Crash - Socket2Me._openNetworkSocket() EXC_BAD_ACCESS (KERN_INVALID_ADDRESS)

[RoeeNadam]

Socket2Me._openNetworkSocket() EXC_BAD_ACCESS (KERN_INVALID_ADDRESS)

Crashed: Thread 0 CoreFoundation 0x81968 _CFGetNonObjCTypeID + 92 1 CoreFoundation 0xd44ac CFSocketCreateRunLoopSource + 76 2 Saverone 0x13505c Socket2Me._openNetworkSocket() + 148 (Socket2Me.swift:148) 3 Saverone 0x134dc4 @objc Socket2Me.createSocketDetached() + 75 (Socket2Me.swift:75) 4 Foundation 0x5b808 NSThreadstart__ + 716 5 libsystem_pthread.dylib 0x16cc _pthread_start + 148 6 libsystem_pthread.dylib 0xba4 thread_start + 8

[RoeeNadam]

Hi, it's still crashing sometimes in my app. What more information can I provide to help you understand how to fix it?

[RoeeNadam]

[CocoaBeans]

I still see a lot of threads being created in the background but I'm not reproducing it anymore when I test it. How are you calling start? Is it on the main thread or via another context?

[CocoaBeans]

Can you provide the output of the debugger command 'bt all' ?

[RoeeNadam]

[RoeeNadam]

you can see in this video the crash flow. https://youtu.be/6meD0aMVjVw

[RoeeNadam]

[RoeeNadam]

[RoeeNadam]

why used with "try?" and not "try catch" ?

[CocoaBeans]

Using try catch will not stop the crash from happening because there is a pointer being dereferenced to an invalid location in memory. Somehow there is a fundamental misuse of the pinger because there should not be more than one background thread running at any one time. Can you guarantee that you are calling stopPinging before calling start again?

[RoeeNadam]

[RoeeNadam]

I always call 'stop' before I made a 'start'.

[CocoaBeans]

That looks great but still doesn't explain the multiple threads being started. How is your Pinger.start() getting called? Is it from a system callback like application delegate or notification?

[RoeeNadam]

it called from :

public func peripheralManager(_ peripheral: CBPeripheralManager, didReceiveWrite requests: [CBATTRequest]) { }

Not all the time, only if I get something that tells me to start to ping.

[CocoaBeans]

I'm still not 100% sure what is happening but I've made a change that will now force the background thread to exit on ping stop. Give it a try and let me know if you are still seeing the crash in your app.

[RoeeNadam]

Hi, it's crashing again but in another place

[CocoaBeans]

Try setting the pinglet property to nil in the Pinger.stop() function and see if the crash goes away. If it does this points to a hidden retain cycle somewhere.

[RoeeNadam]

Okay, I set the 'pinglet' property to nil in the Pinger.stop() method and will let you know if something changes. Thanks."

[roeesaverone]

its still crash Crashed: Socket2Me internal utility 0 libobjc.A.dylib 0x2e5c objc_retain_x0 + 16 1 libobjc.A.dylib 0x2e5c objc_retain + 16 2 Saverone 0x18640c closure #1 in Socket2Me.send(data:) + 216 (Socket2Me.swift:216) 3 Saverone 0x186588 thunk for @escaping @callee_guaranteed @Sendable () -> () + 4380370312 (:4380370312) 4 libdispatch.dylib 0x24b4 _dispatch_call_block_and_release + 32 5 libdispatch.dylib 0x3fdc _dispatch_client_callout + 20 6 libdispatch.dylib 0xb694 _dispatch_lane_serial_drain + 672 7 libdispatch.dylib 0xc1e0 _dispatch_lane_invoke + 384 8 libdispatch.dylib 0x16e10 _dispatch_workloop_worker_thread + 652 9 libsystem_pthread.dylib 0xdf8 _pthread_wqthread + 288 10 libsystem_pthread.dylib 0xb98 start_wqthread + 8

[CocoaBeans]

Can you describe how you are using (initing/object lifecycle) the pinglet object? Are you using any of the callbacks or publishers to get notified when pings come in? I cannot tell from the code that you sent but it looks like they're not being used? I've tried testing with/without callbacks in various scenarios and I'm not able to reproduce this issue yet and I've not gotten any crash reports for my app PingPoint. I want to make sure that it can work for your use case.

