iOS 16 Crash _os_unfair_lock_recursive_abort

Question

waty OP

Created Feb ’23

Replies 3

Boosts 1

Views 2.2k

Participants 3

I found a lot of crashes on iOS 16，the detail infomation:


Exception Type:  EXC_BREAKPOINT (SIGTRAP)

Exception Codes: 0x0000000000000001, 0x000000020f3d108c

Termination Reason: SIGNAL 5 Trace/BPT trap: 5

Terminating Process: exc handler [18104]


Triggered by Thread:  0





Thread 0 name:

Thread 0 Crashed:

0   libsystem_platform.dylib      	0x000000020f3d108c _os_unfair_lock_recursive_abort + 36 (lock.c:508)

1   libsystem_platform.dylib      	0x000000020f3cb898 _os_unfair_lock_lock_slow + 280 (lock.c:567)

2   libobjc.A.dylib               	0x00000001ba6939b4 lookUpImpOrForward + 156 (lock_private.h:716)

3   libobjc.A.dylib               	0x00000001ba68e0c4 _objc_msgSend_uncached + 68 (:-1)

4   myApp                        	0x00000001005e8d04 post_crash_callback + 64 (XBPLCrashManager.m:122)

5   myApp                        	0x0000000101453744 signal_handler_callback + 184 (PLCrashReporter.m:237)

6   myApp                        	0x000000010144fc6c internal_callback_iterator(int, __siginfo*, __darwin_ucontext*, void*) + 140 (PLCrashSignalHandler.mm:0)

7   myApp                        	0x000000010144fbc0 plcrash_signal_handler + 24 (PLCrashSignalHandler.mm:201)

8   libsystem_platform.dylib      	0x000000020f3cca90 _sigtramp + 56 (sigtramp.c:116)

9   libsystem_kernel.dylib        	0x00000001fed74bf0 abort_with_payload_wrapper_internal + 104 (terminate_with_reason.c:102)

10  libsystem_kernel.dylib        	0x00000001fed74b88 abort_with_reason + 32 (terminate_with_reason.c:116)

11  libobjc.A.dylib               	0x00000001ba6bfa5c _objc_fatalv(unsigned long long, unsigned long long, char const*, char*) + 116 (objc-errors.mm:199)

12  libobjc.A.dylib               	0x00000001ba6bf9e8 _objc_fatal(char const*, ...) + 32 (objc-errors.mm:215)

13  libobjc.A.dylib               	0x00000001ba6bf978 cache_t::bad_cache(objc_object*, objc_selector*) + 228 (objc-cache.mm:829)

14  libobjc.A.dylib               	0x00000001ba6944f0 cache_t::insert(objc_selector*, void (*)(), objc_object*) + 296 (objc-cache.mm:901)

15  libobjc.A.dylib               	0x00000001ba693ba8 lookUpImpOrForward + 656 (objc-runtime-new.mm:6739)

16  libobjc.A.dylib               	0x00000001ba68e0c4 _objc_msgSend_uncached + 68 (:-1)

17  UIKitCore                     	0x00000001c36f9ad8 -[UIViewController initWithNibName:bundle:] + 216 (UIViewController.m:2671)

18  myApp                        	0x0000000100d78088 -[myUIBaseViewController init] + 44 (myUIBaseViewController.m:60)

19  myApp                        	0x000000010031f744 -[XBSCLaunchManager makeTabBarViewController] + 2600 (XBSCLaunchManager.m:432)

20  myApp                        	0x000000010032022c -[XBSCLaunchManager showTabbarViewController] + 292 (XBSCLaunchManager.m:569)

21  libdispatch.dylib             	0x00000001c89ecfdc _dispatch_client_callout + 20 (object.m:560)

22  libdispatch.dylib             	0x00000001c89f046c _dispatch_continuation_pop + 504 (inline_internal.h:2632)

23  libdispatch.dylib             	0x00000001c8a03a58 _dispatch_source_invoke + 1588 (source.c:596)

24  libdispatch.dylib             	0x00000001c89fb748 _dispatch_main_queue_drain + 756 (inline_internal.h:0)

25  libdispatch.dylib             	0x00000001c89fb444 _dispatch_main_queue_callback_4CF + 44 (queue.c:7887)

26  CoreFoundation                	0x00000001c146a6d8 __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ + 16 (CFRunLoop.c:1780)

27  CoreFoundation                	0x00000001c144c03c __CFRunLoopRun + 2036 (CFRunLoop.c:3147)

28  CoreFoundation                	0x00000001c1450ec0 CFRunLoopRunSpecific + 612 (CFRunLoop.c:3418)

29  GraphicsServices              	0x00000001fb4a7368 GSEventRunModal + 164 (GSEvent.c:2196)

30  UIKitCore                     	0x00000001c394686c -[UIApplication _run] + 888 (UIApplication.m:3754)

31  UIKitCore                     	0x00000001c39464d0 UIApplicationMain + 340 (UIApplication.m:5344)

32  myApp                        	0x0000000100330b5c main + 88 (main.m:14)

33  dyld                          	0x00000001dfc72960 start + 2528 (dyldMain.cpp:1170)

Request for help on advice prevention and fix for this. Thanks

Answered by DTS Engineer in 744358022

This is a classic example of why I’m down on third-party crash reporters. For an in-depth discussion of that, see Implementing Your Own Crash Reporter.

Anyway, the immediate cause of this crash is your third-party crash reporter. It’s catching a signal (frame 8) and then calling Objective-C (frame 4). This is not safe. In this specific case, the app originally crashed inside the Objective-C runtime, while holding a lock that protects the runtime’s state. So, when the crash reporter tries to call Objective-C, the runtime tries to acquire the same lock, and things fail. Fortunately os_unfair_lock is smart enough to detect this and crash itself, otherwise your app would’ve just hung.

As to what caused the original crash, there’s no way to work that out because the state in your crash report reflects the crash reporter crash, not your crash. I recommend that your remove your third-party crash reporter and wait for some reliable crash reports.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Boost

Answer 1

DTS Engineer OP

Apple

Feb ’23

Recommended

This is a classic example of why I’m down on third-party crash reporters. For an in-depth discussion of that, see Implementing Your Own Crash Reporter.

Anyway, the immediate cause of this crash is your third-party crash reporter. It’s catching a signal (frame 8) and then calling Objective-C (frame 4). This is not safe. In this specific case, the app originally crashed inside the Objective-C runtime, while holding a lock that protects the runtime’s state. So, when the crash reporter tries to call Objective-C, the runtime tries to acquire the same lock, and things fail. Fortunately os_unfair_lock is smart enough to detect this and crash itself, otherwise your app would’ve just hung.

As to what caused the original crash, there’s no way to work that out because the state in your crash report reflects the crash reporter crash, not your crash. I recommend that your remove your third-party crash reporter and wait for some reliable crash reports.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 2

xiangFly OP

Sep ’24

hellow, May I ask if this issue has been resolved, or if you can reproduce this problem on your end

0

Answer 3

DTS Engineer OP

Apple

Sep ’24

Well, the immediate cause of that crash is a bug in the third-party crash reporter that waty was using. My recommended resolution was to not use a third-party crash reporter. If you’re seeing this problem in your own code, I recommend that you do the same.

If you’re seeing this outside of the context of a third-party crash reporter, we should talk!

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0