Credential Provider Crashes - Autofill

[kaylagalway]

Lockwise iOS is having crashes in our Credential Provider extension (which is launched any time a user needs to autofill a password) that are connected to Application Services code. After reading the crash logs, we believe it is due to this issue that @garvankeeley previously posted:

There is an iOS+SQLCipher incompatibility whereby iOS will kill an app with a DB file lock if it is a SQLCipher db, but not if it is an unencrypted SQLite db. iOS will try read the file header to see if it is an SQLite db file, and if so, apps are allowed to have a lock when backgrounded. The header of SQLCipher files is not readable, so the OS doesn't identify this a valid DB file.
The solution is to use pragma cipher_plaintext_header_size=32 and pragma cipher_salt=... on open of the db.

Related to: App Services Issue #2377

Original App Services Issue #2100
Original JIRA Issue SYNC-310

Crash Log Example:

CrashReporter Key:   80618011333389423033839af2e5780d9190d35f
Hardware Model:      iPhone12,3
Process:             CredentialProvider [3154]
Path:                /private/var/containers/Bundle/Application/2C8AA371-5195-4DC3-9D8B-6A77214282C7/Firefox Lockbox.app/PlugIns/CredentialProvider.appex/CredentialProvider
Identifier:          org.mozilla.ios.Lockbox.CredentialProvider
Version:             3902 (1.7.0)
AppVariant:          1:iPhone12,3:13
Code Type:           ARM-64 (Native)
Role:                unknown
Parent Process:      launchd [1]
Coalition:           org.mozilla.ios.Lockbox.CredentialProvider [587]


Date/Time:           2019-11-24 10:16:45.7511 -0500
Launch Time:         2019-11-24 10:16:42.1985 -0500
OS Version:          iPhone OS 13.2.3 (17B111)
Release Type:        User
Baseband Version:    1.02.18
Report Version:      104

Exception Type:  EXC_CRASH (SIGKILL)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note:  EXC_CORPSE_NOTIFY
Termination Reason: Namespace RUNNINGBOARD, Code 0xdead10cc
Triggered by Thread:  0

Thread 0 name:
Thread 0 Crashed:
0   libsystem_kernel.dylib        	0x00000001a8a8cc04 mach_msg_trap + 8
1   libsystem_kernel.dylib        	0x00000001a8a8c020 mach_msg + 76 (mach_msg.c:103)
2   CoreFoundation                	0x00000001a8c3eaa8 __CFRunLoopServiceMachPort + 220 (CFRunLoop.c:2575)
3   CoreFoundation                	0x00000001a8c39940 __CFRunLoopRun + 1428 (CFRunLoop.c:2931)
4   CoreFoundation                	0x00000001a8c39084 CFRunLoopRunSpecific + 480 (CFRunLoop.c:3192)
5   GraphicsServices              	0x00000001b2e87534 GSEventRunModal + 108 (GSEvent.c:2246)
6   UIKitCore                     	0x00000001acda9670 UIApplicationMain + 1940 (UIApplication.m:4758)
7   libxpc.dylib                  	0x00000001a88dde38 _xpc_objc_main.cold.3 + 212
8   libxpc.dylib                  	0x00000001a88c8a48 _xpc_objc_main + 216 (main.m:126)
9   libxpc.dylib                  	0x00000001a88cb4d0 xpc_main + 152 (init.c:1568)
10  Foundation                    	0x00000001a8fbb720 -[NSXPCListener resume] + 172 (NSXPCListener.m:276)
11  PlugInKit                     	0x00000001b62bb9bc -[PKService run] + 412 (PKService.m:165)
12  PlugInKit                     	0x00000001b62bb6a4 +[PKService main] + 576 (PKService.m:102)
13  PlugInKit                     	0x00000001b62bbde0 +[PKService _defaultRun:arguments:] + 24 (PKService.m:212)
14  Foundation                    	0x00000001a91a72b8 NSExtensionMain + 68 (NSExtensionMain.m:27)
15  libdyld.dylib                 	0x00000001a8ab8e18 start + 4

Thread 1:
0   libsystem_pthread.dylib       	0x00000001a89d5c74 start_wqthread + 0

