Adobe-Runtime-Support icon indicating copy to clipboard operation
Adobe-Runtime-Support copied to clipboard
verified publisher icon airsdk

iOS - New SIGSEGV crashes with 51.1.3.10

Open FliplineStudios opened this issue 6 months ago • 0 comments

After updating one of our iOS apps a few weeks ago using AIR 51.1.3.10, we're seeing some new crashes appear in Xcode Organizer marked as EXC_BAD_ACCESS (SIGSEGV) and SIGNAL 11 Segmentation Fault: 11. I've attached zips of the crash logs we've seen, but here's a sample of what's in the crash log:

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Codes: 0x0000000000000001, 0x0000000000000000
VM Region Info: 0 is not in any region.  Bytes before following region: 4333027328
      REGION TYPE                 START - END      [ VSIZE] PRT/MAX SHRMOD  REGION DETAIL
      UNUSED SPACE AT START
--->  
      __TEXT                   10244c000-102544000 [  992K] r-x/r-x SM=COW  /var/containers/Bundle/Application/63279A9A-7109-43B0-898B-A8A99F2E5246/Papa Louie Pals.app/Papa Louie Pals
Termination Reason: SIGNAL 11 Segmentation fault: 11
Terminating Process: exc handler [23059]

Triggered by Thread:  0



Thread 0 Crashed:
0   Papa Louie Pals               	0x0000000102463eb4 0x10244c000 + 97972
1   UIKitCore                     	0x0000000189abbec0 -[UIApplication _deactivateForReason:notify:] + 1440 (UIApplication.m:1973)
2   UIKitCore                     	0x0000000189abb530 -[_UISceneLifecycleMultiplexer _performBlock:withApplicationOfDeactivationReasons:fromReasons:] + 176 (_UISceneLifecycleMultiplexer.m:516)
3   UIKitCore                     	0x0000000189867178 -[_UISceneLifecycleMultiplexer _evalTransitionToSettings:fromSettings:forceExit:withTransitionStore:] + 608 (_UISceneLifecycleMultiplexer.m:567)
4   UIKitCore                     	0x000000018983580c -[_UISceneLifecycleMultiplexer uiScene:transitionedFromState:withTransitionContext:] + 248 (_UISceneLifecycleMultiplexer.m:470)
5   UIKitCore                     	0x0000000189835134 __186-[_UIWindowSceneFBSSceneTransitionContextDrivenLifecycleSettingsDiffAction _performActionsForUIScene:withUpdatedFBSScene:settingsDiff:fromSettings:transitionContext:lifecycleActionType:]_block... + 148 (_UIWindowSceneFBSSceneTransitionContextDrivenLifecycleSettingsDiffAction.m:73)
6   UIKitCore                     	0x0000000189834ab4 +[BSAnimationSettings(UIKit) tryAnimatingWithSettings:fromCurrentState:actions:completion:] + 736 (BSAnimationSettings+UIKit.m:54)
7   UIKitCore                     	0x00000001898340ec _UISceneSettingsDiffActionPerformChangesWithTransitionContextAndCompletion + 224 (_UISceneSettingsDiffAction.m:27)
8   UIKitCore                     	0x00000001898ffb14 -[_UIWindowSceneFBSSceneTransitionContextDrivenLifecycleSettingsDiffAction _performActionsForUIScene:withUpdatedFBSScene:settingsDiff:fromSettings:transitionContext:lifecycleActionType:] + 316 (_UIWindowSceneFBSSceneTransitionContextDrivenLifecycleSettingsDiffAction.m:58)
9   UIKitCore                     	0x0000000189f1280c __64-[UIScene scene:didUpdateWithDiff:transitionContext:completion:]_block_invoke.229 + 612 (UIScene.m:2106)
10  UIKitCore                     	0x00000001898fe01c -[UIScene _emitSceneSettingsUpdateResponseForCompletion:afterSceneUpdateWork:] + 208 (UIScene.m:1765)
11  UIKitCore                     	0x00000001899bd824 -[UIScene scene:didUpdateWithDiff:transitionContext:completion:] + 244 (UIScene.m:2065)
12  UIKitCore                     	0x00000001899bd404 -[UIApplicationSceneClientAgent scene:handleEvent:withCompletion:] + 336 (UIApplicationSceneClientAgent.m:86)
13  FrontBoardServices            	0x00000001a05441bc __76-[FBSScene updater:didUpdateSettings:withDiff:transitionContext:completion:]_block_invoke.193 + 244 (FBSScene.m:962)
14  FrontBoardServices            	0x00000001a0543d6c -[FBSScene _callOutQueue_coalesceClientSettingsUpdates:] + 68 (FBSScene.m:759)
15  FrontBoardServices            	0x00000001a05133c8 -[FBSScene updater:didUpdateSettings:withDiff:transitionContext:completion:] + 796 (FBSScene.m:951)
16  FrontBoardServices            	0x00000001a0521db8 __94-[FBSWorkspaceScenesClient _queue_updateScene:withSettings:diff:transitionContext:completion:]_block_invoke_2 + 148 (FBSWorkspaceScenesClient.m:923)
17  FrontBoardServices            	0x00000001a0521c44 -[FBSWorkspace _calloutQueue_executeCalloutFromSource:withBlock:] + 168 (FBSWorkspace.m:445)
18  FrontBoardServices            	0x00000001a0526114 __94-[FBSWorkspaceScenesClient _queue_updateScene:withSettings:diff:transitionContext:completion:]_block_invoke + 340 (FBSWorkspaceScenesClient.m:922)
19  libdispatch.dylib             	0x000000018ec5a0d0 _dispatch_client_callout + 20 (object.m:576)
20  libdispatch.dylib             	0x000000018ec5db14 _dispatch_block_invoke_direct + 284 (queue.c:515)
21  FrontBoardServices            	0x00000001a0523300 __FBSSERIALQUEUE_IS_CALLING_OUT_TO_A_BLOCK__ + 52 (FBSSerialQueue.m:285)
22  FrontBoardServices            	0x00000001a0523280 -[FBSMainRunLoopSerialQueue _targetQueue_performNextIfPossible] + 240 (FBSSerialQueue.m:309)
23  FrontBoardServices            	0x00000001a0523158 -[FBSMainRunLoopSerialQueue _performNextFromRunLoopSource] + 28 (FBSSerialQueue.m:322)
24  CoreFoundation                	0x0000000186f58328 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28 (CFRunLoop.c:1970)
25  CoreFoundation                	0x0000000186f582bc __CFRunLoopDoSource0 + 176 (CFRunLoop.c:2014)
26  CoreFoundation                	0x0000000186f55e24 __CFRunLoopDoSources0 + 344 (CFRunLoop.c:2059)
27  CoreFoundation                	0x0000000186f54fbc __CFRunLoopRun + 840 (CFRunLoop.c:2969)
28  CoreFoundation                	0x0000000186f54830 CFRunLoopRunSpecific + 588 (CFRunLoop.c:3434)
29  GraphicsServices              	0x00000001d2f341c4 GSEventRunModal + 164 (GSEvent.c:2196)
30  UIKitCore                     	0x0000000189abaeb0 -[UIApplication _run] + 816 (UIApplication.m:3844)
31  UIKitCore                     	0x0000000189b695b4 UIApplicationMain + 340 (UIApplication.m:5496)
32  aot14116353263829068867.tmp   	0x0000000102548028 main + 68
33  dyld                          	0x00000001ac942ec8 start + 2724 (dyldMain.cpp:1334)

