Closed Bug 616518 Opened 14 years ago Closed 12 years ago

[Mac] Firefox 4.0b8pre crash in [@ nsACString_internal::Assign ] mainly with 1password 3.5.5 and below

Categories

(Toolkit :: Blocklist Policy Requests, defect)

Product:
Toolkit
Component:
Blocklist Policy Requests
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED WONTFIX
Tracking Flags:
Tracking Status
blocking2.0 --- -

People

(Reporter: marcia, Assigned: christian)

References

Details

(Keywords: crash, Whiteboard: [blocklist?][block on hold])

Crash Data

Seen while reviewing crash stats. Low volume Mac crash that started showing up using 2010112200 build. http://tinyurl.com/2g78jyu to all the crashes so far. Frame Module Signature [Expand] Source 0 @0x7fffffe007bf 1 XUL nsACString_internal::Assign nsCharTraits.h:510 2 XUL NS_CStringCopy_P xpcom/build/nsXPCOMStrings.cpp:347 3 libosxform_xpcom.dylib libosxform_xpcom.dylib@0x4c4ab 4 libosxform_xpcom.dylib libosxform_xpcom.dylib@0x4a3b4 5 XUL NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/unix/xptcinvoke_x86_64_unix.cpp:208 6 XUL XPCConvert::JSData2Native js/src/xpconnect/src/xpcconvert.cpp:541 7 XUL XPCWrappedNative::CallMethod js/src/xpconnect/src/xpcwrappednative.cpp:3046 8 XUL XPC_WN_CallMethod js/src/xpconnect/src/xpcwrappednativejsops.cpp:1594 9 XUL js::Interpret js/src/jscntxtinlines.h:684 10 XUL js::Invoke js/src/jsinterp.cpp:657 11 XUL js::ExternalInvoke js/src/jsinterp.cpp:858 12 XUL JS_CallFunctionValue js/src/jsinterp.h:962 13 XUL nsXPCWrappedJSClass::CallMethod js/src/xpconnect/src/xpcwrappedjsclass.cpp:1694 14 XUL nsXPCWrappedJS::CallMethod js/src/xpconnect/src/xpcwrappedjs.cpp:588 15 XUL PrepareAndDispatch xpcom/reflect/xptcall/src/md/unix/xptcstubs_x86_64_darwin.cpp:153 16 XUL XUL@0xdf82ca 17 XUL nsEventListenerManager::HandleEventSubType content/events/src/nsEventListenerManager.cpp:1114 18 XUL nsEventListenerManager::HandleEventInternal content/events/src/nsEventListenerManager.cpp:1210 19 XUL nsEventTargetChainItem::HandleEventTargetChain content/events/src/nsEventListenerManager.h:146 20 XUL nsEventDispatcher::Dispatch content/events/src/nsEventDispatcher.cpp:628 21 XUL DocumentViewerImpl::LoadComplete layout/base/nsDocumentViewer.cpp:1034 22 XUL nsDocShell::EndPageLoad docshell/base/nsDocShell.cpp:6033 23 XUL nsDocShell::OnStateChange docshell/base/nsDocShell.cpp:5887 24 XUL nsDocLoader::FireOnStateChange uriloader/base/nsDocLoader.cpp:1334 25 XUL nsDocLoader::DocLoaderIsEmpty uriloader/base/nsDocLoader.cpp:942 26 XUL nsDocLoader::OnStopRequest uriloader/base/nsDocLoader.cpp:702 27 XUL nsLoadGroup::RemoveRequest netwerk/base/src/nsLoadGroup.cpp:680 28 XUL nsDocument::DoUnblockOnload content/base/src/nsDocument.cpp:7262 29 XUL nsBindingManager::DoProcessAttachedQueue content/xbl/src/nsBindingManager.cpp:999 30 XUL nsRunnableMethodImpl<void ,true>::Run nsThreadUtils.h:345 31 XUL nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:626 32 XUL NS_ProcessNextEvent_P nsThreadUtils.cpp:250 33 XUL nsThread::Shutdown xpcom/threads/nsThread.cpp:492 34 XUL NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/unix/xptcinvoke_x86_64_unix.cpp:208 35 XUL nsProxyObjectCallInfo::Run xpcom/proxy/src/nsProxyEvent.cpp:181 36 XUL nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:626 37 XUL NS_ProcessPendingEvents_P nsThreadUtils.cpp:200 38 XUL nsBaseAppShell::NativeEventCallback widget/src/xpwidgets/nsBaseAppShell.cpp:132 39 XUL nsAppShell::ProcessGeckoEvents widget/src/cocoa/nsAppShell.mm:399 40 CoreFoundation CoreFoundation@0x4e400 41 CoreFoundation CoreFoundation@0x4c5f8 42 XUL nsToolkitProfileService::CreateProfile toolkit/profile/src/nsToolkitProfileService.cpp:626 43 @0x10342778f 44 HIToolbox HIToolbox@0x7693 45 CoreGraphics CoreGraphics@0x7e8f3 46 CoreGraphics CoreGraphics@0x7e6d8 47 HIToolbox HIToolbox@0xe35c 48 CoreFoundation CoreFoundation@0x1b1ef 49 HIServices HIServices@0x3cd1 50 CoreFoundation CoreFoundation@0x104c7
