Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SIGBUS crash with encrypted Realm #2396

Closed
beeender opened this issue Jan 16, 2017 · 10 comments
Closed

SIGBUS crash with encrypted Realm #2396

beeender opened this issue Jan 16, 2017 · 10 comments
Assignees
@rrrlasse

Comments

@beeender
Copy link
Contributor

beeender commented Jan 16, 2017
edited by finnschiermer
Loading

Reported from realm-java realm/realm-java#4023

backtrace:

********** Crash dump: **********
Build fingerprint: 'google/bullhead/bullhead:6.0.1/MHC19Q/2705526:user/release-keys'
pid: 16215, tid: 30065, name: RxCachedThreadS >>> com.xxx.android <<<
signal 7 (SIGBUS), code 1 (BUS_ADRALN), fault addr 0x3ab
Stack frame #00 pc 0000000000156d60 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Table::connect_opposite_link_columns(unsigned long, realm::Table&, unsigned long) at :?
Stack frame #1 pc 0000000000162240 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Table::refresh_column_accessors(unsigned long) at :?
Stack frame #2 pc 000000000012a0d4 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Group::do_get_table(unsigned long, bool (*)(realm::Spec const&)) at :?
Stack frame #3 pc 0000000000162204 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Table::refresh_column_accessors(unsigned long) at :?
Stack frame #4 pc 000000000012a0d4 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Group::do_get_table(unsigned long, bool (*)(realm::Spec const&)) at :?
Stack frame #5 pc 00000000001622c0 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Table::refresh_column_accessors(unsigned long) at :?
Stack frame #6 pc 000000000012a0d4 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Group::do_get_table(unsigned long, bool (*)(realm::Spec const&)) at :?
Stack frame #7 pc 00000000001622c0 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Table::refresh_column_accessors(unsigned long) at :?
Stack frame #8 pc 000000000012a0d4 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Group::do_get_table(unsigned long, bool (*)(realm::Spec const&)) at :?
Stack frame #9 pc 00000000001622c0 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Table::refresh_column_accessors(unsigned long) at :?
Stack frame #10 pc 000000000012a0d4 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Group::do_get_table(unsigned long, bool (*)(realm::Spec const&)) at :?
Stack frame #11 pc 0000000000162204 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Table::refresh_column_accessors(unsigned long) at :?
Stack frame #12 pc 000000000012a0d4 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Group::do_get_table(unsigned long, bool (*)(realm::Spec const&)) at :?
Stack frame #13 pc 00000000001622c0 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Table::refresh_column_accessors(unsigned long) at :?
Stack frame #14 pc 000000000012a0d4 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Group::do_get_table(unsigned long, bool (*)(realm::Spec const&)) at :?
Stack frame #15 pc 0000000000162204 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Table::refresh_column_accessors(unsigned long) at :?
Stack frame #16 pc 000000000012a0d4 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Group::do_get_table(unsigned long, bool (*)(realm::Spec const&)) at :?
Stack frame #17 pc 00000000000a4cac /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::ObjectSchema::ObjectSchema(realm::Group const&, realm::StringData, unsigned long) at :?
Stack frame #18 pc 00000000000abeac /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::ObjectStore::schema_from_group(realm::Group const&) at :?
Stack frame #19 pc 00000000000be768 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Realm::init(std::shared_ptr<realm::_impl::RealmCoordinator>) at :?
Stack frame #20 pc 00000000000c26ec /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::_impl::RealmCoordinator::get_realm(realm::Realm::Config) at :?
Stack frame #21 pc 00000000000bbcd0 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so: Routine realm::Realm::get_shared_realm(realm::Realm::Config) at :?
Stack frame #22 pc 000000000004d2c0 /data/app/com.xxx.android-1/lib/arm64/librealm-jni.so (Java_io_realm_internal_SharedRealm_nativeGetSharedRealm+384): Routine Java_io_realm_internal_SharedRealm_nativeGetSharedRealm at ??:?
Stack frame #23 pc 000000000322afdc /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (long io.realm.internal.SharedRealm.nativeGetSharedRealm(long, io.realm.internal.RealmNotifier)+160)
Stack frame #24 pc 0000000003229fc8 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (io.realm.internal.SharedRealm io.realm.internal.SharedRealm.getInstance(io.realm.RealmConfiguration, io.realm.internal.RealmNotifier, io.realm.internal.SharedRealm$SchemaVersionListener, boolean)+764)
Stack frame #25 pc 0000000002ff64ac /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void io.realm.BaseRealm.(io.realm.RealmConfiguration)+608)
Stack frame #26 pc 000000000301f448 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void io.realm.Realm.(io.realm.RealmConfiguration)+76)
Stack frame #27 pc 000000000301ff8c /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (io.realm.Realm io.realm.Realm.createAndValidate(io.realm.RealmConfiguration, io.realm.internal.ColumnIndices[])+128)
Stack frame #28 pc 00000000030208bc /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (io.realm.Realm io.realm.Realm.createInstance(io.realm.RealmConfiguration, io.realm.internal.ColumnIndices[])+64)
Stack frame #29 pc 000000000307e0a4 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (io.realm.BaseRealm io.realm.RealmCache.createRealmOrGetFromCache(io.realm.RealmConfiguration, java.lang.Class)+1240)
Stack frame #30 pc 0000000003021684 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (io.realm.Realm io.realm.Realm.getInstance(io.realm.RealmConfiguration)+232)
Stack frame #31 pc 0000000002409014 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (io.realm.Realm com.xxx.android.database.realm.RealmHelper.getRealm(io.realm.RealmConfiguration)+904)
Stack frame #32 pc 00000000026d6040 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (boolean com.xxx.android.database.realm.RealmImpl.addContainers(java.util.List, boolean)+116)
Stack frame #33 pc 0000000002718d5c /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void com.xxx.android.model.AccountsModel$2.accept(com.xxx.android.network.response.BaseResponse)+1584)
Stack frame #34 pc 0000000002719178 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void com.xxx.android.model.AccountsModel$2.accept(java.lang.Object)+108)
Stack frame #35 pc 0000000002f04fd0 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void io.reactivex.internal.operators.observable.ObservableDoOnEach$DoOnEachObserver.onNext(java.lang.Object)+132)
Stack frame #36 pc 0000000002f4d4a0 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void io.reactivex.internal.operators.observable.ObservableSubscribeOn$SubscribeOnObserver.onNext(java.lang.Object)+84)
Stack frame #37 pc 0000000002211e7c /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void com.jakewharton.retrofit2.adapter.rxjava2.BodyObservable$BodyObserver.onNext(retrofit2.Response)+208)
Stack frame #38 pc 0000000002211d4c /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void com.jakewharton.retrofit2.adapter.rxjava2.BodyObservable$BodyObserver.onNext(java.lang.Object)+112)
Stack frame #39 pc 00000000022431c0 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void com.jakewharton.retrofit2.adapter.rxjava2.CallObservable.subscribeActual(io.reactivex.Observer)+340)
Stack frame #40 pc 00000000022392e8 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void io.reactivex.Observable.subscribe(io.reactivex.Observer)+348)
Stack frame #41 pc 0000000002242dac /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void com.jakewharton.retrofit2.adapter.rxjava2.BodyObservable.subscribeActual(io.reactivex.Observer)+160)
Stack frame #42 pc 00000000022392e8 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void io.reactivex.Observable.subscribe(io.reactivex.Observer)+348)
Stack frame #43 pc 0000000002f4cf5c /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void io.reactivex.internal.operators.observable.ObservableSubscribeOn$1.run()+112)
Stack frame #44 pc 0000000002da1588 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void io.reactivex.Scheduler$1.run()+76)
Stack frame #45 pc 0000000002f96a48 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (void io.reactivex.internal.schedulers.ScheduledRunnable.run()+92)
Stack frame #46 pc 0000000002f96500 /data/app/com.xxx.android-1/oat/arm64/base.odex (offset 0x1362000) (java.lang.Object io.reactivex.internal.schedulers.ScheduledRunnable.call()+68)
Stack frame #47 pc 000000007259ba80 /data/dalvik-cache/arm64/system@framework@boot.oat (offset 0x1ede000)

