iOS 14 CoreFoundation crash with EXC_BREAKPOINT

Hi,
I am facing a strange issue in my app with iOS14 there is a intermittent crash, i am using NetServiceBrowser for MDNS discovery not sure if that is causing the problem crash log has below information:

Crashed: com.apple.main-thread
0 CoreFoundation 0x1a906c4c4 CFAssertMismatchedTypeID + 108
1 CoreFoundation 0x1a8f7db0c
CFRunLoopSourceRemoveFromRunLoop + 298
2 CFNetwork 0x1a96255b0 CFNetServiceBrowserStopSearch + 460
3 CoreFoundation 0x1a8f81240 CFRUNLOOP
ISCALLINGOUTTOASOURCE0PERFORMFUNCTION + 24
4 CoreFoundation 0x1a8f81140
CFRunLoopDoSource0 + 204
5 CoreFoundation 0x1a8f80488
CFRunLoopDoSources0 + 256
6 CoreFoundation 0x1a8f7aa40
CFRunLoopRun + 776
7 CoreFoundation 0x1a8f7a200 CFRunLoopRunSpecific + 572
8 GraphicsServices 0x1bf075598 GSEventRunModal + 160
9 UIKitCore 0x1ab840004 -[UIApplication
run] + 1052
10 UIKitCore 0x1ab8455d8 UIApplicationMain + 164

Answers

This really doesn't give us much to go off of other than NSNetServiceBrowser is being removed from the current run loop and is crashing your app for some reason. Is there any more info to go off of here?



Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
I could see in firebase keys section it has "Expected typeID 46 (CFRunLoopSource) does not match actual typeID 61 (CFSocket)" for key "crashinfoentry_0"

I am facing a strange issue in my app with iOS 14 there is a
intermittent crash

Please post a full crash report. It’s hard to say what’s code on here based on this snippet. Use the text attachment button (<>) to avoid clogging up the timeline.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
Firebase mentions one of the keys in crash log as
Expected typeID 46 (CFRunLoopSource) does not match actual typeID 61 (CFSocket)

