Jun 28 2022 12:43 AM
Jun 28 2022 12:43 AM
Going from version 102.0.1245.44 (June 16) to 103.0.1264.37 (June 23), we started experiencing the following issue.
Our AD Domain Joined machines running Edge and being managed via Group Policy, unload their policy set on every gpupdate (foreground or background).
To reproduce this, just go to edge:\\policy and see your policies. Then, do a gpupdate and once it completes, visit that page again. It will show an empty set of policies (Although the policies are there in the registry).
The only way to re-apply the policies is to:
1. Wait for the browser itself to do it (Reload Policy), could take any number of minutes
2. Click the Reload Policy button on Edge:\\policy
This results in all Externsions being re-installed, the centralized boomarks re-applied etc and it is both a problem raised by our end users because they see their extensions being re-installed on every gpupdate and we no longer are sure that our endpoint browsers are managed.
Jun 28 2022 12:52 AM - edited Jun 28 2022 12:56 AM
Issue continues on Dev channel version 104.0.1293.5 .
Jun 28 2022 02:22 AM
Jun 28 2022 03:00 AMSolution
Jun 28 2022 05:46 AM
Jun 28 2022 07:04 AM
Jun 28 2022 07:36 AM
@tcbscep we also use this policy and it does not lead to browser crashes.
Jun 28 2022 11:58 AM
Jun 28 2022 01:39 PM
@ericlaw Just uploaded a report, but I don't see an upload ID in the output. I can provide the debug file if needed.
"Local ID": "e3439499-acb6-4fe3-bcff-fdafaf5d7187",
"Upload ID": "",
"Capture Time": "Tuesday, June 28, 2022 at 4:31:13 PM",
"Upload Time": "Tuesday, June 28, 2022 at 4:31:13 PM",
Jun 29 2022 03:49 PM
got .37 here, and I can’t replicate the problem. Both mandatory and prefererred settings are working. Including a filter proxy on public-facing PCs. It might be worth mentioning that they are all user-policy settings.
Jun 30 2022 05:28 AM - edited Jun 30 2022 12:34 PM
This issue is caused by a race condition.
Group Policy update works by
1) Deleting the old policies from the registry
2) Writing the current policies to the registry
3) Chromium reloading new policy data out of the registry
In v103, a regression was introduced by new registry-monitoring code. This code would detect that the keys had changed at [point 1] and the browser's in-process policy would be refreshed before the current policy data had been fully written to the registry by the GP Update. As a consequence, the browser process could end up with a "partial" (or empty) set of policies applied.
The problem's reproducibility will vary depending upon how short the time gap is between old policies being deleted from the registry and new policies being written. The visibility of the problem also varies-- only policies that support Dynamic Refresh are impacted, and many policies do not have side-effects that are immediately user-visible.
The fix is to stop monitoring the registry keys directly.
Jun 30 2022 05:31 AM
Jun 30 2022 09:54 AM
Jun 30 2022 10:10 AM
Jun 30 2022 12:15 PM
Allowed extensions definitely are for us @DanielJasiak
Jun 30 2022 12:22 PM - edited Jun 30 2022 12:26 PM
Yes, the fix is checked in and awaiting the next respin/release (103.0.1264.44).