Reproduce steps: unknown
Does it crash with encryption disabled: unknown
core version: v2.3.0
@beeender beeender mentioned this issue Jan 16, 2017
Closed
@malinajirka
Copy link

I'm probably facing the same issue.
Problem occurs on Nexus 5x - once in 15 minutes on average.
Database encyption is enabled - I tried to disable it and the app didn't crash for 25 minutes (I'll do more tests on Monday).
core version 2.3.0

  
01-27 11:38:16.812 1607-1752/com.yyy.zzz.debug A/libc: Fatal signal 7 (SIGBUS), code 1, fault addr 0x1017137d5ba09 in tid 1752 (RealmFinalizing) [ 01-27 11:38:16.816   364:  364 W/         ] debuggerd: handling request: pid=1607 uid=10278 gid=10278 tid=1752
01-27 11:38:16.818 1607-2811/com.yyy.zzz.debug A/libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x101710fe4dec0 in tid 2811 (RxIoScheduler-2)
01-27 11:38:16.818 1607-2811/com.yyy.zzz.debug I/libc: Another thread contacted debuggerd first; not contacting debuggerd.
01-27 11:38:16.920 3955-3955/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
01-27 11:38:16.920 3955-3955/? A/DEBUG: Build fingerprint: 'google/bullhead/bullhead:7.1.1/N4F26I/3532671:user/release-keys'
01-27 11:38:16.921 3955-3955/? A/DEBUG: Revision: 'rev_1.0'
01-27 11:38:16.921 3955-3955/? A/DEBUG: ABI: 'arm64'
01-27 11:38:16.921 3955-3955/? A/DEBUG: pid: 1607, tid: 1752, name: RealmFinalizing  >>> com.yyy.zzz.debug <<<
01-27 11:38:16.921 3955-3955/? A/DEBUG: signal 7 (SIGBUS), code 1 (BUS_ADRALN), fault addr 0x1017137d5ba09
01-27 11:38:16.921 3955-3955/? A/DEBUG:     x0   0101017137d5ba09  x1   000000711e300824  x2   0000007137efba30  x3   000000710f912fa0
01-27 11:38:16.921 3955-3955/? A/DEBUG:     x4   0000000013b4723c  x5   0000000000000000  x6   0000000000000000  x7   000000710f37c660
01-27 11:38:16.921 3955-3955/? A/DEBUG:     x8   0000000000000000  x9   0000000000000000  x10  0000000000430000  x11  0000000000000001
01-27 11:38:16.921 3955-3955/? A/DEBUG:     x12  000000711e300748  x13  0000000000000000  x14  00000000ffffffff  x15  0000000000000000
01-27 11:38:16.921 3955-3955/? A/DEBUG:     x16  000000711e300810  x17  0000007141d2fcd0  x18  0000000000ffffeb  x19  000000710f912fa0
01-27 11:38:16.921 3955-3955/? A/DEBUG:     x20  0101017137d5ba01  x21  0000000014271430  x22  0000000013b47238  x23  0000007137efba30
01-27 11:38:16.921 3955-3955/? A/DEBUG:     x24  000000710f912fa0  x25  0000000000000005  x26  0000007127b9755c  x27  00000071236a5098
01-27 11:38:16.921 3955-3955/? A/DEBUG:     x28  0000007125b8e516  x29  000000711e3007a0  x30  0000007137f00d98
01-27 11:38:16.921 3955-3955/? A/DEBUG:     sp   000000711e3007a0  pc   0000007137efba68  pstate 0000000020000000
01-27 11:38:16.930 3955-3955/? A/DEBUG: backtrace:
01-27 11:38:16.930 3955-3955/? A/DEBUG:     #00 pc 0000000000042a68  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 11:38:16.930 3955-3955/? A/DEBUG:     #01 pc 0000000000047d94  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so (Java_io_realm_internal_NativeObjectReference_nativeCleanUp+12)
01-27 11:38:16.930 3955-3955/? A/DEBUG:     #02 pc 0000000000bac62c  /data/app/com.yyy.zzz.debug-1/oat/arm64/base.odex (offset 0xaac000)
01-27 11:38:19.134 3955-3955/? W/debuggerd64: type=1400 audit(0.0:1479): avc: denied { search } for name="com.google.android.gms" dev="dm-2" ino=376135 scontext=u:r:debuggerd:s0 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir permissive=0
  