Thread 2 name:
Thread 2:
0   CredentialProvider            	0x000000010074acb0 shaCompress + 4268 (sha_fast.c:415)
1   CredentialProvider            	0x0000000100749bcc NSS_SHA1_Update + 232 (sha_fast.c:131)
2   CredentialProvider            	0x00000001007142f4 HMAC_Finish + 124 (alghmac.c:138)
3   CredentialProvider            	0x000000010078841c nsspkcs5_ComputeKeyAndIV + 1052 (lowpbe.c:347)
4   CredentialProvider            	0x0000000100795d10 NSC_GenerateKey + 1976 (pkcs11c.c:3770)
5   CredentialProvider            	0x000000010077f71c PK11_KeyGenWithTemplate + 472 (pk11skey.c:1164)
6   CredentialProvider            	0x000000010077f508 pk11_TokenKeyGenWithFlagsAndKeyType + 420 (pk11skey.c:1006)
7   CredentialProvider            	0x000000010077e794 pk11_RawPBEKeyGenWithKeyType + 168 (pk11pbe.c:1353)
8   CredentialProvider            	0x000000010077e8f4 PK11_PBEKeyGen + 348 (pk11pbe.c:1427)
9   CredentialProvider            	0x00000001007c1af0 sqlcipher_nss_kdf + 304
10  CredentialProvider            	0x00000001007c04a8 sqlcipher_cipher_ctx_key_derive + 544
11  CredentialProvider            	0x00000001007c0190 sqlcipher_codec_key_derive + 48
12  CredentialProvider            	0x00000001007d83cc sqlite3Codec + 100
13  CredentialProvider            	0x00000001007e4920 readDbPage + 400
14  CredentialProvider            	0x00000001007e3d4c getPageNormal + 560
15  CredentialProvider            	0x00000001007bd7b4 sqlite3PagerGet + 72
16  CredentialProvider            	0x00000001007e9620 btreeGetPage + 52
17  CredentialProvider            	0x00000001007e89f4 lockBtree + 80
18  CredentialProvider            	0x00000001007bd3f4 sqlite3BtreeBeginTrans + 480
19  CredentialProvider            	0x00000001007feba4 sqlite3VdbeExec + 14284
20  CredentialProvider            	0x00000001007cbfd0 sqlite3Step + 440
21  CredentialProvider            	0x00000001007cbc98 sqlite3_step + 120
22  CredentialProvider            	0x00000001006aea6c _$LT$rusqlite..row..Rows$u20$as$u20$fallible_streaming_iterator..FallibleStreamingIterator$GT$::a... + 44 (raw_statement.rs:74)
23  CredentialProvider            	0x00000001006aeb68 rusqlite::row::Rows::get_expected_row::h13c91bc070f160c1 + 32 (row.rs:34)
24  CredentialProvider            	0x00000001004d5f88 sql_support::conn_ext::ConnExt::query_one::h54b7b93d8d9cc706 + 204 (lib.rs:590)
25  CredentialProvider            	0x00000001004beacc logins::engine::PasswordEngine::new::h03bafda8aec6b40d + 2296 (schema.rs:214)
26  CredentialProvider            	0x00000001004babd8 std::panicking::try::do_call::h844870c7687f5a71 + 96 (lib.rs:36)
27  CredentialProvider            	0x00000001006fca28 __rust_maybe_catch_panic + 36 (lib.rs:80)
28  CredentialProvider            	0x00000001004c2550 sync15_passwords_state_new + 184 (panicking.rs:275)
29  CredentialProvider            	0x000000010043f0d8 LoginsStorage.doOpen(_:) + 316 (LoginsStorage.swift:80)
30  CredentialProvider            	0x000000010043f5ec partial apply for closure #1 in LoginsStorage.ensureUnlocked(withEncryptionKey:) + 28 (LoginsStorage.swift:116)
