Closed
Bug 599354
Opened 15 years ago
Closed 6 years ago
crash under Windows XP in BaseThreadStart @ RtlpWorkerCallout (malware-related?)
Categories
(Core :: General, defect)
Tracking
()
RESOLVED
WORKSFORME
| Tracking | Status | |
|---|---|---|
| firefox5 | - | --- |
People
(Reporter: scoobidiver, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: crash, Whiteboard: startupcrash)
Crash Data
Build : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b7pre) Gecko/20100924 Firefox/4.0b7pre
This is a residual crash signature that is present in 3.0, 3.5, 3.6, 4.0beta.
It happens only on Windows XP.
It #60 top crasher in 4.0b6 for the last 2 weeks.
Here are some comments of users that are very angry because it happens every time:
"3.6.10 CRASHES ABOUT EVERY 120 SECONDS!!!! ARGH!"
"I don't know what happened, I have to turn my computer off,after every time I use it to get back on line. I do not know the address of the page I was on."
"When trying to upgrade to 3.6 from 3.5 Firefox crashes and I have to reset again. This has happened numerous times. What can you do to fix this problem. It has been going on for days. It is getting very ridiculous. Firefox may be a thing of the past for me."
The crashing thread says nothing about the implicated firefox process, even in looking at the others threads.
Signature RtlpWorkerCallout
UUID 73f53bcc-69a9-423f-bc7f-788782100924
Time 2010-09-24 01:43:10.190693
Uptime 69
Last Crash 2159450 seconds (3.6 weeks) before submission
Install Age 577030 seconds (6.7 days) since version was first installed.
Product Firefox
Version 3.5.13
Build ID 20100914130356
Branch 1.9.1
OS Windows NT
OS Version 5.1.2600 Dodatek Service Pack 3
CPU x86
CPU Info AuthenticAMD family 15 model 95 stepping 2
Crash Reason EXCEPTION_ACCESS_VIOLATION_READ
Crash Address 0x0
Crashing Thread
Frame Module Signature [Expand] Source
0 @0x1a2d0f
1 ntdll.dll RtlpWorkerCallout
2 ntdll.dll RtlpExecuteWorkerRequest
3 ntdll.dll RtlpApcCallout
4 ntdll.dll RtlpExecuteWorkerRequest
5 kernel32.dll BaseThreadStart
More reports at :
http://crash-stats.mozilla.com/report/list?range_value=4&range_unit=weeks&signature=RtlpWorkerCallout
|
||
Comment 1•15 years ago
|
||
Having a quick look a the Modules of some random Reports there a quite some unversioned DLLs listed, like
sshnas21.dll
grtklxk.dll
cdklgvz.dll
Since all Branches seem affected, I presume this is caused by some Malware Stuff.
|
|
||
Comment 2•15 years ago
|
||
The current 4.0 crashes in https://crash-stats.mozilla.com/report/list?signature=RtlpWorkerCallout have a 100% correlation with tapi32.dll but looking into reports, I also see a few with unversioned DLLs like dadkeyb.dll or RocketDock.dll or a Syncor11.dll with version 0.1.2.3 that somehow looks interesting, but some don't look suspicious from a fast glance over modules.
Still, this is #190 on yesterday's 4.0* topcrash list with ~25 crashes per ADU and a rising tendency.
Summary: crash under Windows XP [@ RtlpWorkerCallout ] → crash under Windows XP [@ RtlpWorkerCallout ] (malware-related?)
|
|
||
Comment 3•15 years ago
|
||
This is still rising on both 3.6 and 4.0, we might want to take a look at what this really is.
|
|
Reporter | |
Comment 4•14 years ago
|
||
It is now #17 top crasher in 4.0 over the last 3 days.
I see no unversioned DLLs in correlations.
|
|
||
Comment 5•14 years ago
|
||
On the rise together with bug 647366 (@ RtlpTpWorkCallback) in the last few days, #10 on 4.0*, #11 on 3.6* now (yesterday's data).
|
|
Reporter | |
Comment 6•14 years ago
|
||
It is now #4 top crasher in 4.0.1 and #3 in 5.0b3.
tracking-firefox5:
--- → ?
|
||
Comment 7•14 years ago
|
||
not going to track this for Firefox 5, because there's nothing we can do for this in the timeframe we have. Initiatives to improve this situation are actually outside of this bug and our release cycle.
|
Assignee | |
Updated•14 years ago
|
Crash Signature: [@ RtlpWorkerCallout ]
|
|
Reporter | |
Updated•14 years ago
|
Blocks: malware-attacks
|
||
Comment 8•14 years ago
|
||
Just over 50% of these crashes happen in < 1 min. Adding the whiteboard tag.
Whiteboard: startupcrash
|
|
Reporter | |
Updated•14 years ago
|
Crash Signature: [@ RtlpWorkerCallout ] → [@ RtlpWorkerCallout ]
[@ RtlpWorkerCallout | RtlpExecuteWorkerRequest | RtlpApcCallout | RtlpExecuteWorkerRequest | BaseThreadStart]
Summary: crash under Windows XP [@ RtlpWorkerCallout ] (malware-related?) → crash under Windows XP in BaseThreadStart @ RtlpWorkerCallout (malware-related?)
|
|
||
Comment 9•13 years ago
|
||
Still high in crash stats - #21 on Fx12.
No longer blocks: malware-attacks
No longer depends on: 720655
|
|
Reporter | |
Updated•13 years ago
|
Blocks: malware-attacks
Depends on: 720655
|
||
Comment 11•13 years ago
|
||
This showed up in the explosive report for 13 today: https://crash-analysis.mozilla.com/rkaiser/2012-07-24/2012-07-24.firefox.13.explosiveness.html
|
||
Comment 13•12 years ago
|
||
Looking up online it's malware. The 2 dlls are malware, look up the sshnas21.dll.
|
||
Comment 14•6 years ago
|
||
Closing because no crashes reported for 12 weeks.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•