Closed
Bug 656471
Opened 13 years ago
Closed 9 years ago
Crash on Windows XP in FreeFactoryEntries [@ msvcrt.dll@0x2070 ][@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ][@ nsCOMPtr_base::~nsCOMPtr_base() | factory_ClearEntry ] with msxml3.dll from 5/10/11 (MS hotfix KB890830?)
Categories
(Core :: XPCOM, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: marcia, Unassigned)
References
Details
(Keywords: crash)
Crash Data
This bug was filed from the Socorro interface and is report bp-b05d3287-f7c8-46df-a09e-b56e12110511 . ============================================================= Seen while reviewing crash stats. http://tinyurl.com/3we5w4x to one week's worth of reports. Many of the comments mention Firefox crashing when closing. There has been a recent spike where this moved up to the #4 spot. One report I looked at had: sknc.dll which from a quick Google search points to malware. https://crash-stats.mozilla.com/report/index/b05d3287-f7c8-46df-a09e-b56e12110511 Frame Module Signature [Expand] Source 0 msvcrt.dll msvcrt.dll@0x2070 1 xul.dll nsCOMPtr_base::assign_with_AddRef obj-firefox/xpcom/build/nsCOMPtr.cpp:89 2 xul.dll FreeFactoryEntries xpcom/components/nsComponentManager.cpp:1338 3 xul.dll nsBaseHashtable<nsIDHashKey,nsFactoryEntry*,nsFactoryEntry*>::s_EnumReadStub obj-firefox/dist/include/nsBaseHashtable.h:345 4 xul.dll PL_DHashTableEnumerate obj-firefox/xpcom/build/pldhash.c:754 5 xul.dll nsBaseHashtable<nsIDHashKey,nsFactoryEntry*,nsFactoryEntry*>::EnumerateRead obj-firefox/dist/include/nsBaseHashtable.h:206 6 xul.dll nsComponentManagerImpl::FreeServices xpcom/components/nsComponentManager.cpp:1351 7 xul.dll mozilla::ShutdownXPCOM xpcom/build/nsXPComInit.cpp:686 8 xul.dll ScopedXPCOMStartup::~ScopedXPCOMStartup toolkit/xre/nsAppRunner.cpp:1115 9 xul.dll XRE_main toolkit/xre/nsAppRunner.cpp:3817 10 firefox.exe wmain toolkit/xre/nsWindowsWMain.cpp:128 11 firefox.exe __tmainCRTStartup obj-firefox/memory/jemalloc/crtsrc/crtexe.c:591 12 kernel32.dll BaseProcessStart
Comment 1•13 years ago
|
||
This had 0 crashes for more than a week on 4.0* until it suddenly had over 2400 processed crashes on 2011-05-10. From what I saw, it looks like all those are on Windows XP, but I couldn't find the mentioned dll in the correlation reports.
Comment 2•13 years ago
|
||
Actually, looking at all reports with this signature over the 7 days, the first on crashed on May 10, 2011 05:45 and from then on up to this point (15:48 on May 11) we had 9,379 crashes spread over all versions between Firefox 3.0 and 4.0.1.
Comment 3•13 years ago
|
||
As a note, there's also https://crash-stats.mozilla.com/report/list?signature=nsCOMPtr_base%3A%3Aassign_with_AddRef%28nsISupports%2A%29%20%7C%20FreeFactoryEntries which was a residual crash over the last week, but also had a significant but not as high spike yesterday, starting at ~6am (but only ~600 crashes since then), comments claiming it to be mostly shutdown just like this one, and also looking to be on XP only. Those two could possibly be related.
Comment 4•13 years ago
|
||
It is #4 top crasher in 4.0.1 over the last 3 days. It happens only on Windows XP. It is correlated to msxml3.dll (100% vs. 10%): 100% (2187/2189) vs. 10% (14556/144456) msxml3.dll 11% (238/2189) vs. 1% (1006/144456) 8.50.2162.0 1% (28/2189) vs. 0% (83/144456) 8.70.1104.0 2% (43/2189) vs. 0% (127/144456) 8.70.1113.0 14% (300/2189) vs. 1% (1126/144456) 8.90.1101.0 5% (107/2189) vs. 0% (455/144456) 8.100.1048.0 1% (19/2189) vs. 0% (28/144456) 8.100.1049.0 11% (233/2189) vs. 1% (936/144456) 8.100.1050.0 3% (61/2189) vs. 0% (336/144456) 8.100.1051.0 52% (1148/2189) vs. 3% (4639/144456) 8.100.1052.0
blocking2.0: --- → ?
