Bug 258440

Summary: [Win] ASSERTION FAILED: ::DuplicateHandle failed with error 5
Product: WebKit Reporter: Fujii Hironori <fujii.hironori>
Component: PlatformAssignee: Fujii Hironori <fujii.hironori>
Status: RESOLVED FIXED    
Severity: Normal CC: webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Fujii Hironori
Reported 2023-06-23 00:10:55 PDT
http/tests/IndexedDB/storage-limit-2.https.html is randomly failing the assertion. https://results.webkit.org/?suite=layout-tests&test=http%2Ftests%2FIndexedDB%2Fstorage-limit-2.https.html&platform=wincairo Buildbot: builder WinCairo-64-bit-Debug-Tests build 20103 (262856@main) https://build.webkit.org/#/builders/727/builds/20103 ASSERTION FAILED: ::DuplicateHandle failed with error 5 false C:\BW\WinCairo-64-bit-Debug-Build\build\Source\WebKit\Platform\IPC\win\ArgumentCodersWin.cpp(61) : IPC::ArgumentCoder<class WTF::Win32Handle,void>::decode 1 00007FFC154B249B WTFCrash 2 00007FFBEBE2AAEA IPC::ArgumentCoder<WTF::Win32Handle,void>::decode 3 00007FFBEBE31CDD IPC::Decoder::decode<WTF::Win32Handle> 4 00007FFBEBE32DE5 WebKit::SharedMemoryHandle::decode 5 00007FFBECF3E71E IPC::ArgumentCoder<WebKit::SharedMemoryHandle,void>::decode<IPC::Decoder> 6 00007FFBECF3E74E IPC::Decoder::decode<WebKit::SharedMemoryHandle> 7 00007FFBECF563B9 WebKit::ShareableResourceHandle::decode 8 00007FFBEC3E870D IPC::ArgumentCoder<WebKit::ShareableResourceHandle,void>::decode<IPC::Decoder> 9 00007FFBEC3E9180 IPC::Decoder::decode<WebKit::ShareableResourceHandle> 10 00007FFBEC3E8CC2 IPC::ArgumentCoder<std::tuple<WebCore::ResourceRequest,WebKit::ShareableResourceHandle>,void>::decode<IPC::Decoder,WebCore::ResourceRequest> 11 00007FFBEC3E84D8 IPC::ArgumentCoder<std::tuple<WebCore::ResourceRequest,WebKit::ShareableResourceHandle>,void>::decode<IPC::Decoder> 12 00007FFBEC3E8110 IPC::Decoder::decode<std::tuple<WebCore::ResourceRequest,WebKit::ShareableResourceHandle> > 13 00007FFBEC3E991A IPC::handleMessage<Messages::NetworkProcessConnection::DidCacheResource,WebKit::NetworkProcessConnection,WebKit::NetworkProcessConnection,void __cdecl(WebCore::ResourceRequest const &,WebKit::ShareableResourceHandle const &)> 14 00007FFBEC3E5AEF WebKit::NetworkProcessConnection::didReceiveNetworkProcessConnectionMessage 15 00007FFBED7D7A2A WebKit::NetworkProcessConnection::didReceiveMessage 16 00007FFBECEF62CD IPC::Connection::dispatchMessage 17 00007FFBECEF5F59 IPC::Connection::dispatchMessage 18 00007FFBECEF57ED IPC::Connection::dispatchOneIncomingMessage 19 00007FFBECEF884F `IPC::Connection::enqueueIncomingMessage'::`19'::<lambda_2>::operator() 20 00007FFBECEFA1EB WTF::Detail::CallableWrapper<`IPC::Connection::enqueueIncomingMessage'::`19'::<lambda_2>,void>::call 21 00007FFC154CA4F3 WTF::Function<void __cdecl(void)>::operator() 22 00007FFC155609A8 WTF::RunLoop::performWork 23 00007FFC1564BA71 WTF::RunLoop::wndProc 24 00007FFC1564B9D4 WTF::RunLoop::RunLoopWndProc 25 00007FFC0BD9C906 DispatchMessageW 26 00007FFC0BD9C422 DispatchMessageW 27 00007FFC1564AF36 WTF::RunLoop::run 28 00007FFBEBEBE7AB WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess,1>::run 29 00007FFBEBEBE573 WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainWin> 30 00007FFBEBEBE3B5 WebKit::WebProcessMain 31 00007FF6E945163D main ERROR: 