search

defold / extension-firebase-analytics

Google Firebase Analytics extension for the Defold game engine
https://www.defold.com/extension-firebase-analytics/
MIT License
16 stars 12 forks source link

[Bug][Andoid] Unstable crash in log_table #9

Closed Filazapovich closed 5 years ago

Filazapovich commented 5 years ago

Crash dumps:

OPO6

backtrace:
  #00  pc 0000000000204f52  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (std::vector<firebase::Variant, std::allocator, <firebase::Variant>>::~vector()+6)
  #01  pc 0000000000204909  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (firebase::Variant::Clear(firebase::Variant::Type)+80)
  #02  pc 00000000002047b7  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (firebase::Variant::operator=(firebase::Variant const&)+26)
  #03  pc 00000000000965bc  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (firebase::analytics::Parameter::operator=(firebase::analytics::Parameter const&)+56)
  #04  pc 0000000000097454  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmArray<firebase::analytics::Parameter>::Push(firebase::analytics::Parameter const&)+116)
  #05  pc 000000000009685c  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (Firebase_Analytics_LogTable(lua_State*)+652)
  #06  pc 00000000002b8fac  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (lj_BC_FUNCC+44)
  #07  pc 00000000002af553  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (lua_pcall+40)
  #08  pc 000000000028c848  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmScript::PCallInternal(lua_State*, int, int, int)+84)
  #09  pc 000000000022b89c  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGameObject::RunScript(lua_State*, dmGameObject::Script*, dmGameObject::ScriptFunction, dmGameObject::ScriptInstance*, dmGameObject::RunScriptParams const&)+372)
  #10  pc 000000000022d514  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGameObject::CompScriptUpdate(dmGameObject::ComponentsUpdateParams const&, dmGameObject::ComponentsUpdateResult&)+144)
  #11  pc 000000000021aaf8  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGameObject::Update(dmGameObject::CollectionHandle*, dmGameObject::UpdateContext const*)+552)
  #12  pc 00000000002434fc  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGameSystem::CompCollectionProxyUpdate(dmGameObject::ComponentsUpdateParams const&, dmGameObject::ComponentsUpdateResult&)+208)
  #13  pc 000000000021aaf8  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGameObject::Update(dmGameObject::CollectionHandle*, dmGameObject::UpdateContext const*)+552)
  #14  pc 0000000000208cf0  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmEngine::Step(dmEngine::Engine*)+1128)
  #15  pc 00000000002708dc  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGraphics::RunApplicationLoop(void*, void (*)(void*), int (*)(void*))+20)
  #16  pc 000000000020baa8  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (_ZN8dmEngineL7InitRunEPN15dmEngineService13EngineServiceEiPPcPFvPNS_6EngineEPvES9_S7_+180)
  #17  pc 000000000020bb4c  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (_ZN8dmEngine6LaunchEiPPcPFvPNS_6EngineEPvES6_S4_+76)
  #18  pc 0000000000207900  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (engine_main(int, char**)+116)
  #19  pc 00000000000747b4  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (main+24)
  #20  pc 000000000033a6b0  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (_glfwPreMain+248)
  #21  pc 00000000000747dc  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (android_main+20)
  #22  pc 000000000033af98  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (android_app_entry+176)
  #23  pc 0000000000063635  /system/lib/libc.so (__pthread_start(void*)+22)
  #24  pc 000000000001dff9  /system/lib/libc.so (__start_thread+24)

Galaxy Mega 6.3

backtrace:
  #00  pc 00000000003a14b0  /data/app-lib/bundleid.familyage-1/libFamilyAge.so (std::basic_string<char, std::char_traits<char>, std::allocator<char> >::~basic_string()+16)
  #01  pc 00000000002048f1  /data/app-lib/bundleid.familyage-1/libFamilyAge.so (firebase::Variant::Clear(firebase::Variant::Type)+56)
backtrace:
  #00  pc 0000000000204f52  /data/app-lib/bundleid.familyage-1/libFamilyAge.so (std::vector<firebase::Variant, std::allocator<firebase::Variant> >::~vector()+5)
  #01  pc 0000000000204909  /data/app-lib/bundleid.familyage-1/libFamilyAge.so (firebase::Variant::Clear(firebase::Variant::Type)+80)
backtrace:
  #00  pc 000000000020593a  /data/app-lib/bundleid.familyage-1/libFamilyAge.so (std::_Rb_tree<firebase::Variant, std::pair<firebase::Variant const, firebase::Variant>, std::_Select1st<std::pair<firebase::Variant const, firebase::Variant> >, std::less<firebase::Variant>, std::allocator<std::pair<firebase::Variant const, firebase::Variant> > >::_M_erase(std::_Rb_tree_node<std::pair<firebase::Variant const, firebase::Variant> >*)+13)
  #01  pc 00000000002059df  /data/app-lib/bundleid.familyage-1/libFamilyAge.so (std::_Rb_tree<firebase::Variant, std::pair<firebase::Variant const, firebase::Variant>, std::_Select1st<std::pair<firebase::Variant const, firebase::Variant> >, std::less<firebase::Variant>, std::allocator<std::pair<firebase::Variant const, firebase::Variant> > >::~_Rb_tree()+8)

