react-native-community / jsc-android-buildscripts

Script for building JavaScriptCore for Android (for React Native but not only)
BSD 2-Clause "Simplified" License
1.06k stars 97 forks source link

250230.2.1 armeabi_v7a Crash signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x30 on Samsung family phones #180

Open vkapko opened 1 year ago

vkapko commented 1 year ago

Issue Description

02-10 09:32:11.838 17987 17987 F DEBUG : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x30 02-10 09:32:11.838 17987 17987 F DEBUG : Cause: null pointer dereference 02-10 09:32:11.838 17987 17987 F DEBUG : r0 0000000a r1 fff83488 r2 fff83508 r3 00001150 02-10 09:32:11.838 17987 17987 F DEBUG : r4 00000000 r5 00000000 r6 c62f4128 r7 0000015a 02-10 09:32:11.838 17987 17987 F DEBUG : r8 f27e0c1c r9 f27e0bd0 r10 00000000 r11 00001150 02-10 09:32:11.838 17987 17987 F DEBUG : ip fff83808 sp fff83470 lr f09bbbc0 pc c6121c98 02-10 09:32:11.839 17987 17987 F DEBUG : backtrace: 02-10 09:32:11.839 17987 17987 F DEBUG : #00 pc 00392c98 /data/app/~~7E-LnAzQ4v0NzEIDnTmn9w==/com.dovly.app-5PuoEKbP0KzdhDbQuJY48g==/split_config.armeabi_v7a.apk!libjsc.so (BuildId: 184cbb2602409d8d87c82858f210bcb5255b9e8c) 02-10 09:32:11.839 17987 17987 F DEBUG : #01 pc 0005bbc0 /apex/com.android.runtime/lib/bionic/libc.so (__restore_rt+0) (BuildId: f1f4a4b2b76c986f7bd6e840119e41e2) 02-10 09:32:11.840 17987 17987 F DEBUG : #02 pc 0009b57c /apex/com.android.runtime/lib/bionic/libc.so (__epoll_pwait+16) (BuildId: f1f4a4b2b76c986f7bd6e840119e41e2) 02-10 09:32:11.840 17987 17987 F DEBUG : #03 pc 0006c1a1 /apex/com.android.runtime/lib/bionic/libc.so (epoll_wait+16) (BuildId: f1f4a4b2b76c986f7bd6e840119e41e2) 02-10 09:32:11.840 17987 17987 F DEBUG : #04 pc 000100f5 /system/lib/libutils.so (android::Looper::pollInner(int)+124) (BuildId: 06989e1293b0fa4ff150d7900e4ba81f) 02-10 09:32:11.840 17987 17987 F DEBUG : #05 pc 0001001f /system/lib/libutils.so (android::Looper::pollOnce(int, int, int, void*)+62) (BuildId: 06989e1293b0fa4ff150d7900e4ba81f) 02-10 09:32:11.840 17987 17987 F DEBUG : #06 pc 000e5dc5 /system/lib/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce(_JNIEnv, _jobject*, long long, int)+26) (BuildId: 96303600503e72198b76a033f7829a73)

Version, config, any additional info

package.json:

"react-native": "0.70.5",

},
"jsc-android": {
  "version": "250230.2.1",
  "resolved": "https://registry.npmjs.org/jsc-android/-/jsc-android-250230.2.1.tgz",
  "integrity": "sha512-KmxeBlRjwoqCnBBKGsihFtvsBHyUFlBxJPK4FzeYcIuBfdjv6jFys44JITAgSTbQD+vIdwMEfyZklsuQX0yI1Q=="
},

build.gradle:

splits {
    abi {
        reset()
        enable enableSeparateBuildPerCPUArchitecture
        universalApk false  // If true, also generate a universal APK
        include "armeabi-v7a", "x86", "arm64-v8a", "x86_64"
    }
}
vkapko commented 1 year ago

Additional details: The crash is effecting only Samsung family phones and only during the first startup after install. After that it woks properly.

vkapko commented 1 year ago

Fixed by enabling Hermes

xOIBrandon commented 1 year ago

Fixed by enabling Hermes

fixed by severely crippling runtime performance*

😭😭😭

jefflewis commented 1 year ago

I can very much confirm this crash. We started seeing this when updating from RN 0.66 to 0.69,0.70,0.71, and 0.72.

Obviously, yes, not using libjsc.so does "fix" the problem by not including that library in the archive. I don't consider that a solution to the issue and would love to help debug what is going on.

I managed to create a build of our app that uses JSC with RN 0.72 and not see this crash. A future (small, js only) commit appears to bring this back. That means I have two js bundles for JSC to execute and one of them triggers this crash and the other does not.

I can't post all of the source code, but can provide debug logs and attempt changes to verify a possible fix.