  
01-27 13:09:45.249 4502-10322/com.yyy.zzz.debug A/libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x8 in tid 10322 (RxIoScheduler-1) [ 01-27 13:09:45.251   364:  364 W/         ] debuggerd: handling request: pid=4502 uid=10278 gid=10278 tid=10322
01-27 13:09:45.471 11808-11808/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
01-27 13:09:45.472 11808-11808/? A/DEBUG: Build fingerprint: 'google/bullhead/bullhead:7.1.1/N4F26I/3532671:user/release-keys'
01-27 13:09:45.472 11808-11808/? A/DEBUG: Revision: 'rev_1.0'
01-27 13:09:45.472 11808-11808/? A/DEBUG: ABI: 'arm64'
01-27 13:09:45.472 11808-11808/? A/DEBUG: pid: 4502, tid: 10322, name: RxIoScheduler-1  >>> com.yyy.zzz.debug <<<
01-27 13:09:45.472 11808-11808/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x8
01-27 13:09:45.472 11808-11808/? A/DEBUG:     x0   0000000000000000  x1   ffffffffffffa675  x2   000000711c2cfbe0  x3   0000000000000bd8
01-27 13:09:45.472 11808-11808/? A/DEBUG:     x4   0000000000000002  x5   0000007138182860  x6   000000711c2ce818  x7   0000000000000000
01-27 13:09:45.472 11808-11808/? A/DEBUG:     x8   0000000000000000  x9   00000000002ce4d0  x10  0000000000000000  x11  00000000ffffffff
01-27 13:09:45.472 11808-11808/? A/DEBUG:     x12  000000711c18fac0  x13  00000000000001d0  x14  000000000000000c  x15  0000000000000000
01-27 13:09:45.472 11808-11808/? A/DEBUG:     x16  0000007141dd55b0  x17  0000007141d7cddc  x18  0000000000ffffeb  x19  00000000000000d3
01-27 13:09:45.472 11808-11808/? A/DEBUG:     x20  0000000000000000  x21  0000000000000000  x22  ffffffffffffa675  x23  ffffffffffffa675
01-27 13:09:45.472 11808-11808/? A/DEBUG:     x24  000000711c2ce818  x25  0000000000000000  x26  00000000000001a6  x27  0000000000000000
01-27 13:09:45.472 11808-11808/? A/DEBUG:     x28  0000000000050000  x29  000000711e8eb740  x30  0000007137fd4bac
01-27 13:09:45.472 11808-11808/? A/DEBUG:     sp   000000711e8eb740  pc   0000007137fcb1fc  pstate 0000000060000000
01-27 13:09:45.485 11808-11808/? A/DEBUG: backtrace:
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #00 pc 00000000001121fc  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #01 pc 000000000011bba8  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #02 pc 000000000016c4ac  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #03 pc 0000000000130a04  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #04 pc 000000000016c388  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #05 pc 0000000000130a04  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #06 pc 000000000016c444  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #07 pc 0000000000130a04  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #08 pc 000000000016c444  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #09 pc 0000000000130a04  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #10 pc 000000000016c444  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #11 pc 0000000000130a04  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #12 pc 000000000016c388  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #13 pc 0000000000130a04  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #14 pc 000000000016c388  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #15 pc 0000000000130a04  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.485 11808-11808/? A/DEBUG:     #16 pc 0000000000132f30  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 13:09:45.486 11808-11808/? A/DEBUG:     #17 pc 000000000004d190  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so (Java_io_realm_internal_SharedRealm_nativeGetTable+192)
01-27 13:09:45.486 11808-11808/? A/DEBUG:     #18 pc 0000000000bad370  /data/app/com.yyy.zzz.debug-1/oat/arm64/base.odex (offset 0xaac000)
01-27 13:09:47.388 11808-11808/? W/debuggerd64: type=1400 audit(0.0:1525): avc: denied { search } for name="com.google.android.gms" dev="dm-2" ino=376135 scontext=u:r:debuggerd:s0 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir permissive=0
  

