Exception thrown in ntdll.dll when closing the sole tab of firefox.
Categories
(Toolkit :: Application Update, defect, P3)
Tracking
()
Tracking | Status | |
---|---|---|
firefox69 | --- | fixed |
People
(Reporter: jsearle3, Assigned: tcampbell)
References
Details
Attachments
(5 files)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763
Steps to reproduce:
Ina command window on Windows 10, I rin firefox thusly:
export MOZ_NO_REMOTE=1
export MOZ_FORCE_DISABLE_E10S=1
export XRE_NO_DLL_READAHEAD=1
./mach run --debug
Actual results:
After testing an html page on firefox, I close firefox by closing the only tab thereof, and I'm rather consistently experiencing an exception being thrown and Visual Studio 2017 suspending the execution of firefox.
Expected results:
Firefox should exit.
Reporter | ||
Comment 1•6 years ago
|
||
Reporter | ||
Comment 2•6 years ago
|
||
Reporter | ||
Comment 3•6 years ago
|
||
Updated•6 years ago
|
Comment 4•6 years ago
|
||
Joe, thank you for the bug report. Would you be interested in helping to team-debug this over a Google Hangout?
Ted, do you have a Windows build handy? Does this reproduce in Nightly?
Updated•6 years ago
|
Assignee | ||
Comment 5•6 years ago
|
||
This looks like a race in the Update Service when the browser forces a shutdown during slow shutdown. You are probably experiencing this to to running '--disable-optimize' which makes the browser quite slow.
The specific failure is that in [1] we call the 'CloseHandle' function in ntdll with a null handle, which generates the bad handle exception you see in the debugger. The crash is safe and seems to be a race during unoptimized builds which seems like a very low priority.
Assignee | ||
Updated•6 years ago
|
![]() |
||
Updated•6 years ago
|
Assignee | ||
Comment 7•6 years ago
|
||
During forced shutdown, we may call 'closeHandle' without having a
proper mutex. This results in a crash in ntdll, so instead just do
nothing if the handle is missing.
![]() |
||
Updated•6 years ago
|
![]() |
||
Updated•6 years ago
|
Reporter | ||
Comment 9•6 years ago
|
||
This is still happening. It seems I have the best chance of reproducing it when I let my version of nightly quiesce before going on to the next step to reproduce it. I tried setting a break point in js code but it seems the js debugger us wiped out before my break point had a chance to be hit. Currently my build is at:
changeset: 472619:5ca7ab463290
tag: tip
parent: 472530:d7235ef1becf
parent: 472618:eb5b01e0b309
user: JayJ <jsearle3@verizon.net>
date: Fri May 03 15:58:33 2019 -0700
summary: Merge Updates
changeset: 472618:eb5b01e0b309
user: Ted Campbell <tcampbell@mozilla.com>
date: Fri May 03 18:17:39 2019 +0000
summary: Bug 1548903 - Remove unused JS TypeInference methods. r=iain
![]() |
||
Updated•6 years ago
|
Reporter | ||
Comment 10•6 years ago
|
||
(In reply to Jason Orendorff [:jorendorff] from comment #4)
Joe, thank you for the bug report. Would you be interested in helping to team-debug this over a Google Hangout?
Ted, do you have a Windows build handy? Does this reproduce in Nightly?
It still is happening. I can help whenever you want. I live in California so I'm currently on PDT.
Comment 11•6 years ago
|
||
Joe, we think we have a fix, but it is still waiting for a code review. Rob?
Comment 12•6 years ago
|
||
Correction. This is approved and just needs to land.
Reporter | ||
Comment 13•6 years ago
|
||
(In reply to Jason Orendorff [:jorendorff] from comment #12)
Correction. This is approved and just needs to land.
OK. I'll look for it to get to mozilla-central.
Thanks, Joe
Comment 14•6 years ago
|
||
There's a r+ patch which didn't land and no activity in this bug for 2 weeks.
:tcampbell, could you have a look please?
For more information, please visit auto_nag documentation.
Comment 16•6 years ago
|
||
![]() |
||
Comment 17•6 years ago
|
||
bugherder |
Description
•