I'd consider going back to using the serial queue instead of the global() queue from your example code and see if that has any effect on the crashing.

let serial queue = DispatchQueue (label: "Pinger serial queue", qos: .background)

If it does then I'll need to put some code in to ensure that we're only using the user designated queue in a serialized way.

[CocoaBeans]

I went ahead and added that change to 0add1ae2. Try using the latest commits and let me know if that fixes your crash.

[roeesaverone]

Hi Kevin, According to the issue in GitHub, I have added this crash. If you need more details, let me know.

---

If you need any further assistance, feel free to ask! @.**@. From: Kevin Ross @.> Date: Monday, 3 June 2024 at 19:53 To: CocoaBeans/Pinglet @.> Cc: Roee Nadam @.>, Comment @.> Subject: Re: [CocoaBeans/Pinglet] Crash - Socket2Me._openNetworkSocket() EXC_BAD_ACCESS (KERN_INVALID_ADDRESS) (Issue #2)

I went ahead and added that change to 0add1ae2https://github.com/CocoaBeans/Pinglet/commit/0add1ae2e745db74496df34d9a5e47a0aa23ff6e. Try using the latest commits and let me know if that fixes your crash.

— Reply to this email directly, view it on GitHubhttps://github.com/CocoaBeans/Pinglet/issues/2#issuecomment-2145694310, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BGYKJ5DXKSKGPW3GAPYCJBTZFSNRZAVCNFSM6AAAAAA5BMAI3KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBVGY4TIMZRGA. You are receiving this because you commented.Message ID: @.***>

Crashlytics - Stack trace

Application: com.Saverone.saverOne

Platform: apple

Version: 4.6 (10)

Issue: 64a13c21e816845ae46c0bb9537aee23

Session: 8a0b35b3a9a440d995868a1372edde60_DNE_0_v2

Date: Tue Jun 11 2024 13:09:57 GMT+0300 (Israel Daylight Time)

com.apple.main-thread 0 libsystem_kernel.dylib 0x1808 mach_msg2_trap + 8 1 libsystem_kernel.dylib 0x5008 mach_msg2_internal + 80 2 libsystem_kernel.dylib 0x4f20 mach_msg_overwrite + 436 3 libsystem_kernel.dylib 0x4d60 mach_msg + 24 4 CoreFoundation 0x53f5c CFRunLoopServiceMachPort + 160 5 CoreFoundation 0x53600 CFRunLoopRun + 1208 6 CoreFoundation 0x52cd8 CFRunLoopRunSpecific + 608 7 GraphicsServices 0x11a8 GSEventRunModal + 164 8 UIKitCore 0x40a90c -[UIApplication _run] + 888 9 UIKitCore 0x4be9d0 UIApplicationMain + 340 10 Saverone 0x115974 main + 23 (AppDelegate.swift:23) 11 ??? 0x1beca1e4c (Missing)

Crashed: Pinglet internal 0 libobjc.A.dylib 0x1b60 objc_release_x0 + 16 1 libobjc.A.dylib 0x1b60 objc_release + 16 2 Saverone 0x1807b4 Pinglet.sendPing(request:) + 359 (Pinglet.swift:359) 3 Saverone 0x180b14 closure #1 in Pinglet.sendPing() + 370 (Pinglet.swift:370) 4 Saverone 0x17cf3c thunk for @escaping @callee_guaranteed @Sendable () -> () + 4373892924 (:4373892924) 5 libdispatch.dylib 0x213c _dispatch_call_block_and_release + 32 6 libdispatch.dylib 0x3dd4 _dispatch_client_callout + 20 7 libdispatch.dylib 0xb400 _dispatch_lane_serial_drain + 748 8 libdispatch.dylib 0xbf30 _dispatch_lane_invoke + 380 9 libdispatch.dylib 0x16cb4 _dispatch_root_queue_drain_deferred_wlh + 288 10 libdispatch.dylib 0x16528 _dispatch_workloop_worker_thread + 404 11 libsystem_pthread.dylib 0x4934 _pthread_wqthread + 288 12 libsystem_pthread.dylib 0x10cc start_wqthread + 8

