Realm-java: Segmentation fault in UncheckedRow_nativeIsNull+56 when operating on invalid/deleted object
I kind-of randomly experience native crashes during different scenarios in my app. There is a scenario where I can reproduce the crash almost immediately.
Version of Realm and tooling
Realm version(s): 3.1.3
Realm sync feature enabled: no
Android Studio version: 2.3.1
Which Android version and device: S6 6.0.1, x86 emulator 7.1.1
Realm encryption is not enabled.
Crash
The scenario where I can reproduce the crash is when calling Realm.deleteAll() and then opening an Activity, which causes a presenter to operate on an invalid Realm object. What happens specifically is that there is an RealmProxy where toString() says "Invalid object" - makes sense, as this object has been deleted. On this proxy, the Integer primary key is compared to <= 1.
This results in realmGet$id() being called, where checkIfValid() passes and then proxyState.getRow$realm().isNull(columnInfo.idIndex) (UncheckedRow.isNull(0)) crashes with the attached stack trace.
Prior to writing this, I did not realize that the issue was caused by operating on an invalid object - now it is possible for me to start fixing my code. Anyway, is this intended behaviour, or should there be a Java exception?
Here follows the stack trace:
04-24 10:40:30.611 28407-28407/com.myapp A/libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x248 in tid 28407 (com.myapp)
04-24 10:40:30.681 3061-3061/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
04-24 10:40:30.691 3061-3061/? A/DEBUG: Build fingerprint: 'samsung/zerofltexx/zeroflte:6.0.1/MMB29K/G920FXXS5DQC1:user/release-keys'
04-24 10:40:30.691 3061-3061/? A/DEBUG: Revision: '11'
04-24 10:40:30.691 3061-3061/? A/DEBUG: ABI: 'arm64'
04-24 10:40:30.691 3061-3061/? A/DEBUG: pid: 28407, tid: 28407, name: com.myapp >>> com.myapp <<<
04-24 10:40:30.691 3061-3061/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x248
04-24 10:40:30.741 3061-3061/? A/DEBUG: x0 0000000000000238 x1 0000000000000000 x2 0000000000000000 x3 0000000000000000
04-24 10:40:30.741 3061-3061/? A/DEBUG: x4 0000000000000001 x5 0000007fa1e1e000 x6 0000007ffa40e808 x7 0000007ffa40e7d4
04-24 10:40:30.741 3061-3061/? A/DEBUG: x8 0000000000000036 x9 0000007fa1fb4bb0 x10 0000000000000000 x11 0000000000000008
04-24 10:40:30.741 3061-3061/? A/DEBUG: x12 0000000000000001 x13 0000000000000000 x14 0000007fa1f1a6bc x15 0000000000000000
04-24 10:40:30.741 3061-3061/? A/DEBUG: x16 0000007f8b0599f8 x17 0000000000000000 x18 0000007ffa40e598 x19 0000000000000000
04-24 10:40:30.741 3061-3061/? A/DEBUG: x20 0000000000000000 x21 0000007fa1fb4a00 x22 0000007f8b396930 x23 0000007ffa40e788
04-24 10:40:30.741 3061-3061/? A/DEBUG: x24 0000007ffa40ec08 x25 0000007ffa40e84c x26 0000007ffa40ef40 x27 0000007fa1efa000
04-24 10:40:30.741 3061-3061/? A/DEBUG: x28 0000007ffa40e5a0 x29 0000007ffa40e4c0 x30 0000007f8b1818f0
04-24 10:40:30.741 3061-3061/? A/DEBUG: sp 0000007ffa40e4c0 pc 0000007f8b016644 pstate 0000000020000000
04-24 10:40:30.781 3061-3061/? A/DEBUG: backtrace:
04-24 10:40:30.781 3061-3061/? A/DEBUG: #00 pc 000000000005d644 /data/app/com.myapp-1/lib/arm64/librealm-jni.so
04-24 10:40:30.781 3061-3061/? A/DEBUG: #01 pc 00000000001c88ec /data/app/com.myapp-1/lib/arm64/librealm-jni.so
04-24 10:40:30.781 3061-3061/? A/DEBUG: #02 pc 00000000001c8f98 /data/app/com.myapp-1/lib/arm64/librealm-jni.so
04-24 10:40:30.781 3061-3061/? A/DEBUG: #03 pc 00000000000a0a30 /data/app/com.myapp-1/lib/arm64/librealm-jni.so (Java_io_realm_internal_UncheckedRow_nativeIsNull+56)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #04 pc 0000000000127fe8 /system/lib64/libart.so (art_quick_generic_jni_trampoline+152)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #05 pc 000000000011e3a4 /system/lib64/libart.so (art_quick_invoke_stub+580)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #06 pc 000000000012e25c /system/lib64/libart.so (_ZN3art9ArtMethod6InvokeEPNS_6ThreadEPjjPNS_6JValueEPKc+176)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #07 pc 00000000004cd7a0 /system/lib64/libart.so (artInterpreterToCompiledCodeBridge+212)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #08 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #09 pc 00000000002ab780 /system/lib64/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+268)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #10 pc 00000000000dd93c /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22892)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #11 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #12 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #13 pc 00000000002ae0c8 /system/lib64/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE4ELb0ELb0EEEbPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+772)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #14 pc 00000000000dcf1c /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+20300)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #15 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #16 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #17 pc 00000000002ab780 /system/lib64/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+268)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #18 pc 00000000000dd93c /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22892)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #19 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #20 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #21 pc 00000000002ab780 /system/lib64/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+268)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #22 pc 00000000000dd93c /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22892)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #23 