Here is the complete crash log
Code Block
Crashed: com.apple.main-thread
EXC_BREAKPOINT 0x00000001901fe700
Crashed: com.apple.main-thread
0 CoreFoundation 0x1901fe700 _CFAssertMismatchedTypeID + 112
1 CoreFoundation 0x190107f0c CFRunLoopSourceRemoveFromRunLoop + 306
2 CFNetwork 0x1907d0808 CFNetServiceBrowserStopSearch + 472
3 CoreFoundation 0x19010b81c CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION + 28
4 CoreFoundation 0x19010b718 CFRunLoopDoSource0 + 208
5 CoreFoundation 0x19010aa28 CFRunLoopDoSources0 + 268
6 CoreFoundation 0x190104d20 CFRunLoopRun + 824
7 CoreFoundation 0x1901044bc CFRunLoopRunSpecific + 600
8 GraphicsServices 0x1a6b89820 GSEventRunModal + 164
9 UIKitCore 0x192aa8734 -[UIApplication _run] + 1072
10 UIKitCore 0x192aade10 UIApplicationMain + 168
11 AppTarget_Qa 0x104e73ed4 main + 41 (AppDelegate.swift:41)
12 libdyld.dylib 0x18fdcbe60 start + 4
Thread 1
0 libsystem_kernel.dylib 0x1bc0b85bc workq_kernreturn + 8
1 libsystem_pthread.dylib 0x1d76e0954 _pthread_wqthread + 352
2 libsystem_pthread.dylib 0x1d76e777c start_wqthread + 8
com.apple.uikit.eventfetch-thread
0 libsystem_kernel.dylib 0x1bc093dd0 mach_msg_trap + 8
1 libsystem_kernel.dylib 0x1bc093184 mach_msg + 76
2 CoreFoundation 0x19010acf8 CFRunLoopServiceMachPort + 380
3 CoreFoundation 0x190104ea8 CFRunLoopRun + 1216
4 CoreFoundation 0x1901044bc CFRunLoopRunSpecific + 600
5 Foundation 0x191381e30 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 232
6 Foundation 0x191381d08 -[NSRunLoop(NSRunLoop) runUntilDate:] + 92
7 UIKitCore 0x192b58e94 -[UIEventFetcher threadMain] + 516
8 Foundation 0x1914ec0f0 NSThreadstart + 864
9 libsystem_pthread.dylib 0x1d76deca8 _pthread_start + 320
10 libsystem_pthread.dylib 0x1d76e7788 thread_start + 8
AVAudioSession Notify Thread
0 libsystem_kernel.dylib 0x1bc093dd0 mach_msg_trap + 8
1 libsystem_kernel.dylib 0x1bc093184 mach_msg + 76
2 CoreFoundation 0x19010acf8 CFRunLoopServiceMachPort + 380
3 CoreFoundation 0x190104ea8 CFRunLoopRun + 1216
4 CoreFoundation 0x1901044bc CFRunLoopRunSpecific + 600
5 AudioSession 0x1979a62ac GenericRunLoopThread::Entry(void*) + 164
6 AudioSession 0x1979a8390 CAPThread::Entry(CAPThread*) + 92
7 libsystem_pthread.dylib 0x1d76deca8 _pthread_start + 320
8 libsystem_pthread.dylib 0x1d76e7788 thread_start + 8
com.google.firebase.crashlytics.MachExceptionServer
0 AppTarget_Qa 0x10510a9b4 FIRCLSProcessRecordAllThreads + 392 (FIRCLSProcess.c:392)
1 AppTarget_Qa 0x10510ad98 FIRCLSProcessRecordAllThreads + 423 (FIRCLSProcess.c:423)
2 AppTarget_Qa 0x105101624 FIRCLSHandler + 34 (FIRCLSHandler.m:34)
3 AppTarget_Qa 0x105104054 FIRCLSMachExceptionServer + 524 (FIRCLSMachException.c:524)
4 libsystem_pthread.dylib 0x1d76deca8 _pthread_start + 320
5 libsystem_pthread.dylib 0x1d76e7788 thread_start + 8
Thread 2
0 libsystem_kernel.dylib 0x1bc0b85bc workq_kernreturn + 8
1 libsystem_pthread.dylib 0x1d76e0954 _pthread_wqthread + 352
2 libsystem_pthread.dylib 0x1d76e777c start_wqthread + 8
com.apple.NSURLConnectionLoader
0 libsystem_kernel.dylib 0x1bc093dd0 mach_msg_trap + 8
1 libsystem_kernel.dylib 0x1bc093184 mach_msg + 76
2 CoreFoundation 0x19010acf8 CFRunLoopServiceMachPort + 380
3 CoreFoundation 0x190104ea8 CFRunLoopRun + 1216
4 CoreFoundation 0x1901044bc CFRunLoopRunSpecific + 600
5 CFNetwork 0x1909bd050 _CFURLStorageSessionCopyCache + 63240
6 Foundation 0x1914ec0f0 NSThreadstart + 864
7 libsystem_pthread.dylib 0x1d76deca8 _pthread_start + 320
8 libsystem_pthread.dylib 0x1d76e7788 thread_start + 8
com.apple.CFSocket.private
0 libsystem_kernel.dylib 0x1bc0b7c40 select + 8
1 libsystem_kernel.dylib 0x1bc0b7c40 select$DARWIN_EXTSN + 8
2 CoreFoundation 0x190117688 CFSocketManager + 636
3 libsystem_pthread.dylib 0x1d76deca8 _pthread_start + 320
4 libsystem_pthread.dylib 0x1d76e7788 thread_start + 8
Thread 3
0 libsystem_kernel.dylib 0x1bc0b85bc workq_kernreturn + 8
1 libsystem_pthread.dylib 0x1d76e0954 _pthread_wqthread + 352
2 libsystem_pthread.dylib 0x1d76e777c start_wqthread + 8
Thread 4
0 libsystem_kernel.dylib 0x1bc0b85bc workq_kernreturn + 8
1 libsystem_pthread.dylib 0x1d76e0954 _pthread_wqthread + 352
2 libsystem_pthread.dylib 0x1d76e777c start_wqthread + 8
Thread 5
0 libsystem_kernel.dylib 0x1bc0b85bc __workq_kernreturn + 8
1 libsystem_pthread.dylib 0x1d76e0954 _pthread_wqthread + 352
2 libsystem_pthread.dylib 0x1d76e777c start_wqthread + 8


