probeGC crash in Fabric Crashlytics

This crash is happening only on iOS 13.3.1 on iPad 6 & iPad Pro (12.9 inch, 3rd Gen)


This crash is happening randomly and is a real deterrent to my customers.


Crash Log:

Crashed: com.apple.main-thread

0 libobjc.A.dylib 0x1b80c4090 objc_msgSend + 16

1 Foundation 0x1b875c4f0 probeGC + 120

2 Foundation 0x1b8672d64 -[NSConcreteMapTable rehashAround:] + 204

3 Foundation 0x1b8672c68 -[NSConcreteMapTable removeObjectForKey:] + 248

4 UIKitCore 0x1bc8c3484 _UIAnalyticsGatherMultitouchAnalytics + 632

5 UIKitCore 0x1bc43ea10 -[UIApplication sendEvent:] + 204

6 Instabug 0x103980274 __IBGSwizzle_sendEvent + 240

7 UIKitCore 0x1bc4b6c20 __dispatchPreprocessedEventFromEventQueue + 5880

8 UIKitCore 0x1bc4b917c __handleEventQueueInternal + 4924

9 UIKitCore 0x1bc4b1ff0 __handleHIDEventFetcherDrain + 108

10 CoreFoundation 0x1b831ea00 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24

11 CoreFoundation 0x1b831e958 __CFRunLoopDoSource0 + 80

12 CoreFoundation 0x1b831e0f0 __CFRunLoopDoSources0 + 180

13 CoreFoundation 0x1b831923c __CFRunLoopRun + 1080

14 CoreFoundation 0x1b8318adc CFRunLoopRunSpecific + 464

15 GraphicsServices 0x1c22b9328 GSEventRunModal + 104

16 UIKitCore 0x1bc42663c UIApplicationMain + 1936

17 DocOn 0x100df8e10 main + 15 (main.m:15)

18 libdyld.dylib 0x1b81a2360 start + 4

Replies

You’re not crashing in

probeGC
, you’re crashing in
objc_msgSend
. This is the core Objective-C runtime’s message dispatch mechanism. A crash here typically means that you’ve corrupted memory such that you’re trying to send a message to an object that’s not actually an object.

Having said that, your first step here should be getting rid of the following:

6  Instabug  0x103980274 __IBGSwizzle_sendEvent + 240

This looks like a third-party crash reporter swizzling system methods. That’s a very bad idea on multiple axes [1]. As a first step, I recommend that you remove your third-party crash reporter to increase the fidelity of your crash reports. It’s hard enough to debug problems like this without having to deal with untrustworthy crash reports.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

[1] Specifically:

  • Third-party crash reporters are a bad idea in general. My Implementing Your Own Crash Reporter post explains why.

  • Swizzle methods on system classes, like

    UIApplication
    , is a really bad idea.

I'm suddenly seeing almost the exact same bug, but my crash report does not include any "swizzle" operation...


#0. Crashed: com.apple.main-thread
0  libobjc.A.dylib                0x194afc090 objc_msgSend + 16
1  Foundation                     0x1951944f0 probeGC + 120
2  Foundation                     0x1950aad64 -[NSConcreteMapTable rehashAround:] + 204
3  Foundation                     0x1950aac68 -[NSConcreteMapTable removeObjectForKey:] + 248
4  UIKitCore                      0x1992fb484 _UIAnalyticsGatherMultitouchAnalytics + 632
5  UIKitCore                      0x198e76a10 -[UIApplication sendEvent:] + 204
6  UIKitCore                      0x198eeec20 __dispatchPreprocessedEventFromEventQueue + 5880
7  UIKitCore                      0x198ef117c __handleEventQueueInternal + 4924
8  UIKitCore                      0x198ee9ff0 __handleHIDEventFetcherDrain + 108
9  CoreFoundation                 0x194d56a00 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24
10 CoreFoundation                 0x194d56958 __CFRunLoopDoSource0 + 80
11 CoreFoundation                 0x194d560f0 __CFRunLoopDoSources0 + 180
12 CoreFoundation                 0x194d5123c __CFRunLoopRun + 1080
13 CoreFoundation                 0x194d50adc CFRunLoopRunSpecific + 464
14 GraphicsServices               0x19ecf1328 GSEventRunModal + 104
15 UIKitCore                      0x198e5e63c UIApplicationMain + 1936
16 DART                           0x100ff93c4 main + 14 (main.m:14)
17 libdyld.dylib                  0x194bda360 start + 4


I get that this might be corrupted memory, and will try running with memory diagnostics enabled, but since it is an intermittent issue, not sure if that will be any help.


