Open sshenoyofficial opened 9 months ago
Hi, @sshenoyofficial!
It seems that your issue contains the word "crash". If you have not already, could you attach a crash dump as a comment?
WV2 crash dumps are located in a subfolder of the app's user data folder (UDF): <UDF>\EBWebView\Crashpad\reports\
. By default, the user data folder is created in the app's folder with a name like <App Exe Name>.exe.WebView2
. Refer to Crash Diagnostics for more information.
Thank you for your cooperation!
Hi, @sshenoyofficial!
It seems that your issue contains the word "crash". If you have not already, could you attach a crash dump as a comment?
WV2 crash dumps are located in a subfolder of the app's user data folder (UDF):
<UDF>\EBWebView\Crashpad\reports\
. By default, the user data folder is created in the app's folder with a name like<App Exe Name>.exe.WebView2
. Refer to Crash Diagnostics for more information.Thank you for your cooperation!
No files were added into
Hi we have rewritten implementation for Host objects since version 98. I see last crashes spiking in
EmbeddedBrowserHost::PostMethodCall
in version 100. Do you able to repro it in latest stable, which is 120? Could you please share the dump from the latest versions - it will save us a lot of time?
We tested with version 120.0.2210.144 and the crash still happens. Please find below the callstack
ntdll.dll!_RtlReportCriticalFailure@12()
ntdll.dll!_RtlpReportHeapFailure@4()
ntdll.dll!_RtlpHpHeapHandleError@12()
ntdll.dll!_RtlpLogHeapFailure@24()
ntdll.dll!RtlSizeHeap()
combase.dll!CRetailMalloc_GetSize(IMalloc pThis, void pv) Line 681
at onecore\com\combase\class\memapi.cxx(681)
oleaut32.dll!APP_DATA::FreeCachedMem()
oleaut32.dll!VariantClear()
EmbeddedBrowserWebView.dll!base::win::ScopedVariant::~ScopedVariant(void)
EmbeddedBrowserWebView.dll!embedded_browser_webview_current::EmbeddedBrowserHost::PostMethodCallCommon()
EmbeddedBrowserWebView.dll!embedded_browser_webview_current::EmbeddedBrowserHost::PostMethodCallSync(int,class std::Cr::basic_string<char,struct std::__Cr::char_traits
@sshenoyofficial could you please share the dump itself?
@sshenoyofficial could you please share the dump itself?
Is there an email address to which I can send the dump as it may contain details of our application.?
@sshenoyofficial - please send it to email. Thank you!
Crash dump sent via email. Thank you
I have checked the dump - ERROR_CODE: (NTSTATUS) 0xc0000374 - A heap has been corrupted.
Our data says that all reports are from your app. I would try to isolate the problem on your side - remove lines of the code till the issue stop happening and try to repro it in our SampleApp with your findings for us to understand which use-case can corrupt the memory.
What happened?
We have a react application hosted in a webview2 (version 98.0.1108.62) launched from MFC desktop application. Occassionally, the application crashes when making a Post API call using axios library.
Note: We have seen this crash on webview2 version (118.0.2088.69) as well
Below is the call stack. We have address sanitizer configured which reports "Deallocation Of freed memory" exception during the crash.