com.apple.uikit.eventfetch-thread 0 libsystem_kernel.dylib 0x1808 mach_msg2_trap + 8 1 libsystem_kernel.dylib 0x5008 mach_msg2_internal + 80 2 libsystem_kernel.dylib 0x4f20 mach_msg_overwrite + 436 3 libsystem_kernel.dylib 0x4d60 mach_msg + 24 4 CoreFoundation 0x53f5c CFRunLoopServiceMachPort + 160 5 CoreFoundation 0x53600 CFRunLoopRun + 1208 6 CoreFoundation 0x52cd8 CFRunLoopRunSpecific + 608 7 Foundation 0xc7e4c -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212 8 Foundation 0xc7c9c -[NSRunLoop(NSRunLoop) runUntilDate:] + 64 9 UIKitCore 0x41e640 -[UIEventFetcher threadMain] + 420 10 Foundation 0xde718 NSThreadstart__ + 732 11 libsystem_pthread.dylib 0x606c _pthread_start + 136 12 libsystem_pthread.dylib 0x10d8 thread_start + 8

Thread 0 libsystem_kernel.dylib 0x1590 __workq_kernreturn + 8 1 libsystem_pthread.dylib 0x4980 _pthread_wqthread + 364 2 libsystem_pthread.dylib 0x10cc start_wqthread + 8

com.google.firebase.crashlytics.MachExceptionServer 0 Saverone 0x1c2f14 FIRCLSProcessRecordAllThreads + 393 (FIRCLSProcess.c:393) 1 Saverone 0x1c32f4 FIRCLSProcessRecordAllThreads + 424 (FIRCLSProcess.c:424) 2 Saverone 0x1d14c8 FIRCLSHandler + 34 (FIRCLSHandler.m:34) 3 Saverone 0x1d1ccc FIRCLSMachExceptionServer + 521 (FIRCLSMachException.c:521) 4 libsystem_pthread.dylib 0x606c _pthread_start + 136 5 libsystem_pthread.dylib 0x10d8 thread_start + 8

com.apple.NSURLConnectionLoader 0 libsystem_kernel.dylib 0x1808 mach_msg2_trap + 8 1 libsystem_kernel.dylib 0x5008 mach_msg2_internal + 80 2 libsystem_kernel.dylib 0x4f20 mach_msg_overwrite + 436 3 libsystem_kernel.dylib 0x4d60 mach_msg + 24 4 CoreFoundation 0x53f5c CFRunLoopServiceMachPort + 160 5 CoreFoundation 0x53600 CFRunLoopRun + 1208 6 CoreFoundation 0x52cd8 CFRunLoopRunSpecific + 608 7 CFNetwork 0xfdc90 _CFHostIsDomainTopLevel + 108176 8 Foundation 0xde718 NSThreadstart__ + 732 9 libsystem_pthread.dylib 0x606c _pthread_start + 136 10 libsystem_pthread.dylib 0x10d8 thread_start + 8

com.apple.CoreMotion.MotionThread 0 libsystem_kernel.dylib 0x1808 mach_msg2_trap + 8 1 libsystem_kernel.dylib 0x5008 mach_msg2_internal + 80 2 libsystem_kernel.dylib 0x4f20 mach_msg_overwrite + 436 3 libsystem_kernel.dylib 0x4d60 mach_msg + 24 4 CoreFoundation 0x53f5c CFRunLoopServiceMachPort + 160 5 CoreFoundation 0x53600 CFRunLoopRun + 1208 6 CoreFoundation 0x52cd8 CFRunLoopRunSpecific + 608 7 CoreFoundation 0xc0f04 CFRunLoopRun + 64 8 CoreMotion 0x10210 (Missing UUID e4a6f107b302327ca121c9bebacca8f4) 9 libsystem_pthread.dylib 0x606c _pthread_start + 136 10 libsystem_pthread.dylib 0x10d8 thread_start + 8

