Crashes in NEFilterPacketInterpose createChannel

App & System Services Networking
pvf_c877 OP
Created May ’23
Replies 3
Boosts 0
Views 519
Participants 2

Hello,

Our users are seeing random crashes in our packet filter system extension on macOS. Any help pointing me in the right direction to either avoid the issue or fix it would be greatly appreciated. Attached is the crash log.

Thank you.

packetfilter.crash
Crashed Thread:        2  Dispatch queue: com.apple.network.connections

Exception Type:        EXC_BAD_ACCESS (SIGBUS)
Exception Codes:       KERN_PROTECTION_FAILURE at 0x0000000112918700
Exception Note:        EXC_CORPSE_NOTIFY

Termination Signal:    Bus error: 10
Termination Reason:    Namespace SIGNAL, Code 0xa
Terminating Process:   exc handler [40687]

...

Thread 2 Crashed:: Dispatch queue: com.apple.network.connections
0   libsystem_kernel.dylib        	0x00007fff2089b46e os_channel_get_next_slot + 230
1   com.apple.NetworkExtension    	0x00007fff2e2e2643 __40-[NEFilterPacketInterpose createChannel]_block_invoke + 560
2   libdispatch.dylib             	0x00007fff20718806 _dispatch_client_callout + 8
3   libdispatch.dylib             	0x00007fff2071b1b0 _dispatch_continuation_pop + 423
4   libdispatch.dylib             	0x00007fff2072b564 _dispatch_source_invoke + 2061
5   libdispatch.dylib             	0x00007fff20720318 _dispatch_workloop_invoke + 1784
6   libdispatch.dylib             	0x00007fff20728c0d _dispatch_workloop_worker_thread + 811
7   libsystem_pthread.dylib       	0x00007fff208bf45d _pthread_wqthread + 314
8   libsystem_pthread.dylib       	0x00007fff208be42f start_wqthread + 15
Replies  3
Boosts  0
Views  519
Participants  2
DTS Engineer OP
Apple
May ’23

That crash report was from macOS 11.6.5. Have you seen crashes on anything newer?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
pvf_c877 OP
May ’23

I have not seen crashes on anything newer so far.

0
DTS Engineer OP
Apple
May ’23

OK.

So, yeah, that’s a wacky crash deep within NE. Some internal analysis of your crash report suggests that it was something we actually fixed, possible in macOS 12. But if you saw it on modern system, say macOS 13, that’d be definitely something new.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
Crashes in NEFilterPacketInterpose createChannel
First post date Last post date
 
 
Q