Closed
Bug 1407736
Opened 7 years ago
Closed 1 year ago
Crash in combase!OXIDEntry::PostCall while drag and drop
Categories
(Core :: Widget: Win32, defect, P3)
Tracking
()
People
(Reporter: philipp, Unassigned)
References
Details
(Keywords: crash)
Crash Data
This bug was filed from the Socorro interface and is
report bp-d097bb5d-22d7-4677-8824-990e40171002.
=============================================================
Crashing Thread (0)
Frame Module Signature Source
0 combase.dll OXIDEntry::PostCall(ServerCall*, unsigned long*) onecore\com\combase\dcomrem\ipidtbl.cxx:1781
1 combase.dll CSyncClientCall::SendReceive2(tagRPCOLEMESSAGE*, unsigned long*) onecore\com\combase\dcomrem\channelb.cxx:5764
2 combase.dll CSyncClientCall::SendReceive(tagRPCOLEMESSAGE*, unsigned long*) onecore\com\combase\dcomrem\ctxchnl.cxx:823
3 combase.dll NdrExtpProxySendReceive(void*, _MIDL_STUB_MESSAGE*) onecore\com\combase\ndr\ndrole\proxy.cxx:1965
4 rpcrt4.dll NdrpClientCall3
5 combase.dll ObjectStublessClient onecore\com\combase\ndr\ndrole\amd64\stblsclt.cxx:294
6 combase.dll ObjectStubless d:\rs2\onecore\com\combase\ndr\ndrole\amd64\stubless.asm:175
7 combase.dll CStdMarshal::RemoteAddRef(tagIPIDEntry*, OXIDEntry*, unsigned long, unsigned long, int) onecore\com\combase\dcomrem\marshal.cxx:7925
8 combase.dll CStdMarshal::MakeCliIPIDEntry(_GUID const&, tagSTDOBJREF*, OXIDEntry*, tagIPIDEntry**) onecore\com\combase\dcomrem\marshal.cxx:2812
9 combase.dll CStdMarshal::UnmarshalIPID(_GUID const&, tagSTDOBJREF*, OXIDEntry*, void**) onecore\com\combase\dcomrem\marshal.cxx:2340
10 combase.dll CStdMarshal::UnmarshalObjRef(tagOBJREF&, void**) onecore\com\combase\dcomrem\marshal.cxx:2208
11 combase.dll UnmarshalSwitch(void*) onecore\com\combase\dcomrem\marshal.cxx:1842
12 combase.dll UnmarshalObjRef(tagOBJREF&, EffectiveUnmarshalingPolicy, void**, int, CStdMarshal**) onecore\com\combase\dcomrem\marshal.cxx:1985
13 combase.dll InternalUnmarshalObjRef onecore\com\combase\privateapi\privateapi.cxx:287
14 ole32.dll UnmarshalFromEndpointProperty(HWND__*, int, int, IUnknown**, int*) com\ole32\com\rot\getif.cxx:458
15 ole32.dll SDDInfo::SDDInfo(HWND__*, long&) com\ole32\com\rot\getif.cxx:232
16 ole32.dll PrivDragDrop(HWND__*, IDropTarget*, tagDRAGOP, tagInterfaceData*, IDataObject*, unsigned long, _POINTL, unsigned long*, HWND__*, void**) com\ole32\com\rot\getif.cxx:914
17 ole32.dll CDragOperation::GetDropTarget(HWND__*, HWND__*, IDropTarget*) com\ole32\ole232\drag\drag.cpp:1155
18 ole32.dll CDragOperation::UpdateTarget() com\ole32\ole232\drag\drag.cpp:2035
19 ole32.dll DoDragDrop com\ole32\ole232\drag\drag.cpp:3046
20 xul.dll nsDragService::StartInvokingDragSession(IDataObject*, unsigned int) widget/windows/nsDragService.cpp:326
21 xul.dll nsDragService::InvokeDragSessionImpl(nsIArray*, nsIScriptableRegion*, unsigned int) widget/windows/nsDragService.cpp:247
22 xul.dll nsBaseDragService::InvokeDragSession(nsIDOMNode*, nsIArray*, nsIScriptableRegion*, unsigned int, unsigned int) widget/nsBaseDragService.cpp:231
23 xul.dll nsBaseDragService::InvokeDragSessionWithImage(nsIDOMNode*, nsIArray*, nsIScriptableRegion*, unsigned int, nsIDOMNode*, int, int, nsIDOMDragEvent*, nsIDOMDataTransfer*) widget/nsBaseDragService.cpp:267