Component: General → XPCOM
OS: Windows NT → Windows XP
Product: Firefox → Core
QA Contact: general → xpcom
Summary: crash [@ msvcrt.dll@0x2070] → Crash on Windows XP in FreeFactoryEntries [@ msvcrt.dll@0x2070 ] or [@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ] with msxml3.dll
Version: 4.0 Branch → 2.0 Branch
Comment 5•13 years ago
|
||
The comment #3 signature exactly parallels the ones I pulled up for msvcrt.dll@0x2070 for 4.0* versions, https://crash-stats.mozilla.com/report/list?signature=nsCOMPtr_base%3A%3A~nsCOMPtr_base%28%29%20%7C%20factory_ClearEntry parallels it for 3.6, for all those, the stacks match up to the last frame, comments talk about shutdown crashes and all signatures are from XP. Not sure how much the correlation in comment #4 tells us, I've seen it but seems to be a standard MS library.
Comment 6•13 years ago
|
||
I found a number of different 3.0 versions (i.e. msxml3.dll 8.*), mostly from the list seen at http://support.microsoft.com/kb/269238 - note that this library comes with IE6, which came with XP (and all those people apparently are on XP as stated). I guess the newer versions of the DLL came from Windows Update. Now one thing that is strange is that this started on a Tuesday and IIRC MS sends our patches on some Tuesdays - but with msxml3.dll being different versions, I don't think they did get updates for this one, and there is no OS library in the stack itself (unless msvcrt.dll is taken from the system and not shipped with Firefox).
Comment 7•13 years ago
|
||
(In reply to comment #6) > Now one thing that is strange is that this started on a Tuesday and IIRC MS > sends our patches on some Tuesdays The only patch for Windows XP on 5/10 is the malicious software removal tool (KB890830): http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356
Summary: Crash on Windows XP in FreeFactoryEntries [@ msvcrt.dll@0x2070 ] or [@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ] with msxml3.dll → Crash on Windows XP in FreeFactoryEntries [@ msvcrt.dll@0x2070 ] or [@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ] with msxml3.dll from 5/10/11 (MS hotfix KB890830?)
Comment 8•13 years ago
|
||
wonder what the best contact at Microsoft might be for this? date crashes at nsCOMPtr_base::assign_with_AddRef.nsISupports.....FreeFactoryEntries 20110505 0 20110506 0 20110507 0 20110508 2 20110509 0 20110510 331 20110511 350 date crashes at msvcrt.dll@0x2070 20110505 0 20110506 0 20110507 0 20110508 0 20110509 0 20110510 4511 20110511 5956
Comment 9•13 years ago
|
||
(In reply to comment #5) > The comment #3 signature exactly parallels the ones I pulled up for > msvcrt.dll@0x2070 for 4.0* versions, > https://crash-stats.mozilla.com/report/ > list?signature=nsCOMPtr_base%3A%3A~nsCOMPtr_base%28%29%20%7C%20factory_ClearE > ntry parallels it for 3.6, for all those, the stacks match up to the last > frame, comments talk about shutdown crashes and all signatures are from XP. I added the 3.5 and 3.6 crash signature to the summary. It is now #2 top crasher in 4.0.1 and #4 in 3.6.17 over the last day.
Summary: Crash on Windows XP in FreeFactoryEntries [@ msvcrt.dll@0x2070 ] or [@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ] with msxml3.dll from 5/10/11 (MS hotfix KB890830?) → Crash on Windows XP in FreeFactoryEntries [@ msvcrt.dll@0x2070 ][@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ][@ nsCOMPtr_base::~nsCOMPtr_base() | factory_ClearEntry ] with msxml3.dll from 5/10/11 (MS hotfix KB890830?)
Updated•13 years ago
|
tracking-firefox5:
--- → ?
Updated•13 years ago
|
Comment 10•13 years ago
|
||
Does this impact Beta 5? I don't see it in https://crash-analysis.mozilla.com/chofmann/20110517/top-5.0.html
Comment 11•13 years ago
|
||
strangely this doesn't seem to affect 5.0x here are counts of crashes by release and build for may 18. even small volume on older 3.x and 4.x releases but nothing on 5.0x msvcrt.dll@0x2070 date total breakdown by build crashes count build, count build, ... 20110518 4013 1873 4.0.12011041322, 1222 3.6.172011042014, 127 3.6.132010120307, 91 3.5.192011042014, 85 4.02011031805, 61 3.6.162011031913, 60 3.6.32010040108, 57 3.0.192010031422, 52 3.62010011514, 40 3.6.82010072215, 36 3.6.122010102621, 31 3.6.152011030302, 25 3.6.102010091412, 22 4.0b12010063014, 15 3.6.62010062523, 13 4.0b102011012116, 13 3.6.22010031607, 12 4.0b122011022221, 12 4.0b112011020314, 12 3.6b52009120414, 11 4.0b72010110414, 8 4.0b82010121417, 8 4.0b32010080519, 8 3.6.92010082415, 8 3.6.172011041408, 7 4.0b42010081813, 7 3.6.112010101211, 7 3.0.32008092417, 5 4.0b92011011019, 5 3.6.72010071313, 5 3.6.42010061114, 5 3.5.92010031508, 5 3.52009062402, 5 3.0.52008120122, 4 3.6.142011021812, 4 3.5.52009110215, 4 3.0.62009011913, 3 4.0b62010091408, 3 4.0b22010072019, 3 3.6.72010070102, 3 3.6.142011020713, 3 3.5.72009122116, 3 3.5.12009071509, 2 3.5.82010020216, 2 3.5.32009082410, 2 3.5.182011031914, 2 3.0.42008102920, 2 3.0.152009101601, 2 3.02008052906, 1 4.02011030319, 1 3.7a32010031509, 1 3.6.18pre2011051703, 1 3.6.18pre2011051503, 1 3.6.142011012114, 1 3.6.132010112205, 1 3.5.22009072922, 1 3.5.172011012115, 1 3.5.162010113007, 1 3.5.142010100117, 1 3.5.132010091413, 1 3.5.112010070102, 1 3.5.102010050409, 1 3.0b42008030714, 1 3.0b22007121120, 1 3.0.82009032609, 1 3.0.102009042316, 1 3.0.12008070208,
Reporter | ||
Comment 12•13 years ago
|
||
https://crash-stats.mozilla.com/report/index/f5fc5284-a1c3-4e52-8315-2e5b92110522 is a lone 5.0 report that I found in [@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ], which is one of the stacks. But otherwise I do not see any crashes in the other stacks in the last week.
