Closed Bug 630191 Opened 15 years ago Closed 15 years ago

Crash [@ nsContentUtils::ASCIIToLower(nsAString_internal const&, nsAString_internal&) ] with Shopper reports 3.1.22 (or ClickPotatoLite 10.0 or QuestBrowse 1.0)

Categories

(Toolkit :: Blocklist Policy Requests, defect)

Product:
Toolkit
Component:
Blocklist Policy Requests
Platform:
x86
Windows 7
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
blocking2.0 --- final+
status1.9.2 --- ?
status1.9.1 --- ?

People

(Reporter: scoobidiver, Assigned: fligtar)

References

Details

(Keywords: crash, regression, topcrash, Whiteboard: [blocklist][hardblocker][Hardblocked 2/9])

Crash Data

It is #8 top crasher in 4.0b10 over the last week. Signature nsContentUtils::ASCIIToLower(nsAString_internal const&, nsAString_internal&) UUID 22831dbc-e36b-409a-a4a1-b1ff82110131 Time 2011-01-31 00:03:59.789793 Uptime 187 Last Crash 214 seconds (3.6 minutes) before submission Install Age 387062 seconds (4.5 days) since version was first installed. Product Firefox Version 4.0b10 Build ID 20110121161358 Branch 2.0 OS Windows NT OS Version 6.1.7600 CPU x86 CPU Info GenuineIntel family 6 model 30 stepping 5 Crash Reason EXCEPTION_ACCESS_VIOLATION_READ Crash Address 0xffffffffc3671973 App Notes AdapterVendorID: 1002, AdapterDeviceID: 68c1, AdapterDriverVersion: 8.672.3.0 Frame Module Signature [Expand] Source 0 xul.dll nsContentUtils::ASCIIToLower content/base/src/nsContentUtils.cpp:5075 1 xul.dll nsDocument::GetElementsByTagName content/base/src/nsDocument.cpp:4557 2 @0x30adbf 3 mozillaps.dll mozillaps.dll@0x1e849 4 mozillaps.dll mozillaps.dll@0x1e849 5 mozillaps.dll mozillaps.dll@0x203af 6 mozillaps.dll mozillaps.dll@0x203af 7 mozillaps.dll mozillaps.dll@0x4557d 8 mozillaps.dll mozillaps.dll@0xb53b 9 mozillaps.dll mozillaps.dll@0x4be0b 10 CmndFF.dll CmndFF.dll@0x15b2d 11 mozillaps.dll mozillaps.dll@0x622c3 12 mozillaps.dll mozillaps.dll@0x41ad0 13 CmndFF.dll CmndFF.dll@0x1ab0a 14 CmndFF.dll CmndFF.dll@0x1a9a3 15 CmndFF.dll CmndFF.dll@0x16b0f 16 CmndFF.dll CmndFF.dll@0x16ba5 17 BrowserExtensionFF.dll BrowserExtensionFF.dll@0x1dc9 18 BrowserExtensionFF.dll BrowserExtensionFF.dll@0x22d65 19 xul.dll NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/win32/xptcinvoke.cpp:102 20 xul.dll XPC_WN_CallMethod js/src/xpconnect/src/xpcwrappednativejsops.cpp:1593 21 xul.dll XPC_WN_CallMethod js/src/xpconnect/src/xpcwrappednativejsops.cpp:1593 22 xul.dll SandboxImport js/src/xpconnect/src/xpccomponents.cpp:3097 23 xul.dll xul.dll@0x63aff 24 xul.dll SandboxImport js/src/xpconnect/src/xpccomponents.cpp:3097 25 mozjs.dll js::detail::HashTable<unsigned int const,js::HashSet<unsigned int,js::AtomHasher,js::SystemAllocPolicy>::SetOps,js::SystemAllocPolicy>::lookupForAdd js/src/jshashtable.h:591 26 mozjs.dll js_AtomizeString js/src/jsatom.cpp:544 27 mozjs.dll js::proxy_DefineProperty js/src/jsproxy.cpp:889 28 xul.dll SandboxImport js/src/xpconnect/src/xpccomponents.cpp:3097 29 mozjs.dll DefinePropertyById js/src/jsapi.cpp:3287 30 mozjs.dll js_IndexToId js/src/jsarray.cpp:248 31 mozjs.dll JS_DefineProperty js/src/jsapi.cpp:3332 32 mozjs.dll JSObject::nativeSearch js/src/jsscope.h:676 33 mozjs.dll GetPropertyDescriptorById js/src/jsapi.cpp:3515 34 mozjs.dll JSObject::typeOf js/src/jsobj.h:1220 35 mozjs.dll js::JSProxy::typeOf js/src/jsproxy.cpp:835 36 @0xbf More reports at: https://crash-stats.mozilla.com/report/list?range_value=2&range_unit=weeks&signature=nsContentUtils%3A%3AASCIIToLower%28nsAString_internal%20const%26%2C%20nsAString_internal%26%29
blocking2.0: --- → ?
#4 on Beta10 and one of the top 20 regressions not in 3.6.13.
Keywords: regression
Extension correlation for ASCIIToLower in 20110201_Firefox_4.0b10-interesting-addons.txt.gz : nsContentUtils::ASCIIToLower(nsAString_internal const&, nsAString_internal&)|EXCEPTION_ACCESS_VIOLATION_READ (660 crashes) 79% (520/660) vs. 1% (593/54673) ShopperReports@ShopperReports.com 40% (261/660) vs. 1% (781/54673) ClickPotatoLite@ClickPotatoLite.com 21% (137/660) vs. 1% (377/54673) {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0} 33% (216/660) vs. 19% (10151/54673) engine@conduit.com 8% (53/660) vs. 0% (163/54673) HBLite@HBLite.com 99% (652/660) vs. 93% (50876/54673) {972ce4c6-7e08-4474-a285-3208198ce6fd} (Default, https://addons.mozilla.org/addon/8150)
