search

firebase / firebase-ios-sdk

Firebase SDK for Apple App Development
https://firebase.google.com
Apache License 2.0
5.66k stars 1.49k forks source link

iOS app crash on FBLPromise(DoAdditions) onQueue:do: #12988

Closed michal-zampach closed 5 months ago

michal-zampach commented 5 months ago

Description

We observe over 1200 crashes of this type in our Firebase Crashlytics. iOS environment: 68% iOS 17 22% iOS 16 9% iOS 15

Stack trace examples and keys are below.

Example 1:

Crashed: com.google.iid-token-operations (QOS: UTILITY) 0 libsystem_kernel.dylib 0xa974 pthread_kill + 8 1 libsystem_pthread.dylib 0x60ec pthread_kill + 268 2 libsystem_c.dylib 0x75b80 abort + 180 3 libsystem_malloc.dylib 0x2bc68 malloc_vreport + 896 4 libsystem_malloc.dylib 0x2bf10 malloc_zone_error + 104 5 libsystem_malloc.dylib 0x21a44 nanov2_guard_corruption_detected + 44 6 libsystem_malloc.dylib 0x7f84 nanov2_find_block_and_allocate + 402 7 libobjc.A.dylib 0xb738 _objc_rootAllocWithZone + 48 8 CSOB 0x45e7de0 +[FBLPromise(DoAdditions) onQueue:do:] + 4408049120 9 CSOB 0x460f72c -[FIRInstallationsStore installationExistsForAppID:appName:] + 4408211244 10 CSOB 0x460f144 -[FIRInstallationsStore installationForAppID:appName:] + 4408209732 11 CSOB 0x460ac10 -[FIRInstallationsIDController getStoredInstallation] + 4408192016 12 CSOB 0x460aa9c -[FIRInstallationsIDController createGetInstallationItemPromise] + 4408191644 13 CSOB 0x460a8f4 131-[FIRInstallationsIDController initWithGoogleAppID:appName:installationsStore:APIService:IIDStore:IIDTokenStore:backoffController:]_block_invoke + 4408191220 14 CSOB 0x460eccc -[FIRInstallationsSingleOperationPromiseCache getExistingPendingOrCreateNewPromise] + 4408208588 15 CSOB 0x460aa00 -[FIRInstallationsIDController getInstallationItem] + 4408191488 16 CSOB 0x460b984 -[FIRInstallationsIDController installationWithValidAuthTokenForcingRefresh:] + 4408195460 17 CSOB 0x460a938 131-[FIRInstallationsIDController initWithGoogleAppID:appName:installationsStore:APIService:IIDStore:IIDTokenStore:backoffController:]_block_invoke.11 + 4408191288 18 CSOB 0x460eccc -[FIRInstallationsSingleOperationPromiseCache getExistingPendingOrCreateNewPromise] + 4408208588 19 CSOB 0x460b8c0 -[FIRInstallationsIDController getAuthTokenForcingRefresh:] + 4408195264 20 CSOB 0x4606bd8 -[FIRInstallations authTokenForcingRefresh:completion:] + 4408175576 21 CSOB 0x47344a4 -[FIRMessagingTokenOperation start] + 4409410724 22 Foundation 0x7119c NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION + 16 23 Foundation 0x70f08 NSOQSchedule_f + 172 24 libdispatch.dylib 0x213c _dispatch_call_block_and_release + 32 25 libdispatch.dylib 0x3dd4 _dispatch_client_callout + 20 26 libdispatch.dylib 0x72d8 _dispatch_continuation_pop + 600 27 libdispatch.dylib 0x68f4 _dispatch_async_redirect_invoke + 584 28 libdispatch.dylib 0x15894 _dispatch_root_queue_drain + 392 29 libdispatch.dylib 0x1609c _dispatch_worker_thread2 + 156 30 libsystem_pthread.dylib 0x1ee4 _pthread_wqthread + 228 31 libsystem_pthread.dylib 0x1fc0 start_wqthread + 8

crash_info_entry_0 | abort() called
crash_info_entry_1 | CSOB(24848,0x16b2f7000) malloc: Heap corruption detected, free list is damaged at 0x301226640 *** Incorrect guard value: 8233651064

Example 2:

