VM Region Info: 0x38 is not in any region. Bytes before following region:

App & System Services Core OS
alaaugustine OP
Created Feb ’23
Replies 2
Boosts 0
Views 2.6k
Participants 3

Please help to understand the below crash better

Incident Identifier: 2420C89E-A8C9-4E23-BBEA-FE3995C57495
Hardware Model:      iPhone12,8
Process:             PacketTunnelProvider [3824]
Path:                /private/var/containers/Bundle/Application/636BECFF-E199-48A0-A3F3-3AC9BA735CE0/masked masked for Endpoint.app/PlugIns/PacketTunnelProvider.appex/PacketTunnelProvider
Identifier:          com.masked.masked_company.tunnel
Version:             1.1.38010102 (1.1.38010102)
Code Type:           ARM-64 (Native)
Role:                Unspecified
Parent Process:      launchd [1]
Coalition:           com.masked.masked_company.tunnel [835]


Date/Time:           2023-02-06 18:28:41.8259 +0100
Launch Time:         2023-02-06 18:28:41.4521 +0100
OS Version:          iPhone OS 14.3 (18C66)
Release Type:        User
Baseband Version:    2.03.04
Report Version:      104

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000000038
VM Region Info: 0x38 is not in any region.  Bytes before following region: 4302618568
      REGION TYPE                 START - END      [ VSIZE] PRT/MAX SHRMOD  REGION DETAIL
      UNUSED SPACE AT START
--->  
      __TEXT                   10074c000-100750000 [   16K] r-x/r-x SM=COW  ...unnelProvider

Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [3824]
Triggered by Thread:  3




Thread 3 name:
Thread 3 Crashed:
0   SharedFramework               	0x0000000100810364 details::purge_cache() + 72 (AppConnectionInfo.mm:31)
1   SharedFramework               	0x0000000100810334 details::current_time() + 4 (AppConnectionInfo.mm:21)
2   SharedFramework               	0x0000000100810334 details::purge_cache() + 24 (AppConnectionInfo.mm:28)
3   SharedFramework               	0x000000010081515c __60-[GCDTimer initWithInterval:repeat:leeway:queue:completion:]_block_invoke + 28 (GCDTimer.m:31)
4   libdispatch.dylib             	0x0000000186e84db0 _dispatch_client_callout + 20 (object.m:559)
5   libdispatch.dylib             	0x0000000186e8812c _dispatch_continuation_pop + 416 (inline_internal.h:2548)
6   libdispatch.dylib             	0x0000000186e99c08 _dispatch_source_invoke + 1260 (source.c:570)
7   libdispatch.dylib             	0x0000000186e8bfd8 _dispatch_lane_serial_drain + 272 (inline_internal.h:2589)
8   libdispatch.dylib             	0x0000000186e8cc5c _dispatch_lane_invoke + 408 (queue.c:3862)
9   libdispatch.dylib             	0x0000000186e96d78 _dispatch_workloop_worker_thread + 708 (queue.c:6601)
10  libsystem_pthread.dylib       	0x00000001d2adb804 _pthread_wqthread + 276 (pthread.c:2207)
11  libsystem_pthread.dylib       	0x00000001d2ae275c start_wqthread + 8 (:-1)

Relevant code block for the same


    const auto now = std::chrono::system_clock::now();

    const auto msecs = std::chrono::duration_cast<std::chrono::microseconds>(now.time_since_epoch()).count();

    return msecs;

}



void purge_cache() {

    // TODO : check for the more optimisations here.

    auto now = current_time();

    // TODO : 31045550 : add an aggregated telemetry of cache size here, this requires changes in TelemetryAggregator

    for (auto it = _cache.begin(); it != _cache.end();) {

        if (now - it->second.first > CONNECTION_TIMEOUT)   {

            // if last timestamp of connection is greater than 10 seconds, then it would mean there is no outgoing packet from the socket for more than 10 seconds

            _cache.erase(it++);

        } else {

            ++it;

        }

    }

}

Crash is happening here if (now - it->second.first > CONNECTION_TIMEOUT).

This is happening for iOS devices less than 15.0

Replies  2
Boosts  0
Views  2.6k
Participants  3
Systems Engineer OP
Apple
Feb ’23

Crash is happening here if (now - it->second.first > CONNECTION_TIMEOUT). VM Region Info: 0x38 is not in any region Termination Signal: Segmentation fault: 11

You're using an object or a piece of memory that doesn't exist anymore and that's why it's faulting and throwing out an error saying that you're app is using an address that is outside of your app's memory region. It's hard to know what's causing this with the code that you provided. Try looking for instances of it being free'd twice.

0
DTS Engineer OP
Apple
Feb ’23

You're using an object or a piece of memory that doesn't exist anymore

It’s easier than that. The address in question, 0x0000000000000038, is never a valid pointer. It’s likely that something is corrupting this or the _cache data member. The most likely cause of such things is a concurrency issue.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

1
VM Region Info: 0x38 is not in any region. Bytes before following region:
First post date Last post date
 
 
Q