I have an iOS app that randomly seems to crash on a screen that has a UIWebView. It looks like the crash happens mostly on iPhone 5C devices (74% of the time) and 100% of the time on iOS 10.X.
The exception message is:
EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x00000028
From that low memory address it makes me think something was nil.
Here's the backtrace (this is not the main thread):
0 WebCore WebCore::FrameTree::top() + 0
1 WebCore WebCore::ContentSecurityPolicy::allowFrameAncestors() + 33
2 WebCore WebCore::DocumentLoader::responseReceived() + 413
3 WebCore WebCore::DocumentLoader::handleSubstituteDataLoadNow() + 203
4 WebCore WebCore::ThreadTimers::sharedTimerFiredInternal() + 149
5 WebCore WebCore::timerFired() + 23
6 CoreFoundation __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 15
7 CoreFoundation __CFRunLoopDoTimer + 833
8 CoreFoundation __CFRunLoopDoTimers + 189
9 CoreFoundation __CFRunLoopRun + 781
10 CoreFoundation CFRunLoopRunSpecific + 471
11 CoreFoundation CFRunLoopRunInMode + 105
12 WebCore RunWebThread() + 427
13 libsystem_pthread.dylib _pthread_body + 217
14 libsystem_pthread.dylib _pthread_start + 235
I can't reproduce this crash myself.
Since WebKit is open source, I found the code where it crashes: WebCore::FrameTree::top. From looking at that code, I'm guessing m_thisFrame->tree() is NULL, but I'm not sure how to explain it. I'm not sure exactly what "frames" and "trees" are in that context.
From the backtrace it looks like there is some timer that's being fired, possibly after the View Controller or the Web View is already deallocated? Is that timer due to a JavaScript setTimeout call?
Also I notice every time this crash happens, I get a call to [UIWebViewDelegate webView:didFailLoadWithError:] right before the crash. The most common errors returned in that delegate method are:
Frame load interrupted
too many HTTP redirects
The request timed out
But I don't have analytics in place to correlate the error message with the crash, so I'm not sure which (if any) would explain it. When that delegate method fires, I show the user an error message in a modal. Could this be related to the crash? I tried reproducing the "Frame load interrupted" and "too many HTTP redirects" errors but neither causes the crash for me in simulator.
I already follow the advice in this answer (mostly) and call [webview stopLoading] in viewWillDisappear and I call self.webView.delegate = nil in dealloc of the containing View Controller but it didn't help.
This isn't really an answer, but this crash seems to be related to when content filtering (parent controls) are enabled. If you add whatever domain your app is loading in the UIWebView to the iOS parent controls blocklist, you should see this error in the application logs (coming internally from WebKit's WebFilter). It seems to invalidate the UIWebView in some way, so when you interact with it again, it crashes your whole app. You can probably avoid the crash by switching to WKWebView.
WF: WebFilterEvaluator:addData: https://some-blocked-url.com is restricted: blacklisted
Related
Finally I finish my application so it is time to make some beta test. So I upload my application to itunes connect to test it out with test flight, but it keep crashing when I perform few task.
When I try to open the app from downloaded menu in test flight app.
When I try make a http request with AFnetworking
When I insert new record to CoreData
Sometime when i open the app from test flight it did not crash but show me a black screen after lauch screen.
I have been searching for 5 day without any clue. I been test it out with both release and debug mode running from xcode it doesn't crash at all. The problem only occur on if the app install from testflight. I think might be some memory allocated issues. It is a bug from testflight? How can I make the same behaviour happening at test flight happen in my xcode as well to know and fix the error.
I'm targeting ios 8.0 ++
Testing on iphone 7 plus(ios 10.2) and iphone 5s(ios 9.3).
Xcode 8.3.2
I get alot of difference crash report but most of it similiar to this one. Maybe I insert some nil value into dictionary? But why does it not happen when I build it from xcode.
