[Bug]: EXCEPTION_ACCESS_VIOLATION crash on `BrowserWindow.destroy()`

Araxeus commented 2 months ago

Preflight Checklist

[X] I have read the Contributing Guidelines for this project.
[X] I agree to follow the Code of Conduct that this project adheres to.
[X] I have searched the issue tracker for a bug report that matches the one I want to file, without success.

Electron Version

>=v31.0.0 (tested v31.0.0, v31.2.1, v32.0.0-aplha.10)

What operating system(s) are you using?

Windows

Operating System Version

Windows 10 22H2

What arch are you using?

x64

Last Known Working Electron version

v30.3.0 (and everything below it)

Expected Behavior

childWindow.once('close', () => {
    // do some cleanup etc
    childWindow.destroy();;
});

shouldn't crash Electron

Actual Behavior

function cleanup() {
    // do some cleanup etc
    childWindow.destroy();;
}
ipcMain.once(`done`, cleanup);
childWindow.once('close', cleanup);

if done ipc event is not called and the window is manually closed, the window is destroyed and a few moments later The main Electron process crash with the following trace:

Stacktrace Windows

``` Received fatal exception EXCEPTION_ACCESS_VIOLATION v8::internal::compiler::CompilationDependencies::FieldTypeDependencyOffTheRecord [0x03CB9E08+3764424] v8::HeapStatistics::external_memory [0x00A48A12+8338] cppgc::internal::SameThreadEnabledCheckingPolicyBase::SameThreadEnabledCheckingPolicyBase [0x00B0DE72+28834] uv_req_get_data [0x022485EE+4269966] uv_req_get_data [0x02248AAA+4271178] uv_stream_get_write_queue_size [0x0277DBD5+2462421] uv_stream_get_write_queue_size [0x0277D383+2460291] GetHandleVerifier [0x024558B5+1278869] GetHandleVerifier [0x02455387+1277543] AddClipboardFormatListener [0x76981B7B+75] GetClassLongW [0x76977FCA+1962] GetClassLongW [0x76977BCA+938] CallNextHookEx [0x7697C09F+415] KiUserCallbackDispatcher [0x77EC54ED+77] PostMessageW [0x769760CC+156] Ordinal132 [0x75A435C5+4885] Ordinal45 [0x75A3FAE1+2577] Ordinal45 [0x75A3F758+1672] GetSystemMetricsForDpi [0x76976D27+487] sqlite3_dbdata_init [0x068DC9A7+2609367] uv_stream_get_write_queue_size [0x0277E07F+2463615] uv_stream_get_write_queue_size [0x0277D383+2460291] GetHandleVerifier [0x024558B5+1278869] GetHandleVerifier [0x02455387+1277543] AddClipboardFormatListener [0x76981B7B+75] GetClassLongW [0x76977FCA+1962] GetClassLongW [0x76977BCA+938] CallNextHookEx [0x7697C09F+415] KiUserCallbackDispatcher [0x77EC54ED+77] PostMessageW [0x769760CC+156] Ordinal132 [0x75A435C5+4885] Ordinal45 [0x75A3FAE1+2577] Ordinal45 [0x75A3F758+1672] GetSystemMetricsForDpi [0x76976D27+487] uv_stream_get_write_queue_size [0x0277D3B9+2460345] GetHandleVerifier [0x024558B5+1278869] GetHandleVerifier [0x02455387+1277543] AddClipboardFormatListener [0x76981B7B+75] GetClassLongW [0x76977FCA+1962] DispatchMessageW [0x76976901+1265] DispatchMessageW [0x76976420+16] uv_os_getpid [0x01D81F00+6592] uv_os_getpid [0x01D81B5B+5659] v8::internal::compiler::CompilationDependencies::FieldTypeDependencyOffTheRecord [0x03C980DB+3625883] uv_os_getpid [0x01D817FB+4795] GetHandleVerifier [0x0232C67C+61788] uv_os_getpid [0x01DA8F14+166356] v8::internal::compiler::CompilationDependencies::TransitionDependencyOffTheRecord [0x0169DD19+2893273] v8::internal::compiler::CompilationDependencies::TransitionDependencyOffTheRecord [0x0169F5FE+2899646] v8::internal::compiler::CompilationDependencies::TransitionDependencyOffTheRecord [0x0169B4AF+2882927] cppgc::Platform::GetForegroundTaskRunner [0x00B9DF37+3175] cppgc::Platform::GetForegroundTaskRunner [0x00B9EFF0+7456] cppgc::Platform::GetForegroundTaskRunner [0x00B9EEB7+7143] cppgc::Platform::GetForegroundTaskRunner [0x00B9D88E+1470] cppgc::Platform::GetForegroundTaskRunner [0x00B9DA11+1857] v8::SourceLocation::SourceLocation [0x00960B7D+46669] v8::SourceLocation::SourceLocation [0x00960721+45553] GetNumaHighestNodeNumber [0x77682911+161] GetNumaHighestNodeNumber [0x776828C6+86] RtlUserFiberStart [0x77EC2DC7+23] Electron exited with code 3221226525. ```

Testcase Gist URL

To reproduce, click the menu item then manually close the window that appears

No dependencies:

https://gist.github.com/Araxeus/4e80b05c8bce61a5fe709eec1e969f2b

Original issue:

https://gist.github.com/Araxeus/6548ef4f3438d35d1713d5fd69c3b494

Additional Information

test repo: https://github.com/Aetherinox/electron-prompts
related issue: https://github.com/Araxeus/custom-electron-prompt/issues/26

codebytere commented 2 months ago

Stacktrace on macOS