(In reply to comment #2) > 21% (137/660) vs. 1% (377/54673) {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0} I found a site that calls this Adware.QuestBrowse
(In reply to comment #2) > 79% (520/660) vs. 1% (593/54673) ShopperReports@ShopperReports.com > 40% (261/660) vs. 1% (781/54673) ClickPotatoLite@ClickPotatoLite.com > 21% (137/660) vs. 1% (377/54673) {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0} Google searches seem to suggest that all three of these are adware/malware, though shopper reports does have a legit-looking website. We should probably consider blocklisting them.
Whiteboard: [blocklist?]
Summary: Crash [@ nsContentUtils::ASCIIToLower(nsAString_internal const&, nsAString_internal&) ] with Shopper reports 3.0 → Crash [@ nsContentUtils::ASCIIToLower(nsAString_internal const&, nsAString_internal&) ] with Shopper reports 3.1.22 or ClickPotatoLite 10.0 or QuestBrowse 1.0
(Or some of them; some may just be correlated with others. Then again, if they're malware, it might not matter. Who decides?)
So I think the minimum thing we should block is: extension id: ShopperReports@ShopperReports.com version: 3.1.22.0 Firefox versions: 3.7a1pre and higher Based on the crash data, such a block would fix most of the crashes, and once it's in place we can see if any of the other extensions showing up as correlated need to be blocked as well (or they're just correlated with ShopperReports). I suspect the extension is calling a method on an unfrozen interface (nsIDocument) without proper handling of binary compatibility issues. (I tried installing the extension to see what minVersion/maxVersion its manifest reports, but the installer I downloaded into my VM didn't seem to install the extension.)
Component: DOM → Blocklisting
Product: Core → addons.mozilla.org
QA Contact: general → blocklisting
Version: Trunk → unspecified
Whiteboard: [blocklist?] → [blocklist?][softblocker]
Kev, can you reach out to ShopperReports.com? This is a Firefox 4 softblocker.
Assignee: nobody → kev
This is a hard blocker, actually. #4 topcrash. We can either blocklist the extension or, perhaps more easily, add the DLL to our DLL blocklist.
Whiteboard: [blocklist?][softblocker] → [blocklist?][hardblocker]
This is, I believe, one of Pinball Publishing Network's (formerly Zango Cash, Inc.) crapware extensions. They basically create installers for apps that include/install the extensions, and pay distributors an install fee for putting it in. I can reach out, but don't expect any happy replies.
I would say blocklist the hell out of this, both CmndFF.dll and mozillaps.dll.
I second Comment #10, and will add a "damn hell" for additional emphasis.
Shouldn't we generally prefer addon blocklisting over dll blocklisting when both would work?
I dunno, seems like we'd never want those dlls to load, no matter what addon they come from. I would not be opposed to doing both, though!
Just to confirm, DLL blocklisting is like add-on hardblocking right? I'm pretty sure no one will miss this but I just want to know if people were going to get the "We've disabled X" message in case we need to explain it on SUMO.
Also, per reports on sumo this is unwanted: https://support.mozilla.com/en-US/questions/778682 https://support.mozilla.com/en-US/questions/777919 I'd suggest just doing an across the board blocklist rather than just for Firefox 4.
This bug was filed as a crash block, so I'd like to take care of that. If someone thinks this is malware and wants the block range extended based on that, please file a separate bug for further investigation. The crashing version and range is only this, correct? extension id: ShopperReports@ShopperReports.com version: 3.1.22.0 Firefox versions: 3.7a1pre and higher Kev, have they responded about whether they intend to fix the bug as described in comment #6?