Exception Type: EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Triggered by Thread: 0
Filtered syslog:
None found
Last Exception Backtrace:
0 CoreFoundation 0x18319ee38 __exceptionPreprocess + 124
1 libobjc.A.dylib 0x182803f80 objc_exception_throw + 56
2 CoreFoundation 0x183084554 -[__NSDictionaryM setObject:forKey:] + 924
3 Cellecter 0x1001db19c 0x100040000 + 1683868
4 Cellecter 0x1001dafe4 0x100040000 + 1683428
5 CoreFoundation 0x183140eac __CFNOTIFICATIONCENTER_IS_CALLING_OUT_TO_AN_OBSERVER__ + 20
6 CoreFoundation 0x1831406cc _CFXRegistrationPost + 396
7 CoreFoundation 0x18314044c ___CFXNotificationPost_block_invoke + 60
8 CoreFoundation 0x1831a9494 -[_CFXNotificationRegistrar find:object:observer:enumerator:] + 1532
9 CoreFoundation 0x18307e788 _CFXNotificationPost + 368
10 Foundation 0x183adfd1c postQueueNotifications + 684
11 CoreFoundation 0x1831547b0 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 32
12 CoreFoundation 0x183152554 __CFRunLoopDoObservers + 372
13 CoreFoundation 0x183152884 __CFRunLoopRun + 672
14 CoreFoundation 0x18307cd10 CFRunLoopRunSpecific + 384
15 GraphicsServices 0x184964088 GSEventRunModal + 180
16 UIKit 0x188351f70 UIApplicationMain + 204
17 Cellecter 0x1001e8834 0x100040000 + 1738804
18 libdyld.dylib 0x182c1a8b8 start + 4
Updated: some how the my first and fourth question have been fix Now my question narrow it down to crashing when try to insert record into afnetworking.
This could be a lot of things.
It can be a migration issue with CoreData, a ManagedObjectContext issue.
The blackscreen could be a view issue.
Your question is too broad, we don't have code, we don't know your recent development.
Are you using real devices ? Emulators ? Which version of Xcode ? iOS deployment target ?
Please refer to this post next time you ask a question.
How to Ask
I finally manage to fix the issues. Actually the issues is quite simple, I will not be able to fix the issues if I don't symbolicate my crash report, actually the issues is on FCM, From here specifically say I need a production push certificate in order to receive the device token. Which the device token return nil every time and I attempt save the token to core data.
With the release of iOS 9, we are seeing several crash reports for what appears to be a bug from Apple's side of things in iOS 9. This is happening across device types (iPhone, iPad and iPod). I am looking to find out why this may be happening and if there is anything I can do to work around it. This stack is being reported through our crash reporting system (Crashlytics) so unfortunately I don't have reproducible steps or code, but I will try and answer any questions as best as I can. The stack is as follows:
Thread : Crashed: com.apple.main-thread
0 libobjc.A.dylib 0x34a27ad6 objc_msgSend + 21
1 CoreFoundation 0x230d3db9 -[__NSArrayM dealloc] + 148
2 libobjc.A.dylib 0x34a34f67 objc_object::sidetable_release(bool) + 150
3 libobjc.A.dylib 0x34a353a9 (anonymous namespace)::AutoreleasePoolPage::pop(void*) + 388
4 CoreFoundation 0x230cbfa9 _CFAutoreleasePoolPop + 16
5 UIKit 0x27523cd9 _prepareForCAFlush + 312
6 UIKit 0x2752886b _beforeCACommitHandler + 10
7 CoreFoundation 0x2317a509 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 20
8 CoreFoundation 0x2317880d __CFRunLoopDoObservers + 280
9 CoreFoundation 0x23178c3f __CFRunLoopRun + 958
10 CoreFoundation 0x230cc249 CFRunLoopRunSpecific + 520
11 CoreFoundation 0x230cc035 CFRunLoopRunInMode + 108
12 GraphicsServices 0x2c182ad1 GSEventRunModal + 160
13 UIKit 0x272e18a9 UIApplicationMain + 144
14 APPNAMEHERE 0x000ec967 main (main.m:14)
For me the problem was that I was showing and dismissing the keyboard when the application was minimized.
[self.textView becomeFirstResponder];
[self.textView resignFirstResponder];
I performed the above code on the applicationWillResignActive event.
removing this code fixed the crash.
We encountered the a crash with a similar stack trace, and after a long investigation we found out that it was related to an other crash; fixing that also fixed this, however I'm still unsure how the two crashes are related.
Here are the details about the other crash:
We had a function call in one of our methods like
AudioServicesAddSystemSoundCompletion(self.soundID,
[[NSRunLoop currentRunLoop] getCFRunLoop],
kCFRunLoopDefaultMode,
AudioServicesSystemSoundCompletion,
(void *)CFBridgingRetain(self));
where AudioServicesSystemSoundCompletion looked like
void AudioServicesSystemSoundCompletion(SystemSoundID ssID, void *clientData) {
AudioServicesRemoveSystemSoundCompletion(ssID);
CFRelease(clientData);
}
Executing that function call two or more times simultaneously caused the app to crash. We fixed this by passing NULL instead of (void *)CFBridgingRetain(self) and removing the CFRelease(clientData); line.
Since this fix we no longer see the '_prepareForCAFlush' crash anymore.
Also note that according to Crashlytics the device had very high memory usage each time the crash has reproduced.
Hope this helps!
I'm also facing this issue and I think that I found what might be causing it.
Are you guys by any chance using SDWebImage?