Sad face

Same backtrace here. Only seeing this on 3.3.1. The app uses Crashlytics.

my crash report does not include any "swizzle" operation

Cool. Can you post a full crash report? Use the

<>
button to format it as code so that it’s easier to read.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"
0 libobjc.A.dylib     lookUpImpOrForward + 136
1 libobjc.A.dylib     _objc_msgSend_uncached + 64
2 Foundation         probeGC + 124
3   Foundation         -[NSConcreteMapTable grow] + 552
4 Foundation         -[NSConcreteMapTable setObject:forKey:] + 180
5 UIKitCore         _UIAnalyticsGatherMultitouchAnalytics + 548
6 UIKitCore         -[UIApplication sendEvent:] + 208
7 UIKitCore         __dispatchPreprocessedEventFromEventQueue + 5712
8 UIKitCore         __handleEventQueueInternal + 4928
9 UIKitCore         __handleHIDEventFetcherDrain + 112
10 CoreFoundation     __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28
11 CoreFoundation     __CFRunLoopDoSource0 + 84
12 CoreFoundation  __CFRunLoopDoSources0 + 184
13 CoreFoundation     __CFRunLoopRun + 1068
14 CoreFoundation     CFRunLoopRunSpecific + 480
15 GraphicsServices GSEventRunModal + 108
16  UIKitCore         UIApplicationMain + 1940
17 MUBU             main.m line 
18 libdyld.dylib     start + 4

Same backtrace here. Only seeing this on iOS 13. The app uses Crashlytics

# Platform: ios
# Application: DART
# Version: 13.5 (1)
# Bundle Identifier: com.specialtyproduce.enterprise.dart
# Issue ID: 9990bf453052b24c20564253dd8c6a29
# Session ID: 18156951757342a8b3b1eb403f3e3a50_DNE_0_v2
# Date: 2020-03-09T17:59:00Z
# OS Version: 13.3.1 (17D50)
# Device: iPad 5
# RAM Free: 5.9%
# Disk Free: 68.2%


#0. Crashed: com.apple.main-thread
0  libobjc.A.dylib                0x194afc090 objc_msgSend + 16
1  Foundation                     0x1951944f0 probeGC + 120
2  Foundation                     0x1950aad64 -[NSConcreteMapTable rehashAround:] + 204
3  Foundation                     0x1950aac68 -[NSConcreteMapTable removeObjectForKey:] + 248
4  UIKitCore                      0x1992fb484 _UIAnalyticsGatherMultitouchAnalytics + 632
5  UIKitCore                      0x198e76a10 -[UIApplication sendEvent:] + 204
6  UIKitCore                      0x198eeec20 __dispatchPreprocessedEventFromEventQueue + 5880
7  UIKitCore                      0x198ef117c __handleEventQueueInternal + 4924
8  UIKitCore                      0x198ee9ff0 __handleHIDEventFetcherDrain + 108
9  CoreFoundation                 0x194d56a00 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24
10 CoreFoundation                 0x194d56958 __CFRunLoopDoSource0 + 80
11 CoreFoundation                 0x194d560f0 __CFRunLoopDoSources0 + 180
12 CoreFoundation                 0x194d5123c __CFRunLoopRun + 1080
13 CoreFoundation                 0x194d50adc CFRunLoopRunSpecific + 464
14 GraphicsServices               0x19ecf1328 GSEventRunModal + 104
15 UIKitCore                      0x198e5e63c UIApplicationMain + 1936
16 DART                           0x100ff93c4 main + 14 (main.m:14)
17 libdyld.dylib                  0x194bda360 start + 4