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #24 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #25 pc 00000000002ab780 /system/lib64/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+268)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #26 pc 00000000000dd93c /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22892)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #27 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #28 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #29 pc 00000000000dd700 /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22320)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #30 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #31 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #32 pc 00000000002ae0c8 /system/lib64/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE4ELb0ELb0EEEbPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+772)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #33 pc 00000000000dcf1c /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+20300)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #34 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #35 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #36 pc 00000000002ab780 /system/lib64/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+268)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #37 pc 00000000000dd93c /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22892)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #38 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #39 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #40 pc 00000000000dd700 /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22320)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #41 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #42 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #43 pc 00000000000dd688 /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22200)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #44 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #45 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #46 pc 00000000002ae0c8 /system/lib64/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE4ELb0ELb0EEEbPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+772)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #47 pc 00000000000dcf1c /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+20300)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #48 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #49 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #50 pc 00000000000dd700 /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22320)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #51 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #52 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #53 pc 00000000002ab780 /system/lib64/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+268)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #54 pc 00000000000dd93c /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22892)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #55 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #56 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #57 pc 00000000002ab780 /system/lib64/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+268)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #58 pc 00000000000dd93c /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22892)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #59 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #60 pc 00000000002a8594 /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+480)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #61 pc 00000000002ab780 /system/lib64/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+268)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #62 pc 00000000000dd93c /system/lib64/libart.so (_ZN3art11interpreter15ExecuteGotoImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_+22892)
04-24 10:40:30.781 3061-3061/? A/DEBUG: #63 pc 0000000000286388 /system/lib64/libart.so (artInterpreterToInterpreterBridge+220)
04-24 10:40:31.201 3061-3061/? A/DEBUG: Tombstone written to: /data/tombstones/tombstone_07
T-Enhancement
benj56
All 5 comments
There should definitely be a Java exception.
Zhuinden
on 24 Apr 2017
👍1
@benj56 We try to avoid native crashing like the one you have experienced. If possible, a Java exception with good explanation is to prefer.
I have added "Reproduction Required" as we have to write a test case which captures the behaviour. If you have time, we would appreciate a short code snippet :-)
kneth
on 24 Apr 2017
👍1
I noticed that it works with a String primary key (Java exception similar to "the object is no longer valid to operate on") but with Integer it crashes.
@Test
public void testCrash() {
Realm.init(InstrumentationRegistry.getTargetContext());
RealmConfiguration realmConfiguration = new RealmConfiguration.Builder()
.inMemory()
.build();
Realm realm = Realm.getInstance(realmConfiguration);
TestEntity testEntity = new TestEntity();
realm.beginTransaction();
testEntity = realm.copyToRealm(testEntity);
realm.deleteAll();
System.out.println(testEntity.ID);
}
public class TestEntity extends RealmObject {
@PrimaryKey
public Integer ID = new Random().nextInt(10000);
}
We missed validation check here https://github.com/realm/realm-java/blob/master/realm/realm-library/src/main/cpp/io_realm_internal_UncheckedRow.cpp#L390
beeender
on 24 Apr 2017
👍1
I have added a check.
@benj56 Thanks for reporting!
kneth
on 25 Apr 2017
Was this page helpful?
0 / 5 - 0 ratings
Related issues
CNyezi
路
3Comments
gpulido
路
3Comments
tloshi
路
3Comments
David-Kuper
路
3Comments
cmelchior
路
3Comments