  

01-27 15:33:59.538 29176-29636/com.yyy.zzz.debug A/libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x8 in tid 29636 (RxIoScheduler-6) [ 01-27 15:33:59.547   364:  364 W/         ] debuggerd: handling request: pid=29176 uid=10279 gid=10279 tid=29636
01-27 15:33:59.669 4157-4157/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
01-27 15:33:59.669 4157-4157/? A/DEBUG: Build fingerprint: 'google/bullhead/bullhead:7.1.1/N4F26I/3532671:user/release-keys'
01-27 15:33:59.669 4157-4157/? A/DEBUG: Revision: 'rev_1.0'
01-27 15:33:59.669 4157-4157/? A/DEBUG: ABI: 'arm64'
01-27 15:33:59.669 4157-4157/? A/DEBUG: pid: 29176, tid: 29636, name: RxIoScheduler-6  >>> com.yyy.zzz.debug <<<
01-27 15:33:59.669 4157-4157/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x8
01-27 15:33:59.669 4157-4157/? A/DEBUG:     x0   0000000000000000  x1   fffffffffffffe65  x2   0000007137da76a0  x3   0000000000000000
01-27 15:33:59.669 4157-4157/? A/DEBUG:     x4   00000071249df6f0  x5   0000000000000000  x6   0000007137da6818  x7   0000000000000000
01-27 15:33:59.669 4157-4157/? A/DEBUG:     x8   0000000000000000  x9   000000711c1ab3e0  x10  00000071249e20a0  x11  00000071249e3e70
01-27 15:33:59.669 4157-4157/? A/DEBUG:     x12  00000071207e9bf0  x13  0000000000001380  x14  000000000000000c  x15  0000000000000000
01-27 15:33:59.669 4157-4157/? A/DEBUG:     x16  00000071249ea600  x17  0000007141d7cfc4  x18  00000000000000d9  x19  000000000000009b
01-27 15:33:59.669 4157-4157/? A/DEBUG:     x20  0000000000000000  x21  0000000000000000  x22  000000711c1ab078  x23  fffffffffffffe65
01-27 15:33:59.669 4157-4157/? A/DEBUG:     x24  0000007137da6818  x25  fffffffffffffe65  x26  0000000000000136  x27  0000000000000000
01-27 15:33:59.669 4157-4157/? A/DEBUG:     x28  0000000000009000  x29  000000711ece4ff0  x30  0000007124876fe4
01-27 15:33:59.669 4157-4157/? A/DEBUG:     sp   000000711ece4ff0  pc   00000071248281fc  pstate 0000000060000000
01-27 15:33:59.684 4157-4157/? A/DEBUG: backtrace:
01-27 15:33:59.684 4157-4157/? A/DEBUG:     #00 pc 00000000001121fc  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.684 4157-4157/? A/DEBUG:     #01 pc 0000000000160fe0  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.684 4157-4157/? A/DEBUG:     #02 pc 00000000001309d0  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.684 4157-4157/? A/DEBUG:     #03 pc 000000000016c388  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.684 4157-4157/? A/DEBUG:     #04 pc 0000000000130a04  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.684 4157-4157/? A/DEBUG:     #05 pc 000000000016c388  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.685 4157-4157/? A/DEBUG:     #06 pc 0000000000130a04  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.685 4157-4157/? A/DEBUG:     #07 pc 000000000016c444  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.685 4157-4157/? A/DEBUG:     #08 pc 0000000000130a04  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.685 4157-4157/? A/DEBUG:     #09 pc 00000000000ac544  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.685 4157-4157/? A/DEBUG:     #10 pc 00000000000b3740  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.685 4157-4157/? A/DEBUG:     #11 pc 00000000000c1110  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.685 4157-4157/? A/DEBUG:     #12 pc 00000000000cee48  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.685 4157-4157/? A/DEBUG:     #13 pc 00000000000bf730  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 15:33:59.685 4157-4157/? A/DEBUG:     #14 pc 000000000004e4b8  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so (Java_io_realm_internal_SharedRealm_nativeGetSharedRealm+400)
01-27 15:33:59.685 4157-4157/? A/DEBUG:     #15 pc 0000000000bb2690  /data/app/com.yyy.zzz.debug-1/oat/arm64/base.odex (offset 0xab1000)
01-27 15:34:02.273 4157-4157/? W/debuggerd64: type=1400 audit(0.0:1599): avc: denied { search } for name="com.google.android.gms" dev="dm-2" ino=376135 scontext=u:r:debuggerd:s0 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir permissive=0
  