31  CredentialProvider            	0x0000000100428680 thunk for @callee_guaranteed () -> (@error @owned Error) + 20 (<compiler-generated>:0)
32  CredentialProvider            	0x000000010043f5a4 partial apply for thunk for @callee_guaranteed () -> (@error @owned Error) + 16 (<compiler-generated>:0)
33  CredentialProvider            	0x0000000100441b94 thunk for @callee_guaranteed () -> (@error @owned Error)partial apply + 12
34  libswiftDispatch.dylib        	0x00000001ddde67fc $sxs5Error_pIgrzo_xsAA_pIegrzo_lTRTA + 28 (<compiler-generated>:0)
35  libswiftDispatch.dylib        	0x00000001ddddd3f0 $sSo17OS_dispatch_queueC8DispatchE11_syncHelper33_F417D752D2C4E9330E1C700411CE0C6ALL2fn7execute6r... + 112 (Queue.swift:307)
36  libswiftDispatch.dylib        	0x00000001ddde65ac $sIg_Ieg_TRTA + 28 (<compiler-generated>:0)
37  libswiftDispatch.dylib        	0x00000001dddd7834 $sIeg_IyB_TR + 28 (<compiler-generated>:0)
38  libdispatch.dylib             	0x00000001a8969fd8 _dispatch_client_callout + 20 (object.m:495)
39  libdispatch.dylib             	0x00000001a89767f4 _dispatch_lane_barrier_sync_invoke_and_complete + 60 (queue.c:996)
40  libswiftDispatch.dylib        	0x00000001ddddd9c8 $sSo17OS_dispatch_queueC4sync7executeyyyXE_tFTO + 172 (<compiler-generated>:0)
41  libswiftDispatch.dylib        	0x00000001ddde3700 $sSo17OS_dispatch_queueC4sync7executeyyyXE_tFTOTA + 24 (<compiler-generated>:0)
42  libswiftDispatch.dylib        	0x00000001ddddd264 $sSo17OS_dispatch_queueC8DispatchE11_syncHelper33_F417D752D2C4E9330E1C700411CE0C6ALL2fn7execute6r... + 244 (Queue.swift:305)
43  libswiftDispatch.dylib        	0x00000001ddddd8f4 $sSo17OS_dispatch_queueC8DispatchE4sync7executexxyKXE_tKlF + 136 (Queue.swift:355)
44  CredentialProvider            	0x0000000100440598 LoginsStorage.unlock(withEncryptionKey:) + 92
45  CredentialProvider            	0x000000010043f5c8 LoginsStorage.ensureUnlocked(withEncryptionKey:) + 28
46  CredentialProvider            	0x00000001003eaed0 protocol witness for LoginsStorageProtocol.ensureUnlocked(withEncryptionKey:) in conformance Logi... + 28 (<compiler-generated>:0)
47  CredentialProvider            	0x000000010041ca44 closure #1 in BaseDataStore.reset() + 292 (BaseDataStore.swift:405)
48  CredentialProvider            	0x00000001003fbaf8 thunk for @escaping @callee_guaranteed () -> () + 28 (<compiler-generated>:0)
49  libdispatch.dylib             	0x00000001a8968b7c _dispatch_call_block_and_release + 32 (init.c:1408)
50  libdispatch.dylib             	0x00000001a8969fd8 _dispatch_client_callout + 20 (object.m:495)
51  libdispatch.dylib             	0x00000001a8970450 _dispatch_lane_serial_drain + 568 (inline_internal.h:2484)
52  libdispatch.dylib             	0x00000001a8970e7c _dispatch_lane_invoke + 368 (inline_internal.h:1851)
53  libdispatch.dylib             	0x00000001a8979f20 _dispatch_workloop_worker_thread + 580 (queue.c:6445)
54  libsystem_pthread.dylib       	0x00000001a89cfa94 _pthread_wqthread + 280 (pthread.c:2323)
55  libsystem_pthread.dylib       	0x00000001a89d5c7c start_wqthread + 8