Comment 13•13 years ago
|
||
Marcia or Sheila, now that we've got more serious user levels, does this look any different?
Reporter | ||
Comment 14•13 years ago
|
||
No significant volume in any of the three signatures on 5.0: nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries has 5 Windows crashes in the last week on 5.0 nsCOMPtr_base::~nsCOMPtr_base() | factory_ClearEntry has no crashes in the last week on 5.0 msvcrt.dll@0x2070 has no crashes in the last week on 5.0
Assignee | ||
Updated•13 years ago
|
Crash Signature: [@ msvcrt.dll@0x2070 ]
[@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ]
[@ nsCOMPtr_base::~nsCOMPtr_base() | factory_ClearEntry ]
Reporter | ||
Comment 15•13 years ago
|
||
Just by way of update, I don't see any of these 3 signatures in 5.0 crash data. Here is a week's breakdown across all other versions: nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries - 828 nsCOMPtr_base::~nsCOMPtr_base() | factory_ClearEntry - 324 msvcrt.dll@0x2070 - 237
Crash Signature: [@ msvcrt.dll@0x2070 ]
[@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ]
[@ nsCOMPtr_base::~nsCOMPtr_base() | factory_ClearEntry ] → [@ msvcrt.dll@0x2070 ]
[@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ]
[@ nsCOMPtr_base::~nsCOMPtr_base() | factory_ClearEntry ]
Updated•13 years ago
|
Comment 16•11 years ago
|
||
currently, no crash signatures containing factory_ClearEntry. Containing FreeFactoryEntries is nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries bp-0d23f4cc-5e5b-42c0-99ba-49eb72130527 startup crash 0 @0x8000b8b3 1 xul.dll nsCOMPtr_base::assign_with_AddRef obj-firefox/xpcom/build/nsCOMPtr.cpp:49 2 xul.dll FreeFactoryEntries xpcom/components/nsComponentManager.cpp:1058 3 xul.dll PL_DHashTableEnumerate obj-firefox/xpcom/build/pldhash.cpp:717 4 xul.dll nsBaseHashtable<nsIDHashKey,nsFactoryEntry*,nsFactoryEntry*>::EnumerateRead obj-firefox/dist/include/nsBaseHashtable.h:190 5 xul.dll nsComponentManagerImpl::FreeServices xpcom/components/nsComponentManager.cpp:1070 6 xul.dll mozilla::ShutdownXPCOM xpcom/build/nsXPComInit.cpp:622 bp-d70d4a86-8032-4420-81b8-025382130609 not startup crash 0 xul.dll nsCOMPtr_base::assign_with_AddRef obj-firefox/xpcom/build/nsCOMPtr.cpp:49 1 xul.dll FreeFactoryEntries xpcom/components/nsComponentManager.cpp:1117 2 xul.dll PL_DHashTableEnumerate obj-firefox/xpcom/build/pldhash.cpp:714 3 xul.dll nsBaseHashtable<nsIDHashKey,nsFactoryEntry*,nsFactoryEntry*>::EnumerateRead obj-firefox/dist/include/nsBaseHashtable.h:190 4 xul.dll nsComponentManagerImpl::FreeServices xpcom/components/nsComponentManager.cpp:1130 5 xul.dll mozilla::ShutdownXPCOM xpcom/build/nsXPComInit.cpp:634
Crash Signature: [@ msvcrt.dll@0x2070 ]
[@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ]
[@ nsCOMPtr_base::~nsCOMPtr_base() | factory_ClearEntry ] → [@ msvcrt.dll@0x2070 ]
[@ nsCOMPtr_base::~nsCOMPtr_base() | factory_ClearEntry ]
[@ nsCOMPtr_base::assign_with_AddRef(nsISupports*) | FreeFactoryEntries ]
Updated•9 years ago
|
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•