com.apple.CFSocket.private 0 libsystem_kernel.dylib 0x9474 select$DARWIN_EXTSN + 8 1 libsystem_kernel.dylib 0x9474 select + 8 2 CoreFoundation 0xbeb7c CFSocketManager + 640 3 libsystem_pthread.dylib 0x606c _pthread_start + 136 4 libsystem_pthread.dylib 0x10d8 thread_start + 8

Thread 0 libsystem_kernel.dylib 0x1590 __workq_kernreturn + 8 1 libsystem_pthread.dylib 0x4980 _pthread_wqthread + 364 2 libsystem_pthread.dylib 0x10cc start_wqthread + 8

Socket2Me internal utility 0 libobjc.A.dylib 0x1b60 objc_release_x0 + 16 1 libobjc.A.dylib 0x1b60 objc_release + 16 2 Saverone 0x186b9c type metadata accessor for Socket2Me + 4373932956 (:4373932956) 3 libswiftCore.dylib 0x3ab36c _swift_release_dealloc + 56 4 libswiftCore.dylib 0x3ac488 bool swift::RefCounts<swift::RefCountBitsT<(swift::RefCountInlinedness)1> >::doDecrementSlow<(swift::PerformDeinit)1>(swift::RefCountBitsT<(swift::RefCountInlinedness)1>, unsigned int) + 136 5 libsystem_blocks.dylib 0x21b0 _call_dispose_helpers_excp + 48 6 libsystem_blocks.dylib 0x2164 _Block_release + 252 7 libdispatch.dylib 0x3dd4 _dispatch_client_callout + 20 8 libdispatch.dylib 0xb400 _dispatch_lane_serial_drain + 748 9 libdispatch.dylib 0xbf30 _dispatch_lane_invoke + 380 10 libdispatch.dylib 0x16cb4 _dispatch_root_queue_drain_deferred_wlh + 288 11 libdispatch.dylib 0x16528 _dispatch_workloop_worker_thread + 404 12 libsystem_pthread.dylib 0x4934 _pthread_wqthread + 288 13 libsystem_pthread.dylib 0x10cc start_wqthread + 8

Crashlytics - Stack trace

Application: com.Saverone.saverOne

Platform: apple

Version: 4.6 (10)

Issue: 84f5c9b8299520a843cdf77551b21072

Session: aa174245d55144e38022490c5f0e0f1e_DNE_0_v2

Date: Fri Jun 07 2024 14:16:07 GMT+0300 (Israel Daylight Time)

com.apple.main-thread 0 libsystem_kernel.dylib 0x1808 mach_msg2_trap + 8 1 libsystem_kernel.dylib 0x5008 mach_msg2_internal + 80 2 libsystem_kernel.dylib 0x4f20 mach_msg_overwrite + 436 3 libsystem_kernel.dylib 0x4d60 mach_msg + 24 4 CoreFoundation 0x53f5c CFRunLoopServiceMachPort + 160 5 CoreFoundation 0x53600 CFRunLoopRun + 1208 6 CoreFoundation 0x52cd8 CFRunLoopRunSpecific + 608 7 GraphicsServices 0x11a8 GSEventRunModal + 164 8 UIKitCore 0x40a90c -[UIApplication _run] + 888 9 UIKitCore 0x4be9d0 UIApplicationMain + 340 10 Saverone 0x115974 main + 23 (AppDelegate.swift:23) 11 ??? 0x1bcb09e4c (Missing)

