iOS 14 CoreFoundation crash with EXC_BREAKPOINT

Question

Created Oct ’20

Replies 29

Boosts 1

Views 14k

Participants 11

Hi,
I am facing a strange issue in my app with iOS14 there is a intermittent crash, i am using NetServiceBrowser for MDNS discovery not sure if that is causing the problem crash log has below information:

Crashed: com.apple.main-thread
0 CoreFoundation 0x1a906c4c4 CFAssertMismatchedTypeID + 108
1 CoreFoundation 0x1a8f7db0c CFRunLoopSourceRemoveFromRunLoop + 298
2 CFNetwork 0x1a96255b0 CFNetServiceBrowserStopSearch + 460
3 CoreFoundation 0x1a8f81240 CFRUNLOOPISCALLINGOUTTOASOURCE0PERFORMFUNCTION + 24
4 CoreFoundation 0x1a8f81140 CFRunLoopDoSource0 + 204
5 CoreFoundation 0x1a8f80488 CFRunLoopDoSources0 + 256
6 CoreFoundation 0x1a8f7aa40 CFRunLoopRun + 776
7 CoreFoundation 0x1a8f7a200 CFRunLoopRunSpecific + 572
8 GraphicsServices 0x1bf075598 GSEventRunModal + 160
9 UIKitCore 0x1ab840004 -[UIApplication run] + 1052
10 UIKitCore 0x1ab8455d8 UIApplicationMain + 164

Answered by DTS Engineer in 787317022

Yes. using Multipeer Connectivity

OK. In that case my answer is that you should stop using Multipeer Connectivity. This is a long-standing bug and, while I can’t predict the future with 100% accuracy, I think it’s reasonable to infer future behaviour from past behaviour. In this case, you’re looking at a crashing bug that’s been around for at least 3 years old [1]. How long are you prepared to wait for a fix?

IMO Multipeer Connectivity should be officially deprecated in favour of Network framework [2]. If you’d like to make that transition:

Check out the Building a custom peer-to-peer protocol sample code.
If you get, stuck a new thread with the details. Tag it with Network so that I see it.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] Based on the age of this thread. I suspect that this bug has been around for much longer than that.

[2] And, to be clear, this is a personal opinion. I don’t set official Apple policy for this stuff. The official policy is in TN3151 Choosing the right networking API, which has to walk a fine line because Multipeer Connectivity isn’t officially deprecated.

Boost

Answer 1

Systems Engineer OP

Apple

Oct ’20

This really doesn't give us much to go off of other than NSNetServiceBrowser is being removed from the current run loop and is crashing your app for some reason. Is there any more info to go off of here?

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

0

Answer 2

arpit.mishra_wdc OP

Oct ’20

I could see in firebase keys section it has "Expected typeID 46 (CFRunLoopSource) does not match actual typeID 61 (CFSocket)" for key "crashinfoentry_0"

0

Answer 3

DTS Engineer OP

Apple

Oct ’20

I am facing a strange issue in my app with iOS 14 there is a
intermittent crash

Please post a full crash report. It’s hard to say what’s code on here based on this snippet. Use the text attachment button (<>) to avoid clogging up the timeline.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"

0

Answer 4

arpit.mishra_wdc OP

Oct ’20

Firebase mentions one of the keys in crash log as
Expected typeID 46 (CFRunLoopSource) does not match actual typeID 61 (CFSocket)