Whiteboard: [blocklist?][hardblocker] → [blocklist?][hardblocker][Block planned for 2/8]
(In reply to comment #16) > This bug was filed as a crash block, so I'd like to take care of that. If > someone thinks this is malware and wants the block range extended based on > that, please file a separate bug for further investigation. > > The crashing version and range is only this, correct? > > extension id: ShopperReports@ShopperReports.com > version: 3.1.22.0 > Firefox versions: 3.7a1pre and higher Actually, just looked at crash reports for 3.6, and it's also the primary cause of the PR_AtomicIncrement crashes on 3.6 (which is the #3 browser crash), and the same on 3.5.16 (again, PR_AtomicIncrement, #3 browser crash). So I think the block should be for all Firefox versions. But as far as fixing crashes, that's what's needed.
status1.9.1: --- → ?
status1.9.2: --- → ?
Summary: Crash [@ nsContentUtils::ASCIIToLower(nsAString_internal const&, nsAString_internal&) ] with Shopper reports 3.1.22 or ClickPotatoLite 10.0 or QuestBrowse 1.0 → Crash [@ nsContentUtils::ASCIIToLower(nsAString_internal const&, nsAString_internal&) ] with Shopper reports 3.1.22 (or ClickPotatoLite 10.0 or QuestBrowse 1.0)
Alright, this is on staging: <emItem id="ShopperReports@ShopperReports.com"> <versionRange minVersion="3.1.22.0" maxVersion="3.1.22.0"/> </emItem> Any help testing it using these instructions ( https://wiki.mozilla.org/Blocklisting/Testing ) would be appreciated. I went with a hardblock because it is limited to a single version and we've recently had disturbing numbers of users opting out of softblocks and still crashing.
Assignee: kev → fligtar
Whiteboard: [blocklist?][hardblocker][Block planned for 2/8] → [blocklist?][hardblocker][Block planned for 2/8][needs testing]
Whiteboard: [blocklist?][hardblocker][Block planned for 2/8][needs testing] → [blocklist?][hardblocker][Block planned for 2/9][needs testing]
note this is rising up in crash-stats
bug 632984 filed for website update. as soon as that's live I'll push the block.
Depends on: 632984
Blocked in production.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Whiteboard: [blocklist?][hardblocker][Block planned for 2/9][needs testing] → [blocklist][hardblocker][Hardblocked 2/9]
nsContentUtils::ASCIIToLower has fallen down to #76 browser crash for 4.0b11 when searching only the last 24 hours. (The remaining crashes could just be an issue of blocklist uptake being slow for some users.)
Thought I'd leave a comment on this bug just in case anyone who worked on it is CC'd by the change (and is still interested): I'm one of the developers working on the shopperreports@shopperreports.com extension. We tracked this crash down to issues with XPCOM glue in several of our supporting modules. I believe we have it ironed out and we will re-deploy a new build of the extension in the next few days. When we do, we'll be watching crash-stats.mozilla.com (wish we had found that site a long time ago) to make sure we don't create another headache like this one. I see the business model this extension supports is not popular with everyone who worked on this bug. I can't change the company's business model, but I can respond when there are issues with our software. Please consider me a future point of contact regarding Pinball software if you need one--and I sincerely hope it will be for happier reasons than this.
Crash Signature: [@ nsContentUtils::ASCIIToLower(nsAString_internal const&, nsAString_internal&) ]
I would like to no if i can be un blocked if possible because i would like to continue playing card games in yahoo if possible in it a great site to play in and i would like to no the the problem why i was blocked in the first place if i did something wrong i would like to apologize from anywrong doing thank you for listening
riouxsam, do you have an extension blocked? Which one and which version?
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.