Bug 301770

Summary: REGRESSION(302347@main) [ Debug ]: 2X TestIPC (API-Tests) are a constant crash
Product: WebKit Reporter: Robert Jenner <jenner>
Component: New BugsAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: beidson, gavin.p, webkit-bot-watchers-bugzilla, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=301567
Bug Depends on:    
Bug Blocks: 301567    

Robert Jenner
Reported 2025-10-31 13:29:43 PDT
The following two TestIPC API-Tests are a constant crash on all Debug test runs: TestIPC.IPCSerialization.Basic TestIPC.CoreIPCCFDictionary.InsertDifferentValueTypes HISTORY: https://results.webkit.org/?suite=api-tests&suite=api-tests&test=TestIPC.IPCSerialization.Basic&test=TestIPC.CoreIPCCFDictionary.InsertDifferentValueTypes CRASH TEXT: "name": "TestIPC.CoreIPCCFDictionary.InsertDifferentValueTypes", "output": "2025-10-30 10:43:58.403 TestIPC[39128:2868713] NSEventConcurrentProcessingEnabled=NO\nSHOULD NEVER BE REACHED\n/Volumes/Data/worker/Apple-Tahoe-Debug-Build/build/Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm(326) : CFHolderForTesting cfHolder(CFTypeRef)\n1 0x10ac5b51b cfHolder(void const*)\n2 0x10ac8dbbd dictionariesEqual(__CFDictionary const*, __CFDictionary const*)::$_0::operator()(void const*, void const*, void*) const\n3 0x10ac8db79 dictionariesEqual(__CFDictionary const*, __CFDictionary const*)::$_0::__invoke(void const*, void const*, void*)\n4 0x7ff8078a77b9 -[__NSDictionaryM __apply:context:]\n5 0x10ac5ba54 dictionariesEqual(__CFDictionary const*, __CFDictionary const*)\n6 0x10ac8777d operator==(CFHolderForTesting const&, CFHolderForTesting const&)\n7 0x10acc41bd invocation function for block in runTestCFWithExpectedResult(CFHolderForTesting const&, CFHolderForTesting const&)\n8 0x10acc92d1 decltype(std::declval<void (CFHolderForTesting&&) block_pointer>()(std::declval<CFHolderForTesting>())) std::__1::__invoke[abi:sn200100]<void (CFHolderForTesting&&) block_pointer, CFHolderForTesting>(void (CFHolderForTesting&&) block_pointer&&, CFHolderForTesting&&)\n9 0x10acc929d decltype(auto) std::__1::__apply_tuple_impl[abi:sn200100]<void (CFHolderForTesting&&) block_pointer, std::__1::tuple<CFHolderForTesting>, 0ul>(void (CFHolderForTesting&&) block_pointer&&, std::__1::tuple<CFHolderForTesting>&&, std::__1::__tuple_indices<0ul>)\n10 0x10acc8add decltype(auto) std::__1::apply[abi:sn200100]<void (CFHolderForTesting&&) block_pointer, std::__1::tuple<CFHolderForTesting>>(void (CFHolderForTesting&&) block_pointer&&, std::__1::tuple<CFHolderForTesting>&&)\n11 0x10acc8989 void IPC::callReplyWithoutUsingConnection<CFPingBackMessage, IPC::Decoder, void (CFHolderForTesting&&) block_pointer>(IPC::Decoder&, void (CFHolderForTesting&&) block_pointer&&)\n12 0x10acc892b bool IPC::MessageSender::sendWithAsyncReplyWithoutUsingIPCConnection<CFPingBackMessage, void (CFHolderForTesting&&) block_pointer>(CFPingBackMessage&&, void (CFHolderForTesting&&) block_pointer&&) const::'lambda'(IPC::Decoder*)::operator()(IPC::Decoder*)\n13 0x10acc88c1 WTF::Detail::CallableWrapper<bool IPC::MessageSender::sendWithAsyncReplyWithoutUsingIPCConnection<CFPingBackMessage, void (CFHolderForTesting&&) block_pointer>(CFPingBackMessage&&, void (CFHolderForTesting&&) block_pointer&&) const::'lambda'(IPC::Decoder*), void, IPC::Decoder*>::call(IPC::Decoder*)\n14 0x10acdad12 WTF::Function<void (IPC::Decoder*)>::operator()(IPC::Decoder*) const\n15 0x10ac5adb4 WTF::CompletionHandler<void (IPC::Decoder*)>::operator()(IPC::Decoder*)\n16 0x10ac5acfc SerializationTestSender::performSendWithAsyncReplyWithoutUsingIPCConnection(WTF::UniqueRef<IPC::Encoder>&&, WTF::CompletionHandler<void (IPC::Decoder*)>&&) const\n17 0x10acc40d2 bool IPC::MessageSender::sendWithAsyncReplyWithoutUsingIPCConnection<CFPingBackMessage, void (CFHolderForTesting&&) block_pointer>(CFPingBackMessage&&, void (CFHolderForTesting&&) block_pointer&&) const\n18 0x10ac64de0 runTestCFWithExpectedResult(CFHolderForTesting const&, CFHolderForTesting const&)\n19 0x10ac6b53d CoreIPCCFDictionary_InsertDifferentValueTypes_Test::TestBody()\n20 0x10addb244 void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*)\n21 0x10ad9abf6 void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*)\n22 0x10ad9ab47 testing::Test::Run()\n23 0x10ad9ba6e testing::TestInfo::Run()\n24 0x10ad9ca4d testing::TestSuite::Run()\n25 0x10adab090 testing::internal::UnitTestImpl::RunAllTests()\n26 0x10addfe64 bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*)\n27 0x10adaaab6 bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*)\n28 0x10adaa9a5 testing::UnitTest::Run()\n29 0x10ad73771 RUN_ALL_TESTS()\n30 0x10ad73702 TestWebKitAPI::TestsController::run(int, char**)\n31 0x10ad25daa main" "name": "TestIPC.IPCSerialization.Basic", "output": "2025-10-30 10:43:58.535 TestIPC[39131:2868774] NSEventConcurrentProcessingEnabled=NO\nSHOULD NEVER BE REACHED\n/Volumes/Data/worker/Apple-Tahoe-Debug-Build/build/Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm(326) : CFHolderForTesting cfHolder(CFTypeRef)\n1 0x1068e351b cfHolder(void const*)\n2 0x106915bbd dictionariesEqual(__CFDictionary const*, __CFDictionary const*)::$_0::operator()(void const*, void const*, void*) const\n3 0x106915b79 dictionariesEqual(__CFDictionary const*, __CFDictionary const*)::$_0::__invoke(void const*, void const*, void*)\n4 0x7ff8077cc60e -[__NSDictionaryI __apply:context:]\n5 0x1068e3a54 dictionariesEqual(__CFDictionary const*, __CFDictionary const*)\n6 0x10690f77d operator==(CFHolderForTesting const&, CFHolderForTesting const&)\n7 0x10694c1bd invocation function for block in runTestCFWithExpectedResult(CFHolderForTesting const&, CFHolderForTesting const&)\n8 0x1069512d1 decltype(std::declval<void (CFHolderForTesting&&) block_pointer>()(std::declval<CFHolderForTesting>())) std::__1::__invoke[abi:sn200100]<void (CFHolderForTesting&&) block_pointer, CFHolderForTesting>(void (CFHolderForTesting&&) block_pointer&&, CFHolderForTesting&&)\n9 0x10695129d decltype(auto) std::__1::__apply_tuple_impl[abi:sn200100]<void (CFHolderForTesting&&) block_pointer, std::__1::tuple<CFHolderForTesting>, 0ul>(void (CFHolderForTesting&&) block_pointer&&, std::__1::tuple<CFHolderForTesting>&&, std::__1::__tuple_indices<0ul>)\n10 0x106950add