Preflight Checklist
Electron Version
42.2.0, 37.6.0
What operating system(s) are you using?
Windows
Operating System Version
Windows 11 25H2
What arch are you using?
x64
Last Known Working Electron version
No response
Does the issue also appear in Chromium / Google Chrome?
I don't know how to test
Expected Behavior
Electron applications should launch normally even if the directory contains unparseable or orphaned zombie SIDs, or gracefully handle the permission validation error without crashing the entire GPU process.
Actual Behavior
The GPU process crashes on startup with exit_code=-2147483645 and outputs "FATAL:gpu_data_manager_impl_private.cc: GPU process isn't usable. Goodbye."
Testcase Gist URL
No response
Additional Information
TL;DR: Electron apps crash with exit_code=-2147483645 because the folder's DACL contains orphaned zombie SIDs (S-1-15...). Granting permissions to S-1-15-2-2 (ALL RESTRICTED APPLICATION PACKAGES) or running icacls /reset fixes the crash. This is closely related to the LPAC sandbox requirement discussed in #49143.
Description
Recently, on my Windows PC, many Electron-based desktop applications (such as Discord, Bitwarden, LM Studio, Postman, VS Code, etc.) crash frequently, making them completely unusable. The error messages are as follows:
[33240:0524/193721.652:ERROR:content\browser\gpu\gpu_process_host.cc:999] GPU process exited unexpectedly: exit_code=-2147483645
[33240:0524/193721.652:FATAL:content\browser\gpu\gpu_data_manager_impl_private.cc:417] GPU process isn't usable. Goodbye.
After searching online, I found that other users have reported the same error recently:
Currently, the only temporary solution is to add the --disable-gpu-sandbox parameter at startup. However, this requires doing it manually every time and is not a permanent solution.
Hypothesis
After repeated troubleshooting and verification with AI, we ruled out hardware and driver issues. (During this time, I tried reinstalling drivers, reinstalling software, reinstalling Windows, adjusting Core Isolation and HAGS, updating BIOS, etc., but nothing worked.)
Finally, the AI identified the possible cause: an issue with the security permission list (DACL) of the application folder, which contains an unresolvable "zombie SID" (shown as "Unknown Account" in the Windows interface). This conclusion can be consistently reproduced using the following steps.
Reproduction Steps
Please create a clean Electron project then package, or use an existing Electron application folder directly (the following example uses VS Code with PowerShell):
- Add a zombie SID to the application folder:
icacls "$env:LOCALAPPDATA\Programs\Microsoft VS Code" /grant "*S-1-15-2-999-999-999:(OI)(CI)(F)"
- Run the application:
& "$env:LOCALAPPDATA\Programs\Microsoft VS Code\Code.exe" --verbose
Expected Result: The application will crash immediately during GPU initialization and output the following error logs:
[37568:0524/201836.841:ERROR:content\browser\gpu\gpu_process_host.cc:999] GPU process exited unexpectedly: exit_code=-2147483645
[37568:0524/201836.841:FATAL:content\browser\gpu\gpu_data_manager_impl_private.cc:415] GPU process isn't usable. Goodbye.
- Run the following command to reset permissions and remove the zombie SID. After that, the application will work normally again:
icacls "$env:LOCALAPPDATA\Programs\Microsoft VS Code" /reset
Additional Context
Before submitting this issue, I researched related past reports and noticed:
It mentions that enabling the network sandbox in newer versions might cause permission issues, requiring the following command to grant permissions:
icacls <install dir> /grant *S-1-15-2-2:(OI)(CI)(RX)
Following this clue, I did a cross-test and made a new discovery: if both the unknown zombie SID and the S-1-15-2-2 permission exist at the same time, the application can start successfully without crashing.
Preflight Checklist
Electron Version
42.2.0, 37.6.0
What operating system(s) are you using?
Windows
Operating System Version
Windows 11 25H2
What arch are you using?
x64
Last Known Working Electron version
No response
Does the issue also appear in Chromium / Google Chrome?
I don't know how to test
Expected Behavior
Electron applications should launch normally even if the directory contains unparseable or orphaned zombie SIDs, or gracefully handle the permission validation error without crashing the entire GPU process.
Actual Behavior
The GPU process crashes on startup with exit_code=-2147483645 and outputs "FATAL:gpu_data_manager_impl_private.cc: GPU process isn't usable. Goodbye."
Testcase Gist URL
No response
Additional Information
TL;DR: Electron apps crash with exit_code=-2147483645 because the folder's DACL contains orphaned zombie SIDs (S-1-15...). Granting permissions to
S-1-15-2-2(ALL RESTRICTED APPLICATION PACKAGES) or runningicacls /resetfixes the crash. This is closely related to the LPAC sandbox requirement discussed in #49143.Description
Recently, on my Windows PC, many Electron-based desktop applications (such as Discord, Bitwarden, LM Studio, Postman, VS Code, etc.) crash frequently, making them completely unusable. The error messages are as follows:
After searching online, I found that other users have reported the same error recently:
Currently, the only temporary solution is to add the
--disable-gpu-sandboxparameter at startup. However, this requires doing it manually every time and is not a permanent solution.Hypothesis
After repeated troubleshooting and verification with AI, we ruled out hardware and driver issues. (During this time, I tried reinstalling drivers, reinstalling software, reinstalling Windows, adjusting Core Isolation and HAGS, updating BIOS, etc., but nothing worked.)
Finally, the AI identified the possible cause: an issue with the security permission list (DACL) of the application folder, which contains an unresolvable "zombie SID" (shown as "Unknown Account" in the Windows interface). This conclusion can be consistently reproduced using the following steps.
Reproduction Steps
Please create a clean Electron project then package, or use an existing Electron application folder directly (the following example uses VS Code with PowerShell):
Expected Result: The application will crash immediately during GPU initialization and output the following error logs:
Additional Context
Before submitting this issue, I researched related past reports and noticed:
It mentions that enabling the network sandbox in newer versions might cause permission issues, requiring the following command to grant permissions:
Following this clue, I did a cross-test and made a new discovery: if both the unknown zombie SID and the
S-1-15-2-2permission exist at the same time, the application can start successfully without crashing.