Because that's the only place where I found that CFRunLoopRun() is being called and also other people complained on:
Dead thread ticket -> App Crash
Seems to be only affecting devices with 32-bit processors A5 and A6 - iPod 5th Gen, iPhone 4S/5/5C, iPad 2/Mini).
No repro on our side either.
These crashes started and ramped up with iOS 9 release and adoption.
iOS v9.0.1 does not seem to fix it.
We are seeing a strange crash in our map based iOS app that I cannot figure out. Basically as some point the following lines of code repeat over and over, more than 100 times in crash log:
6 VectorKit 0x000000019050c6f8 __86-[VKMapCameraController _animateToPosition:pitch:yaw:duration:timingCurve:completion:]_block_invoke347 + 40
7 VectorKit 0x0000000190485a30 -[VKAnimation _stopAnimation:] + 140
8 VectorKit 0x0000000190488b20 -[VKMapCameraController setYaw:animated:] + 100
9 MapKit 0x000000018540263c -[MKMapView snapToNorth:] + 148
before finally calling:
0 CoreFoundation 0x0000000183251e38 _CFArrayReplaceValues + 152
1 CoreFoundation 0x000000018332876c __CFRepositionTimerInMode + 108
2 CoreFoundation 0x000000018332876c __CFRepositionTimerInMode + 108
3 CoreFoundation 0x0000000183272630 CFRunLoopTimerSetNextFireDate + 580
4 MapKit 0x00000001853e8588 -[MKMapView _didChangeRegionMidstream:] + 196
5 MapKit 0x0000000185404e90 -[MKMapView mapLayer:didChangeRegionAnimated:] + 60
where _CGArrayReplaceValues crashes with a EXC_BAD_ACCESS KERN_PROTECTION_FAILURE at 0x000000016fccbef0 error.
I'd like to point out we never directly call any of the methods in this crash report, in fact VectorKit is completely private Apple framework. The only thing we ever do in the app remotely related is call basic setRegion:animated: methods, usually after a user taps an annotation to center on said annotation. It is also worth pointing out this only happens on iOS 8. Not a single iOS 7 crash has been reported.
Here is a link for full crash report: http://crashes.to/s/f09eb96c753
Any help is appreciated. Thank you.
Try enabling NSZombieEnabled. Once enabled, when an object reaches a retain count of 0, instead of being deallocated it'll morph itself into an NSZombie instance. When a zombie receives a message it will log a warning rather than crashing or behaving in an unpredictable way.
To be quite honest i'm not really sure why this is only crashing on iOS 8 and not iOS 7 but a EXC_BAD_ACCESS signal is the result of passing an invalid pointer to a system call, so you might be dereferencing a null pointer somewhere.
If the above NSZombieEnabled doesn't uncover the issue then try using the Static Analyzer.
I'm searching for 5 days ago about this crash, but I can find why my app crash sometimes.
I'm using the Crittercism library to log my crash. The dSYM file is correctly uploaded on the Crittercism website. Here the crash log from Crittercism:
0 libobjc.A.dylib 0x38540626 objc_msgSend + 6
1 UIKit 0x307baaf7 -[_UIModalItemsCoordinator _notifyDelegateModalItem:tappedButtonAtIndex:] + 95
2 UIKit 0x307ba96d -[_UIModalItemAlertContentView tableView:didSelectRowAtIndexPath:] + 749
3 UIKit 0x306c205f -[UITableView _selectRowAtIndexPath:animated:scrollPosition:notifyDelegate:] + 1079
4 UIKit 0x30774377 -[UITableView _userSelectRowAtPendingSelectionIndexPath:] + 215
5 UIKit 0x306236f5 _applyBlockToCFArrayCopiedToStack + 317
6 UIKit 0x3059c55b _afterCACommitHandler + 431
7 CoreFoundation 0x2dd532a5 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 21
8 CoreFoundation 0x2dd50c49 __CFRunLoopDoObservers + 285
9 CoreFoundation 0x2dd50f8b __CFRunLoopRun + 731
10 CoreFoundation 0x2dcbbf0f CFRunLoopRunSpecific + 523
11 CoreFoundation 0x2dcbbcf3 CFRunLoopRunInMode + 107
12 GraphicsServices 0x32bc0663 GSEventRunModal + 139
13 UIKit 0x3060716d UIApplicationMain + 1137
14 myApp 0x000c3357 main (main.m:16)
15 libdyld.dylib 0x38a43ab7 start + 3
The thing is: I have many UITableView in my app. But I can't find which one it is.
How do I have to process to debug this crash ? I didn't find some useful information on Apple Developer Center. I try to use the atos command to symbolicate the file, but no useful information. It's exactly the same info than on the Crittercism website.