xforms, assuming that all the stacks are the same.
Component: XPCOM → XForms
QA Contact: xpcom → xforms
I pinged Philipp to see if libosxform_xpcom.dylib is one of ours since he knows a lot more about xforms with FF4 than I do. However, I see this -> http://forums.macrumors.com/showthread.php?t=452352 and search for libosxform and it appears to me that the library probably belongs to the app 1passwd.
No, it's not us. I don't have a mac, but our library should be libxforms.dylib or similar.
I think that this is the external application 1passwd that is calling into xpcom string api in the browser so returning the bug to xpcom to decide if this can be addressed in xpcom or not.
Component: XForms → XPCOM
QA Contact: xforms → xpcom
libosxform_xpcom.dylib ? The call is coming from that dylib passing invalid data, this is definitely not an XPCOM bug and probably not a Mozilla bug at all.
Component: XPCOM → General
QA Contact: xpcom → general
(In reply to comment #1) > xforms, assuming that all the stacks are the same. I looked at a sample of 20 of these from yesterday. yes, they are all the same. ....Signature number: 1-nsACString_internal::Assign ______ distribution of 20 different stacks, looking at top 10 frames 20 stacks like 0|0|| 0|1|XUL|nsACString_internal::Assign 0|2|XUL|NS_CStringCopy_P 0|3|libosxform_xpcom.dylib| 0|4|libosxform_xpcom.dylib| 0|5|XUL|NS_InvokeByIndex_P 0|6|XUL|XPCConvert::JSData2Native 0|7|XUL|XPCWrappedNative::CallMethod 0|8|XUL|XPC_WN_CallMethod 0|9|XUL|js::Interpret
100% of crashes happen with 1Password extension.
blocking2.0: --- → ?
Keywords: topcrash
anyone have contacts at 1password?
(In reply to comment #8) > anyone have contacts at 1password? See bug 589191 comment #6. We don't have any information other than their website.
blocking2.0: ? → -
This is showing up high in the list for early Beta10 returns.
It is #2 top crasher on Mac OS X in 4.0b10 over the last week.
I'll see if I can dig up some contacts at 1Password
Roustem Karimov said in bug 589191 he is co-author. CCing him. Roustem, could you have a look at this crash as well?
Per discussion yesterday with Roustem, they've published a beta that will hopefully address this.
Component: General → Extension Compatibility
Product: Core → Firefox
QA Contact: general → extension.compatibility
Summary: [Mac] Firefox 4.0b8pre crash in [@ nsACString_internal::Assign ] → [Mac] Firefox 4.0b8pre crash in [@ nsACString_internal::Assign ] mainly with 1password
Assignee: nobody → roustem
This is the top crash for beta 11 on Mac OS X. The second crash is also caused by 1password, the signature is "libSystem.B.dylib@0x4160", reports have "libosxform_xpcom.dylib" code on the stack.
Here are correlations with extensions: nsACString_internal::Assign|EXC_BAD_ACCESS / 0x0000000d (89 crashes) 85% (76/89) vs. 3% (77/2526) firefox3@1password.com 16% (14/89) vs. 1% (14/2526) 3.5.2 3% (3/89) vs. 0% (3/2526) 3.5.3 54% (48/89) vs. 2% (48/2526) 3.5.4 12% (11/89) vs. 0% (11/2526) 3.5.5.BETA-3 81% (72/89) vs. 10% (261/2526) firefox4@1password.com 16% (14/89) vs. 1% (16/2526) 3.5.2 3% (3/89) vs. 2% (54/2526) 3.5.3 49% (44/89) vs. 4% (96/2526) 3.5.4 12% (11/89) vs. 1% (31/2526) 3.5.5.BETA-3