Here is the complete crash log

Code Block Crashed: com.apple.main-thread
EXC_BREAKPOINT 0x00000001901fe700
Crashed: com.apple.main-thread
0  CoreFoundation                 0x1901fe700 _CFAssertMismatchedTypeID + 112
1  CoreFoundation                 0x190107f0c CFRunLoopSourceRemoveFromRunLoop + 306
2  CFNetwork                      0x1907d0808 CFNetServiceBrowserStopSearch + 472
3  CoreFoundation                 0x19010b81c CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION + 28
4  CoreFoundation                 0x19010b718 CFRunLoopDoSource0 + 208
5  CoreFoundation                 0x19010aa28 CFRunLoopDoSources0 + 268
6  CoreFoundation                 0x190104d20 CFRunLoopRun + 824
7  CoreFoundation                 0x1901044bc CFRunLoopRunSpecific + 600
8  GraphicsServices               0x1a6b89820 GSEventRunModal + 164
9  UIKitCore                      0x192aa8734 -[UIApplication _run] + 1072
10 UIKitCore                      0x192aade10 UIApplicationMain + 168
11 AppTarget_Qa        		        0x104e73ed4 main + 41 (AppDelegate.swift:41)
12 libdyld.dylib                  0x18fdcbe60 start + 4
Thread 1
0  libsystem_kernel.dylib         0x1bc0b85bc workq_kernreturn + 8
1  libsystem_pthread.dylib        0x1d76e0954 _pthread_wqthread + 352
2  libsystem_pthread.dylib        0x1d76e777c start_wqthread + 8
com.apple.uikit.eventfetch-thread
0  libsystem_kernel.dylib         0x1bc093dd0 mach_msg_trap + 8
1  libsystem_kernel.dylib         0x1bc093184 mach_msg + 76
2  CoreFoundation                 0x19010acf8 CFRunLoopServiceMachPort + 380
3  CoreFoundation                 0x190104ea8 CFRunLoopRun + 1216
4  CoreFoundation                 0x1901044bc CFRunLoopRunSpecific + 600
5  Foundation                     0x191381e30 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 232
6  Foundation                     0x191381d08 -[NSRunLoop(NSRunLoop) runUntilDate:] + 92
7  UIKitCore                      0x192b58e94 -[UIEventFetcher threadMain] + 516
8  Foundation                     0x1914ec0f0 NSThreadstart + 864
9  libsystem_pthread.dylib        0x1d76deca8 _pthread_start + 320
10 libsystem_pthread.dylib        0x1d76e7788 thread_start + 8
AVAudioSession Notify Thread
0  libsystem_kernel.dylib         0x1bc093dd0 mach_msg_trap + 8
1  libsystem_kernel.dylib         0x1bc093184 mach_msg + 76
2  CoreFoundation                 0x19010acf8 CFRunLoopServiceMachPort + 380
3  CoreFoundation                 0x190104ea8 CFRunLoopRun + 1216
4  CoreFoundation                 0x1901044bc CFRunLoopRunSpecific + 600
5  AudioSession                   0x1979a62ac GenericRunLoopThread::Entry(void*) + 164
6  AudioSession                   0x1979a8390 CAPThread::Entry(CAPThread*) + 92
7  libsystem_pthread.dylib        0x1d76deca8 _pthread_start + 320
8  libsystem_pthread.dylib        0x1d76e7788 thread_start + 8
com.google.firebase.crashlytics.MachExceptionServer
0  AppTarget_Qa        		        0x10510a9b4 FIRCLSProcessRecordAllThreads + 392 (FIRCLSProcess.c:392)
1  AppTarget_Qa		                0x10510ad98 FIRCLSProcessRecordAllThreads + 423 (FIRCLSProcess.c:423)
2  AppTarget_Qa 	                0x105101624 FIRCLSHandler + 34 (FIRCLSHandler.m:34)
3  AppTarget_Qa		                0x105104054 FIRCLSMachExceptionServer + 524 (FIRCLSMachException.c:524)
4  libsystem_pthread.dylib        0x1d76deca8 _pthread_start + 320
5  libsystem_pthread.dylib        0x1d76e7788 thread_start + 8
Thread 2
0  libsystem_kernel.dylib         0x1bc0b85bc workq_kernreturn + 8
1  libsystem_pthread.dylib        0x1d76e0954 _pthread_wqthread + 352
2  libsystem_pthread.dylib        0x1d76e777c start_wqthread + 8
com.apple.NSURLConnectionLoader
0  libsystem_kernel.dylib         0x1bc093dd0 mach_msg_trap + 8
1  libsystem_kernel.dylib         0x1bc093184 mach_msg + 76
2  CoreFoundation                 0x19010acf8 CFRunLoopServiceMachPort + 380
3  CoreFoundation                 0x190104ea8 CFRunLoopRun + 1216
4  CoreFoundation                 0x1901044bc CFRunLoopRunSpecific + 600
5  CFNetwork                      0x1909bd050 _CFURLStorageSessionCopyCache + 63240
6  Foundation                     0x1914ec0f0 NSThreadstart + 864
7  libsystem_pthread.dylib        0x1d76deca8 _pthread_start + 320
8  libsystem_pthread.dylib        0x1d76e7788 thread_start + 8
com.apple.CFSocket.private
0  libsystem_kernel.dylib         0x1bc0b7c40 select + 8
1  libsystem_kernel.dylib         0x1bc0b7c40 select$DARWIN_EXTSN + 8
2  CoreFoundation                 0x190117688 CFSocketManager + 636
3  libsystem_pthread.dylib        0x1d76deca8 _pthread_start + 320
4  libsystem_pthread.dylib        0x1d76e7788 thread_start + 8
Thread 3
0  libsystem_kernel.dylib         0x1bc0b85bc workq_kernreturn + 8
1  libsystem_pthread.dylib        0x1d76e0954 _pthread_wqthread + 352
2  libsystem_pthread.dylib        0x1d76e777c start_wqthread + 8
Thread 4
0  libsystem_kernel.dylib         0x1bc0b85bc workq_kernreturn + 8
1  libsystem_pthread.dylib        0x1d76e0954 _pthread_wqthread + 352
2  libsystem_pthread.dylib        0x1d76e777c start_wqthread + 8
Thread 5
0  libsystem_kernel.dylib         0x1bc0b85bc __workq_kernreturn + 8
1  libsystem_pthread.dylib        0x1d76e0954 _pthread_wqthread + 352
2  libsystem_pthread.dylib        0x1d76e777c start_wqthread + 8

