iOS17.0 quic_recovery_declare_packets_lost Crash

Question

Created Aug ’23

Replies 14

Boosts 6

Views 2.8k

Participants 9

A large number of crashes occurred only on iOS 17.0 online from July 27, which is consistent with the release time of the 17.0 beta4 version. I suspect something is wrong with 17.0 beta4. Does anyone have the same problem and is there a solution? Thanks a lot

Crashed: com.apple.CFNetwork.Connection
0  libquic.dylib                  0x21120 quic_recovery_declare_packets_lost + 928
1  libquic.dylib                  0x20788 quic_recovery_find_lost_packet_inner + 1272
2  libquic.dylib                  0x1e564 quic_recovery_find_lost_packets + 352
3  libquic.dylib                  0x11b74 quic_recovery_received_ack + 1180
4  libquic.dylib                  0x52634 quic_frame_process_ACK + 368
5  libquic.dylib                  0xb3bc8 quic_conn_process_frame + 964
6  libquic.dylib                  0xb0370 quic_conn_process_inbound + 1840
7  Network                        0x323c40 nw_protocol_data_access_buffer + 840
8  libquic.dylib                  0xb6b48 __quic_conn_handle_inbound_block_invoke + 168
9  libquic.dylib                  0xb690c quic_conn_handle_inbound + 124
10 Network                        0x3102ac __nw_protocol_implementation_get_input_internal_block_invoke + 136
11 Network                        0x30f8d4 nw_protocol_implementation_read + 408
12 Network                        0x30f128 nw_protocol_implementation_input_available + 96
13 Network                        0x1f5c4 nw_channel_update_input_source(nw_channel*, nw_protocol*, bool) + 7024
14 Network                        0x2d880 nw_channel_get_input_frames(nw_protocol*, nw_protocol*, unsigned int, unsigned int, unsigned int, nw_frame_array_s*) + 124
15 Network                        0x911ac0 nw_protocol_ipv6_get_input_frames(nw_protocol*, nw_protocol*, unsigned int, unsigned int, unsigned int, nw_frame_array_s*) + 268
16 Network                        0x1da8a4 nw_protocol_udp_get_input_frames(nw_protocol*, nw_protocol*, unsigned int, unsigned int, unsigned int, nw_frame_array_s*) + 208
17 Network                        0x30f868 nw_protocol_implementation_read + 300
18 Network                        0x3153e4 nw_protocol_implementation_get_input_frames + 148
19 Network                        0x3572e0 nw_flow_service_reads(NWConcrete_nw_endpoint_handler*, NWConcrete_nw_endpoint_flow*, nw_flow_protocol*, bool) + 992
20 Network                        0x363ef0 __nw_endpoint_handler_add_read_request_block_invoke + 452
21 Network                        0x7ba20 nw_hash_table_apply + 2696
22 Network                        0x34d84 nw_endpoint_handler_add_read_request + 1688
23 Network                        0x34848 nw_endpoint_handler_add_read_request + 348
24 Network                        0x936c nw_connection_add_read_request_on_queue + 232
25 Network                        0x9204 nw_connection_add_read_request + 344
26 Network                        0x8cc4 nw_connection_receive_internal + 140
27 CFNetwork                      0xa7620 CFURLDownloadStart + 66020
28 CFNetwork                      0xe194c _CFStreamErrorFromCFError + 24656
29 CFNetwork                      0x101918 _CFStreamErrorFromCFError + 155676
30 CFNetwork                      0xfe2d8 _CFStreamErrorFromCFError + 141788
31 CFNetwork                      0x1008dc _CFStreamErrorFromCFError + 151520
32 CFNetwork                      0x1344d4 _CFStreamErrorFromCFError + 363480
33 CFNetwork                      0xa73c8 CFURLDownloadStart + 65420
34 CFNetwork                      0xb68c0 CFURLDownloadStart + 128132
35 CFNetwork                      0x135c5c _CFStreamErrorFromCFError + 369504
36 CFNetwork                      0x34f18 CFHTTPMessageCopySerializedMessage + 47008
37 CFNetwork                      0x1e8180 CFHTTPCookieStorageUnscheduleFromRunLoop + 225244
38 CFNetwork                      0x13585c _CFStreamErrorFromCFError + 368480
39 CFNetwork                      0xb4d9c CFURLDownloadStart + 121184
40 libdispatch.dylib              0x13250 _dispatch_block_async_invoke2 + 148
41 libdispatch.dylib              0x4300 _dispatch_client_callout + 20
42 libdispatch.dylib              0xb894 _dispatch_lane_serial_drain + 748
43 libdispatch.dylib              0xc3f8 _dispatch_lane_invoke + 432
44 libdispatch.dylib              0xd6a8 _dispatch_workloop_invoke + 1756
45 libdispatch.dylib              0x17004 _dispatch_root_queue_drain_deferred_wlh + 288
46 libdispatch.dylib              0x16878 _dispatch_workloop_worker_thread + 404
47 libsystem_pthread.dylib        0x1964 _pthread_wqthread + 288
48 libsystem_pthread.dylib        0x1a04 start_wqthread + 8

