Bug 196451

Summary: UIProcess crash when a prewarmed process is terminated
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: WebKit2Assignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, beidson, commit-queue, ggaren, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 196104    
Attachments:
Description Flags
Patch none

Description Chris Dumez 2019-04-01 11:48:59 PDT 
UIProcess crash when a prewarmed process is terminated:
Thread[0] EXC_BAD_ACCESS (SIGSEGV) (KERN_INVALID_ADDRESS at 0x0000000000000040)
[  0] 0x000000020be94430 WebKit`WebKit::WebProcessProxy::didClose(IPC::Connection&) [inlined] WebKit::WebsiteDataStore::sessionID() const at WebsiteDataStore.h:101:47
       97  	
       98  	    static WebsiteDataStore* existingNonDefaultDataStoreForSessionID(PAL::SessionID);
       99  	
       100 	    bool isPersistent() const { return !m_sessionID.isEphemeral(); }
    -> 101 	    PAL::SessionID sessionID() const { return m_sessionID; }
       102 	
       103 	    bool resourceLoadStatisticsEnabled() const;
       104 	    void setResourceLoadStatisticsEnabled(bool);
       105 	    bool resourceLoadStatisticsDebugMode() const;
    

     0x000000020be94420:      ldr x8, [x8, #0x7e0]
     0x000000020be94424:      ldr x8, [x8]
     0x000000020be94428:      str x8, [sp, #0x18]
     0x000000020be9442c:      ldr x8, [x0, #0x310]
 ->  0x000000020be94430:      ldr x8, [x8, #0x40]
     0x000000020be94434:      cmn x8, #0x1             ; =0x1 
     0x000000020be94438:     b.lt 0x25d48c             ; <+136> at WebProcessProxy.cpp:669:5
     0x000000020be9443c:     adrp x8, 1015
     0x000000020be94440:      add x8, x8, #0x128       ; =0x128 

[  0] 0x000000020be94430 WebKit`WebKit::WebProcessProxy::didClose(IPC::Connection&) + 44 at WebProcessProxy.cpp:668
       664 	}
       665 	
       666 	void WebProcessProxy::didClose(IPC::Connection&)
       667 	{
    -> 668 	    RELEASE_LOG_IF(m_websiteDataStore->sessionID().isAlwaysOnLoggingAllowed(), Process, "%p - WebProcessProxy didClose (web process crash)", this);
       669 	    processDidTerminateOrFailedToLaunch();
       670 	}
       671 	
       672 	void WebProcessProxy::processDidTerminateOrFailedToLaunch()
    
[  1] 0xffffff820bc69dc8 0 + -540968313400
[  2] 0x000000020bc69dc7 WebKit`WTF::Function<void ()>::CallableWrapper<IPC::Connection::connectionDidClose()::$_13>::call() [inlined] IPC::Connection::connectionDidClose()::$_13::operator()() + 63 at Connection.cpp:851:33
       847 	        // Set m_isValid to false before calling didClose, otherwise, sendSync will try to send a message
       848 	        // to the connection and will then wait indefinitely for a reply.
       849 	        protectedThis->m_isValid = false;
       850 	
    -> 851 	        protectedThis->m_client.didClose(protectedThis.get());
       852 	    });
       853 	}
       854 	
       855 	bool Connection::canSendOutgoingMessages() const
    
[  2] 0x000000020bc69d88 WebKit`WTF::Function<void ()>::CallableWrapper<IPC::Connection::connectionDidClose()::$_13>::call() at Function.h:102
Comment 1 Chris Dumez 2019-04-01 11:49:14 PDT 
<rdar://problem/49245471>
Comment 2 Chris Dumez 2019-04-01 12:03:53 PDT 
Created attachment 366412 [details]
Patch
Comment 3 Geoffrey Garen 2019-04-01 13:25:34 PDT 
Comment on attachment 366412 [details]
Patch

r=me
Comment 4 Alex Christensen 2019-04-01 13:29:31 PDT 
*** Bug 196460 has been marked as a duplicate of this bug. ***
Comment 5 WebKit Commit Bot 2019-04-01 13:52:41 PDT 
Comment on attachment 366412 [details]
Patch

Clearing flags on attachment: 366412

Committed r243711: <https://trac.webkit.org/changeset/243711>
Comment 6 WebKit Commit Bot 2019-04-01 13:52:43 PDT 
All reviewed patches have been landed.  Closing bug.