  
01-27 16:27:54.597 15533-22678/com.yyy.zzz.debug A/libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x1017120af8268 in tid 22678 (RealmFinalizing) [ 01-27 16:27:54.606   364:  364 W/         ] debuggerd: handling request: pid=15533 uid=10280 gid=10280 tid=22678
01-27 16:27:54.849 32092-32092/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
01-27 16:27:54.850 32092-32092/? A/DEBUG: Build fingerprint: 'google/bullhead/bullhead:7.1.1/N4F26I/3532671:user/release-keys'
01-27 16:27:54.850 32092-32092/? A/DEBUG: Revision: 'rev_1.0'
01-27 16:27:54.850 32092-32092/? A/DEBUG: ABI: 'arm64'
01-27 16:27:54.851 32092-32092/? A/DEBUG: pid: 15533, tid: 22678, name: RealmFinalizing  >>> com.yyy.zzz.debug <<<
01-27 16:27:54.851 32092-32092/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x1017120af8268
01-27 16:27:54.851 32092-32092/? A/DEBUG:     x0   0101017120af8268  x1   000000711e799824  x2   0000007124758a30  x3   0000007120aef690
01-27 16:27:54.851 32092-32092/? A/DEBUG:     x4   0000000012f5e43c  x5   0000000000000000  x6   0000000000000000  x7   0000007120af8500
01-27 16:27:54.851 32092-32092/? A/DEBUG:     x8   0000000000000000  x9   0000000000000000  x10  0000000000430000  x11  0000000000000002
01-27 16:27:54.851 32092-32092/? A/DEBUG:     x12  000000711e799748  x13  0000000000000000  x14  00000000ffffffff  x15  0000000000000000
01-27 16:27:54.851 32092-32092/? A/DEBUG:     x16  000000711e799810  x17  0000007141d2fcd0  x18  0000000000ffffeb  x19  0000007120aef690
01-27 16:27:54.851 32092-32092/? A/DEBUG:     x20  0101017120af8260  x21  0000000013510d28  x22  0000000012f5e438  x23  0000007124758a30
01-27 16:27:54.851 32092-32092/? A/DEBUG:     x24  0000007120aef690  x25  0000000000000005  x26  0000007127b9eb9c  x27  0000007137c1a298
01-27 16:27:54.851 32092-32092/? A/DEBUG:     x28  0000007125b80c76  x29  000000711e7997a0  x30  000000712475dd98
01-27 16:27:54.851 32092-32092/? A/DEBUG:     sp   000000711e7997a0  pc   0000007124758a68  pstate 0000000020000000
01-27 16:27:54.860 32092-32092/? A/DEBUG: backtrace:
01-27 16:27:54.861 32092-32092/? A/DEBUG:     #00 pc 0000000000042a68  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so
01-27 16:27:54.861 32092-32092/? A/DEBUG:     #01 pc 0000000000047d94  /data/app/com.yyy.zzz.debug-1/lib/arm64/librealm-jni.so (Java_io_realm_internal_NativeObjectReference_nativeCleanUp+12)
01-27 16:27:54.862 32092-32092/? A/DEBUG:     #02 pc 0000000000bb1b6c  /data/app/com.yyy.zzz.debug-1/oat/arm64/base.odex (offset 0xab1000)

@ironage
Copy link
Contributor

ironage commented Jan 30, 2017

Thank you @malinajirka for that useful information! Please let us know what else you find out in your tests. To me it sounds strikingly similar to the symptoms of #2383.

@malinajirka
Copy link

I've tested it with disabled encryption again and the app didn't crash.

I increased the number of parallel threads and it crashes more often.

As a temporary workaround I set observeOn and subscribeOn to a singleThread Executor.

@finnschiermer
Copy link
Contributor

The first stacktrace seem different from the later. The first one is an alignment error, while the latter seem to arise from dereferencing a nullptr.

@malinajirka
Copy link

malinajirka commented Feb 26, 2017
edited
Loading

Crash from samsung S7 with a bit more detailed msg - the log is from version 2.1.1


