Seeing CFNetwork crashes in iOS 11

Hello,


I've seen several threads posted regarding crashes in CFNetwork on iOS 11. Our stack trace doesn't seem to match the ones that have been posted so far so I'm posting to create awareness.


It's currently one of our top 5 crashers, seems to happen under very different circumstances and we haven't been able to reproduce it consistently.


Hardware Model:      iPhone7,2
Date/Time:       2018-02-07T17:02:56Z
Launch Time:     2018-02-07T17:00:15Z
OS Version:      iPhone OS 11.2.2 (15C202)
Report Version:  104

Exception Type:  SIGSEGV
Exception Codes: SEGV_ACCERR at 0x0
Crashed Thread:  1


And the trace


Thread 1 Crashed:
0   libdispatch.dylib                    0x00000001859dc72c dispatch_release$VARIANT$mp + 0
1   CFNetwork                            0x00000001867f0454 ___ZN10HTTPEngine18_writeHeadersStartEv_block_invoke_2 + 96
2   CFNetwork                            0x000000018676d6e4 TCPIOConnection::writeCompleted(unsigned long, int, void (CFStreamError) block_pointer) + 264
3   libdispatch.dylib                    0x00000001859daa54 _dispatch_call_block_and_release + 20
4   libdispatch.dylib                    0x00000001859daa14 _dispatch_client_callout + 12
5   libdispatch.dylib                    0x00000001859e496c _dispatch_queue_serial_drain$VARIANT$mp + 524
6   libdispatch.dylib                    0x00000001859e52fc _dispatch_queue_invoke$VARIANT$mp + 336
7   libdispatch.dylib                    0x00000001859e4824 _dispatch_queue_serial_drain$VARIANT$mp + 196
8   libdispatch.dylib                    0x00000001859e52fc _dispatch_queue_invoke$VARIANT$mp + 336
9   libdispatch.dylib                    0x00000001859e5d20 _dispatch_root_queue_drain_deferred_wlh$VARIANT$mp + 400
10  libdispatch.dylib                    0x00000001859ee03c _dispatch_workloop_worker_thread$VARIANT$mp + 640
11  libsystem_pthread.dylib              0x0000000185c82f1c _pthread_wqthread + 928
12  libsystem_pthread.dylib              0x0000000185c82b6c start_wqthread + 0


Please let me know if I can provide more details.

Replies

You’re right that this doesn’t look familiar. Please post a full Apple crash report for the problem and I’ll take a deeper look (or if you don’t want to post the full crash report you can just email it to me; my address is in my signature).

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

I've just sent you some crash reports.


Thanks!

I've just sent you some crash reports.

Thanks for that. All three of those reports look much like the snippet you first posted. They lead to a bug (r. 36913541) that indicates that this problem is likely to be in CFNetwork itself. Most notably:

  • The crash seems to affect more than just apps from your company, including at least one Apple-authored app.

  • The problem is clearly caused by CFNetwork calling

    dispatch_release
    with
    nil
    . The backtrace indicates that this is a dispatch data object being managed by
    HTTPEngine
    , a C++ class internal to CFNetwork that’s responsible for wrangling the I/O on an HTTP 1.1 connection. The dispatch data in question comes from a data member on the
    HTTPEngine
    instance, so the fact that it’s
    nil
    implies that this isn’t just some random memory corruption, but rather a state error within the
    HTTPEngine
    itself.

The key to fixing problems like this is finding a reproducible case. If you make any progress on that front, it’d be great if you filed a bug report describing what you did. In my experience hard-to-reproduce problems like this are usually caused by edge cases related to connections failing, so running your app against a server that drops connections at inconvenient times may help on that front.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Any solution ?