0000019BDBAC59D0 - [PID=9488] WebProcessProxy::didClose (web process crash) C:\BW\WinCairo-64-bit-Debug-Build\build\Source\WebKit\UIProcess/WebProcessProxy.cpp(1022) : WebKit::WebProcessProxy::didClose ERROR: 0000019BDBAC59D0 - [PID=9488] WebProcessProxy::processDidTerminateOrFailedToLaunch: reason=Crash C:\BW\WinCairo-64-bit-Debug-Build\build\Source\WebKit\UIProcess/WebProcessProxy.cpp(1030) : WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch ERROR: 0000019BDE42DE10 - [pageProxyID=989, webPageID=990, PID=9488] WebPageProxy::processDidTerminate: (pid 9488), reason=Crash C:\BW\WinCairo-64-bit-Debug-Build\build\Source\WebKit\UIProcess/WebPageProxy.cpp(8500) : WebKit::WebPageProxy::resetStateAfterProcessTermination ERROR: 0000019BDE42DE10 - [pageProxyID=989, webPageID=990, PID=9488] WebPageProxy::dispatchProcessDidTerminate: reason=Crash C:\BW\WinCairo-64-bit-Debug-Build\build\Source\WebKit\UIProcess/WebPageProxy.cpp(8558) : WebKit::WebPageProxy::dispatchProcessDidTerminate WebProcess terminated (pid 9488) for reason: crash
Attachments
Add attachment proposed patch, testcase, etc.
Fujii Hironori
Comment 1 2023-06-23 00:11:32 PDT
The error code 5 is ERROR_INVALID_HANDLE.
Radar WebKit Bug Importer
Comment 2 2023-06-30 00:11:15 PDT
<rdar://problem/111554404>
Fujii Hironori
Comment 3 2023-12-18 12:56:46 PST
It hasn't been observed for a while. But, it's happening again recently. Buildbot: builder WinCairo-64-bit-Debug-Tests build 21500 : 272148@main https://build.webkit.org/#/builders/727/builds/21500
Fujii Hironori
Comment 4 2024-03-05 23:21:19 PST
Buildbot: builder WinCairo-64-bit-Debug-Tests build 21995 https://build.webkit.org/#/builders/727/builds/21995 fast/dom/Window/atob-btoa.html [ Crash ] https://results.webkit.org/?suite=layout-tests&test=fast%2Fdom%2FWindow%2Fatob-btoa.html&platform=wincairo&style=debug ASSERTION FAILED: ::DuplicateHandle failed with error 5 false C:\BW\WinCairo-64-bit-Debug-Build\build\Source\WebKit\Platform\IPC\win\ArgumentCodersWin.cpp(56) : decode 1 00007FF9035F1CA9 WTFCrash 2 00007FF8E93512C3 IPC::ArgumentCoder<WTF::Win32Handle,void>::decode 3 00007FF8E998B937 IPC::Decoder::decode<WTF::Win32Handle> 4 00007FF8E9925F72 IPC::ArgumentCoder<WebCore::SharedMemoryHandle,void>::decode 5 00007FF8E947AA27 IPC::Decoder::decode<WebCore::SharedMemoryHandle> 6 00007FF8E9904F41 IPC::ArgumentCoder<IPC::StreamServerConnectionHandle,void>::decode 7 00007FF8E945ACC7 IPC::Decoder::decode<IPC::StreamServerConnectionHandle> 8 00007FF8E945AAF2 IPC::ArgumentCoder<std::tuple<WebKit::RemoteRenderingBackendCreationParameters,IPC::StreamServerConnectionHandle>,void>::decode<IPC::Decoder,WebKit::RemoteRenderingBackendCreationParameters> 9 00007FF8E945A9D0 IPC::ArgumentCoder<std::tuple<WebKit::RemoteRenderingBackendCreationParameters,IPC::StreamServerConnectionHandle>,void>::decode<IPC::Decoder> 10 00007FF8E945A807 IPC::Decoder::decode<std::tuple<WebKit::RemoteRenderingBackendCreationParameters,IPC::StreamServerConnectionHandle> > 11 00007FF8E9459078 IPC::handleMessage<Messages::GPUConnectionToWebProcess::CreateRenderingBackend,WebKit::GPUConnectionToWebProcess,WebKit::GPUConnectionToWebProcess,void (WebKit::RemoteRenderingBackendCreationParameters &&, IPC::StreamServerConnectionHandle &&)> 12 00007FF8E9458697 