10.12 crash in Security::DataWalkers

We have a complex applicaton which does a significant amount of networking. We are seeing crashes on non-English locales, with over 50% coming from systems with a Japanese locale. These crashes only occur on 10.12 and unfortunately we can not reproduce. None of our code is on the stack of the crashing thread. Below are 2 different callstacks of crashes, with the first being far more prevalent. Any ideas?


# ChildEBP RetAddr 00 0000000000000000 0000000000000000 security!void Security::DataWalkers::walk<Security::DataWalkers::SizeWalker>+0xd 01 0000000000000000 0000000000000000 security!void Security::DataWalkers::enumerateArray<Security::DataWalkers::SizeWalker, Security::SampleGroup, Security::CssmSample>+0x5f 02 0000000000000000 0000000000000000 security!Security::DataWalkers::Copier<Security::AccessCredentials>::Copier+0x3f 03 0000000000000000 0000000000000000 security!Security::SecurityServer::DatabaseAccessCredentials::DatabaseAccessCredentials+0x1c 04 0000000000000000 0000000000000000 security!Security::SecurityServer::ClientSession::authenticateDb+0x26 05 0000000000000000 0000000000000000 security!SSDLSession::Authenticate+0x4f 06 0000000000000000 0000000000000000 security!cssm_Authenticate+0x62 07 0000000000000000 0000000000000000 security!_CSSM_DL_Authenticate+0x56 08 0000000000000000 0000000000000000 security!Security::CssmClient::DbImpl::open+0x133 09 0000000000000000 0000000000000000 security!Security::CssmClient::DbImpl::dbBlobVersion+0xf2 0a 0000000000000000 0000000000000000 security!Security::KeychainCore::KeychainImpl::performKeychainUpgradeIfNeeded+0x254 0b 0000000000000000 0000000000000000 security!Security::KeychainCore::KCCursorImpl::newKeychain+0x24 0c 0000000000000000 0000000000000000 security!Security::KeychainCore::KCCursorImpl::next+0xd1 0d 0000000000000000 0000000000000000 security!_SecIdentityCopyPreference+0x298 0e 0000000000000000 0000000000000000 cfnetwork!HTTPProtocolSSLSupport::getSSLCertsCached+0xf0 0f 0000000000000000 0000000000000000 cfnetwork!HTTPProtocol::copyProtocolPropertiesForStream+0x26d 10 0000000000000000 0000000000000000 cfnetwork!____ZN4Tube23_onqueue_prepConnectionEU13block_pointerFvvEU13block_pointerFviE_block_invoke.81+0x26 11 0000000000000000 0000000000000000 libdispatch_dylib!__dispatch_client_callout+0x8 12 0000000000000000 0000000000000000 libdispatch_dylib!__dispatch_block_invoke_direct+0x142 13 0000000000000000 0000000000000000 cfnetwork!RunloopBlockContext::_invoke_block+0x18 14 0000000000000000 0000000000000000 corefoundation!_CFArrayApplyFunction+0x44 15 0000000000000000 0000000000000000 cfnetwork!RunloopBlockContext::perform+0x89 16 0000000000000000 0000000000000000 cfnetwork!MultiplexerSource::perform+0x11a 17 0000000000000000 0000000000000000 cfnetwork!MultiplexerSource::_perform+0x48 18 0000000000000000 0000000000000000 corefoundation!___CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__+0x11 19 0000000000000000 0000000000000000 corefoundation!___CFRunLoopDoSources0+0x22d 1a 0000000000000000 0000000000000000 corefoundation!___CFRunLoopRun+0x3a6 1b 0000000000000000 0000000000000000 corefoundation!_CFRunLoopRunSpecific+0x1a4 1c 0000000000000000 0000000000000000 cfnetwork!NSURLConnection_Loader::_resourceLoadLoop_+0x139 1d 0000000000000000 0000000000000000 foundation!___NSThread__start__+0x4db 1e 0000000000000000 0000000000000000 libsystem_pthread_dylib!__pthread_body+0xb4 1f 0000000000000000 0000000000000000 libsystem_pthread_dylib!__pthread_body+0x0 20 0000000000000000 0000000000000000 libsystem_pthread_dylib!_thread_start+0xd fffffffd 0000000000000000 0000000000000000 0x0


