[Webkit-unassigned] [Bug 166397] New: ChildProcessProxy::shutDownProcess calls Connection::terminateSoon even on invalid connections, but shouldn’t

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Dec 21 15:10:08 PST 2016 

https://bugs.webkit.org/show_bug.cgi?id=166397

            Bug ID: 166397
           Summary: ChildProcessProxy::shutDownProcess calls
                    Connection::terminateSoon even on invalid connections,
                    but shouldn’t
    Classification: Unclassified
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Keywords: NeedsRadar
          Severity: Normal
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mitz at webkit.org

I noticed that Web Content process crashes are sometimes followed by this being logged:

Unable to acquire assertion for process 0

This happens because the ProcessAssertion constructor gets called with a 0 pid, which comes from the connection to the crashed process, which is no longer valid. In this backtrace:

#0    0x0000000195b0d300 in WebKit::ProcessAssertion::ProcessAssertion(int, WebKit::AssertionState, WTF::Function<void ()>&&) at WebKit2/UIProcess/ios/ProcessAssertionIOS.mm:167
#1    0x0000000195b0da40 in WebKit::ProcessAndUIAssertion::ProcessAndUIAssertion(int, WebKit::AssertionState) at WebKit2/UIProcess/ios/ProcessAssertionIOS.mm:228
#2    0x0000000195a83f34 in std::__1::__unique_if<WebKit::ProcessAndUIAssertion>::__unique_single std::__1::make_unique<WebKit::ProcessAndUIAssertion, int, WebKit::AssertionState>(int&&, WebKit::AssertionState&&) [inlined] at /usr/bin/../include/c++/v1/memory:3153
#3    0x0000000195a83f18 in IPC::ConnectionTerminationWatchdog::ConnectionTerminationWatchdog(WTF::OSObjectPtr<NSObject<OS_xpc_object>*>&, double) at WebKit2/Platform/IPC/mac/ConnectionMac.mm:93
#4    0x0000000195a82ff0 in IPC::ConnectionTerminationWatchdog::ConnectionTerminationWatchdog(WTF::OSObjectPtr<NSObject<OS_xpc_object>*>&, double) [inlined] at WebKit2/Platform/IPC/mac/ConnectionMac.mm:95
#5    0x0000000195a82fe4 in IPC::ConnectionTerminationWatchdog::createConnectionTerminationWatchdog(WTF::OSObjectPtr<NSObject<OS_xpc_object>*>&, double) at WebKit2/Platform/IPC/mac/ConnectionMac.mm:85
#6    0x0000000195a7c2c0 in WebKit::ChildProcessProxy::shutDownProcess() at WebKit2/UIProcess/ChildProcessProxy.cpp:196
#7    0x0000000195c52298 in WebKit::WebProcessProxy::shutDown() at WebKit2/UIProcess/WebProcessProxy.cpp:165
#8    0x0000000195c53dd4 in WebKit::WebProcessProxy::didClose(IPC::Connection&) at WebKit2/UIProcess/WebProcessProxy.cpp:523

shutDownProcess() should not call Connection::terminateSoon if the connection is already invalid.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20161221/d28f8d78/attachment.html>

More information about the webkit-unassigned mailing list