Huawei Mate 20

backtrace:
  #00  pc 0000000000204f52  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (std::vector<firebase::Variant, std::allocator, <firebase::Variant>>::~vector()+6)
  #01  pc 0000000000204909  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (firebase::Variant::Clear(firebase::Variant::Type)+80)
  #02  pc 00000000002047b7  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (firebase::Variant::operator=(firebase::Variant const&)+26)
  #03  pc 00000000000965bc  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (firebase::analytics::Parameter::operator=(firebase::analytics::Parameter const&)+56)
  #04  pc 0000000000097454  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmArray<firebase::analytics::Parameter>::Push(firebase::analytics::Parameter const&)+116)
  #05  pc 000000000009685c  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (Firebase_Analytics_LogTable(lua_State*)+652)
  #06  pc 00000000002b8fac  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (lj_BC_FUNCC+44)
  #07  pc 00000000002af553  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (lua_pcall+40)
  #08  pc 000000000028c848  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmScript::PCallInternal(lua_State*, int, int, int)+84)
  #09  pc 000000000022b89c  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGameObject::RunScript(lua_State*, dmGameObject::Script*, dmGameObject::ScriptFunction, dmGameObject::ScriptInstance*, dmGameObject::RunScriptParams const&)+372)
  #10  pc 000000000022d514  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGameObject::CompScriptUpdate(dmGameObject::ComponentsUpdateParams const&, dmGameObject::ComponentsUpdateResult&)+144)
  #11  pc 000000000021aaf8  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGameObject::Update(dmGameObject::CollectionHandle*, dmGameObject::UpdateContext const*)+552)
  #12  pc 00000000002434fc  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGameSystem::CompCollectionProxyUpdate(dmGameObject::ComponentsUpdateParams const&, dmGameObject::ComponentsUpdateResult&)+208)
  #13  pc 000000000021aaf8  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGameObject::Update(dmGameObject::CollectionHandle*, dmGameObject::UpdateContext const*)+552)
  #14  pc 0000000000208cf0  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmEngine::Step(dmEngine::Engine*)+1128)
  #15  pc 00000000002708dc  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (dmGraphics::RunApplicationLoop(void*, void (*)(void*), int (*)(void*))+20)
  #16  pc 000000000020baa8  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (_ZN8dmEngineL7InitRunEPN15dmEngineService13EngineServiceEiPPcPFvPNS_6EngineEPvES9_S7_+180)
  #17  pc 000000000020bb4c  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (_ZN8dmEngine6LaunchEiPPcPFvPNS_6EngineEPvES6_S4_+76)
  #18  pc 0000000000207900  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (engine_main(int, char**)+116)
  #19  pc 00000000000747b4  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (main+24)
  #20  pc 000000000033a6b0  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (_glfwPreMain+248)
  #21  pc 00000000000747dc  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (android_main+20)
  #22  pc 000000000033af98  /data/app/bundleid.familyage-LLISskZXwVi6xW2CJMdV7Q==/lib/arm/libFamilyAge.so (android_app_entry+176)
  #23  pc 0000000000063635  /system/lib/libc.so (__pthread_start(void*)+22)
  #24  pc 000000000001dff9  /system/lib/libc.so (__start_thread+24)

Source code for log_table

static int Firebase_Analytics_LogTable(lua_State* L) {
    int top = lua_gettop(L);

    dmArray<analytics::Parameter> tableParams;

    const char* name = luaL_checkstring(L, 1);
    luaL_checktype(L, 2, LUA_TTABLE);

    lua_pushvalue(L, 2);
    lua_pushnil(L);

    while (lua_next(L, -2) != 0)
    {
        if(tableParams.Full())
        {
            tableParams.OffsetCapacity(1);
        }
        const char* k = lua_tostring(L, -2);
        int t = lua_type(L, -1);
        analytics::Parameter param;
        switch (t) {
            case LUA_TSTRING:
                param = analytics::Parameter(k, lua_tostring(L, -1));
            break;
            case LUA_TBOOLEAN:
                param = analytics::Parameter(k, firebase::Variant(lua_toboolean(L, -1)));
            break;
            case LUA_TNUMBER:
                param = analytics::Parameter(k, lua_tonumber(L, -1));
            break;
            default:  /* other values */
            lua_pop(L, 3);
            assert(top == lua_gettop(L));
            char msg[256];
            snprintf(msg, sizeof(msg), "Wrong type for table attribute '%s'.", k);
            luaL_error(L, msg);
            return 0;
            break;
        }
        tableParams.Push(param);
        lua_pop(L, 1);
    }
    int size = tableParams.Size();
    analytics::Parameter params[size];
    for(int i = size - 1; i >= 0; --i)
    {
        params[i] = tableParams[i];
    }
    LogEvent(name, params, size);

    lua_pop(L, 1);
    assert(top == lua_gettop(L));
    return 0;
}

Looks like there are problem in dmArray::Push. Seems to be after dmArray::OffsetCapacity call. For my point of view this crash dumps can be described by this simple steps:

  1. dmArray<firebase::analytics::Parameter>::OffsetCapacity
  2. dmArray<firebase::analytics::Parameter>::Push(firebase::analytics::Parameter const&)
  3. firebase::analytics::Parameter::operator=(firebase::analytics::Parameter const&).
  4. firebase::Variant::Clear(firebase::Variant::Type).
  5. Then will be crash with call of destuctor for appropriate Variant::Type. Which is initialized with random value from raw memory.

I think the call of firebase::analytics::Parameter::operator=(firebase::analytics::Parameter const&) is not appropriate for element[Size() + 1] allocated by dmArray<firebase::analytics::Parameter>::OffsetCapacity and not initialized by constructor call. Can you confirm the bug in dmArray or what i'm doing wrong?

britzl commented 5 years ago

@AGulev will follow-up on this issue on Monday (10th of June)

AGulev commented 5 years ago

Hi @Filazapovich , Thank you for the issue report!

I've made a fix, would be awesome if you could test and confirm that everything works fine, thanks! https://github.com/defold/extension-firebase-analytics/archive/android-crash-fix.zip

Filazapovich commented 5 years ago

Hi @AGulev , Thanks for fix. It works fine.