decltype(auto) std::__1::apply[abi:sn200100]<void (CFHolderForTesting&&) block_pointer, std::__1::tuple<CFHolderForTesting>>(void (CFHolderForTesting&&) block_pointer&&, std::__1::tuple<CFHolderForTesting>&&)\n11 0x106950989 void IPC::callReplyWithoutUsingConnection<CFPingBackMessage, IPC::Decoder, void (CFHolderForTesting&&) block_pointer>(IPC::Decoder&, void (CFHolderForTesting&&) block_pointer&&)\n12 0x10695092b bool IPC::MessageSender::sendWithAsyncReplyWithoutUsingIPCConnection<CFPingBackMessage, void (CFHolderForTesting&&) block_pointer>(CFPingBackMessage&&, void (CFHolderForTesting&&) block_pointer&&) const::'lambda'(IPC::Decoder*)::operator()(IPC::Decoder*)\n13 0x1069508c1 WTF::Detail::CallableWrapper<bool IPC::MessageSender::sendWithAsyncReplyWithoutUsingIPCConnection<CFPingBackMessage, void (CFHolderForTesting&&) block_pointer>(CFPingBackMessage&&, void (CFHolderForTesting&&) block_pointer&&) const::'lambda'(IPC::Decoder*), void, IPC::Decoder*>::call(IPC::Decoder*)\n14 0x106962d12 WTF::Function<void (IPC::Decoder*)>::operator()(IPC::Decoder*) const\n15 0x1068e2db4 WTF::CompletionHandler<void (IPC::Decoder*)>::operator()(IPC::Decoder*)\n16 0x1068e2cfc SerializationTestSender::performSendWithAsyncReplyWithoutUsingIPCConnection(WTF::UniqueRef<IPC::Encoder>&&, WTF::CompletionHandler<void (IPC::Decoder*)>&&) const\n17 0x10694c0d2 bool IPC::MessageSender::sendWithAsyncReplyWithoutUsingIPCConnection<CFPingBackMessage, void (CFHolderForTesting&&) block_pointer>(CFPingBackMessage&&, void (CFHolderForTesting&&) block_pointer&&) const\n18 0x1068ecde0 runTestCFWithExpectedResult(CFHolderForTesting const&, CFHolderForTesting const&)\n19 0x1068e9780 IPCSerialization_Basic_Test::TestBody()\n20 0x106a63244 void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*)\n21 0x106a22bf6 void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*)\n22 0x106a22b47 testing::Test::Run()\n23 0x106a23a6e testing::TestInfo::Run()\n24 0x106a24a4d testing::TestSuite::Run()\n25 0x106a33090 testing::internal::UnitTestImpl::RunAllTests()\n26 0x106a67e64 bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*)\n27 0x106a32ab6 bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*)\n28 0x106a329a5 testing::UnitTest::Run()\n29 0x1069fb771 RUN_ALL_TESTS()\n30 0x1069fb702 TestWebKitAPI::TestsController::run(int, char**)\n31 0x1069addaa main"
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2025-10-31 13:30:09 PDT
<rdar://problem/163815601>
Robert Jenner
Comment 2 2025-10-31 13:33:20 PDT
I was able to reproduce these crashes at macOS Tahoe Debug ToT running the tests as follows: run-api-tests <test_goes_here> These reproduce on 302347@main, but not at the next available test build of 302344@main. The culprit is either 302345, 302346, or 302347. And given that 302347@main modified CFArray and IPCSerialization.mm I strongly suspect that it is the root cause.
EWS
Comment 3 2025-10-31 13:47:52 PDT
Committed 302404@main (29d91d0db143): <https://commits.webkit.org/302404@main> Reviewed commits have been landed. Closing PR #53270 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.