WebKit::GPUConnectionToWebProcess::didReceiveMessage 13 00007FF8EA2642CA IPC::Connection::dispatchMessage 14 00007FF8EA264537 IPC::Connection::dispatchMessage 15 00007FF8EA26A7AD IPC::Connection::SyncMessageState::ConnectionAndIncomingMessage::dispatch 16 00007FF8EA25E332 IPC::Connection::SyncMessageState::dispatchMessagesAndResetDidScheduleDispatchMessagesForConnection 17 00007FF8EA2648D6 IPC::Connection::dispatchSyncStateMessages 18 00007FF8EA265AAB IPC::Connection::SyncMessageState::processIncomingMessage::<lambda_0>::operator() 19 00007FF8EA265A47 WTF::Detail::CallableWrapper<`lambda at C:\BW\WinCairo-64-bit-Debug-Build\build\Source\WebKit\Platform/IPC/Connection.cpp:224:31',void>::call 20 00007FF903608814 WTF::Function<void ()>::operator() 21 00007FF90368DB6A WTF::RunLoop::performWork 22 00007FF903774510 WTF::RunLoop::wndProc 23 00007FF903774447 WTF::RunLoop::RunLoopWndProc 24 00007FF901660089 CallWindowProcW 25 00007FF90165FA02 DispatchMessageW 26 00007FF9037746ED WTF::RunLoop::run 27 00007FF8E9307453 WebKit::AuxiliaryProcessMainBase<WebKit::GPUProcess,1>::run 28 00007FF8E9307307 WebKit::AuxiliaryProcessMain<WebKit::GPUProcessMainWin> 29 00007FF8E93071E3 WebKit::GPUProcessMain 30 00007FF7D0EE124C main 31 00007FF7D0EE18BC __scrt_common_main_seh C:\BW\WinCairo-64-bit-Debug-Build\build\Source\WebKit\UIProcess/GPU/GPUProcessProxy.cpp(564) : didClose ERROR: 00000140A917D830 - GPUProcessProxy::gpuProcessExited: reason=Crash C:\BW\WinCairo-64-bit-Debug-Build\build\Source\WebKit\UIProcess/GPU/GPUProcessProxy.cpp(517) : gpuProcessExited GPUProcess terminated (pid 2640) for reason: crash #CRASHED - GPUProcess (pid 2640)
Fujii Hironori
Comment 5 2024-05-26 22:10:49 PDT
This is reproducible with the following command on my PC. > python .\Tools\Scripts\run-webkit-tests --wincairo --debug --iter=10000 --no-retry --exit-after-n-c=1 -f fast/dom/Window/a-rel-noopener.html
Fujii Hironori
Comment 6 2024-05-27 17:40:02 PDT
Adding Sleep after OpenProcess in ArgumentCoder<Win32Handle>::decode makes this crash highly reproducible. The web process is exiting after OpenProcess in another process. diff --git a/Source/WebKit/Platform/IPC/win/ArgumentCodersWin.cpp b/Source/WebKit/Platform/IPC/win/ArgumentCodersWin.cpp index 680fc1b577ac..2dff96d6ba12 100644 --- a/Source/WebKit/Platform/IPC/win/ArgumentCodersWin.cpp +++ b/Source/WebKit/Platform/IPC/win/ArgumentCodersWin.cpp @@ -50,6 +50,7 @@ std::optional<Win32Handle> ArgumentCoder<Win32Handle>::decode(Decoder& decoder) auto sourceProcess = Win32Handle::adopt(::OpenProcess(PROCESS_DUP_HANDLE, FALSE, *sourcePID)); if (!sourceProcess) return std::nullopt; + Sleep(100); HANDLE duplicatedHandle; // Copy the handle into our process and close the handle that the sending process created for us. if (!::DuplicateHandle(sourceProcess.get(), reinterpret_cast<HANDLE>(*sourceHandle), ::GetCurrentProcess(), &duplicatedHandle, 0, FALSE, DUPLICATE_SAME_ACCESS | DUPLICATE_CLOSE_SOURCE)) {
Fujii Hironori
Comment 7 2024-05-27 17:53:24 PDT
Pull request: https://github.com/WebKit/WebKit/pull/29159
EWS
Comment 8 2024-05-27 19:08:04 PDT
Committed 279361@main (279f09128a7c): <https://commits.webkit.org/279361@main> Reviewed commits have been landed. Closing PR #29159 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.