02-26 16:51:44.527 11107-12462/com.xmarton.xxx.sit A/libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x8 in tid 12462 (RxIoScheduler-1)
02-26 16:51:44.577 3156-3156/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
02-26 16:51:44.577 3156-3156/? A/DEBUG: Build fingerprint: 'samsung/hero2ltexx/hero2lte:6.0.1/MMB29K/G935FXXU1BPLB:user/release-keys'
02-26 16:51:44.577 3156-3156/? A/DEBUG: Revision: '9'
02-26 16:51:44.577 3156-3156/? A/DEBUG: ABI: 'arm64'
02-26 16:51:44.577 3156-3156/? A/DEBUG: pid: 11107, tid: 12462, name: RxIoScheduler-1  >>> com.XXXXX <<<
02-26 16:51:44.577 3156-3156/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x8
02-26 16:51:44.597 3156-3156/? A/DEBUG:     x0   0000000000000000  x1   ffffffffd65f54b3  x2   0000007f87af3e58  x3   0000000000002648
02-26 16:51:44.597 3156-3156/? A/DEBUG:     x4   0000000000000001  x5   00000000000003d1  x6   0000007fa2aba000  x7   0000007fa2abc9a0
02-26 16:51:44.597 3156-3156/? A/DEBUG:     x8   0000007f8663b1c8  x9   0000007fa1390db0  x10  0000000000000000  x11  000000006f9a4098
02-26 16:51:44.597 3156-3156/? A/DEBUG:     x12  0000000000000001  x13  0000000000000000  x14  0000007fa2ada6bc  x15  0000000000000000
02-26 16:51:44.597 3156-3156/? A/DEBUG:     x16  0000007fa2ada6b8  x17  0000000000000000  x18  0000007fa1390c00  x19  000000000000006e
02-26 16:51:44.597 3156-3156/? A/DEBUG:     x20  0000000000000000  x21  0000000000000000  x22  0000000000000001  x23  ffffffffd65f54b3
02-26 16:51:44.597 3156-3156/? A/DEBUG:     x24  0000007f87af3408  x25  00000000338cc040  x26  00000000000000dc  x27  0000000000000000
02-26 16:51:44.597 3156-3156/? A/DEBUG:     x28  0000000000090000  x29  0000007f8663b0a0  x30  0000007f9c9583ac
02-26 16:51:44.597 3156-3156/? A/DEBUG:     sp   0000007f8663b0a0  pc   0000007f9c97ce60  pstate 0000000060000000
02-26 16:51:44.637 3156-3156/? A/DEBUG: backtrace:
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #00 pc 0000000000105e60  /data/app/com.xmarton.xxx.sit-1/lib/arm64/librealm-jni.so
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #01 pc 00000000000e13a8  /data/app/com.xmarton.xxx.sit-1/lib/arm64/librealm-jni.so
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #02 pc 000000000008b9f0  /data/app/com.xmarton.xxx.sit-1/lib/arm64/librealm-jni.so
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #03 pc 000000000008bacc  /data/app/com.xmarton.xxx.sit-1/lib/arm64/librealm-jni.so
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #04 pc 000000000015f620  /data/app/com.xmarton.xxx.sit-1/lib/arm64/librealm-jni.so
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #05 pc 0000000000097e70  /data/app/com.xmarton.xxx.sit-1/lib/arm64/librealm-jni.so (Java_io_realm_internal_UncheckedRow_nativeIsNull+56)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #06 pc 0000000001f6e6cc  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (boolean io.realm.internal.UncheckedRow.nativeIsNull(long, long)+144)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #07 pc 0000000001f6d350  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (boolean io.realm.internal.UncheckedRow.isNull(long)+84)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #08 pc 0000000001ecd53c  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (java.lang.Float io.realm.XMDbLocationRealmProxy.realmGet$speed()+336)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #09 pc 0000000001ec2cfc  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (cz.xxx.communication.model.db.XMDbLocation io.realm.XMDbLocationRealmProxy.createDetachedCopy(cz.xxx.communication.model.db.XMDbLocation, int, int, java.util.Map)+944)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #10 pc 0000000001e4ae54  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (cz.xxx.communication.model.db.XMDbDriveDetail io.realm.XMDbDriveDetailRealmProxy.createDetachedCopy(cz.xxx.communication.model.db.XMDbDriveDetail, int, int, java.util.Map)+2424)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #11 pc 0000000001e6011c  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (cz.xxx.communication.model.db.XMDbDrive io.realm.XMDbDriveRealmProxy.createDetachedCopy(cz.xxx.communication.model.db.XMDbDrive, int, int, java.util.Map)+2384)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #12 pc 0000000001e0b5a0  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (cz.xxx.communication.model.db.XMDbCar io.realm.XMDbCarRealmProxy.createDetachedCopy(cz.xxx.communication.model.db.XMDbCar, int, int, java.util.Map)+6964)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #13 pc 0000000001d3a1c4  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (io.realm.RealmModel io.realm.DefaultRealmModuleMediator.createDetachedCopy(io.realm.RealmModel, int, java.util.Map)+5688)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #14 pc 0000000001d6edac  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (io.realm.RealmModel io.realm.Realm.createDetachedCopy(io.realm.RealmModel, int, java.util.Map)+176)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #15 pc 0000000001d71744  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (io.realm.RealmModel io.realm.Realm.copyFromRealm(io.realm.RealmModel, int)+248)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #16 pc 0000000001d71604  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (io.realm.RealmModel io.realm.Realm.copyFromRealm(io.realm.RealmModel)+88)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #17 pc 0000000001c68844  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (cz.xxx.communication.model.db.XMDbCar cz.xxx.communication.database.DatabaseService.lambda$getCar$201(java.lang.Long)+184)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #18 pc 0000000001c63fc8  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (cz.xxx.communication.model.db.XMDbCar cz.xxx.communication.database.DatabaseService.access$lambda$17(cz.xxx.communication.database.DatabaseService, java.lang.Long)+76)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #19 pc 0000000001c5875c  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (java.lang.Object cz.xxx.communication.database.DatabaseService$$Lambda$23.call()+128)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #20 pc 00000000022e4134  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeFromCallable.call(rx.Subscriber)+184)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #21 pc 00000000022e4020  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeFromCallable.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #22 pc 000000000194b33c  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (rx.Subscription rx.Observable.unsafeSubscribe(rx.Subscriber)+192)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #23 pc 00000000022eed94  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeMap.call(rx.Subscriber)+216)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #24 pc 00000000022eec60  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeMap.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #25 pc 000000000194b33c  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (rx.Subscription rx.Observable.unsafeSubscribe(rx.Subscriber)+192)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #26 pc 00000000022e0c44  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeFilter.call(rx.Subscriber)+216)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #27 pc 00000000022e0b10  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeFilter.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #28 pc 00000000022ee43c  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(rx.Subscriber)+288)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #29 pc 00000000022ee2c0  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #30 pc 000000000194b33c  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (rx.Subscription rx.Observable.unsafeSubscribe(rx.Subscriber)+192)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #31 pc 00000000022e0c44  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeFilter.call(rx.Subscriber)+216)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #32 pc 00000000022e0b10  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeFilter.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #33 pc 00000000022ee43c  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(rx.Subscriber)+288)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #34 pc 00000000022ee2c0  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #35 pc 000000000194b33c  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (rx.Subscription rx.Observable.unsafeSubscribe(rx.Subscriber)+192)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #36 pc 00000000022db698  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeConcatMap$ConcatMapSubscriber.drain()+2348)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #37 pc 00000000022dc4dc  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeConcatMap$ConcatMapSubscriber.onNext(java.lang.Object)+368)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #38 pc 00000000022e3aa4  /data/app/com.xmarton.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeFromArray$FromArrayProducer.slowPath(long)+360)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #39 pc 00000000022e38b8  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeFromArray$FromArrayProducer.request(long)+780)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #40 pc 000000000195a070  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.Subscriber.setProducer(rx.Producer)+516)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #41 pc 00000000022e3ec0  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeFromArray.call(rx.Subscriber)+148)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #42 pc 00000000022e3dd0  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeFromArray.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #43 pc 000000000194b33c  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (rx.Subscription rx.Observable.unsafeSubscribe(rx.Subscriber)+192)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #44 pc 00000000022dcc38  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeConcatMap.call(rx.Subscriber)+588)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #45 pc 00000000022dc990  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeConcatMap.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #46 pc 00000000022ee43c  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(rx.Subscriber)+288)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #47 pc 00000000022ee2c0  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #48 pc 00000000022ee43c  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(rx.Subscriber)+288)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #49 pc 00000000022ee2c0  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #50 pc 00000000022ee43c  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(rx.Subscriber)+288)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #51 pc 00000000022ee2c0  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #52 pc 00000000022ee43c  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(rx.Subscriber)+288)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #53 pc 00000000022ee2c0  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #54 pc 00000000022ee43c  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(rx.Subscriber)+288)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #55 pc 00000000022ee2c0  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OnSubscribeLift.call(java.lang.Object)+116)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #56 pc 000000000194b33c  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (rx.Subscription rx.Observable.unsafeSubscribe(rx.Subscriber)+192)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #57 pc 000000000233fb10  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.operators.OperatorSubscribeOn$1.call()+244)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #58 pc 00000000023728a8  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.schedulers.CachedThreadScheduler$EventLoopWorker$1.call()+172)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #59 pc 000000000237a710  /data/app/com.xxx.xxx.sit-1/oat/arm64/base.odex (offset 0xd10000) (void rx.internal.schedulers.ScheduledAction.run()+180)
02-26 16:51:44.637 3156-3156/? A/DEBUG:     #60 pc 000000000349aec0  /system/framework/arm64/boot.oat (offset 0x2f50000)
02-26 16:51:45.467 3156-3156/? A/DEBUG: Tombstone written to: /data/tombstones/tombstone_02
02-26 16:51:45.467 3156-3156/? E/DEBUG: AM write failed: Broken pipe
                                        