Crashed: com.apple.main-thread 0 libsystem_kernel.dylib 0xa974 pthread_kill + 8 1 libsystem_pthread.dylib 0x60ec pthread_kill + 268 2 libsystem_c.dylib 0x75b80 abort + 180 3 libsystem_malloc.dylib 0x2bc68 malloc_vreport + 896 4 libsystem_malloc.dylib 0x2bf10 malloc_zone_error + 104 5 libsystem_malloc.dylib 0x21a44 nanov2_guard_corruption_detected + 44 6 libsystem_malloc.dylib 0x7f84 nanov2_find_block_and_allocate + 402 7 libsystem_blocks.dylib 0x1a14 _Block_copy + 76 8 libsystem_blocks.dylib 0x2178 _Block_object_assign + 208 9 libsystem_blocks.dylib 0x1bb4 _call_copy_helpers_excp + 80 10 libsystem_blocks.dylib 0x1b48 _Block_copy + 384 11 libdispatch.dylib 0x2100 _dispatch_Block_copy + 32 12 libdispatch.dylib 0x53f4 dispatch_group_async + 64 13 CSOB 0x45e7e6c +[FBLPromise(DoAdditions) onQueue:do:] + 4440931948 14 CSOB 0x46b8324 -[GULKeychainStorage getObjectForKey:objectClass:accessGroup:] + 4441785124 15 CSOB 0x460f2f4 54-[FIRInstallationsStore installationForAppID:appName:]_block_invoke + 4441092852 16 CSOB 0x45e5c30 __56-[FBLPromise chainOnQueue:chainedFulfill:chainedReject:]_block_invoke.18 + 4440923184 17 libdispatch.dylib 0x213c _dispatch_call_block_and_release + 32 18 libdispatch.dylib 0x3dd4 _dispatch_client_callout + 20 19 libdispatch.dylib 0x125ec _dispatch_main_queue_drain + 1060 20 libdispatch.dylib 0x121b8 _dispatch_main_queue_callback_4CF + 44 21 CoreFoundation 0x3751c CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE + 16 22 CoreFoundation 0x34218 __CFRunLoopRun + 1996 23 CoreFoundation 0x33968 CFRunLoopRunSpecific + 608 24 GraphicsServices 0x34e0 GSEventRunModal + 164 25 UIKitCore 0x22aedc -[UIApplication _run] + 888 26 UIKitCore 0x22a518 UIApplicationMain + 340 27 CSOB 0x80a8 main + 8 (main.swift:8) 28 ??? 0x1c3c76d84 (Missing)

crash_info_entry_0 | abort() called
crash_info_entry_1 | CSOB(22210,0x201cbbf00) malloc: Heap corruption detected, free list is damaged at 0x302460030 *** Incorrect guard value: 4429448720 
state | SBCSOB:app_start:splashscreen

Reproducing the issue

Happens during a launching an app.

Firebase SDK Version

10.23.0

Xcode Version

15.3

Installation Method

Zip

Firebase Product(s)

Analytics, Crashlytics, Performance

Targeted Platforms

iOS

Relevant Log Output

No response

If using Swift Package Manager, the project's Package.resolved

Expand Package.resolved snippet
```json Replace this line with the contents of your Package.resolved. ```

If using CocoaPods, the project's Podfile.lock

Expand Podfile.lock snippet
```yml Replace this line with the contents of your Podfile.lock! ```
google-oss-bot commented 5 months ago

I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.

paulb777 commented 5 months ago

Since this issue, along with https://github.com/firebase/firebase-ios-sdk/issues/12987 and https://github.com/firebase/firebase-ios-sdk/issues/12986, are relating to heap corruptions, there may be something in the app corrupting the heap.

Does running with Instruments help to isolate the cause?

google-oss-bot commented 5 months ago

Hey @michal-zampach. We need more information to resolve this issue but there hasn't been an update in 5 weekdays. I'm marking the issue as stale and if there are no new updates in the next 5 days I will close it automatically.

If you have more information that will help us get to the bottom of this, just add a comment!

google-oss-bot commented 5 months ago

Since there haven't been any recent updates here, I am going to close this issue.

@michal-zampach if you're still experiencing this problem and want to continue the discussion just leave a comment here and we are happy to re-open this.