--


#0. Crashed: com.apple.main-thread
0  libobjc.A.dylib                0x194afc090 objc_msgSend + 16
1  Foundation                     0x1951944f0 probeGC + 120
2  Foundation                     0x1950aad64 -[NSConcreteMapTable rehashAround:] + 204
3  Foundation                     0x1950aac68 -[NSConcreteMapTable removeObjectForKey:] + 248
4  UIKitCore                      0x1992fb484 _UIAnalyticsGatherMultitouchAnalytics + 632
5  UIKitCore                      0x198e76a10 -[UIApplication sendEvent:] + 204
6  UIKitCore                      0x198eeec20 __dispatchPreprocessedEventFromEventQueue + 5880
7  UIKitCore                      0x198ef117c __handleEventQueueInternal + 4924
8  UIKitCore                      0x198ee9ff0 __handleHIDEventFetcherDrain + 108
9  CoreFoundation                 0x194d56a00 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24
10 CoreFoundation                 0x194d56958 __CFRunLoopDoSource0 + 80
11 CoreFoundation                 0x194d560f0 __CFRunLoopDoSources0 + 180
12 CoreFoundation                 0x194d5123c __CFRunLoopRun + 1080
13 CoreFoundation                 0x194d50adc CFRunLoopRunSpecific + 464
14 GraphicsServices               0x19ecf1328 GSEventRunModal + 104
15 UIKitCore                      0x198e5e63c UIApplicationMain + 1936
16 DART                           0x100ff93c4 main + 14 (main.m:14)
17 libdyld.dylib                  0x194bda360 start + 4


#1. com.apple.uikit.eventfetch-thread
0  libsystem_kernel.dylib         0x194bae634 mach_msg_trap + 8
1  libsystem_kernel.dylib         0x194badaa0 mach_msg + 72
2  CoreFoundation                 0x194d56288 __CFRunLoopServiceMachPort + 216
3  CoreFoundation                 0x194d513a8 __CFRunLoopRun + 1444
4  CoreFoundation                 0x194d50adc CFRunLoopRunSpecific + 464
5  Foundation                     0x195090784 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 228
6  Foundation                     0x195090664 -[NSRunLoop(NSRunLoop) runUntilDate:] + 88
7  UIKitCore                      0x198ef6e80 -[UIEventFetcher threadMain] + 152
8  Foundation                     0x1951c109c __NSThread__start__ + 848
9  libsystem_pthread.dylib        0x194af3d8c _pthread_start + 156
10 libsystem_pthread.dylib        0x194af776c thread_start + 8


#2. com.twitter.crashlytics.ios.MachExceptionServer
0  DART                           0x10111e270 CLSProcessRecordAllThreads + 4374143600
1  DART                           0x10111e730 CLSProcessRecordAllThreads + 4374144816
2  DART                           0x10110df74 CLSHandler + 4374077300
3  DART                           0x101109364 CLSMachExceptionServer + 4374057828
4  libsystem_pthread.dylib        0x194af3d8c _pthread_start + 156
5  libsystem_pthread.dylib        0x194af776c thread_start + 8


#3. JavaScriptCore bmalloc scavenger
0  libsystem_kernel.dylib         0x194bcfc94 __psynch_cvwait + 8
1  libsystem_pthread.dylib        0x194aeccf8 _pthread_cond_wait$VARIANT$mp + 680
2  libc++.1.dylib                 0x194c227a8 std::__1::condition_variable::wait(std::__1::unique_lock<std::__1::mutex>&) + 24
3  JavaScriptCore                 0x1a3b7338c void std::__1::condition_variable_any::wait<std::__1::unique_lock >(std::__1::unique_lock&) + 108
4  JavaScriptCore                 0x1a3b76d5c bmalloc::Scavenger::threadRunLoop() + 200
5  JavaScriptCore                 0x1a3b76a44 bmalloc::Scavenger::Scavenger(std::__1::lock_guard&) + 10
6  JavaScriptCore                 0x1a3b77d50 std::__1::__thread_specific_ptr<std::__1::__thread_struct>::set_pointer(std::__1::__thread_struct*) + 38
7  libsystem_pthread.dylib        0x194af3d8c _pthread_start + 156
8  libsystem_pthread.dylib        0x194af776c thread_start + 8


#4. WebThread
0  libsystem_kernel.dylib         0x194bae634 mach_msg_trap + 8
1  libsystem_kernel.dylib         0x194badaa0 mach_msg + 72
2  CoreFoundation                 0x194d56288 __CFRunLoopServiceMachPort + 216
3  CoreFoundation                 0x194d513a8 __CFRunLoopRun + 1444
4  CoreFoundation                 0x194d50adc CFRunLoopRunSpecific + 464
5  WebCore                        0x19cd340f0 RunWebThread(void*) + 612
6  libsystem_pthread.dylib        0x194af3d8c _pthread_start + 156
7  libsystem_pthread.dylib        0x194af776c thread_start + 8