0

Answer 5

DTS Engineer OP

Apple

Oct ’20

Here is the complete crash log

OK, sorry, I was looking for a complete Apple crash report. I presume this is from a third-party crash reporter? If so, there’s not much I can do with it )-:

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"

0

Answer 6

mygzapc OP

Oct ’20

We are facing a similar, intermittent crash, observed in both simulator and real devices. The app is running NISession over MCSession based on the NIPeekaboo sample from WWDC. The crash occurs when the peer exits the session. We've observed it when the peer exits gracefully, using NISession.invalidate(), and when it exits abruptly due to the app being closed.

Simulator crash report attached. I can provide a device crash report with similar signature if that would help.

simulator.crash

0

Answer 7

DTS Engineer OP

Apple

Oct ’20

I can provide a device crash report with similar signature if that
would help.

Yes please!

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"

1

Answer 8

mygzapc OP

Oct ’20

Here it is!

Device crash log

0

Answer 9

DTS Engineer OP

Apple

Oct ’20

This is a bit tricky because something (probably some serious inlining) is messing up the symbolication. Consider the top few frames of the crashing thread

Code Block  0 CoreFoundation … _CFAssertMismatchedTypeID + 112 (CFRuntime.c:934)
1 CoreFoundation … _CFAssertMismatchedTypeID + 104 (CFRuntime.c:933)
2 CoreFoundation … CFRunLoopSourceInvalidate + 308 (CFRuntime_Internal.h:118)
3 CFNetwork      … _BrowserCancel(__CFNetServiceBrowser*) + 80 (CFNetServiceBrowser.c:178)

It makes sense that _BrowserCancel(…) (frame 3) would call CFRunLoopSourceInvalidate (frame 2) but the source line for that frame is kinda bogus. In reality, CFRuntime_Internal.h:118 points to a CF type checking macro. So, while we know you’ve crashed due to a runtime type check, it’s not clear exactly which type that is.

Having said that, the Application Specific Information section in the simulator crash report is helpful:

Code Block  Expected typeID 46 (CFRunLoopSource) does not match actual typeID 61 (CFSocket)
CoreSimulator 732.18 - Device: iPhone 12 Pro Max (D40711DE-CECD-41C7-BE1B-4222E3CF24BD) - Runtime: iOS 14.1 (18A8394) - DeviceType: iPhone 12 Pro Max

This suggests that the type check you’re hitting is the one early in the CFRunLoopSourceInvalidate, where it checks that the parameter you pass in is action a run loop source.

Of course it’s a complete mystery why the browser would be calling CFRunLoopSourceInvalidate with a socket. Looking at the code it’s hard to imagine how that’d could ever happen. My best guess is that you have some sort of memory management problem. I recommend that you run with the standard memory debugging tools to see if that causes the problem to become more reproducible.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"

0

Answer 10

mygzapc OP

Nov ’20

I've checked all the memory debugging boxes. At the Xcode breakpoint, I see references to NSCalendar and locale operations, which don't appear in the crash reports.

Thread frames

0

Answer 11

mygzapc OP

Nov ’20

Good news?! I've reproduced the crash using the NIPeekaboo sample from WWDC. Running on two NI capable devices:

Accept the permission on both devices so NISession can be established
Restart the app on device A (e.g. by relaunching from Xcode)
The app will reliably crash on device B

Crash signature is the same as we've seen with our own app.

iPhone 11 crash log

0

Answer 12

DTS Engineer OP

Apple

Nov ’20

Good news?! I've reproduced the crash using the NIPeekaboo sample from
WWDC.

That is indeed good news. As this point we know it’s not your code because you’re not running any of your code. I’d appreciate you filing a bug about this. Please post your bug number, just for the record.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"

0

Answer 13

mygzapc OP

Nov ’20

FB8891415 (Application crash on peer reconnect using MultiPeer Connectivity to facilitate a Nearby Interaction session)

0

Answer 14

DTS Engineer OP

Apple

Nov ’20

FB8891415

Thanks for that.

There’s some suggestion that this was fixed in one of the 14.x software updates. Please re-run your steps to reproduce on the latest 14.3 beta and let us know how you get along.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"

0

Answer 15

cshnider_ls OP

Nov ’20

We've been seeing a number of crashes with a similar assertion, but related to the EAAccessory Framework. I'm attaching one of these crash logs in hopes someone has suggestions for how I'd debug this further. Unfortunately, much of the EAAccessory related code in our app comes from a number of closed-source third party SDKs.

Crash Log

1