UTF-32 symbols in strings in nested objects in debug mode cause app to crash

[lebedev]

Goals

I was remotely debugging JS in React Native app and tried to pass an object to Realm.create with another nested object, one of properties of which is a string, that contains UTF-32 symbol.

Expected Results

I expected nothing.

Actual Results

App crashed.

Steps to Reproduce

I've made minimal testcase, which you can find here. App crashes constantly, in 100% of tries.

Code Sample

realm.write(() => {
    realm.create('Item', {
        id: 'test',
        randomName: {
            // String with any UTF-32 symbol with code >= 10000.
            // Strings with U+00009999 and lower are fine, strings with U+00010000 and higher cause crashes.
            otherRandomName: '',
        },
    }, true);
});

Version of Realm and Tooling

• Realm JS SDK Version: 2.2.1
• Node or React Native: React Native 0.50.3
• Client OS & Version: Windows 7 x64
• Which debugger for React Native: Chrome DevTools

[kneth]

Do you see a crash if you run your test app on iOS?

[lebedev]

I don't have a way to test it, so I can't really tell.

[ovr]

I tested on iOS, it works, no crash! Looks likes, it's an Android bug only!

[kneth]

@ovr Thanks for clarifying.

[ovr]

Tested on Android 6.x by emulator via RemoteJS by

• Chrome
• React Native debuger

[lebedev]

The bug can be reproduced on my real device (Sony Xperia Z1) with Android version 5.1.1. and can't be reproduced on emulator with Android 8 (API 26).

[ovr]

  * frame #0: 0xb753d036 libc.so`tgkill + 22
    frame #1: 0xb74ea17c libc.so`pthread_kill + 156
    frame #2: 0xb74eb9f5 libc.so`raise + 37
    frame #3: 0xb74e3df5 libc.so`abort + 85
    frame #4: 0xa1596445 librealmreact.so`__gnu_cxx::__verbose_terminate_handler() + 453
    frame #5: 0xa1539398 librealmreact.so`__cxxabiv1::__terminate(void (*)()) + 24
    frame #6: 0xa1539430 librealmreact.so`std::terminate() + 32
    frame #7: 0xa1539571 librealmreact.so`__cxa_throw + 113
    frame #8: 0xa1173dac librealmreact.so`___lldb_unnamed_symbol7708$$librealmreact.so + 370
    frame #9: 0xa1171bf2 librealmreact.so`___lldb_unnamed_symbol7694$$librealmreact.so + 1930
    frame #10: 0xa11716fc librealmreact.so`___lldb_unnamed_symbol7694$$librealmreact.so + 660
    frame #11: 0xa11719c0 librealmreact.so`___lldb_unnamed_symbol7694$$librealmreact.so + 1368
    frame #12: 0xa11716fc librealmreact.so`___lldb_unnamed_symbol7694$$librealmreact.so + 660
    frame #13: 0xa11719c0 librealmreact.so`___lldb_unnamed_symbol7694$$librealmreact.so + 1368
    frame #14: 0xa11716fc librealmreact.so`___lldb_unnamed_symbol7694$$librealmreact.so + 660
    frame #15: 0xa11719c0 librealmreact.so`___lldb_unnamed_symbol7694$$librealmreact.so + 1368
    frame #16: 0xa11716fc librealmreact.so`___lldb_unnamed_symbol7694$$librealmreact.so + 660
    frame #17: 0xa11709f7 librealmreact.so`___lldb_unnamed_symbol7678$$librealmreact.so + 85```

[ovr]

Looks likes, it's fixed by https://github.com/realm/realm-js/commit/7a039d5407a0345bdd6cb3c2cec154b4455d003c#diff-7c0bbffb2b1d56242c8b6670362aa936R161 in v2.2.2

@angly-cat can you verify?

[lebedev]

Still crashes with Realm 2.2.2.

Can be reproduced in avd emulator with Android 5.1.

[kneth]

@angly-cat Thanks for the update. I hope to be able to investigate a bit early next week.

[lebedev]

The issue still persists as per realm 2.28.

Apparently, only Android devices with API level 22 (Lopipop) or below are affected.

In logcat crashes are described as JNI DETECTED ERROR IN APPLICATION: input is not valid Modified UTF-8: illegal start byte.

This is a known bug for older Android APIs.

I've found an issue with the same error message in another project.

And apparently they've fixed that by making a patch.

@kneth please check if it's possible to adapt their fix to realm. It's not a top-priority issue, but if the fix can be done easily, then why not.

[kneth]

@lebedev Thank you for investigating. I hope to have some time soon to integrate the patch (or a similar approach).