#5. com.apple.NSURLConnectionLoader
0  libsystem_kernel.dylib         0x194bae634 mach_msg_trap + 8
1  libsystem_kernel.dylib         0x194badaa0 mach_msg + 72
2  CoreFoundation                 0x194d56288 __CFRunLoopServiceMachPort + 216
3  CoreFoundation                 0x194d513a8 __CFRunLoopRun + 1444
4  CoreFoundation                 0x194d50adc CFRunLoopRunSpecific + 464
5  CFNetwork                      0x19801a4e8 (Missing)
6  Foundation                     0x1951c109c __NSThread__start__ + 848
7  libsystem_pthread.dylib        0x194af3d8c _pthread_start + 156
8  libsystem_pthread.dylib        0x194af776c thread_start + 8


#6. WebCore: LocalStorage
0  libsystem_kernel.dylib         0x194bcfc94 __psynch_cvwait + 8
1  libsystem_pthread.dylib        0x194aeccf8 _pthread_cond_wait$VARIANT$mp + 680
2  JavaScriptCore                 0x1a3b37abc ***::ThreadCondition::timedWait(***::Mutex&, ***::WallTime) + 80
3  JavaScriptCore                 0x1a3b1d9a8 ***::ParkingLot::parkConditionallyImpl(void const*, ***::ScopedLambda const&, ***::ScopedLambda const&, ***::TimeWithDynamicClockType const&) + 2040
4  WebKitLegacy                   0x1a0d8cd84 bool ***::Condition::waitUntil(***::Lock&, ***::TimeWithDynamicClockType const&) + 184
5  WebKitLegacy                   0x1a0d8f9b8 std::__1::unique_ptr<***::function, std::__1::default_delete<***::function > > ***::MessageQueue<***::function >::waitForMessageFilteredWithTimeout<***::messagequeue<***::function >::waitForMessage()::'lambda'(***::Function const&)>(***::MessageQueueWaitResult&, ***::MessageQueue<***::function >::waitForMessage()::'lambda'(***::Function const&)&&, ***::Seconds) + 168
6  WebKitLegacy                   0x1a0d8f09c WebCore::StorageThread::threadEntryPoint() + 68
7  JavaScriptCore                 0x1a3b35734 ***::Thread::entryPoint(***::Thread::NewThreadContext*) + 256
8  JavaScriptCore                 0x1a3b372a4 ***::wtfThreadEntryPoint(void*) + 12
9  libsystem_pthread.dylib        0x194af3d8c _pthread_start + 156
10 libsystem_pthread.dylib        0x194af776c thread_start + 8


#7. Thread
0  libsystem_kernel.dylib         0x194bd0a7c __workq_kernreturn + 8
1  libsystem_pthread.dylib        0x194af4bd4 _pthread_wqthread + 352
2  libsystem_pthread.dylib        0x194af7760 start_wqthread + 8


#8. Thread
0  libsystem_kernel.dylib         0x194bd0a7c __workq_kernreturn + 8
1  libsystem_pthread.dylib        0x194af4bd4 _pthread_wqthread + 352
2  libsystem_pthread.dylib        0x194af7760 start_wqthread + 8


#9. Thread
0  libsystem_kernel.dylib         0x194bd0a7c __workq_kernreturn + 8
1  libsystem_pthread.dylib        0x194af4bd4 _pthread_wqthread + 352
2  libsystem_pthread.dylib        0x194af7760 start_wqthread + 8


#10. Thread
0  libsystem_pthread.dylib        0x194af7758 start_wqthread + 190

That’s not an Apple crash report, meaning it doesn’t have the info I need to dig into this in depth )-: Can you dig up an Apple crash report? If so, please post that.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Someone forwarded me an Apple crash report via email and that allowed me to track this down to a known bug (r. 59174141). We believe this is fixed in the current 13.4b5 release (17E5255a). Let us know if you see it on that release or later.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

What is the URL address of this bug(r. 59174141)? Thanks.

What is the URL address of this bug(r. 59174141)?

Unfortunately that doesn’t exist. Apple’s bug tracking system only allows you to see the status of bugs that you filed, and that’s not the case here.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"