Bug 632844 has been filed for "libSystem.B.dylib@0x4160" crash.
Renominating due to increase in frequency. Feels like we should blocklist the older version. Adding to the hardblocking list for final so that we make a call.
blocking2.0: - → final+
Whiteboard: [blocklist?][hardblocker]
Assignee: roustem → nobody
Component: Extension Compatibility → Blocklisting
Product: Firefox → addons.mozilla.org
QA Contact: extension.compatibility → blocklisting
Version: Trunk → unspecified
Assignee: nobody → clegnitto
If this is to be blocklisted, please give the exact block range details (guid, versions, application versions, etc.)
Whiteboard: [blocklist?][hardblocker] → [blocklist?][hardblocker][Needs block ranges]
Blocks: 632844
extension: firefox3@1password.com version: 3.5.5.* and lower Firefox versions: 3.7a1 and higher extension: firefox4@1password.com version: 3.5.5.* and lower Firefox versions: 3.7a1 and higher
I'd ask that we make efforts to help 1password track the issues we're seeing before hardblocking. I'm not convinced it's widespread enough to warrant the hardblock at this point, and would like to get a sense for what percentage of the userbase is affected, and whether this hurts or harms them because of the utility 1password offers to them.
We made a number of changes in 1Password 3.5.5.BETA-6 and also rebuilt it with the latest source of Gecko SDK. Is there any way to see if the crashes still happen with 3.5.5.BETA-6?
> Is there any way to see if the crashes still happen with 3.5.5.BETA-6? Go to: https://crash-stats.mozilla.com/report/list?range_value=4&range_unit=weeks&signature=nsACString_internal%3A%3AAssign&version=Firefox%3A4.0b11 Click on the Correlation tab. Click on the Load button below Add-ons by versions. Until now, there are no crashes in 3.5.5.BETA-6.
Thanks! We'll keep an eye on it.
block ranges in comment 21.
Whiteboard: [blocklist?][hardblocker][Needs block ranges] → [blocklist?][hardblocker]
I'm not processing any more softblocks until bug 523784 is fixed.
Whiteboard: [blocklist?][hardblocker] → [blocklist?][hardblocker][block on hold]
Depends on: 523784
Is this about a softblocking or hardblocking? Kev indicated harblocking in comment 22.
I think Kev's hardblocking reference is regarding Firefox 4 blocking status, not blocklist status. (another reason I don't like hard/softblockers!)
It sounds to me that this is about softblocking, where like other cases we know older versions have crash prioblems and just want to get users on the upgrade path since a newer more stable version is available. looks like volume is 40-100 crashes per day and its exclusively 4.0bX nsACString_internal::Assign date total breakdown by build crashes count build, count build, ... 20110201 59 39 4.0b102011012116, 18 4.0b92011011019, 2 4.0b11pre2011020103, 20110202 63 36 4.0b102011012116, 17 4.0b92011011019, 9 4.0b11pre2011020103, 1 4.0b11pre2011020203, 20110203 103 80 4.0b102011012116, 17 4.0b92011011019, 5 4.0b11pre2011020203, 1 4.0b62010091407, 20110204 66 42 4.0b102011012116, 12 4.0b92011011019, 10 4.0b12pre2011020403, 1 4.0b82010121416, 1 4.0b62010091407, 20110205 35 21 4.0b102011012116, 11 4.0b92011011019, 3 4.0b12pre2011020503, 20110206 46 32 4.0b102011012116, 13 4.0b92011011019, 1 4.0b72010110413, 20110207 84 67 4.0b102011012116, 9 4.0b92011011019, 3 4.0b12pre2011020703, 2 4.0b82010121416, 2 4.0b72010110413, 1 4.0b12pre2011020503, 20110208 66 23 4.0b112011020314, 22 4.0b102011012116, 13 4.0b92011011019, 4 4.0b82010121416, 2 4.0b72010110413, 2 4.0b12pre2011020603, 20110209 102 94 4.0b112011020314, 4 4.0b92011011019, 2 4.0b102011012116, 1 4.0b82010121416, 1 4.0b62010091407, 20110210 78 34 4.0b102011012116, 31 4.0b112011020314, 7 4.0b92011011019, 6 4.0b72010110413, 20110211 40 32 4.0b112011020314, 7 4.0b92011011019, 1 4.0b102011012116, 20110212 71 48 4.0b112011020314, 8 4.0b102011012116, 7 4.0b92011011019, 5 4.0b72010110413, 3 4.0b82010121416, 20110213 32 22 4.0b112011020314, 8 4.0b92011011019, 1 4.0b82010121416, 1 3.6.132010120612, 20110214 37 20 4.0b112011020314, 10 4.0b102011012116, 3 4.0b92011011019, 3 4.0b82010121416, 1 4.0b72010110413,
