Bug 165854

Summary: REGRESSION: Crash in com.apple.WebKit: IPC::Connection::sendMessage(std::__1::unique_ptr<IPC::MachMessage, std::__1::default_delete<IPC::MachMessage> >) + 27
Product: WebKit Reporter: Ryan Haddad <ryanhaddad>
Component: New BugsAssignee: Anders Carlsson <andersca>
Status: RESOLVED FIXED    
Severity: Normal CC: andersca, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=165866
Attachments:
Description Flags
Crash log
none
Patch thorton: review+

Ryan Haddad
Reported 2016-12-14 09:39:13 PST
Created attachment 297096 [details] Crash log Intermittent crash seen during perf test IndexedDB/objectstore-get.html https://build.webkit.org/builders/Apple%20Yosemite%20Release%20WK2%20%28Perf%29/builds/6861/steps/perf-test/logs/stdio Thread 2 Crashed:: Dispatch queue: com.apple.IPC.ReceiveQueue 0 com.apple.WebKit 0x00000001022b56db IPC::Connection::sendMessage(std::__1::unique_ptr<IPC::MachMessage, std::__1::default_delete<IPC::MachMessage> >) + 27 1 com.apple.WebKit 0x00000001022b5a2a ___ZN3IPC10Connection20initializeSendSourceEv_block_invoke + 77 2 libdispatch.dylib 0x00007fff911bfe73 _dispatch_client_callout + 8 3 libdispatch.dylib 0x00007fff911cc4e6 _dispatch_source_latch_and_call + 721 4 libdispatch.dylib 0x00007fff911c493b _dispatch_source_invoke + 412 5 libdispatch.dylib 0x00007fff911c33bc _dispatch_queue_drain + 571 6 libdispatch.dylib 0x00007fff911c3030 _dispatch_queue_invoke + 202 7 libdispatch.dylib 0x00007fff911c2bef _dispatch_root_queue_drain + 463 8 libdispatch.dylib 0x00007fff911c2a1c _dispatch_worker_thread3 + 91 9 libsystem_pthread.dylib 0x00007fff8de66a9d _pthread_wqthread + 729 10 libsystem_pthread.dylib 0x00007fff8de643dd start_wqthread + 13
Attachments
Crash log (57.45 KB, text/plain)
2016-12-14 09:39 PST, Ryan Haddad 		no flags
Details
Patch (2.03 KB, patch)
2017-01-11 13:10 PST, Anders Carlsson 		thorton: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Ryan Haddad
Comment 1 2016-12-20 11:23:06 PST
Still seeing this crash frequently on perf tests. IndexedDB/objectstore-cursor.html crashed on this run: https://build.webkit.org/builders/Apple%20El%20Capitan%20Release%20WK2%20%28Perf%29/builds/3896/steps/perf-test/logs/stdio
Radar WebKit Bug Importer
Comment 2 2016-12-20 11:23:50 PST
<rdar://problem/29757269>
Ryan Haddad
Comment 3 2016-12-20 15:32:55 PST
Seen here with LayoutTest accessibility/text-marker/character-offset-visible-position-conversion-hang.html: https://build.webkit.org/results/Apple%20El%20Capitan%20Release%20WK2%20(Tests)/r210038%20(11960)/results.html
Alexey Proskuryakov
Comment 4 2017-01-04 09:40:24 PST
Started on 2016-12-09, and still happening.
Alexey Proskuryakov
Comment 5 2017-01-04 09:46:59 PST
We are not getting the logging added in http://trac.webkit.org/r209831. I don't think that we are taking the code path that logging got added to. The crash is a segfault, not a trap.
Alexey Proskuryakov
Comment 6 2017-01-04 09:54:08 PST
It seems to be crashing on message->size(), because message is a null pointer.
Anders Carlsson
Comment 7 2017-01-11 13:10:14 PST
Created attachment 298611 [details] Patch
Tim Horton
Comment 8 2017-01-11 13:20:38 PST
Comment on attachment 298611 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=298611&action=review > Source/WebKit2/Platform/IPC/mac/ConnectionMac.mm:403 > + // FIXME: Figure out why we get spurious DISPATCH_MACH_SEND_POSSIBLE events. Is there any logging we can add now to help diagnose?
Anders Carlsson
Comment 9 2017-01-11 13:29:06 PST
Committed r210596: <http://trac.webkit.org/changeset/210596>
Note You need to log in before you can comment on or make changes to this bug.