We have collected many crashes of this type in our APP on 16.1 or later systems, but it is normal on other systems. It looks like memory issues related to objc_release, but our code should be correct. Could someone help to locate the cause?
Hardware Model: iPhone14,3
Process: MyAPP [6850]
Path: /private/var/containers/Bundle/Application/C129C91C-89D6-4C6F-9057-D884CFACDB41/MyAPP.app/MyAPP
Version: 6.0.2 (6021)
AppStoreTools: 14C17
AppVariant: 1:iPhone14,3:15
Code Type: ARM-64 (Native)
Role: Foreground
Parent Process: launchd [1]
Date/Time: 2023-02-08 13:32:40.1633 +0800
Launch Time: 2023-02-07 01:19:36.8931 +0800
OS Version: iPhone OS 16.3 (20D47)
Release Type: User
Baseband Version: 2.40.01
Report Version: 104
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x00000000002008ff
Exception Codes: 0x0000000000000001, 0x00000000002008ff
VM Region Info: 0x2008ff is not in any region. Bytes before following region: 4361615105
REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL
UNUSED SPACE AT START
--->
__TEXT 104190000-104f64000 [ 13.8M] r-x/r-x SM=COW .../MyAPP
Termination Reason: SIGNAL 11 Segmentation fault: 11
Terminating Process: exc handler [6850]
Triggered by Thread: 0
Thread 0 name:
Thread 0 Crashed:
0 libobjc.A.dylib 0x0000000187a9754c objc_release_x0 + 8 (:-1)
1 MyAPP 0x00000001058474ec +[GSTree buildMenuTreeWithMenus:] + 792
2 MyAPP 0x00000001057d0230 -[SystemInfoCenter buildMenuTressWithMenus:] + 48
3 MyAPP 0x00000001057c8ad4 -[SystemInfoCenter parseMenu:] + 72
4 MyAPP 0x00000001057c8820 -[SystemInfoCenter parseSystemConfiguration:updatePersistance:] + 100
5 MyAPP 0x00000001057c741c -[SystemInfoCenter loadSystemInfoFromPersistance] + 92
6 MyAPP 0x00000001057c73a4 -[SystemInfoCenter systemInitializeWithAppName:productionVersion:] + 120
7 MyAPP 0x00000001051fb3b0 -[AppDelegate logoutSystem:restoreContentVC:] + 1508 (AppDelegate.m:635)
8 MyAPP 0x00000001051f8b40 -[AppDelegate applicationWillEnterForeground:] + 252 (AppDelegate.m:261)
9 MyAPP 0x00000001070bb33c -[NBSAppAgent nbs_applicationWillEnterForeground:] + 952
10 UIKitCore 0x0000000190c8c63c -[UIApplication _sendWillEnterForegroundCallbacks] + 184 (UIApplication.m:11710)
11 UIKitCore 0x0000000190c8c1a0 __101-[_UISceneLifecycleMultiplexer _evalTransitionToSettings:fromSettings:forceExit:withTransitionStore:]_block_invoke_2 + 1272 (_UISceneLifecycleMultiplexer.m:651)
12 UIKitCore 0x0000000190b85e74 _UIScenePerformActionsWithLifecycleActionMask + 108 (_UISceneLifecycleState.m:109)
13 UIKitCore 0x0000000190ec7d78 __101-[_UISceneLifecycleMultiplexer _evalTransitionToSettings:fromSettings:forceExit:withTransitionStore:]_block_invoke + 216 (_UISceneLifecycleMultiplexer.m:564)
14 UIKitCore 0x0000000190d78adc -[_UISceneLifecycleMultiplexer _performBlock:withApplicationOfDeactivationReasons:fromReasons:] + 220 (_UISceneLifecycleMultiplexer.m:513)
15 UIKitCore 0x0000000190d78904 -[_UISceneLifecycleMultiplexer _evalTransitionToSettings:fromSettings:forceExit:withTransitionStore:] + 620 (_UISceneLifecycleMultiplexer.m:563)