and


# ChildEBP RetAddr 00 0000000000000000 0000000000000000 security!void Security::DataWalkers::walk<Security::DataWalkers::SizeWalker>+0xd 01 0000000000000000 0000000000000000 security!void Security::DataWalkers::enumerateArray<Security::DataWalkers::SizeWalker, Security::SampleGroup, Security::CssmSample>+0x5f 02 0000000000000000 0000000000000000 security!_CSSM_CSP_CreateSignatureContext+0x38 03 0000000000000000 0000000000000000 security!Security::CssmClient::SigningContext::activate+0xb8 04 0000000000000000 0000000000000000 security!SecCDSAKeyCopyOperationResult+0xdba 05 0000000000000000 0000000000000000 security!_SecKeyRunAlgorithmAndCopyResult+0xe9 06 0000000000000000 0000000000000000 security!___SecKeyMessageToDigestAdaptor_block_invoke+0x55 07 0000000000000000 0000000000000000 security!___PerformWithCFDataBuffer_block_invoke+0x42 08 0000000000000000 0000000000000000 security!_PerformWithBuffer+0x50 09 0000000000000000 0000000000000000 security!_SecKeyMessageToDigestAdaptor+0xdc 0a 0000000000000000 0000000000000000 security!_SecKeyRunAlgorithmAndCopyResult+0x18d 0b 0000000000000000 0000000000000000 security!_SecKeyVerifySignature+0x6d 0c 0000000000000000 0000000000000000 security!_VFY_VerifyAll+0x88 0d 0000000000000000 0000000000000000 security!_VFY_VerifyData+0x17 0e 0000000000000000 0000000000000000 security!_SecCmsSignerInfoVerifyWithPolicy+0x28b 0f 0000000000000000 0000000000000000 security!_SecCmsSignedDataVerifySignerInfo+0x88 10 0000000000000000 0000000000000000 security!_CMSDecoderCopySignerStatus+0xb0 11 0000000000000000 0000000000000000 security!Security::CodeSigning::SecStaticCode::verifySignature+0x16c 12 0000000000000000 0000000000000000 security!Security::CodeSigning::SecStaticCode::validateDirectory+0x5c 13 0000000000000000 0000000000000000 security!Security::CodeSigning::SecStaticCode::validateNonResourceComponents+0xf 14 0000000000000000 0000000000000000 security!Security::CodeSigning::SecStaticCode::staticValidateCore+0x1a 15 0000000000000000 0000000000000000 security!Security::CodeSigning::SecStaticCode::staticValidate+0x47 16 0000000000000000 0000000000000000 security!_SecStaticCodeCheckValidityWithErrors+0xa4 17 0000000000000000 0000000000000000 quicklook!_QLCheckAppleSignature+0x58 18 0000000000000000 0000000000000000 quicklook!__QLLoadPluginAtURL+0x586 19 0000000000000000 0000000000000000 quicklook!____QLLaunchUpdatingThread_block_invoke+0x648 1a 0000000000000000 0000000000000000 libdispatch_dylib!__dispatch_call_block_and_release+0xc 1b 0000000000000000 0000000000000000 libdispatch_dylib!__dispatch_client_callout+0x8 1c 0000000000000000 0000000000000000 libdispatch_dylib!__dispatch_queue_serial_drain+0x380 1d 0000000000000000 0000000000000000 libdispatch_dylib!__dispatch_queue_invoke+0x416 1e 0000000000000000 0000000000000000 libdispatch_dylib!__dispatch_root_queue_drain+0x1dc 1f 0000000000000000 0000000000000000 libdispatch_dylib!__dispatch_worker_thread3+0x63 20 0000000000000000 0000000000000000 libsystem_pthread_dylib!__pthread_wqthread+0x513 21 0000000000000000 0000000000000000 libsystem_pthread_dylib!_start_wqthread+0xd fffffffd 0000000000000000 0000000000000000 0x0


Thank you for your time.

Replies

It’s very hard to see what’s going on given the format of your backtraces. Is this their native format? Or did DevForums munge them? Either way, it’d be helpful if you re-posted the backtraces with one frame to a line, similar to what you’d see in an Apple crash report.

Speaking of Apple crash reports, do you have one for this crash? If not, you should try to get one. If you post it here I should be able to gather more info from that.

ps When posting blocks of monospace text (like code or crash reports), use the

<>
to create a code block.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"