                                        [ 02-26 16:51:45.467  3156: 3156 E/         ]
                                        ro.product_ship = true
                                        
                                        [ 02-26 16:51:45.467  3156: 3156 E/         ]
                                        ro.debug_level = 0x4f4c
                                        
                                        [ 02-26 16:51:45.467  3156: 3156 E/         ]
                                        sys.mobilecare.preload = false
02-26 16:51:45.477 4938-4938/? E/audit: type=1701 msg=audit(1488124305.467:743): auid=4294967295 uid=10194 gid=10194 ses=4294967295 subj=u:r:untrusted_app:s0:c512,c768 pid=12462 comm="RxIoScheduler-1" exe="/system/bin/app_process64" sig=11

@ironage
Copy link
Contributor

ironage commented Mar 2, 2017

@malinajirka it should be fixed by #2465, feel free to reopen if you still have problems after testing with the new version using core 2.3.2 - Java version 2.3.2 (2017-02-27).

@ironage ironage closed this as completed Mar 2, 2017
@malinajirka
Copy link

@ironage It runs without a crash sofar. Great job! :)

@malinajirka
Copy link

@ironage Unfortunately, it crashed again:(.
Realm: 2.3.2
Android: 7.0
Device: Sony Xperia X Model F5121
Database: encrypted


03-21 14:35:40.515 9082-7639/? A/libc: Fatal signal 7 (SIGBUS), code 1, fault addr 0x3ae in tid 7639 (RxIoScheduler-4)
                                       