Answered by DTS Engineer in 764603022

Earlier I wrote:

The only bug number I have for this is FB13125585

I was able to use that bug to track down the state of this issue:

It’s a known bug in our QUIC implementation (r. 114285963).
The fix is not in iOS 17.0rc.
I can’t comment as to when that fix will ship.
This bug is deep in the QUIC implementation, so there’s no obvious way to work around it.

OlegMontak wrote:

we also have such crashes, I have sent them in FB13169200

Thanks for that. That should end up following the same path as FB13125585.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Boost

Answer 1

ShashwatKN OP

Aug ’23

Yes seeing these crashes for iOS 17 users since 1 week, did anyone find any workaround?

1

Answer 2

armenm OP

Aug ’23

Yes, seeing the crashes on my side too. No clues on the issue yet. Same stack trace.

# Crashlytics - Stack trace
# Platform: apple

com.apple.main-thread
0  libsystem_kernel.dylib         0x11d8 mach_msg2_trap + 8
1  libsystem_kernel.dylib         0xf70 mach_msg2_internal + 80
2  libsystem_kernel.dylib         0xe88 mach_msg_overwrite + 436
3  libsystem_kernel.dylib         0xcc8 mach_msg + 24
4  CoreFoundation                 0x3655c __CFRunLoopServiceMachPort + 160
5  CoreFoundation                 0x34454 __CFRunLoopRun + 1208
6  CoreFoundation                 0x33eb8 CFRunLoopRunSpecific + 608
7  GraphicsServices               0x35ec GSEventRunModal + 164
8  UIKitCore                      0x22f6b4 -[UIApplication _run] + 888
9  UIKitCore                      0x22ecf0 UIApplicationMain + 340
10 Citizen                        0x4248 main + 5 (main.swift:5)
11 ???                            0x1c0577d44 (Missing)

Crashed: com.apple.network.connections
0  libquic.dylib                  0x20ad0 quic_recovery_declare_packets_lost + 1284
1  libquic.dylib                  0x1ffd4 quic_recovery_find_lost_packet_inner + 1272
2  libquic.dylib                  0x1dd90 quic_recovery_find_lost_packets + 352
3  libquic.dylib                  0x11390 quic_recovery_received_ack + 1180
4  libquic.dylib                  0x51e98 quic_frame_process_ACK + 368
5  libquic.dylib                  0xb3a58 quic_conn_process_frame + 964
6  libquic.dylib                  0xb0200 quic_conn_process_inbound + 1840
7  Network                        0x324510 nw_protocol_data_access_buffer + 840
8  libquic.dylib                  0xb69e8 __quic_conn_handle_inbound_block_invoke + 168
9  libquic.dylib                  0xb67ac quic_conn_handle_inbound + 124
10 Network                        0x310b7c __nw_protocol_implementation_get_input_internal_block_invoke + 136
11 Network                        0x3101a4 nw_protocol_implementation_read + 408
12 Network                        0x30f9f8 nw_protocol_implementation_input_available + 96
13 Network                        0x1f418 nw_channel_update_input_source(nw_channel*, nw_protocol*, bool) + 7068
14 Network                        0x91fe30 invocation function for block in nw_channel_create(nw_context*, unsigned char*, unsigned int, void*, unsigned int, bool, bool, bool*) + 72
15 libdispatch.dylib              0x4300 _dispatch_client_callout + 20
16 libdispatch.dylib              0x77b8 _dispatch_continuation_pop + 600
17 libdispatch.dylib              0x1b5c0 _dispatch_source_latch_and_call + 420
18 libdispatch.dylib              0x1a190 _dispatch_source_invoke + 832
19 libdispatch.dylib              0xd6a8 _dispatch_workloop_invoke + 1756
20 libdispatch.dylib              0x17004 _dispatch_root_queue_drain_deferred_wlh + 288
21 libdispatch.dylib              0x16878 _dispatch_workloop_worker_thread + 404
22 libsystem_pthread.dylib        0x1964 _pthread_wqthread + 288
23 libsystem_pthread.dylib        0x1a04 start_wqthread + 8