24 xul.dll mozilla::EventStateManager::DoDefaultDragStart(nsPresContext*, mozilla::WidgetDragEvent*, mozilla::dom::DataTransfer*, nsIContent*, nsISelection*) dom/events/EventStateManager.cpp:1998
25 xul.dll mozilla::EventStateManager::GenerateDragGesture(nsPresContext*, mozilla::WidgetInputEvent*) dom/events/EventStateManager.cpp:1803
26 xul.dll mozilla::EventStateManager::PreHandleEvent(nsPresContext*, mozilla::WidgetEvent*, nsIFrame*, nsIContent*, nsEventStatus*) dom/events/EventStateManager.cpp:744
27 xul.dll mozilla::PresShell::HandleEventInternal(mozilla::WidgetEvent*, nsEventStatus*, bool) layout/base/PresShell.cpp:8124
28 xul.dll mozilla::PresShell::HandlePositionedEvent(nsIFrame*, mozilla::WidgetGUIEvent*, nsEventStatus*) layout/base/PresShell.cpp:7923
29 xul.dll mozilla::PresShell::HandleEvent(nsIFrame*, mozilla::WidgetGUIEvent*, bool, nsEventStatus*, nsIContent**) layout/base/PresShell.cpp:7711
30 xul.dll nsViewManager::DispatchEvent(mozilla::WidgetGUIEvent*, nsView*, nsEventStatus*) view/nsViewManager.cpp:804
31 xul.dll nsView::HandleEvent(mozilla::WidgetGUIEvent*, bool) view/nsView.cpp:1133
32 xul.dll nsWindow::DispatchEvent(mozilla::WidgetGUIEvent*, nsEventStatus&) widget/windows/nsWindow.cpp:4147
33 xul.dll nsBaseWidget::ProcessUntransformedAPZEvent(mozilla::WidgetInputEvent*, mozilla::layers::ScrollableLayerGuid const&, unsigned __int64, nsEventStatus) widget/nsBaseWidget.cpp:1034
34 xul.dll nsBaseWidget::DispatchInputEvent(mozilla::WidgetInputEvent*) widget/nsBaseWidget.cpp:1175
35 xul.dll nsWindow::DispatchMouseEvent(mozilla::EventMessage, unsigned __int64, __int64, bool, short, unsigned short, WinPointerInfo*) widget/windows/nsWindow.cpp:4581
36 xul.dll nsWindow::ProcessMessage(unsigned int, unsigned __int64&, __int64&, __int64*) widget/windows/nsWindow.cpp:5509
37 xul.dll nsWindow::WindowProcInternal(HWND__*, unsigned int, unsigned __int64, __int64) widget/windows/nsWindow.cpp:4933
38 xul.dll CallWindowProcCrashProtected xpcom/base/nsCrashOnException.cpp:35
39 xul.dll nsWindow::WindowProc(HWND__*, unsigned int, unsigned __int64, __int64) widget/windows/nsWindow.cpp:4885
40 user32.dll UserCallWinProcCheckWow
41 user32.dll DispatchMessageWorker
42 xul.dll nsAppShell::ProcessNextNativeEvent(bool) widget/windows/nsAppShell.cpp:393
43 xul.dll nsBaseAppShell::DoProcessNextNativeEvent(bool) widget/nsBaseAppShell.cpp:138
44 xul.dll nsBaseAppShell::OnProcessNextEvent(nsIThreadInternal*, bool) widget/nsBaseAppShell.cpp:289
45 xul.dll nsThread::ProcessNextEvent(bool, bool*) xpcom/threads/nsThread.cpp:1356
46 xul.dll NS_ProcessNextEvent(nsIThread*, bool) xpcom/threads/nsThreadUtils.cpp:475
47 xul.dll mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) ipc/glue/MessagePump.cpp:124
48 xul.dll MessageLoop::RunHandler() ipc/chromium/src/base/message_loop.cc:231
49 xul.dll MessageLoop::Run() ipc/chromium/src/base/message_loop.cc:211
50 xul.dll nsBaseAppShell::Run() widget/nsBaseAppShell.cpp:156
51 xul.dll nsAppShell::Run() widget/windows/nsAppShell.cpp:271
52 xul.dll nsAppStartup::Run() toolkit/components/startup/nsAppStartup.cpp:283
53 xul.dll XREMain::XRE_mainRun() toolkit/xre/nsAppRunner.cpp:4567
54 xul.dll XREMain::XRE_main(int, char** const, mozilla::BootstrapConfig const&) toolkit/xre/nsAppRunner.cpp:4747