                                       [ 03-21 14:35:40.518   456:  456 W/         ]
                                       debuggerd: handling request: pid=9082 uid=10251 gid=10251 tid=7639
03-21 14:35:40.584 937-937/? I/MSM-irqbalance: Decided to move IRQ155 from CPU1 to CPU3
03-21 14:35:40.760 8226-8226/? D/clmlib: Got activities:0x0000000E
03-21 14:35:40.761 8226-8226/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
03-21 14:35:40.761 8226-8226/? A/DEBUG: UUID: 9c22bb33-ae45-4703-bd5d-be44217f242f
03-21 14:35:40.761 8226-8226/? A/DEBUG: Build fingerprint: 'Sony/F5121/F5121:7.0/34.2.A.0.333/217594967:user/release-keys'
03-21 14:35:40.761 8226-8226/? A/DEBUG: Revision: '0'
03-21 14:35:40.761 8226-8226/? A/DEBUG: ABI: 'arm64'
03-21 14:35:40.761 8226-8226/? A/DEBUG: pid: 9082, tid: 7639, name: RxIoScheduler-4  >>> com.YYY.XXX.sit <<<
03-21 14:35:40.761 8226-8226/? A/DEBUG: signal 7 (SIGBUS), code 1 (BUS_ADRALN), fault addr 0x3ae
03-21 14:35:40.762 8226-8226/? A/DEBUG:     x0   0000007f73bd5378  x1   0000000000000006  x2   00000000000003ae  x3   0000007f81caae94
03-21 14:35:40.762 8226-8226/? A/DEBUG:     x4   0000000000000015  x5   0000007f73bd5118  x6   0000007f746ac99d  x7   546e6f6974616c6c
03-21 14:35:40.762 8226-8226/? A/DEBUG:     x8   0000007f73bd5378  x9   0000000000ea5220  x10  00000000ffffffff  x11  0000000000000000
03-21 14:35:40.762 8226-8226/? A/DEBUG:     x12  000000000005dac7  x13  0000000000000030  x14  000000000000000c  x15  2e8ba2e8ba2e8ba3
03-21 14:35:40.762 8226-8226/? A/DEBUG:     x16  0000007f81e6f620  x17  0000007f9e137e08  x18  0000000000000047  x19  0000007f73bd5378
03-21 14:35:40.762 8226-8226/? A/DEBUG:     x20  0000000000000003  x21  0000007f73bd5350  x22  0000007f81de5810  x23  0000007f81e6f000
03-21 14:35:40.762 8226-8226/? A/DEBUG:     x24  0000007f79baf648  x25  0000007f73bd5370  x26  0000007f73bd5368  x27  0000007f73bd5360
03-21 14:35:40.762 8226-8226/? A/DEBUG:     x28  0000007f73bd5378  x29  0000007f73bd5270  x30  0000007f81d724a4
03-21 14:35:40.762 8226-8226/? A/DEBUG:     sp   0000007f73bd5270  pc   0000007f81d1decc  pstate 0000000060000000
03-21 14:35:40.773 8226-8226/? A/DEBUG: backtrace:
03-21 14:35:40.773 8226-8226/? A/DEBUG:     #00 pc 000000000015decc  /data/app/com.YYY.XXX.sit-1/lib/arm64/librealm-jni.so
03-21 14:35:40.773 8226-8226/? A/DEBUG:     #01 pc 00000000001b24a0  /data/app/com.YYY.XXX.sit-1/lib/arm64/librealm-jni.so
03-21 14:35:40.773 8226-8226/? A/DEBUG:     #02 pc 00000000000aba8c  /data/app/com.YYY.XXX.sit-1/lib/arm64/librealm-jni.so
03-21 14:35:40.773 8226-8226/? A/DEBUG:     #03 pc 00000000000b2e08  /data/app/com.YYY.XXX.sit-1/lib/arm64/librealm-jni.so
03-21 14:35:40.773 8226-8226/? A/DEBUG:     #04 pc 00000000000c0b60  /data/app/com.YYY.XXX.sit-1/lib/arm64/librealm-jni.so
03-21 14:35:40.773 8226-8226/? A/DEBUG:     #05 pc 00000000000ce608  /data/app/com.YYY.XXX.sit-1/lib/arm64/librealm-jni.so
03-21 14:35:40.773 8226-8226/? A/DEBUG:     #06 pc 00000000000be8cc  /data/app/com.YYY.XXX.sit-1/lib/arm64/librealm-jni.so
03-21 14:35:40.773 8226-8226/? A/DEBUG:     #07 pc 000000000004eac8  /data/app/com.YYY.XXX.sit-1/lib/arm64/librealm-jni.so (Java_io_realm_internal_SharedRealm_nativeGetSharedRealm+400)
03-21 14:35:40.773 8226-8226/? A/DEBUG:     #08 pc 0000000000a87d40  /data/app/com.YYY.XXX.sit-1/oat/arm64/base.odex (offset 0xa82000)

@ironage
Copy link
Contributor

ironage commented Mar 23, 2017

@malinajirka thank you for the information! You might want to follow #2537. Does it always crash in this place or does it crash elsewhere too? If it only crashes in this one place it is likely a different issue.

By reversing the addresses in the stack trace using arm64-v8a/librealm-jni.so of realm-java 2.3.2 I find:

#00 0x15decc realm::util::bind_ptr<realm::Table>::bind(realm::Table*)
#01 0x1b24a0 realm::Table::get_link_target(unsigned long)
#02 0x0aba8c realm::ObjectSchema::ObjectSchema(realm::Group const&, realm::StringData, unsigned long)
#03 0x0b2e08 realm::ObjectStore::schema_from_group(realm::Group const&)
#04 0x0c0b60 realm::Realm::Realm(realm::Realm::Config, std::shared_ptr<realm::_impl::RealmCoordinator>)
#05 0x0ce608 realm::_impl::RealmCoordinator::get_realm(realm::Realm::Config)
#06 0x0be8cc realm::Realm::get_shared_realm(realm::Realm::Config) 
#07 0x04eac8 Java_io_realm_internal_SharedRealm_nativeGetSharedRealm

Furthermore, the disassembly shows:

000000000015dec4 <_ZN5realm4util8bind_ptrINS_5TableEE4bindEPS2_>:
  15dec4:       b40000c1        cbz     x1, 15dedc <_ZN5realm4util8bind_ptrINS_5TableEE4bindEPS2_+0x18>
  15dec8:       910ea022        add     x2, x1, #0x3a8
  15decc:       c85f7c43        ldxr    x3, [x2]
  15ded0:       91000463        add     x3, x3, #0x1
  15ded4:       c8047c43        stxr    w4, x3, [x2]
  15ded8:       35ffffa4        cbnz    w4, 15decc <_ZN5realm4util8bind_ptrINS_5TableEE4bindEPS2_+0x8>
  15dedc:       f9000001        str     x1, [x0]
  15dee0:       d65f03c0        ret

To match the method:

void Table::bind(T* p) noexcept
{
    if (p)
        p->bind_ptr();
    m_ptr = p;
}

I think the linked table could be invalid. I will make a test to check it.

@malinajirka
Copy link

I haven't been able to reproduce the error. I'l give it a try next week.
Thank you:)

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 22, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@rrrlasse rrrlasse

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@beeender @rrrlasse @malinajirka @ironage @finnschiermer