Thread 3:
0   libsystem_pthread.dylib       	0x00000001a89d5c74 start_wqthread + 0

Thread 4:
0   libsystem_pthread.dylib       	0x00000001a89d5c74 start_wqthread + 0

Thread 5 name:
Thread 5:
0   libsystem_kernel.dylib        	0x00000001a8a8cc04 mach_msg_trap + 8
1   libsystem_kernel.dylib        	0x00000001a8a8c020 mach_msg + 76 (mach_msg.c:103)
2   CoreFoundation                	0x00000001a8c3eaa8 __CFRunLoopServiceMachPort + 220 (CFRunLoop.c:2575)
3   CoreFoundation                	0x00000001a8c39940 __CFRunLoopRun + 1428 (CFRunLoop.c:2931)
4   CoreFoundation                	0x00000001a8c39084 CFRunLoopRunSpecific + 480 (CFRunLoop.c:3192)
5   Foundation                    	0x00000001a8f7e3d0 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 232 (NSRunLoop.m:374)
6   Foundation                    	0x00000001a8f7e2a8 -[NSRunLoop(NSRunLoop) runUntilDate:] + 92 (NSRunLoop.m:421)
7   UIKitCore                     	0x00000001ace45148 -[UIEventFetcher threadMain] + 156 (UIEventFetcher.m:637)
8   Foundation                    	0x00000001a8f7d034 -[NSThread main] + 40 (NSThread.m:760)
9   Foundation                    	0x00000001a90b8a8c __NSThread__start__ + 852 (NSThread.m:724)
10  libsystem_pthread.dylib       	0x00000001a89cdd50 _pthread_start + 128 (pthread.c:895)
11  libsystem_pthread.dylib       	0x00000001a89d5c88 thread_start + 8

Thread 6:
0   libsystem_pthread.dylib       	0x00000001a89d5c74 start_wqthread + 0

Thread 7:
0   libsystem_pthread.dylib       	0x00000001a89d5c74 start_wqthread + 0

Thread 8 name:
Thread 8:
0   libsystem_kernel.dylib        	0x00000001a8a8cc04 mach_msg_trap + 8
1   libsystem_kernel.dylib        	0x00000001a8a8c020 mach_msg + 76 (mach_msg.c:103)
2   CoreFoundation                	0x00000001a8c3eaa8 __CFRunLoopServiceMachPort + 220 (CFRunLoop.c:2575)
3   CoreFoundation                	0x00000001a8c39940 __CFRunLoopRun + 1428 (CFRunLoop.c:2931)
4   CoreFoundation                	0x00000001a8c39084 CFRunLoopRunSpecific + 480 (CFRunLoop.c:3192)
5   AVFAudio                      	0x00000001b5b8ef70 GenericRunLoopThread::Entry(void*) + 160 (GenericRunLoopThread.h:91)
6   AVFAudio                      	0x00000001b5be01fc CAPThread::Entry(CAPThread*) + 208 (CAPThread.cpp:286)
7   libsystem_pthread.dylib       	0x00000001a89cdd50 _pthread_start + 128 (pthread.c:895)
8   libsystem_pthread.dylib       	0x00000001a89d5c88 thread_start + 8

Thread 9:
0   libsystem_pthread.dylib       	0x00000001a89d5c74 start_wqthread + 0

Thread 0 crashed with ARM Thread State (64-bit):
    x0: 0x0000000010004005   x1: 0x0000000007000806   x2: 0x0000000000000000   x3: 0x0000000000000c00
    x4: 0x0000000000005403   x5: 0x00000000ffffffff   x6: 0x0000000000000000   x7: 0x0000000000000004
    x8: 0x00000000fffffbbf   x9: 0x0000000007000906  x10: 0x1b354f3713820051  x11: 0x000000b2f54d9ae2
   x12: 0x00000000016e3600  x13: 0x000000000010af39  x14: 0x0000000000000a00  x15: 0x00000a0000000000
   x16: 0xffffffffffffffe1  x17: 0x0000000000000001  x18: 0x0000000000000000  x19: 0x0000000000000000
   x20: 0x00000000ffffffff  x21: 0x0000000000005403  x22: 0x0000000000000c00  x23: 0x000000016fa1a960
   x24: 0x0000000007000806  x25: 0x0000000000000000  x26: 0x0000000007000806  x27: 0x0000000000000c00
   x28: 0x0000000000000001   fp: 0x000000016fa1a860   lr: 0x00000001a8a8c020
    sp: 0x000000016fa1a810   pc: 0x00000001a8a8cc04 cpsr: 0x60000000
   esr: 0x56000080  Address size fault

[rfk]

I think that addressing this via the proposed workaround will involve some changes to the logins-store API surface, on which I'd appreciate some feedback; details in mozilla/application-services#2100 (comment)