Here the command I used: atos -arch armv7 -o myApp (to enter interactif mode, then, enter each memory address like : 0x307baaf7)
I have only the myApp.app.dSYM archive, and to use this command (above), I used the file the archive at path: Contents/Resources/DWARF/myApp
I'm really lost. Any idea ? Suggestions ? Thank you so much for your help.
EDIT 1:
I've checked all my UIAletView and delegate of UIAlertView: all is ok.
I see the crash log on Crittercism, (around 120 crashes for 63 users on iOS 7 only, iPhone and iPad).
I can't reproduced it ! I really don't understand.
Frame 14 already shows the correct symbol, which is main.m line 16. Using atos with the address as written in the stackframe like you did is wrong, see this stackoverflow explanation. As such it is not possible for a crash report to tell you which table view is causing such a memory issue.
Based upon the above you may not be able to get the exact table view from the stack trace itself, but with Crittercism there are additional features (such as Breadcrumbs) that allow for capturing a trail beyond just the stack.
My recommendation is to add a breadcrumb in the viewDidLoad of the TableViewController and grab/define the name of the table view there. That way you can step through the breadcrumbs and know that leading up to the crash you were in this tableview.
That should help you for better capturing this scenario in the future.
As for this particular stack trace. You can potentially use the techniques described in this post to help you better understand the true origins of the objc_msgSend.
* See the Kerni's response below in the comments *
I've been getting some low level crashes lately, and this one in particular is hard to determine the origin / state of the app. Has anyone seen this or know the problem? Thanks!
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x3dcccccd
Crashed Thread: 0
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x3dcccccd
Crashed Thread: 0
Thread 0 Crashed:
0 libobjc.A.dylib 0x000025fa objc_msgSend + 18
1 UIKit 0x00162d1c -[UIAlertView(Private) _performPopup:] + 12
2 UIKit 0x001628de -[UIAlertView(Private) _repopup] + 10
3 UIKit 0x0016d196 -[UIAlertView(Private) _removeAlertWindowOrShowAnOldAlert] + 70
4 UIKit 0x00162afa -[UIAlertView(Private) _popoutAnimationDidStop:finished:] + 502
5 UIKit 0x00050ae4 -[UIViewAnimationState sendDelegateAnimationDidStop:finished:] + 184
6 UIKit 0x000509ee -[UIViewAnimationState animationDidStop:finished:] + 34
7 QuartzCore 0x0002ee8c run_animation_callbacks(double, void*) + 284
8 QuartzCore 0x0002ed2c CA::timer_callback(__CFRunLoopTimer*, void*) + 96
9 CoreFoundation 0x00022d1c CFRunLoopRunSpecific + 2092
10 CoreFoundation 0x000224da CFRunLoopRunInMode + 42
11 GraphicsServices 0x000030d4 GSEventRunModal + 108
12 GraphicsServices 0x00003180 GSEventRun + 56
13 UIKit 0x0000342a -[UIApplication _run] + 374
14 UIKit 0x00001954 UIApplicationMain + 636
15 iPadDrinkHub.1.0.7 0x00002f24 0x1000 + 7972
16 iPadDrinkHub.1.0.7 0x00002ed8 0x1000 + 7896
Weird crashes are sometimes a symptom of memory corruption and/or mismanagement. I just found and fixed a difficult-to-find bug in one of my apps a few days ago. The app had been working flawlessly for 6 months on iOS 3.2, but would crash instantly on iOS 4.2. The crash was happening while adding the main view to the window during applicationDidFinishLaunching. The stack trace showed 100% iOS code; there wasn't a single function of mine in there anywhere (except for applicationDidFinishLaunching). It turned out I was over-releasing a UIImage in code that had been called earlier while views were getting loaded. (I was mistakenly calling release on an autoreleased UIImage).
I haven't seen the specific crash that you're seeing, but here are a few things you can try that may shed some light:
(1) Run the app with NSZombieEnabled. This is an environment variable you set via Xcode that will often identify places where you may be referencing objects that have already been freed (e.g., like the over-release example I mentioned earlier). Additional details are here:
http://www.cocoadev.com/index.pl?NSZombieEnabled
(2) You can turn on logging that will log all messages sent to all objects. The log is a written to a text file in the tmp folder. If you inspect the log file leading up to the crash, you may gain some insight into what's happening right before the crash. This is actually the technique I used to solve my bug. You can either modify your code to enable/disable logging:
instrumentObjcMessageSends(YES);
// Do stuff...
instrumentObjcMessageSends(NO);
Or, you can call the function directly from the debugger. For example, set a breakpoint right before the crash, then drop into the debugger console and do this:
(gdb) call (void)instrumentObjcMessageSends(YES)
Additional details are here:
http://www.dribin.org/dave/blog/archives/2006/04/22/tracing_objc/