Last Comment Bug 694432 - Nightly fails to start on Windows 8 since 20111012 build
: Nightly fails to start on Windows 8 since 20111012 build
Status: VERIFIED FIXED
[qa!]
: regression
Product: Core
Classification: Components
Component: Security (show other bugs)
: Trunk
: x86 Windows 8
: -- major with 7 votes (vote)
: mozilla10
Assigned To: :Ehsan Akhgari (busy, don't ask for review please)
:
Mentors:
: 694558 694729 694731 (view as bug list)
Depends on: 695161 732589
Blocks: 677797 1193387
  Show dependency treegraph
 
Reported: 2011-10-13 14:54 PDT by Sid
Modified: 2015-08-24 10:10 PDT (History)
22 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---
-
fixed
-
fixed
-
fixed


Attachments
AMDx6 1090T Win8 8102 DxDiag (61.64 KB, text/plain)
2011-10-15 03:15 PDT, MrX1980
no flags Details
Patch (v1) (2.88 KB, patch)
2011-10-16 16:52 PDT, :Ehsan Akhgari (busy, don't ask for review please)
benjamin: review-
Details | Diff | Review
Patch for aurora and beta (2.15 KB, patch)
2011-10-16 16:55 PDT, :Ehsan Akhgari (busy, don't ask for review please)
asa: approval‑mozilla‑aurora+
asa: approval‑mozilla‑beta+
Details | Diff | Review
Patch (v2) (2.87 KB, patch)
2011-10-17 08:24 PDT, :Ehsan Akhgari (busy, don't ask for review please)
benjamin: review+
Details | Diff | Review

Description Sid 2011-10-13 14:54:43 PDT
I'm using Windows 8 Developer Preview. Nightly builds 20111012 and later just won't start. The process appears in the Task Manager for a few seconds, then disappears, but application window never shows up. Launching Nightly with Shift button doesn't help. Last working Nightly build was 20111011.
Comment 1 Sid 2011-10-13 15:51:05 PDT
The breaking changeset seems to be http://hg.mozilla.org/mozilla-central/rev/e0ae39a3298e.
Bug 677797 seems suspiciously.
Comment 2 Makoto Kato [:m_kato] 2011-10-14 08:11:36 PDT
*** Bug 694558 has been marked as a duplicate of this bug. ***
Comment 3 draknem 2011-10-14 08:18:11 PDT
Windows 8 Developer Preview x64 - the same problem. How can it be solved?
Comment 4 Michael Lefevre 2011-10-14 18:44:42 PDT
Confirming based on two bugzilla reports and a couple more reports on Mozillazine. Not sure if security is the right component for a non-security bug caused by a security fix, but...
Comment 5 bogas04 2011-10-14 22:51:25 PDT
Confirming on Latest UX build and Nightly build
Comment 6 Matthias Versen [:Matti] 2011-10-14 23:10:24 PDT
*** Bug 694731 has been marked as a duplicate of this bug. ***
Comment 7 Matthias Versen [:Matti] 2011-10-14 23:10:30 PDT
*** Bug 694729 has been marked as a duplicate of this bug. ***
Comment 8 xnem3s1sx 2011-10-14 23:32:56 PDT
This should be listed as blocker.
Comment 9 MrX1980 2011-10-15 03:13:49 PDT
Source
Nightly

Summary
Stopped working

Date
‎14.‎10.‎2011 21:28

Status
Report sent

Description
Faulting Application Path:	C:\Program Files (x86)\Mozilla\Firefox\Nightly\firefox.exe

Problem signature
Problem Event Name:	APPCRASH
Application Name:	firefox.exe
Application Version:	10.0.0.4304
Application Timestamp:	4e9834b9
Fault Module Name:	ntdll.dll
Fault Module Version:	6.2.8102.0
Fault Module Timestamp:	4e546498
Exception Code:	c0000005
Exception Offset:	00063450
OS Version:	6.2.8102.2.0.0.256.74
Locale ID:	1031
Additional Information 1:	5861
Additional Information 2:	5861822e1919d7c014bbb064c64908b2
Additional Information 3:	7812
Additional Information 4:	78125405641511429762037848645157

Extra information about the problem
Bucket ID:	06fc03c33bb3edbab6a2259a72b3ce6a

------------------------------------------------------

Firefox Beta and Aurora are working (exept the GUI glitches)
Comment 10 MrX1980 2011-10-15 03:15:48 PDT
Created attachment 567274 [details]
AMDx6 1090T Win8 8102 DxDiag
Comment 11 :Ehsan Akhgari (busy, don't ask for review please) 2011-10-15 10:56:50 PDT
I could reproduce this.  I will investigate.
Comment 12 :Ehsan Akhgari (busy, don't ask for review please) 2011-10-16 16:52:22 PDT
Created attachment 567368 [details] [diff] [review]
Patch (v1)

It seems like Windows 8's LdrLoadDll has been changed to accept more values inside the filePath argument.  The cause of the crash is that we're passed a value of 1 with that function the first time when we're trying to load user32.dll, and then we pass that to SearchPathW which causes a crash.