its also interesting that volume seemed to be a bit higher back in the days preceeding beta 10, when it was running 130-240 crashes per day nsACString_internal::Assign date total breakdown by build crashes count build, count build, ... 20110120 133 127 4.0b92011011019, 6 4.0b72010110413, 20110121 154 149 4.0b92011011019, 4 4.0b82010121416, 1 4.0b62010091407, 20110122 135 130 4.0b92011011019, 2 4.0b82010121416, 2 4.0b72010110413, 1 4.0b10pre2011011103, 20110123 153 145 4.0b92011011019, 3 4.0b10pre2011012115, 2 4.0b72010110413, 1 4.0b82010121416, 1 4.0b62010091407, 1 4.0b10pre2011012103, 20110124 211 204 4.0b92011011019, 7 4.0b82010121416, 20110125 177 155 4.0b92011011019, 19 4.0b102011012116, 2 4.0b82010121416, 1 4.0b72010110413, 20110126 244 138 4.0b92011011019, 100 4.0b102011012116, 6 4.0b10pre2011012503,
but there also could be some signature shifting going on that might account for variable counts. Here is a list of possible related sigs signature list 37 Mac OS X 10.6 nsACString_internal::Assign 5 Mac OS X 10.6 @0x0 | nsACString_internal::Assign 1 Mac OS X 10.6 nsACString_internal::Assign(char const*, unsigned int) 1 Mac OS X 10.4 nsACString_internal::Assign(nsACString_internal const&) 1 Mac OS X 10.4 nsACString_internal::Assign(char const*, unsigned int)
not much useful in the url's if 1password is still trying to make a test case out of the crash reports on the older version. 35 @0x0 | nsACString_internal::Assign \N 248 nsACString_internal::Assign \N 1 nsACString_internal::Assign about:blank 1 nsACString_internal::Assign http://act.credoaction.com/petition/process_petition.html?petition_id=817&posted=1&track_referer=1&redirect_url=%2Fcampaign%2Fdont_defund_npr%2Fletter.html&referred_by=&ga__full_name=&Q_test_group=treatment&referring_file=index2.html&email=XXXXX 1 nsACString_internal::Assign http://www.brooksbrothers.com/cis/default.tem 1 nsACString_internal::Assign http://www.nu.nl/ 1 nsACString_internal::Assign http://www.wetterzentrale.de/ 3 nsACString_internal::Assign jar:file:///Applications/Firefox.app/Contents/MacOS/omni.jar!/chrome/browser/content/browser/aboutSessionRestore.xhtml 1 nsACString_internal::Assign wyciwyg://0/http://www.feedly.com/home#cover 1 nsACString_internal::Assign(char const*, unsigned int) \N 1 nsACString_internal::Assign(char const*, unsigned int) http://www.bi.no/ 1 nsACString_internal::Assign(char const*, unsigned int) http://www.newsweek.com/2004/06/13/american-dreamer.html 1 nsACString_internal::Assign(nsACString_internal const&) http://www.yandex.ru/ 1 nsACString_internal::Assign(nsACString_internal const&) http://www.youtube.com/watch?v=jL3WPZ4HZYI&feature=related
