen if the crashes don't diminish.
Status: REOPENED → RESOLVED
Closed: 7 years ago → 6 years ago
Resolution: --- → FIXED
Crash volume for signature '_chkstk | nsCookieService::GetEnumerator': - nightly (version 50): 0 crash from 2016-06-06. - aurora (version 49): 0 crash from 2016-06-07. - beta (version 48): 0 crash from 2016-06-06. - release (version 47): 2919 crashes from 2016-05-31. - esr (version 45): 155 crashes from 2016-04-07. Crash volume on the last weeks: Week N-1 Week N-2 Week N-3 Week N-4 Week N-5 Week N-6 Week N-7 - nightly 0 0 0 0 0 0 0 - aurora 0 0 0 0 0 0 0 - beta 0 0 0 0 0 0 0 - release 271 311 247 230 376 1020 386 - esr 29 5 10 16 13 16 13 Affected platform: Windows
You need to log in before you can comment on or make changes to this bug.