Here is the complete crash log

OK, sorry, I was looking for a complete Apple crash report. I presume this is from a third-party crash reporter? If so, there’s not much I can do with it )-:

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
We are facing a similar, intermittent crash, observed in both simulator and real devices. The app is running NISession over MCSession based on the NIPeekaboo sample from WWDC. The crash occurs when the peer exits the session. We've observed it when the peer exits gracefully, using NISession.invalidate(), and when it exits abruptly due to the app being closed.

Simulator crash report attached. I can provide a device crash report with similar signature if that would help.



I can provide a device crash report with similar signature if that
would help.

Yes please!

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
Here it is!



This is a bit tricky because something (probably some serious inlining) is messing up the symbolication. Consider the top few frames of the crashing thread

Code Block
0 CoreFoundation … _CFAssertMismatchedTypeID + 112 (CFRuntime.c:934)
1 CoreFoundation … _CFAssertMismatchedTypeID + 104 (CFRuntime.c:933)
2 CoreFoundation … CFRunLoopSourceInvalidate + 308 (CFRuntime_Internal.h:118)
3 CFNetwork … _BrowserCancel(__CFNetServiceBrowser*) + 80 (CFNetServiceBrowser.c:178)


It makes sense that _BrowserCancel(…) (frame 3) would call CFRunLoopSourceInvalidate (frame 2) but the source line for that frame is kinda bogus. In reality, CFRuntime_Internal.h:118 points to a CF type checking macro. So, while we know you’ve crashed due to a runtime type check, it’s not clear exactly which type that is.

Having said that, the Application Specific Information section in the simulator crash report is helpful:

Code Block
Expected typeID 46 (CFRunLoopSource) does not match actual typeID 61 (CFSocket)
CoreSimulator 732.18 - Device: iPhone 12 Pro Max (D40711DE-CECD-41C7-BE1B-4222E3CF24BD) - Runtime: iOS 14.1 (18A8394) - DeviceType: iPhone 12 Pro Max


This suggests that the type check you’re hitting is the one early in the CFRunLoopSourceInvalidate, where it checks that the parameter you pass in is action a run loop source.

Of course it’s a complete mystery why the browser would be calling CFRunLoopSourceInvalidate with a socket. Looking at the code it’s hard to imagine how that’d could ever happen. My best guess is that you have some sort of memory management problem. I recommend that you run with the standard memory debugging tools to see if that causes the problem to become more reproducible.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
I've checked all the memory debugging boxes. At the Xcode breakpoint, I see references to NSCalendar and locale operations, which don't appear in the crash reports.



Good news?! I've reproduced the crash using the NIPeekaboo sample from WWDC. Running on two NI capable devices:
  • Accept the permission on both devices so NISession can be established

  • Restart the app on device A (e.g. by relaunching from Xcode)

  • The app will reliably crash on device B

Crash signature is the same as we've seen with our own app.



Good news?! I've reproduced the crash using the NIPeekaboo sample from
WWDC.

That is indeed good news. As this point we know it’s not your code because you’re not running any of your code. I’d appreciate you filing a bug about this. Please post your bug number, just for the record.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
FB8891415 (Application crash on peer reconnect using MultiPeer Connectivity to facilitate a Nearby Interaction session)

FB8891415

Thanks for that.

There’s some suggestion that this was fixed in one of the 14.x software updates. Please re-run your steps to reproduce on the latest 14.3 beta and let us know how you get along.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
We've been seeing a number of crashes with a similar assertion, but related to the EAAccessory Framework. I'm attaching one of these crash logs in hopes someone has suggestions for how I'd debug this further. Unfortunately, much of the EAAccessory related code in our app comes from a number of closed-source third party SDKs.