(In reply to comment #29) > I think Kev's hardblocking reference is regarding Firefox 4 blocking status, > not blocklist status. We could be explicit and state the blocklist severity level rather than use "blocker"-like statuses :) In this particular case, I was referencing adding the addon to the blocklist. I am not convinced that we should add the 1password plugin to the blocklist at this point. I do think it needs to be addressed (and indications are that it _is_ being addressed), but I am concerned with there not being a release we can point users to that addresses the problem and the probable reliance on the 1password application its users have for things like browsing (e.g. if we add it to the blocklist, users may be upset). I'd rather we did not add the 1password addon to the blocklist as I think the tradeoff between preventing crashes for 1password users does not trump the value users get out of the app while browsing. It affects a small percentage of OSX users only, who expect 1password to work, and while we can message that we know there are issues, I don't think we should add it to the blocklist.
> I am concerned with there not being a release we can point users to that > addresses the problem Now, the current version is 3.5.7 (no crashes so far) and the block-list range is 3.5.5.*.
Kev: I don't understand; is it not the case that users with 1password just crash all the time?
(In reply to comment #36) > Kev: I don't understand; is it not the case that users with 1password just > crash all the time? I don't know if we know that. That wasn't the impression I got, but if that's what's actually happening, it puts a different spin on things.
(In reply to comment #37) > (In reply to comment #36) > > Kev: I don't understand; is it not the case that users with 1password just > > crash all the time? > > I don't know if we know that. That wasn't the impression I got, but if that's > what's actually happening, it puts a different spin on things. I personally do recall a period congruent with the crash reports when 1Password would constantly crash Firefox (often soon after launching Firefox). I'm going to assume this is the same issue. For those who use 1Password regularly, blocklisting the extension will make it difficult to log in to web sites/services. They will be forced to open the 1Password Mac application, search for the account, copy the username/password, paste them into the log in form, and submit the form, none of which they normally have to do. That being said, 1Password is generally updated very often (I would guess once a week on average) so users are accustomed to installing updates regularly. Aside: It might be helpful to know that the Firefox extension is installed/updated by the Mac application, not through Firefox or a website.
It is now only #31 top crasher in 4.0b12pre over the last week. The release of version 3.5.7 (present in 53% of all crashes) seems to have made drop the crash volume. The blocklisting range in comment 21 is still valid.
blocking2.0: final+ → -
Whiteboard: [blocklist?][hardblocker][block on hold] → [blocklist?][block on hold]
This was the #1 crash on mac yesterday (Mar 1).
> This was the #1 crash on mac yesterday (Mar 1). It was 5 consecutive startup crashes from the same user. It is #18 top crasher on Mac OS X in 4.0b12 with only startup crashes. As it is now a low volume crash, there is no more correlations, but a manual check shows versions 3.5.3 and 3.5.4 of 1password.
Summary: [Mac] Firefox 4.0b8pre crash in [@ nsACString_internal::Assign ] mainly with 1password → [Mac] Firefox 4.0b8pre crash in [@ nsACString_internal::Assign ] mainly with 1password 3.5.5 and below
Crash Signature: [@ nsACString_internal::Assign ]
Keywords: topcrash
Depends on: 557234
Closing old blocklist bugs. Please reopen if the problem still exists.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → WONTFIX
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.