16 UIKitCore 0x0000000190d784b4 -[_UISceneLifecycleMultiplexer uiScene:transitionedFromState:withTransitionContext:] + 252 (_UISceneLifecycleMultiplexer.m:469)
17 UIKitCore 0x0000000190d78380 __186-[_UIWindowSceneFBSSceneTransitionContextDrivenLifecycleSettingsDiffAction _performActionsForUIScene:withUpdatedFBSScene:settingsDiff:fromSettings:transitionContext:lifecycleActionType:]_block... + 148 (_UIWindowSceneFBSSceneTransitionContextDrivenLifecycleSettingsDiffAction.m:73)
18 UIKitCore 0x000000019145c56c +[BSAnimationSettings(UIKit) tryAnimatingWithSettings:fromCurrentState:actions:completion:] + 736 (BSAnimationSettings+UIKit.m:54)
19 UIKitCore 0x00000001914f6568 _UISceneSettingsDiffActionPerformChangesWithTransitionContextAndCompletion + 224 (_UISceneSettingsDiffAction.m:27)
20 UIKitCore 0x0000000190c24374 -[_UIWindowSceneFBSSceneTransitionContextDrivenLifecycleSettingsDiffAction _performActionsForUIScene:withUpdatedFBSScene:settingsDiff:fromSettings:transitionContext:lifecycleActionType:] + 316 (_UISceneSettingsDiffAction.m:20)
21 UIKitCore 0x0000000191097294 __64-[UIScene scene:didUpdateWithDiff:transitionContext:completion:]_block_invoke.214 + 556 (UIScene.m:2000)
22 UIKitCore 0x0000000190cf69a0 -[UIScene _emitSceneSettingsUpdateResponseForCompletion:afterSceneUpdateWork:] + 216 (UIScene.m:1676)
23 UIKitCore 0x0000000190cf6810 -[UIScene scene:didUpdateWithDiff:transitionContext:completion:] + 244 (UIScene.m:1962)
24 UIKitCore 0x0000000190cf6650 -[UIApplicationSceneClientAgent scene:handleEvent:withCompletion:] + 336 (UIApplicationSceneClientAgent.m:86)
25 FrontBoardServices 0x00000001a469566c -[FBSScene updater:didUpdateSettings:withDiff:transitionContext:completion:] + 420 (FBSScene.m:549)
26 FrontBoardServices 0x00000001a46954a8 __94-[FBSWorkspaceScenesClient _queue_updateScene:withSettings:diff:transitionContext:completion:]_block_invoke_2 + 144 (FBSWorkspaceScenesClient.m:579)
27 FrontBoardServices 0x00000001a4698c24 -[FBSWorkspace _calloutQueue_executeCalloutFromSource:withBlock:] + 168 (FBSWorkspace.m:359)
28 FrontBoardServices 0x00000001a4698b40 __94-[FBSWorkspaceScenesClient _queue_updateScene:withSettings:diff:transitionContext:completion:]_block_invoke + 340 (FBSWorkspaceScenesClient.m:578)
29 libdispatch.dylib 0x0000000195f34f88 _dispatch_client_callout + 20 (object.m:560)
30 libdispatch.dylib 0x0000000195f38a08 _dispatch_block_invoke_direct + 264 (queue.c:496)
31 FrontBoardServices 0x00000001a46a2d40 __FBSSERIALQUEUE_IS_CALLING_OUT_TO_A_BLOCK__ + 52 (FBSSerialQueue.m:157)
32 FrontBoardServices 0x00000001a46a28dc -[FBSSerialQueue _targetQueue_performNextIfPossible] + 220 (FBSSerialQueue.m:181)
33 FrontBoardServices 0x00000001a46a5184 -[FBSSerialQueue _performNextFromRunLoopSource] + 28 (FBSSerialQueue.m:194)
34 CoreFoundation 0x000000018e9e8f24 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28 (CFRunLoop.c:1957)
35 CoreFoundation 0x000000018e9f52fc __CFRunLoopDoSource0 + 176 (CFRunLoop.c:2001)