This update was packaged using AIR SDK 51.1.3.10 on a MacBook (M3 Max) running Sequoia 15.4.1, and packaged using iOS SDK 18.4. The previous version of the app was packaged in 2022 with 33.1.1.935 (PC), so it's a big jump forward, though I don't seem to notice similar crash logs in that older version.

There are also a couple different crashes showing up in XCode Organizer that are all labeled as aot####.tmp rather than our app name, I've attached zips of those three separate crashes that show aot as well.

Most of the crashes seem to be happening within a couple seconds of launching, though one of them is surprisingly about 15 minutes after launch.

Some details about the app:

  • Uses Distriqt ANEs: InAppBilling, Share, CameraRollExtended, SystemGestures
  • GPU Render Mode
  • Classic DisplayList with vector graphics
  • Not using Workers
  • Packaged with AIR SDK 51.1.3.10 on Mac
  • Packaged with -platformsdk pointing to iPhoneOS18.4.sdk

If it helps narrow things down, here are some things that may be happening within the first few seconds after launch:

  • Loading SharedObject with their saved data
  • Loading and playing external MP3 music track packaged with the app
  • Attaching splash screen with vector graphics
  • Possibly loading a few PNGs from a web server
  • Initializing ANEs (for In App Purchases)

We haven't been able to duplicate the issue ourselves on any of our devices, and it doesn't seem too widespread (8 crash logs received in 2 weeks), but would love to know what these crashes relate to! Can also send dSYM and IPA if it's helpful.

Papa Louie Pals - SIGSEGV crashes.zip

aot tmp 1 - SIGSEGV crashes.zip

aot tmp 2 - SIGSEGV crash.zip

aot tmp 3 - SIGSEGV crash.zip

FliplineStudios avatar Jun 02 '25 20:06 FliplineStudios