This isn't technically a regression from bug 677797 in the sense that on Windows 8, we would still crash without that patch if we're trying to load a DLL which has some of its versions blacklisted.  Therefore I think we need to take this patch (well, it's equivalent which would apply on Aurora and Beta) on those branches as well.
Comment 13 :Ehsan Akhgari (busy, don't ask for review please) 2011-10-16 16:55:44 PDT
Created attachment 567369 [details] [diff] [review]
Patch for aurora and beta
Comment 14 Benjamin Smedberg [:bsmedberg] 2011-10-17 08:05:41 PDT
Comment on attachment 567368 [details] [diff] [review]
Patch (v1)

IsBadStringPtr is almost never the value we want to be using. I suggest instead, if we don't actually have documentation or understanding of the problem, to use the check

(intptr_t(filePath) < 1024))
Comment 15 :Ehsan Akhgari (busy, don't ask for review please) 2011-10-17 08:24:02 PDT
Created attachment 567454 [details] [diff] [review]
Patch (v2)
Comment 16 :Ehsan Akhgari (busy, don't ask for review please) 2011-10-17 13:16:38 PDT
https://hg.mozilla.org/integration/mozilla-inbound/rev/a7b4442baf9d
Comment 17 Marco Bonardo [::mak] 2011-10-18 05:35:25 PDT
https://hg.mozilla.org/mozilla-central/rev/a7b4442baf9d
Comment 18 AndreiD[QA] 2011-10-19 07:09:58 PDT
I tested to see if this bug is verified fixed and got the following result for Mozilla Central:
Verified Fixed - Mozilla/5.0 (Windows NT 6.2; rv:10.0a1) Gecko/20111019 Firefox/10.0a1

-> I tested on the Windows 8 Developer Preview
-> The Nightly build before the landing of the patch doesn't load as noted in the Description
-> The first Nightly build (19 October) after the landing of the patch loads as expected

> Created attachment 567369 [details] [diff] [review] [diff] [details] [review]
> Patch for aurora and beta
Are these patches landed yet? If not, the status of this bug will be changed to verified when testing on this branches is done, as well.
Comment 19 Kyle Huey [:khuey] (khuey@mozilla.com) 2011-10-19 07:11:37 PDT
Why do we need this on Aurora and Beta?  Windows 8 isn't a supported platform for Gecko 8 or 9.
Comment 20 Ludovic Hirlimann [:Usul] 2011-10-19 07:17:34 PDT
(In reply to Kyle Huey [:khuey] (khuey@mozilla.com) from comment #19)
> Why do we need this on Aurora and Beta?  Windows 8 isn't a supported
> platform for Gecko 8 or 9.

To get more testing from the users of these branches on windows 8 ?
Comment 21 :Ehsan Akhgari (busy, don't ask for review please) 2011-10-19 07:39:31 PDT
(In reply to Kyle Huey [:khuey] (khuey@mozilla.com) from comment #19)
> Why do we need this on Aurora and Beta?  Windows 8 isn't a supported
> platform for Gecko 8 or 9.

Technically it's not a supported platform for Gecko 10 either!  But without this, if there's a DLL on a Windows 8 system which we blacklist, we'll just crash.  I think that if we can do something safe to fix that problem (which is what this patch does), we should take it.  But I'll leave it to drivers in order to make a decision about this.
Comment 23 AndreiD[QA] 2011-10-24 07:14:00 PDT
(In reply to Ehsan Akhgari [:ehsan] from comment #22)
> http://hg.mozilla.org/releases/mozilla-aurora/rev/2eee5fa83a4d
> http://hg.mozilla.org/releases/mozilla-beta/rev/09455d5e1501


I tested to see if this bug is verified considering the landing of the patches on Beta and Aurora channels, Windows 8 Developer Preview:
Verified Fixed on:
Mozilla/5.0 (Windows NT 6.2; rv:8.0) Gecko/20100101 Firefox/8.0 (Beta)
Mozilla/5.0 (Windows NT 6.2; rv:9.0a2) Gecko/20111023 Firefox/9.0a2 (Aurora)

Considering these and the verifications did on central (comment 18), setting this bug's status as Verified and changing the keyword to qa! (all channels)
Comment 24 christian 2011-10-25 22:15:21 PDT
---------------------------------[ Triage Comment ]---------------------------------

Windows 8 is pre-release and isn't supported by any shipping version of Firefox, therefore we will not track it explicitly.

Of course, the bug is already fixed but if for some reason it becomes unfixed we don't need visibility because of our lack of support (and I bet Asa and Robert Strong's team are all over this).

Note You need to log in before you can comment on or make changes to this bug.