Closed Bug 1717014 Opened 3 years ago Closed 3 years ago

Crash in [@ RtlpWalkFrameChain | RtlWalkFrameChain | RtlCaptureStackBackTrace | SE_GetProcAddressForCaller] caused by Webroot SecureAnywhere

Categories

(External Software Affecting Firefox :: Other, defect)

Product:
External Software Affecting Firefox
Component:
Other
Platform:
x86_64
Windows 10
Type:
defect

Tracking

(firefox-esr78 unaffected, firefox89 unaffected, firefox90 affected, firefox91 affected)

Status:
RESOLVED WORKSFORME
Tracking Flags:
Tracking Status
firefox-esr78 --- unaffected
firefox89 --- unaffected
firefox90 --- affected
firefox91 --- affected

People

(Reporter: sefeng, Unassigned)

Details

(Keywords: crash, Whiteboard: [not-a-fission-bug])

Crash Data

Maybe Fission related. (DOMFissionEnabled=1)

Crash report: https://crash-stats.mozilla.org/report/index/f66f08ef-3eb8-4e1a-af2a-bcfde0210617

Reason: EXCEPTION_ACCESS_VIOLATION_READ

Top 10 frames of crashing thread:

0 ntdll.dll RtlpWalkFrameChain 
1 ntdll.dll RtlWalkFrameChain 
2 ntdll.dll RtlCaptureStackBackTrace 
3 apphelp.dll SE_GetProcAddressForCaller 
4 ntdll.dll LdrGetProcedureAddressForCaller 
5 kernelbase.dll GetProcAddressForCaller 
6 wrdll.x64.dll wrdll.x64.dll@0x1b225 
7 wrdll.x64.dll wrdll.x64.dll@0x8f24 
8 wrdll.x64.dll wrdll.x64.dll@0x2a2b7 
9 wrdll.x64.dll wrdll.x64.dll@0x13c1f

This seems to be related to collecting stack trace on windows.

Severity: -- → S2

wrdll.x64.dll, that's some anti-virus-ish software: https://www.webroot.com

Component: Crash Reporting → Other
Product: Toolkit → External Software Affecting Firefox
Summary: Crash in [@ RtlpWalkFrameChain | RtlWalkFrameChain | RtlCaptureStackBackTrace | SE_GetProcAddressForCaller] → Crash in [@ RtlpWalkFrameChain | RtlWalkFrameChain | RtlCaptureStackBackTrace | SE_GetProcAddressForCaller] caused by Webroot SecureAnywhere

25 out of 26 crashes have Fission enabled, though the crash reports are from just 9 installations. Fission has been enabled for 60% of Nightly users.

Could Fission be doing something to make these crashes more likely? Fission launches more content processes than e10s, so we should not be surprised for Fission to have more content process crashes overall.

Fission Milestone: --- → ?
status-firefox89: --- → unaffected
status-firefox90: --- → affected
status-firefox91: --- → affected
status-firefox-esr78: --- → unaffected
Hardware: Unspecified → x86_64

(In reply to Chris Peterson [:cpeterson] from comment #2)

Could Fission be doing something to make these crashes more likely? Fission launches more content processes than e10s, so we should not be surprised for Fission to have more content process crashes overall.

I think that's unlikely. It's more likely to be what you suggested: users with Fission enabled have more content processes so they run into content process crashes more often.

(In reply to Gabriele Svelto [:gsvelto] from comment #3)

I think that's unlikely. It's more likely to be what you suggested: users with Fission enabled have more content processes so they run into content process crashes more often.

Thanks. In that case, I'll clear this bug's Fission flag.

I don't know if it's related, but another external software crash (Beijing Kingsoft Security software bug 1679741) also increased in early–mid June.

Fission Milestone: ? → ---
Whiteboard: [not-a-fission-bug]

Another signature for this issue.

Crash Signature: [@ RtlpWalkFrameChain | RtlWalkFrameChain | RtlCaptureStackBackTrace | SE_GetProcAddressForCaller] → [@ RtlpWalkFrameChain | RtlWalkFrameChain | RtlCaptureStackBackTrace | SE_GetProcAddressForCaller] [@ RtlpWalkFrameChain | RtlpFreeHeap | RtlWalkFrameChain | RtlCaptureStackBackTrace | LdrpGetProcedureAddress]

We have blocked WebRoot modules, including WRDll.x64.dll 1.1.0.227 in bug 1700281. Not sure how it was loaded and caused this crash.

Closing because no crashes reported for 12 weeks.

Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.