KernelBase.dll!_RaiseException@16() OurAppWebView.ocx!vcasan::OnAsanReport(const char description, const char report, bool throw) Line 600 at D:\a_work\1\s\src\vctools\crt\asan\vcasan\vcasan.cpp(600) OurAppWebView.ocx!vcasan::ReportCallback(const char * szReport) Line 324 at D:\a_work\1\s\src\vctools\crt\asan\vcasan\vcasan.cpp(324) clang_rt.asan_dbg_dynamic-i386.dll!__asan::ScopedInErrorReport::~ScopedInErrorReport(void) clang_rt.asan_dbg_dynamic-i386.dll!asan::ReportDoubleFree(unsigned long,struct sanitizer::BufferedStackTrace ) clang_rt.asan_dbg_dynamic-i386.dll!__asan::Allocator::Deallocate(void ,unsigned long,unsigned long,struct sanitizer::BufferedStackTrace *,enum asan::AllocType) clang_rt.asan_dbg_dynamic-i386.dll!asan::asan_free(void ,struct __sanitizer::BufferedStackTrace ,enum asan::AllocType) clang_rt.asan_dbgdynamic-i386.dll!asan_wrap_RtlFreeHeap@12() combase.dll!CRetailMalloc_Free(IMalloc pThis, void pv) Line 658 at onecore\com\combase\class\memapi.cxx(658) oleaut32.dll!APP_DATA::FreeCachedMem() oleaut32.dll!VariantClear() EmbeddedBrowserWebView.dll!base::win::ScopedVariant::~ScopedVariant(void) EmbeddedBrowserWebView.dll!embedded_browser_webview_current::EmbeddedBrowserHost::PostMethodCall(int,class std::1::basic_string<char,struct std::__1::char_traits,class std:: 1::allocator > const &,class std::1::basic_string<char,struct std::__1::char_traits,class std:: 1::allocator > const &,class absl::optional<class std::1::basic_string<char,struct std::__1::char_traits,class std:: 1::allocator > > const &,int)
EmbeddedBrowserWebView.dll!embedded_browser_webview_current::EmbeddedBrowserHost::PostMethodCallSync(int,class std::1::basic_string<char,struct std::__1::char_traits,class std:: 1::allocator > const &,class std::1::basic_string<char,struct std::__1::char_traits,class std:: 1::allocator > const &,class absl::optional<class std::1::basic_string<char,struct std::__1::char_traits,class std:: 1::allocator > > const &,int,class base::OnceCallback)
EmbeddedBrowserWebView.dll!embedded_browser::mojom::HostStubDispatch::AcceptWithResponder(class embedded_browser::mojom::Host ,class mojo::Message ,class std::1::unique_ptr<class mojo::MessageReceiverWithStatus,struct std::__1::default_delete >)
EmbeddedBrowserWebView.dll!embedded_browser::mojom::HostStub<struct mojo::RawPtrImplRefTraits >::AcceptWithResponder(class mojo::Message *,class std:: 1::unique_ptr<class mojo::MessageReceiverWithStatus,struct std::1::default_delete >)
EmbeddedBrowserWebView.dll!mojo::InterfaceEndpointClient::HandleValidatedMessage()
EmbeddedBrowserWebView.dll!mojo::MessageDispatcher::Accept(class mojo::Message )
EmbeddedBrowserWebView.dll!mojo::InterfaceEndpointClient::HandleIncomingMessage(class mojo::Message )
EmbeddedBrowserWebView.dll!mojo::internal::MultiplexRouter::ProcessIncomingMessage()
EmbeddedBrowserWebView.dll!mojo::internal::MultiplexRouter::Accept(class mojo::Message )
EmbeddedBrowserWebView.dll!mojo::MessageDispatcher::Accept(class mojo::Message )
EmbeddedBrowserWebView.dll!mojo::Connector::DispatchMessageW()
EmbeddedBrowserWebView.dll!mojo::Connector::ReadAllAvailableMessages()
EmbeddedBrowserWebView.dll!mojo::Connector::OnHandleReadyInternal()