com.apple.uikit.eventfetch-thread
0  libsystem_kernel.dylib         0x11d8 mach_msg2_trap + 8
1  libsystem_kernel.dylib         0xf70 mach_msg2_internal + 80
2  libsystem_kernel.dylib         0xe88 mach_msg_overwrite + 436
3  libsystem_kernel.dylib         0xcc8 mach_msg + 24
4  CoreFoundation                 0x3655c __CFRunLoopServiceMachPort + 160
5  CoreFoundation                 0x34454 __CFRunLoopRun + 1208
6  CoreFoundation                 0x33eb8 CFRunLoopRunSpecific + 608
7  Foundation                     0x2ccbc -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212
8  Foundation                     0x5ba74 -[NSRunLoop(NSRunLoop) runUntilDate:] + 64
9  UIKitCore                      0x1913cc -[UIEventFetcher threadMain] + 420
10 Foundation                     0xb28f4 __NSThread__start__ + 732
11 libsystem_pthread.dylib        0x24d4 _pthread_start + 136
12 libsystem_pthread.dylib        0x1a10 thread_start + 8

com.apple.NSURLConnectionLoader
0  libsystem_kernel.dylib         0x11d8 mach_msg2_trap + 8
1  libsystem_kernel.dylib         0xf70 mach_msg2_internal + 80
2  libsystem_kernel.dylib         0xe88 mach_msg_overwrite + 436
3  libsystem_kernel.dylib         0xcc8 mach_msg + 24
4  CoreFoundation                 0x3655c __CFRunLoopServiceMachPort + 160
5  CoreFoundation                 0x34454 __CFRunLoopRun + 1208
6  CoreFoundation                 0x33eb8 CFRunLoopRunSpecific + 608
7  CFNetwork                      0x258798 _CFURLStorageSessionCopyIdentifier + 69132
8  Foundation                     0xb28f4 __NSThread__start__ + 732
9  libsystem_pthread.dylib        0x24d4 _pthread_start + 136
10 libsystem_pthread.dylib        0x1a10 thread_start + 8


com.apple.cfnetwork.altservicesstorage
0  libsystem_kernel.dylib         0x11d8 mach_msg2_trap + 8
1  libsystem_kernel.dylib         0xf70 mach_msg2_internal + 80
2  libsystem_kernel.dylib         0xe88 mach_msg_overwrite + 436
3  libsystem_kernel.dylib         0xcc8 mach_msg + 24
4  libdispatch.dylib              0x1ef00 _dispatch_mach_send_and_wait_for_reply + 540
5  libdispatch.dylib              0x1f2a0 dispatch_mach_send_with_result_and_wait_for_reply + 60
6  libxpc.dylib                   0x106d0 xpc_connection_send_message_with_reply_sync + 264
7  RunningBoardServices           0x9930 -[RBSXPCMessage sendToConnection:error:] + 328
8  RunningBoardServices           0x95f0 -[RBSXPCMessage invokeOnConnection:withReturnCollectionClass:entryClass:error:] + 92
9  RunningBoardServices           0x9578 -[RBSXPCMessage invokeOnConnection:withReturnClass:error:] + 32
10 RunningBoardServices           0x1b6c -[RBSConnection acquireAssertion:error:] + 296
11 RunningBoardServices           0x1820 -[RBSAssertion acquireWithError:] + 176
12 CFNetwork                      0x6f170 CFURLProtectionSpaceReceivesCredentialSecurely + 4756
13 CFNetwork                      0x8e148 _CFHTTPAuthenticationCreateNTLMHeaderForRequest + 20572
14 libdispatch.dylib              0x13250 _dispatch_block_async_invoke2 + 148
15 libdispatch.dylib              0x4300 _dispatch_client_callout + 20
16 libdispatch.dylib              0xb894 _dispatch_lane_serial_drain + 748
17 libdispatch.dylib              0xc3c4 _dispatch_lane_invoke + 380
18 libdispatch.dylib              0x17004 _dispatch_root_queue_drain_deferred_wlh + 288
19 libdispatch.dylib              0x16878 _dispatch_workloop_worker_thread + 404
20 libsystem_pthread.dylib        0x1964 _pthread_wqthread + 288
21 libsystem_pthread.dylib        0x1a04 start_wqthread + 8

1

Answer 3

linziyi127 OP

Aug ’23

did anyone find any workaround?

0

Answer 4

dennycd1907 OP

Aug ’23

Hi, we are seeing this crash in recent iOS 17 beta, please advise if there is any fixes or work around for it

	EXC_BAD_ACCESS: Attempted to dereference null pointer.

