Closed Bug 1376831 Opened 5 years ago Closed 5 years ago

Startup crash in cmdshim32.dll@0x135b (Comodo, Windows 10)


(External Software Affecting Firefox :: Other, defect)

Windows 10
Not set


(firefox54+ wontfix, firefox55 wontfix, firefox56 wontfix, firefox57 unaffected, firefox58 unaffected)

Tracking Status
firefox54 + wontfix
firefox55 --- wontfix
firefox56 --- wontfix
firefox57 --- unaffected
firefox58 --- unaffected


(Reporter: philipp, Unassigned)


(Keywords: crash, topcrash, Whiteboard: [platform-rel-Microsoft][platform-rel-Windows][AV:Comodo Internet Security])

Crash Data

This bug was filed from the Socorro interface and is 
report bp-ba7ff893-687f-4381-b430-ba66b0170628.
Crashing Thread (1)
Frame 	Module 	Signature 	Source
Ø 0 	cmdshim32.dll 	cmdshim32.dll@0x135b 	
Ø 1 	cmdshim32.dll 	cmdshim32.dll@0x1ced 	
Ø 2 	ntdll.dll 	ntdll.dll@0x6582c 	
Ø 3 	ntdll.dll 	ntdll.dll@0x657fc

We are seeing a big startup crash spike on Windows 10 in the last few hours with this signature relating to a dll belonging to Comodo security software. Most of the user comments also link the issue to having installed a MS update (KB4022716):
Flags: needinfo?(rob)
Track 54+ as there is a big spike on Windows 10.
I have this problem, tag me if you need questions.

Note: this also happens in "Start in Safe Mode" window and firefox has completely become unusable.
(In reply to Salar Khalilzadeh from comment #2)
> need questions.
*have questions

Note 2: These crashes started when I updated windows through windows update.
Hi.  I've notified the relevant team at Comodo and asked them to post an update here as soon as they can.
Flags: needinfo?(rob)
Hi everybody,

This reported issue is caused by incompatibility with Microsoft Windows update KB4022716.
Comodo teams is working over the fix. Dates of the Hotfix releases will be published later this week.
Till that Hotfixes we strongly recommend users to not install mentioned Windows update KB4022716.

Sergey Kazakov
Development Manager on Comodo Internet Security products
comodo is now providing hotfixes for most of its affected products:;msg861691#msg861691
& the crash rates keep declining, so i'll mark this issue as WFM...
Closed: 5 years ago
Resolution: --- → WORKSFORME
Per comment #6, mark 54 won't fix.
hi sergey, the crashes started to dramatically rise again yesterday - do you have any insight into that?:
Flags: needinfo?(sergey.kazakov)
Resolution: WORKSFORME → ---
user comments from the recent spike seem to pin it to windows update KB4025342 this time.
This crash is ranked #3 in topcrashers, right now we've 4210 crashes just for today.
Keywords: topcrash
Whiteboard: [platform-rel-Microsoft][platform-rel-Windows]
Sorry if I'm adding noise here, but is there a way that we can protect or mitigate against this type of thing? Are we at the mercy of all 3rd party software?
marco has spun up some try builds but unfortunately it looks like we cannot get cmdshim32.dll out of our process with our usual dll blocklisting mechanism.

the issue is causing quite a stir in the support forum too:
hi all,
We did the hotfix release of CIS that is aimed to address KB4025342 incompatibility issues at July 12th.
All existing CIS instances are being prompted to update to latest CIS version automatically.
Could you check that issue is fixed with latest CIS 10, please?
Flags: needinfo?(sergey.kazakov)
thanks, the automatic prompt to update to v.6258 seems to have fixed the issue on a device where i had test-installed the comodo firewall and firefox is no longer crashing on startup there.
The crash rate seems to be going down at this point, ~400 crashes per day rather than 4000. 
Do we have any info on whether people are updating?

Marco, what is our situation with blocklisting DLLs?
Flags: needinfo?(mcastelluccio)
(In reply to Liz Henry (:lizzard) (needinfo? me) from comment #15)
> Marco, what is our situation with blocklisting DLLs?

Philipp tested my try builds, the blocklist was ineffective.
Flags: needinfo?(mcastelluccio)
In crash stats, I'm not seeing reports for 57 or 58 (beta, nightly.) And there have been less than ~500 crashes in the past week in release. :philipp observed that updates to third party software have fixed the issue. 

I'm marking this as 57 and 58 unaffected, but will leave open.
Closed: 5 years ago5 years ago
Resolution: --- → WORKSFORME
Whiteboard: [platform-rel-Microsoft][platform-rel-Windows] → [platform-rel-Microsoft][platform-rel-Windows][AV:Comodo Internet Security]
You need to log in before you can comment on or make changes to this bug.