55 xul.dll XRE_main(int, char** const, mozilla::BootstrapConfig const&) toolkit/xre/nsAppRunner.cpp:4842
56 firefox.exe NS_internal_main(int, char**, char**) browser/app/nsBrowserApp.cpp:309
57 firefox.exe wmain toolkit/xre/nsWindowsWMain.cpp:115
58 firefox.exe __scrt_common_main_seh f:/dd/vctools/crt/vcstartup/src/startup/exe_common.inl:253
59 kernel32.dll BaseThreadInitThunk
60 ntdll.dll RtlUserThreadStart
crash reports with this signature show up on 64bit installations of firefox on windows 10 (& 8.1 to a lesser extent). many reports have modules like GDKBFltDll64.dll and Banksafe64.dll hooking into the process, which relate to GDATA security products. correlations show that two-thirds of affected users are on a german language build, so that would further point towards involvement of this german AV software.
thomas, would you be able to take a look into this?
Flags: needinfo?(thomas.siebert)
Comment 1•7 years ago
|
||
[Tracking Requested - why for this release]:
We might want to block these DLLs if we see more of these 64-bit GDATA crashes as we migrate more 56.0 users to 64-bit 56.0.1.
tracking-firefox57:
--- → ?
Summary: Crash in OXIDEntry::PostCall → Crash in OXIDEntry::PostCall (GDATA security software)
Comment 2•7 years ago
|
||
(In reply to [:philipp] from comment #0)
> thomas, would you be able to take a look into this?
This problem is quite odd, as according to crash telemetry it isn't triggered on browser startup, but typically after between 30 minutes and several hours. Whenever our modules are included, these are pretty ancient versions from 2014, which is consistent with the low number of affected users. We have an idea that the crashes are likely related to a bug in these old versions, and will send out a signature update that should mitigate these problems, even if the users don't do a software update (which they seemingly didn't do one for several years). If they at least do signature updates, they should be fine. Release of the signature update will likely be tomorrow.
As for blocking the DLLs, this might even have an adverse effect, as this would lead to more or less undefined behavior.
Flags: needinfo?(thomas.siebert)
Comment 3•7 years ago
|
||
As this is a fairly low crash volume I don't think that we have to track this for 57.
Let's check back to make sure the GDATA update fixes the issue.
Updated•7 years ago
|
Priority: -- → P3
Whiteboard: [AV:GDATA security software]
Comment 4•4 years ago
|
||
There is no GData module in the crash dumps, so seems this is not a compat issue but a general drag-n-drop failure. Transferring this to the widget component.
Component: Other → Widget: Win32
Product: External Software Affecting Firefox → Core
Summary: Crash in OXIDEntry::PostCall (GDATA security software) → Crash in combase!OXIDEntry::PostCall while drag and drop
Whiteboard: [AV:GDATA security software]
Comment 5•2 years ago
|
||
Since the crash volume is low (less than 5 per week), the severity is downgraded to S3
. Feel free to change it back if you think the bug is still critical.
For more information, please visit auto_nag documentation.
Severity: critical → S3
Comment 6•1 year ago
|
||
Closing because no crashes reported for 12 weeks.
Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•