IE 11 | JavaScript & WebGL page freeze IE11 tab (remove setCapture)

Fixed Issue #110859

Details

Created
Apr 27, 2014
Privacy
This issue is public.
Found in build #
0.0011
Reports
Reported by 1 person

Sign in to watch or report this issue.

Steps to reproduce

URL =

URL:

Repro Steps:

Download the attached zip file and extract

  • Open the file “Test_niPainter_ra.html” in IE11. (Click “Allow Blocked content” if its not served by a local HTTP server.)
  • It will start the JS, which dumps a bunch of text in the text area below the WebGL canvas (the grey rectangle), see attached screenshot.
  • Click on the WebGL canvas (the grey rectangle) and you’ll notice that IE11 isnt responding to any input anymore, you cant switch tab, resize or close the window anymore. The only way is to kill the IE11 process/app.

Expected Results:

No freeze…

Actual Results:

IE Hangs

Perftract analysis:

The UI hang is not WebGL related. It is in Chakra. The page is doing a lot of complex bit-masking/shifting and simulating a heap, which seems to be very costly in our native code generator.

Line #, Process, Stack, Count, Weight (in view), TimeStamp, % Weight
9, , | | msvcrt.dll!_callthreadstartex, 2157, 2163.132840, , 0.72
10, , | | |- jscript9.dll!JsUtil::BackgroundJobProcessor::StaticThreadProc, 2077, 2083.322257, , 0.70
11, , | | | jscript9.dll!JsUtil::BackgroundJobProcessor::Run, 2077, 2083.322257, , 0.70
12, , | | | |- jscript9.dll!JsUtil::BackgroundJobProcessor::Process, 2066, 2072.322501, , 0.69
13, , | | | | jscript9.dll!NativeCodeGenerator::Process, 2066, 2072.322501, , 0.69
14, , | | | | jscript9.dll!NativeCodeGenerator::CodeGen, 2066, 2072.322501, , 0.69
15, , | | | | |- jscript9.dll!Func::Codegen, 2017, 2023.026752, , 0.68
16, , | | | | | |- jscript9.dll!GlobOpt::Optimize, 1489, 1494.332642, , 0.50
17, , | | | | | |- jscript9.dll!LinearScan::RegAlloc, 226, 226.460343, , 0.08
18, , | | | | | |- jscript9.dll!Encoder::Encode, 74, 74.166387, , 0.02
19, , | | | | | |- jscript9.dll!Lowerer::Lower, 67, 66.860408, , 0.02
20, , | | | | | |- jscript9.dll!IRBuilder::Build, 50, 50.337347, , 0.02
21, , | | | | | |- jscript9.dll!Peeps::PeepFunc, 33, 32.613258, , 0.01
22, , | | | | | |- jscript9.dll!SimpleLayout::Layout, 25, 25.061135, , 0.01
23, , | | | | | |- jscript9.dll!Security::EncodeLargeConstants, 16, 16.096821, , 0.01
24, , | | | | | |- jscript9.dll!SymTable::ClearStackSymScratch, 8, 8.004594, , 0.00
25, , | | | | | |- jscript9.dll!FlowGraph::RunPeeps, 8, 8.001372, , 0.00
26, , | | | | | |- jscript9.dll!Inline::Optimize, 6, 6.003889, , 0.00

WinDBG analysis:

0:003> !runaway
User Mode Time
Thread Time
6:190c 0 days 0:00:04.218
9:15a8 0 days 0:00:01.781
8:102c 0 days 0:00:00.078
1:c58 0 days 0:00:00.015
24:2e0 0 days 0:00:00.000
23:1460 0 days 0:00:00.000
22:1e30 0 days 0:00:00.000
21:1eb4 0 days 0:00:00.000
20:119c 0 days 0:00:00.000
19:142c 0 days 0:00:00.000
18:144c 0 days 0:00:00.000
17:1c58 0 days 0:00:00.000
16:1070 0 days 0:00:00.000
15:1730 0 days 0:00:00.000
14:19e0 0 days 0:00:00.000
7:15d4 0 days 0:00:00.000
5:1494 0 days 0:00:00.000
4:ca8 0 days 0:00:00.000
3:b50 0 days 0:00:00.000
2:1a74 0 days 0:00:00.000
0:1ee0 0 days 0:00:00.000
0:003> ~6k
ChildEBP RetAddr
0250ccb0 76ff7aad ntdll!KiFastSystemCallRet [d:\8428\minkernel\ntos\rtl\i386\userdisp.asm @ 817]
0250ccb4 76ff7a83 user32!NtUserGetMessage+0xa [o:\8428.obj.x86fre\windows\core\umode\daytona\objfre\i386\usrstubs.asm @ 3406]
0250ccd0 5c66bef8 user32!GetMessageW+0x2a [d:\8428\windows\core\ntuser\client\ntcftxt.h @ 540]
0250fe98 5c77ec87 IEFRAME!CTabWindow::_TabWindowThreadProc+0x4da [d:\8428\inetcore\ieframe\browseui\tabwindow.cpp @ 13307]
0250ff50 724d2828 IEFRAME!LCIETab_ThreadProc+0x31c [d:\8428\inetcore\ieframe\browseui\tabwindow.cpp @ 10820]
0250ff60 643f3076 iertutil!_IsoThreadProc_WrapperToReleaseScope+0xe [d:\8428\inetcore\lib\isolation\api\cisoscope.cpp @ 3882]
0250ff8c 7574177a IEShims!NS_CreateThread::DesktopIE_ThreadProc+0x71 [d:\8428\inetcore\ieshims\createthread.cpp @ 162]
0250ff98 775e0c1c KERNEL32!BaseThreadInitThunk+0xe [d:\8428\base\win32\client\thread.c @ 72]
0250ffdc 775e0bf5 ntdll!__RtlUserThreadStart+0x20 [d:\8428\minkernel\ntdll\rtlstrt.c @ 1024]
0250ffec 00000000 ntdll!_RtlUserThreadStart+0x1b [d:\8428\minkernel\ntdll\rtlstrt.c @ 939]
0:003> ~9k
ChildEBP RetAddr
03fbfb40 775fd64e ntdll!KiFastSystemCallRet [d:\8428\minkernel\ntos\rtl\i386\userdisp.asm @ 817]
03fbfb44 750c10f8 ntdll!NtWaitForSingleObject+0xa [o:\8428.obj.x86fre\minkernel\ntdll\daytona\objfre\i386\usrstubs.asm @ 209]
03fbfbb4 750c103b KERNELBASE!WaitForSingleObjectEx+0xb0 [d:\8428\minkernel\kernelbase\synch.c @ 1301]
03fbfbc8 5e8d999c KERNELBASE!WaitForSingleObject+0x12 [d:\8428\minkernel\kernelbase\synch.c @ 1211]
03fbfbdc 5e8d99db jscript9!Event::Wait+0x10 [d:\8428\inetcore\jscript\lib\common\common\event.cpp @ 14]
03fbfc00 5e90ded2 jscript9!JsUtil::BackgroundJobProcessor::Run+0x14b [d:\8428\inetcore\jscript\lib\common\common\jobs.cpp @ 735]
03fbfc38 75409771 jscript9!JsUtil::BackgroundJobProcessor::StaticThreadProc+0x42 [d:\8428\inetcore\jscript\lib\common\common\jobs.cpp @ 903]
03fbfc70 75409894 msvcrt!_callthreadstartex+0x1b [d:\8428\minkernel\crts\crtw32\startup\threadex.c @ 383]
03fbfc78 7574177a msvcrt!_threadstartex+0x61 [d:\8428\minkernel\crts\crtw32\startup\threadex.c @ 361]
03fbfc84 775e0c1c KERNEL32!BaseThreadInitThunk+0xe [d:\8428\base\win32\client\thread.c @ 72]
03fbfcc8 775e0bf5 ntdll!__RtlUserThreadStart+0x20 [d:\8428\minkernel\ntdll\rtlstrt.c @ 1024]
03fbfcd8 00000000 ntdll!_RtlUserThreadStart+0x1b [d:\8428\minkernel\ntdll\rtlstrt.c @ 939]

Attachments

0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “Frank O.”

      Changed Status to “Confirmed”

      Changed Assigned To from “Frank O.” to “Curtis M.”

      Changed Assigned To from “Curtis M.” to “Louis L.”

      Changed Assigned To from “Louis L.” to “Kount V.”

      Changed Assigned To from “Kount V.” to “IPBS P.”

      Changed Status from “Confirmed” to “By design”

      Changed Assigned To from “IPBS P.” to “Kount V.”

      Changed Status from “By design”

      Changed Status to “Confirmed”

      Changed Assigned To from “Kount V.” to “Frank O.”

      Changed Assigned To from “Frank O.” to “Brandon W.”

      Changed Assigned To from “Brandon W.” to “IPBS P.”

      Changed Status from “Confirmed” to “By design”

      Changed Assigned To from “IPBS P.” to “Sermet I.”

      Changed Assigned To from “Sermet I.” to “Justin R.”

      Changed Status from “By design”

      Changed Title from “IE 11 | JavaScript & WebGL page freeze IE11 tab” to “IE 11 | JavaScript & WebGL page freeze IE11 tab (remove setCapture)”

      Changed Assigned To from “Justin R.” to “IPBS P.”

      Changed Status to “Fixed”

      Changed Assigned To from “IPBS P.” to “Sermet I.”

    You need to sign in to your Microsoft account to add a comment.

    Sign in