EmbeddedBrowserWebView.dll!base::internal::Invoker<base::internal::BindState<void (embedded_browser::mojom::EmbeddedBrowserClient_OnPermissionRequest_ProxyToResponder::)(embedded_browser::mojom::PermissionState) attribute((thiscall)),std::1::unique_ptr<embedded_browser::mojom::EmbeddedBrowserClient_OnPermissionRequest_ProxyToResponder,std::1::default_delete>>,void (embedded_browser::mojom::PermissionState)>::RunOnce()
EmbeddedBrowserWebView.dll!mojo::SimpleWatcher::DiscardReadyState()
EmbeddedBrowserWebView.dll!base::internal::Invoker<base::internal::BindState<void ( )(const base::RepeatingCallback<void (unsigned int)> &, unsigned int, const mojo::HandleSignalsState &),base::RepeatingCallback<void (unsigned int)>>,void (unsigned int, const mojo::HandleSignalsState &)>::Run()
EmbeddedBrowserWebView.dll!mojo::SimpleWatcher::OnHandleReady()
EmbeddedBrowserWebView.dll!base::internal::Invoker<base::internal::BindState<void (mojo::SimpleWatcher::*)(int, unsigned int, const mojo::HandleSignalsState &) attribute((thiscall)),base::WeakPtr,int,unsigned int,mojo::HandleSignalsState>,void ()>::RunOnce()
EmbeddedBrowserWebView.dll!base::TaskAnnotator::RunTaskImpl(struct base::PendingTask &)
EmbeddedBrowserWebView.dll!base::TaskAnnotator::RunTask<>()
EmbeddedBrowserWebView.dll!embedded_browser_webview::internal::AppTaskRunner::DoWork()
EmbeddedBrowserWebView.dll!embedded_browser_webview::internal::AppTaskRunner::MessageCallback()
EmbeddedBrowserWebView.dll!base::internal::Invoker<base::internal::BindState<bool (embedded_browser_webview::internal::AppTaskRunner::)(unsigned int, unsigned int, long, long ) attribute((thiscall)),base::internal::UnretainedWrapper>,bool (unsigned int, unsigned int, long, long *)>::Run()
EmbeddedBrowserWebView.dll!base::win::MessageWindow::WindowProc()
EmbeddedBrowserWebView.dll!base::win::WrappedWindowProc<&base::win::MessageWindow::WindowProc>()
user32.dll! InternalCallWinProc@20()
user32.dll!UserCallWinProcCheckWow()
user32.dll!DispatchMessageWorker()
user32.dll!_DispatchMessageA@4()
mfc140d.dll!AfxInternalPumpMessage() Line 181
at D:\a_work\1\s\src\vctools\VC7Libs\Ship\ATLMFC\Src\MFC\thrdcore.cpp(181)
mfc140d.dll!CWinThread::PumpMessage() Line 900
at D:\a_work\1\s\src\vctools\VC7Libs\Ship\ATLMFC\Src\MFC\thrdcore.cpp(900)
mfc140d.dll!CWinThread::Run() Line 629
at D:\a_work\1\s\src\vctools\VC7Libs\Ship\ATLMFC\Src\MFC\thrdcore.cpp(629)
OurApp.dll!COurAppThrd::Run() Line 439
at C:\code\OurApp\OurApp.cpp(439)
mfc140d.dll!_AfxThreadEntry(void pParam) Line 122
at D:\a_work\1\s\src\vctools\VC7Libs\Ship\ATLMFC\Src\MFC\thrdcore.cpp(122)
ucrtbased.dll!thread_start<unsigned int (__stdcall)(void ),1>(void const parameter) Line 97
at minkernel\crts\ucrt\src\appcrt\startup\thread.cpp(97)
clang_rt.asan_dbg_dynamic-i386.dll!asan::AsanThread::ThreadStart(unsigned int64,struct __sanitizer::atomic_uintptr_t *)
clang_rt.asan_dbg_dynamic-i386.dll!asan_thread_start()
kernel32.dll!@BaseThreadInitThunk@12()
ntdll.dll!RtlUserThreadStart()
ntdll.dll!RtlUserThreadStart@8()
Importance
Important. My app's user experience is significantly compromised.
Runtime Channel
Stable release (WebView2 Runtime)
Runtime Version
98.0.1108.62
SDK Version
1.0.1108.44
Framework
Win32
Operating System
Windows 10, Windows 11, Windows Server
OS Version
No response
Repro steps
An API call is made via axios Post method like below:
The api call does reach our service layer, but the hosting application crashes before the call completes.
Repros in Edge Browser
Not Applicable
Regression
No, this never worked
Last working version (if regression)
No response