``` [80356:0722/110229.619327:FATAL:lock_impl_posix.cc(46)] Check failed: rv == 0 || rv == EBUSY. . Invalid argument. Hint: This is often related to a use-after-free. 0 Electron Framework 0x000000011b902974 base::debug::CollectStackTrace(void const**, unsigned long) + 28 1 Electron Framework 0x000000011b8f225c base::debug::StackTrace::StackTrace() + 80 2 Electron Framework 0x000000011b821800 logging::LogMessage::Flush() + 152 3 Electron Framework 0x000000011b8216f4 logging::LogMessage::~LogMessage() + 36 4 Electron Framework 0x000000011b80a568 logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() + 124 5 Electron Framework 0x000000011b80a5b8 logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() + 12 6 Electron Framework 0x000000011b80a034 logging::CheckError::~CheckError() + 44 7 Electron Framework 0x000000011b80a09c logging::CheckError::~CheckError() + 12 8 Electron Framework 0x000000011b8f0594 base::internal::dcheck_trylock_result(int) + 176 9 Electron Framework 0x000000011b8720c4 base::Lock::Acquire(base::subtle::LockTracking) + 44 10 Electron Framework 0x000000011b85c204 base::SequenceCheckerImpl::CalledOnValidSequence(std::__Cr::unique_ptr>*) const + 44 11 Electron Framework 0x000000011b85be80 base::ScopedValidateSequenceChecker::ScopedValidateSequenceChecker(base::SequenceCheckerImpl const&) + 40 12 Electron Framework 0x000000011661bdc0 electron::NativeWindow::NotifyWindowCloseButtonClicked() + 624 13 Electron Framework 0x000000011672c2fc -[ElectronNSWindowDelegate windowShouldClose:] + 208 14 AppKit 0x0000000194831d9c __19-[NSWindow __close]_block_invoke + 160 15 AppKit 0x0000000194831ccc -[NSWindow __close] + 400 16 AppKit 0x00000001947120e8 -[NSApplication(NSResponder) sendAction:to:from:] + 460 17 AppKit 0x0000000194711eec -[NSControl sendAction:to:] + 72 18 AppKit 0x0000000194711e30 __26-[NSCell _sendActionFrom:]_block_invoke + 100 19 AppKit 0x0000000194711d58 -[NSCell _sendActionFrom:] + 204 20 AppKit 0x0000000194711c7c -[NSButtonCell _sendActionFrom:] + 88 21 AppKit 0x000000019470f268 NSControlTrackMouse + 1480 22 AppKit 0x000000019470ec74 -[NSCell trackMouse:inRect:ofView:untilMouseUp:] + 144 23 AppKit 0x000000019470eb2c -[NSButtonCell trackMouse:inRect:ofView:untilMouseUp:] + 488 24 AppKit 0x000000019470e000 -[NSControl mouseDown:] + 448 25 AppKit 0x000000019470cdcc -[NSWindow(NSEventRouting) _handleMouseDownEvent:isDelayedEvent:] + 3472 26 AppKit 0x000000019469840c -[NSWindow(NSEventRouting) _reallySendEvent:isDelayedEvent:] + 288 27 AppKit 0x0000000194698118 -[NSWindow(NSEventRouting) sendEvent:] + 284 28 Electron Framework 0x000000011d53614c -[NativeWidgetMacNSWindow sendEvent:] + 604 29 AppKit 0x0000000194d60828 -[NSApplication(NSEventRouting) sendEvent:] + 1604 30 Electron Framework 0x000000011670bc6c -[AtomApplication sendEvent:] + 128 31 AppKit 0x00000001949ae89c -[NSApplication _handleEvent:] + 60 32 AppKit 0x000000019455f0c0 -[NSApplication run] + 512 33 Electron Framework 0x000000011b910b9c base::MessagePumpNSApplication::DoRun(base::MessagePump::Delegate*) + 396 34 Electron Framework 0x000000011b90eabc base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*) + 112 35 Electron Framework 0x000000011b8a8210 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool, base::TimeDelta) + 692 36 Electron Framework 0x000000011b856af8 base::RunLoop::Run(base::Location const&) + 952 37 Electron Framework 0x000000011a31f818 content::BrowserMainLoop::RunMainMessageLoop() + 180 38 Electron Framework 0x000000011a321740 content::BrowserMainRunnerImpl::Run() + 48 39 Electron Framework 0x000000011a31c278 content::BrowserMain(content::MainFunctionParams) + 164 40 Electron Framework 0x00000001168c6e0c content::RunBrowserProcessMain(content::MainFunctionParams, content::ContentMainDelegate*) + 176 41 Electron Framework 0x00000001168c93c0 content::ContentMainRunnerImpl::RunBrowser(content::MainFunctionParams, bool) + 1824 42 Electron Framework 0x00000001168c8b78 content::ContentMainRunnerImpl::Run() + 952 43 Electron Framework 0x00000001168c64a8 content::RunContentProcess(content::ContentMainParams, content::ContentMainRunner*) + 1200 44 Electron Framework 0x00000001168c66f0 content::ContentMain(content::ContentMainParams) + 112 45 Electron Framework 0x00000001164b2c98 ElectronMain + 320 46 dyld 0x00000001908a60e0 start + 2360 Crash keys: "ever_had_universal_access_exemption" = "true" "amfi-status" = "rv=0 status=0x0 allow_everything=0" "platform" = "darwin" "process_type" = "browser" Electron exited with signal SIGTRAP. ```

Tracked to https://github.com/electron/electron/commit/e67ab9a93dadccecff30de50ab4555191c30b6c4

codebytere commented 1 month ago

Closed by https://github.com/electron/electron/pull/43033

Araxeus commented 1 month ago

Closed by https://github.com/electron/electron/pull/43033

It says the PR is for MacOS but this issue was reported on Windows?

electron / electron