com.apple.uikit.eventfetch-thread 0 libsystem_kernel.dylib 0x1808 mach_msg2_trap + 8 1 libsystem_kernel.dylib 0x5008 mach_msg2_internal + 80 2 libsystem_kernel.dylib 0x4f20 mach_msg_overwrite + 436 3 libsystem_kernel.dylib 0x4d60 mach_msg + 24 4 CoreFoundation 0x53f5c CFRunLoopServiceMachPort + 160 5 CoreFoundation 0x53600 CFRunLoopRun + 1208 6 CoreFoundation 0x52cd8 CFRunLoopRunSpecific + 608 7 Foundation 0xc7e4c -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212 8 Foundation 0xc7c9c -[NSRunLoop(NSRunLoop) runUntilDate:] + 64 9 UIKitCore 0x41e640 -[UIEventFetcher threadMain] + 420 10 Foundation 0xde718 NSThreadstart__ + 732 11 libsystem_pthread.dylib 0x606c _pthread_start + 136 12 libsystem_pthread.dylib 0x10d8 thread_start + 8

com.google.firebase.crashlytics.MachExceptionServer 0 Saverone 0x1c2f14 FIRCLSProcessRecordAllThreads + 393 (FIRCLSProcess.c:393) 1 Saverone 0x1c32f4 FIRCLSProcessRecordAllThreads + 424 (FIRCLSProcess.c:424) 2 Saverone 0x1d14c8 FIRCLSHandler + 34 (FIRCLSHandler.m:34) 3 Saverone 0x1d1ccc FIRCLSMachExceptionServer + 521 (FIRCLSMachException.c:521) 4 libsystem_pthread.dylib 0x606c _pthread_start + 136 5 libsystem_pthread.dylib 0x10d8 thread_start + 8

com.apple.NSURLConnectionLoader 0 libsystem_kernel.dylib 0x1808 mach_msg2_trap + 8 1 libsystem_kernel.dylib 0x5008 mach_msg2_internal + 80 2 libsystem_kernel.dylib 0x4f20 mach_msg_overwrite + 436 3 libsystem_kernel.dylib 0x4d60 mach_msg + 24 4 CoreFoundation 0x53f5c CFRunLoopServiceMachPort + 160 5 CoreFoundation 0x53600 CFRunLoopRun + 1208 6 CoreFoundation 0x52cd8 CFRunLoopRunSpecific + 608 7 CFNetwork 0xfdc90 _CFHostIsDomainTopLevel + 108176 8 Foundation 0xde718 NSThreadstart__ + 732 9 libsystem_pthread.dylib 0x606c _pthread_start + 136 10 libsystem_pthread.dylib 0x10d8 thread_start + 8

com.apple.CoreMotion.MotionThread 0 libsystem_kernel.dylib 0x1808 mach_msg2_trap + 8 1 libsystem_kernel.dylib 0x5008 mach_msg2_internal + 80 2 libsystem_kernel.dylib 0x4f20 mach_msg_overwrite + 436 3 libsystem_kernel.dylib 0x4d60 mach_msg + 24 4 CoreFoundation 0x53f5c CFRunLoopServiceMachPort + 160 5 CoreFoundation 0x53600 CFRunLoopRun + 1208 6 CoreFoundation 0x52cd8 CFRunLoopRunSpecific + 608 7 CoreFoundation 0xc0f04 CFRunLoopRun + 64 8 CoreMotion 0x10210 (Missing UUID e4a6f107b302327ca121c9bebacca8f4) 9 libsystem_pthread.dylib 0x606c _pthread_start + 136 10 libsystem_pthread.dylib 0x10d8 thread_start + 8

com.apple.CFSocket.private 0 libsystem_kernel.dylib 0x9474 select$DARWIN_EXTSN + 8 1 libsystem_kernel.dylib 0x9474 select + 8 2 CoreFoundation 0xbeb7c CFSocketManager + 640 3 libsystem_pthread.dylib 0x606c _pthread_start + 136 4 libsystem_pthread.dylib 0x10d8 thread_start + 8