0  libquic.dylib +0x20a98          _quic_recovery_declare_packets_lost
1  libquic.dylib +0x1ffa4          _quic_recovery_find_lost_packet_inner
2  libquic.dylib +0x1dd58          _quic_recovery_find_lost_packets
3  libquic.dylib +0x11354          _quic_recovery_received_ack
4  libquic.dylib +0x51e64          _quic_frame_process_ACK
5  libquic.dylib +0xb3a38          _quic_conn_process_frame
6  libquic.dylib +0xb01e4          _quic_conn_process_inbound
7  Network +0x323e6c               _nw_protocol_data_access_buffer
8  libquic.dylib +0xb69cc          ___quic_conn_handle_inbound_block_invoke
9  libquic.dylib +0xb6790          _quic_conn_handle_inbound
10 Network +0x3104d8               ___nw_protocol_implementation_get_input_internal_block_invoke
11 Network +0x30fb00               _nw_protocol_implementation_read
12 Network +0x30f354               _nw_protocol_implementation_input_available
13 Network +0x1edc4                nw_channel_update_input_source(nw_channel*, nw_protocol*, bool)
14 Network +0x91a54c               ____ZL17nw_channel_createP10nw_contextPhjPvjbbPb_block_invoke.43
15 libdispatch.dylib +0x42fc       __dispatch_client_callout
16 libdispatch.dylib +0x77b4       __dispatch_continuation_pop
17 libdispatch.dylib +0x1b5bc      __dispatch_source_latch_and_call
18 libdispatch.dylib +0x1a18c      __dispatch_source_invoke
19 libdispatch.dylib +0xd6a4       __dispatch_workloop_invoke
20 libdispatch.dylib +0x17000      __dispatch_root_queue_drain_deferred_wlh
21 libdispatch.dylib +0x16874      __dispatch_workloop_worker_thread
22 libsystem_pthread.dylib +0x1960 __pthread_wqthread

1

Answer 5

YishaiR OP

Sep ’23

Adding an Apple crash report. (I know the Apple people prefer these).

Not yet seeing the crash on Beta 8, hopefully this means the issue has been fixed.

Apple Crash Report

0

Answer 6

karimfrommunich OP

Sep ’23

I can confirm it happens on Beta 8 still happens It happened on all these builds as well

21A5319a, 21A5312c, 21A5303d, 21A5291j, 21A325, 21A326, 21A323, 21A5291h, 21A319, 21A292a, 21A5303b and 21A5326a which are all iOS 17

0

Answer 7

DTS Engineer OP

Apple

Sep ’23

Someone opened a DTS TSI about this, and I’ll be looking into that later today. I’ve made a note to remind myself to post the results back here when I’m done.

IMPORTANT When you start a thread here on DevForums, it’s really important you apply meaningful tags. This thread started out with only the iOS tag, which something so generic that very few people monitor it. If it had had the QUIC tag, I woulda looked at this a month ago )-: See tip 4 in Quinn’s Top Ten DevForums Tips.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 8

DTS Engineer OP

Apple

Sep ’23

I’ve made a note to remind myself to post the results back here when I’m done.

OK, an update…

The only bug number I have for this is FB13125585, which was filed quite recently. If anyone filed a bug about this earlier, please post the number here.

YishaiR wrote:

(I know the Apple people prefer these)

To be clear, it’s not a matter of preference, but a matter of trust. I don’t trust non-Apple crash reports because… well… see all the gory details in Implementing Your Own Crash Reporter.

Adding an Apple crash report.

Thanks.

Unfortunately your crash report seems to be munged in some way, to the point where our internal tools won’t work with it. Can you post it again? If you need to redact any info, use the process described in Posting a Crash Report.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 9

OlegMontak OP

Sep ’23

Hi @eskimo, we also have such crashes, I have sent them in FB13169200

0

Answer 10

DTS Engineer OP

Apple

Sep ’23

Recommended

Earlier I wrote:

The only bug number I have for this is FB13125585

I was able to use that bug to track down the state of this issue:

It’s a known bug in our QUIC implementation (r. 114285963).
The fix is not in iOS 17.0rc.
I can’t comment as to when that fix will ship.
This bug is deep in the QUIC implementation, so there’s no obvious way to work around it.

OlegMontak wrote:

we also have such crashes, I have sent them in FB13169200

Thanks for that. That should end up following the same path as FB13125585.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 11

wzb OP

Sep ’23

I have the same problem, does anyone have a solution?

0

Answer 12

linziyi127 OP

Sep ’23

hi, @eskimo , this is my crash stack from Xcode organizer

2023-09-15_17-49-34.5038_+0530-621c999f7d218f4619a54f468fcdcea4bcde70e7.crash

0

Answer 13

DTS Engineer OP

Apple

Sep ’23

We believe this is fixed in the 17.1 beta seed that was just announced. Has anyone seen it on that release?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 14

OlegMontak OP

Oct ’23

We see zero crashes starting from 22 of September (iOS 17.0.1 release date?), previously it was 5–10 crashes per day. We will continue to watch.

0