@Kudo is there anything I can do here to help?

jefflewis commented 1 year ago

Here's a ndk-stack trace for the crash:

********** Crash dump: **********
Build fingerprint: 'samsung/beyond1qlteue/beyond1q:12/SP1A.210812.016/G973U1UES8IWD3:user/release-keys'
#00 0x00000000005032e4 /data/app/~~PazDQMx7Xot1mN6o6O3bYw==/my.app.bundle.id-JLodfSZXtj_iDJ_vPcIUaA==/base.apk!libjsc.so (BuildId: 9cb83e4124e3ee1471bc717c722b4109614385ba)
#01 0x0000000000000668 [vdso] (__kernel_rt_sigreturn+0)
#02 0x00000000000a3068 /apex/com.android.runtime/lib64/bionic/libc.so (__epoll_pwait+8) (BuildId: 73e145ce4e1dfca57a8eaf6d29c1d3fe)
#03 0x0000000000017ea8 /system/lib64/libutils.so (android::Looper::pollInner(int)+184) (BuildId: 748948a5650ad93d18b12eb1d9a51a89)
#04 0x0000000000017d84 /system/lib64/libutils.so (android::Looper::pollOnce(int, int*, int*, void**)+116) (BuildId: 748948a5650ad93d18b12eb1d9a51a89)
#05 0x0000000000159260 /system/lib64/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce(_JNIEnv*, _jobject*, long, int)+48) (BuildId: 114b91edbaa34f59ff09b656c4c0d721)
#06 0x000000000023c57c /system/framework/arm64/boot-framework.oat (art_jni_trampoline+108) (BuildId: c2459c957c1ebe33ddd1b69cc4caa3c9b9c9bb4a)
#07 0x0000000000792168 /system/framework/arm64/boot-framework.oat (android.os.MessageQueue.next+232) (BuildId: c2459c957c1ebe33ddd1b69cc4caa3c9b9c9bb4a)
#08 0x000000000078f364 /system/framework/arm64/boot-framework.oat (android.os.Looper.loopOnce+100) (BuildId: c2459c957c1ebe33ddd1b69cc4caa3c9b9c9bb4a)
#09 0x000000000078f264 /system/framework/arm64/boot-framework.oat (android.os.Looper.loop+516) (BuildId: c2459c957c1ebe33ddd1b69cc4caa3c9b9c9bb4a)
#10 0x000000000050c7f0 /system/framework/arm64/boot-framework.oat (android.app.ActivityThread.main+800) (BuildId: c2459c957c1ebe33ddd1b69cc4caa3c9b9c9bb4a)
#11 0x0000000000218be8 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: 4752fd49b3f5a76fd788c235cf2fb143)
#12 0x000000000028600c /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+220) (BuildId: 4752fd49b3f5a76fd788c235cf2fb143)
#13 0x000000000062d0ec /apex/com.android.art/lib64/libart.so (_jobject* art::InvokeMethod<(art::PointerSize)8>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1388) (BuildId: 4752fd49b3f5a76fd788c235cf2fb143)
#14 0x000000000059b46c /apex/com.android.art/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+56) (BuildId: 4752fd49b3f5a76fd788c235cf2fb143)
#15 0x00000000000b2f74 /apex/com.android.art/javalib/arm64/boot.oat (art_jni_trampoline+132) (BuildId: cb3f7d683b4276aeb0f07ebac9fc30ac8eefbaa9)
#16 0x0000000000ae1aac /system/framework/arm64/boot-framework.oat (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+140) (BuildId: c2459c957c1ebe33ddd1b69cc4caa3c9b9c9bb4a)
#17 0x0000000000aeaed8 /system/framework/arm64/boot-framework.oat (com.android.internal.os.ZygoteInit.main+2376) (BuildId: c2459c957c1ebe33ddd1b69cc4caa3c9b9c9bb4a)
#18 0x0000000000218be8 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: 4752fd49b3f5a76fd788c235cf2fb143)
#19 0x000000000028600c /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+220) (BuildId: 4752fd49b3f5a76fd788c235cf2fb143)
#20 0x000000000062d874 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+452) (BuildId: 4752fd49b3f5a76fd788c235cf2fb143)
#21 0x000000000062dd68 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+96) (BuildId: 4752fd49b3f5a76fd788c235cf2fb143)
#22 0x0000000000503df8 /apex/com.android.art/lib64/libart.so (art::JNI<true>::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+620) (BuildId: 4752fd49b3f5a76fd788c235cf2fb143)
#23 0x00000000000b3bf8 /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+124) (BuildId: 114b91edbaa34f59ff09b656c4c0d721)
#24 0x00000000000c01e4 /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+852) (BuildId: 114b91edbaa34f59ff09b656c4c0d721)
#25 0x00000000000025a8 /system/bin/app_process64 (main+1360) (BuildId: f30f7754f376ddaa26066fb587c01d62)
#26 0x000000000004a068 /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+100) (BuildId: 73e145ce4e1dfca57a8eaf6d29c1d3fe)
Crash dump is completed
DiegoskiMolinoski commented 8 months ago

Any update on this? for people that cannot migrate to hermes this is a huge impact and this libs is the only salvation :(

jefflewis commented 3 months ago

Any update on this? for people that cannot migrate to hermes this is a huge impact and this libs is the only salvation :(

I can only add that removing a lot of react-native-reanimated code made has prevented this crash in our app. I had it down to the inclusion of a single view's animation would trigger the crash. Removing the animating view removed the crash.