Samsung Galaxy S3 mini: Heap memory corruption

[jonasbark]

Samsung Galaxy S3 mini (i8200N)

Trying to use Realm v2 we're getting the following crash:

[02-10 16:15:02.593 10641-10641/link.thismo.app A/libc: Fatal signal 11 (SIGSEGV) at 0x5ab96ff6 (code=2), thread 10641 (link.thismo.app)
02-10 16:15:02.601 10641-10713/link.thismo.app I/dalvikvm: JNI ERROR (app bug): accessed deleted local reference 0x23400005
02-10 16:15:02.601 10641-10713/link.thismo.app E/dalvikvm: VM aborting
02-10 16:15:02.601 10641-10713/link.thismo.app A/libc: Fatal signal 11 (SIGSEGV) at 0xdeadd00d (code=1), thread 10713 (AnalyticsWorker)
02-10 16:15:10.054 10641-10647/link.thismo.app A/libc: @@@ ABORTING: LIBC: HEAP MEMORY CORRUPTION IN dlmalloc]

A more complete crash log that happened on version 2.4.0-SNAPSHOT:
https://gist.github.com/jonasbark/26fbd60062ed9af981a3d0b19f91c62d

It does not happen with e.g. 0.90.1.

[kneth]

@jonasbark Do you use encryption?

[jonasbark]

No, nothing like that.

This is the complete initiation part:

Realm.init(this);
RealmConfiguration config = new RealmConfiguration
                  .Builder()
                  .schemaVersion(1)
                  .migration(new Migrations())
                  .build();
Realm.setDefaultConfiguration(config);

[kneth]

Parsing the log:

Build fingerprint: 'samsung/goldenve3gxx/goldenve3g:4.2.2/JDQ39/I8200NXXUAOC1:user/release-keys'
pid: 25325, tid: 25325, name: link.thismo.app  >>> link.thismo.app <<<
signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 5f143ffe
Stack frame #00  pc 000d5776  /data/app-lib/link.thismo.app-1/librealm-jni.so: Routine realm::ArrayString::set(unsigned int, realm::StringData) at libgcc2.c:?
Stack frame #01  pc 001114b3  /data/app-lib/link.thismo.app-1/librealm-jni.so: Routine realm::Spec::insert_column(unsigned int, realm::ColumnType, realm::StringData, realm::ColumnAttr) at libgcc2.c:?

[Zhuinden]

This is from the old error:

frame #0: 0x5e61ea68 librealm-jni.so`realm::ArrayString::set(unsigned int, realm::StringData) + 162
frame #1: 0x5e640c1e librealm-jni.so`realm::Group::do_get_or_add_table(realm::StringData, bool (*)(realm::Spec const&), void (*)(realm::Table&), bool*) + 154

Something's really up with that poor ArrayString.

[kneth]

Yes, indeed it looks like it. And it is odd, since we still have the work-around in place.

[kneth]

@jonasbark I close the issue as it is a duplicate of #3651.

[Qubitium]

@kneth We found that applying your "disable LTO" realm-core pr to the 1.x branch causes similar heap corruption issue with our samsung 4.2.2 device and only our 4.2.2 samsung device.

[kneth]

@diegomontoya Thanks. Which device do you test on?

[Qubitium]

@kneth Samsung SM-G3818 and another Samsung device both with 4.2.2. I can give you the other device model when I am in office tmr.

[Qubitium]

@kneth GT-I9118

[kneth]

@diegomontoya Thanks. We don't have those particular models but it sounds like a 4.2.2 issue.

[Qubitium]

@kneth Yes. 4.2.2 has to be worst android release in history. If realm gets any more heap crashes in the 2.x branch on 4.2.2, it may related the to new LTO-less build flags.

[Zhuinden]

@diegomontoya the problem with that is that removing those flags is what made Realm not crash on startup on those devices so I truly wonder what could be going on... There were no relevant commits in this regard where the actual crash occurs.

[Qubitium]

@Zhuinden My guess is that the truth is still out there. The real why, whether toolchain (ndk10e) related, realm-src, device, or a mixed-combo is still a mystery.

[Zhuinden]

#4402 might fix this once it's merged