Thread 0 libsystem_kernel.dylib 0x1590 __workq_kernreturn + 8 1 libsystem_pthread.dylib 0x4980 _pthread_wqthread + 364 2 libsystem_pthread.dylib 0x10cc start_wqthread + 8

Thread 0 libsystem_kernel.dylib 0x1590 __workq_kernreturn + 8 1 libsystem_pthread.dylib 0x4980 _pthread_wqthread + 364 2 libsystem_pthread.dylib 0x10cc start_wqthread + 8

Crashed: Socket2Me internal utility 0 libobjc.A.dylib 0x3020 objc_msgSend + 32 1 Saverone 0x18640c closure #1 in Socket2Me.send(data:) + 216 (Socket2Me.swift:216) 2 Saverone 0x186588 thunk for @escaping @callee_guaranteed @Sendable () -> () + 4341507464 (:4341507464) 3 libdispatch.dylib 0x213c _dispatch_call_block_and_release + 32 4 libdispatch.dylib 0x3dd4 _dispatch_client_callout + 20 5 libdispatch.dylib 0xb400 _dispatch_lane_serial_drain + 748 6 libdispatch.dylib 0xbf30 _dispatch_lane_invoke + 380 7 libdispatch.dylib 0x16cb4 _dispatch_root_queue_drain_deferred_wlh + 288 8 libdispatch.dylib 0x16528 _dispatch_workloop_worker_thread + 404 9 libsystem_pthread.dylib 0x4934 _pthread_wqthread + 288 10 libsystem_pthread.dylib 0x10cc start_wqthread + 8

Thread 0 libsystem_kernel.dylib 0x1590 __workq_kernreturn + 8 1 libsystem_pthread.dylib 0x4980 _pthread_wqthread + 364 2 libsystem_pthread.dylib 0x10cc start_wqthread + 8

Thread 0 libsystem_kernel.dylib 0x1590 __workq_kernreturn + 8 1 libsystem_pthread.dylib 0x4980 _pthread_wqthread + 364 2 libsystem_pthread.dylib 0x10cc start_wqthread + 8

[CocoaBeans]

Thank you for the detailed crash report! I think I might have fixed it by forcing a copy of the data read from the socket before passing it to the callback. Let me know if this change appears to fix the crash.

[RoeeNadam]

OK, great. But why do I get v1.0.3 when updating with Xcode SPM?

[CocoaBeans]

I hadn't made a new release for this code change until I had verification that it fixed your issue but I went ahead and tagged the release so now it should display in Xcode as v1.0.5 when updated.

[RoeeNadam]

OK, I see that you uploaded the 1.0.5 release. I'll let you know if something happens. Thanks for the quick reply.

[RoeeNadam]

on 1.0.5 the app crash.

[CocoaBeans]

Hi I've got a few questions to help debug and reproduce what is going on:

• Are you calling your Pinger.start() method on the main thread?
• What ping interval are you using in your configuration?
• Do any of the other threads in the rest of the stack traces contain anything else that has any Pinglet or Socket2Me symbols in it?
• Is your app in the background when the crash happens?

I have a few more defensive changes on the way but I want to see if I can reproduce it to guarantee that the problem is fixed.

[RoeeNadam]

Hi,

1) Pinger - try? pinglet?.startPinging() - This is the main thread. 2) Pinger - ping init PingConfiguration(interval: 0.2, queue: ) 3) From what I see, there are no threads for Pinglet or Socket2Me on the stack traces, but I will update when I see this again. 4) Now I have finished testing for 1 hour with the app in the background, and the app did not crash. I always get "This is the main thread" when calling try? pinglet?.startPinging() that call every 10 secound.

[RoeeNadam]

its still happend for me, in the foreground after 1 hour of pinging.

[RoeeNadam]

still have a crash. com.Saverone.saverOne_issue_0c10daf429585ad1326ebc5c77cf39af_crash_session_4649cf5bcb84433da3a7772e974b167b_DNE_0_v2_stacktrace.txt