Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EXC_BAD_ACCESS JSC getOwnPropertySlot #2416

Closed
dkpalmer opened this issue Jun 18, 2019 · 11 comments
Closed

EXC_BAD_ACCESS JSC getOwnPropertySlot #2416

dkpalmer opened this issue Jun 18, 2019 · 11 comments
Labels
O-Community Reproduction-Required T-Bug-Crash

Comments

@dkpalmer
Copy link

dkpalmer commented Jun 18, 2019
edited by sync-by-unito bot

tl;dr I'm hoping the included stack traces below might shed some light on what could be causing some EXC_BAD_ACCESS crashes from the JSC and Realm.

--

Since our latest release we have started getting crashes that all look to have Realm and JSC in the picture:

EXC_BAD_ACCESS Attempted to dereference garbage pointer 0x10.

And usually either from JSC::JSFunction::getOwnPropertySlot or JSC::JSCallbackObject<T>::getOwnPropertySlot called by a Realm function (e.g. get_property_names, get_property).

Unfortunately, this was a very large release for us so it's hard to know where I could look to try and provide a way to isolate the issue. Realm related in this release, we:

  • Upgraded from realm-js 2.20.0 -> 2.26.1
  • Started adopting Realm listeners in a few screens.

I would appreciate any insights the Realm team can provide. Happy to dig into any ideas or thoughts you all might have.

A few stack traces are included below for reference. All fairly similar but generally the crashes are coming up as unique in Sentry.

Version of Realm and Tooling

  • Realm JS SDK Version: v2.26.1
  • Node or React Native: RN v0.57.5
  • Client OS & Version: All iOS: 12.2, 12.3
  • Which debugger for React Native: None
Exception Type: EXC_BAD_ACCESS (SIGBUS)
Exception Codes: BUS_NOOP at 0x0000000000000010
Crashed Thread: 2

Application Specific Information:
Attempted to dereference garbage pointer 0x10.

Thread 2 Crashed:
0   JavaScriptCore                  0x382a1ead0         JSC::JSCallbackObject<T>::getOwnPropertySlot
1   <unknown>                       0x30ec81fec16ba0    <redacted>
...
4   <unknown>                       0x54350104fbefc8    <redacted>
5   infusionsoftmobile              0x204fd802c         realm::jsc::ObjectWrap<T>::get_property_names (jsc_class.hpp:288)
6   JavaScriptCore                  0x382a1f1cc         JSC::JSCallbackObject<T>::getOwnNonIndexPropertyNames
7   <unknown>                       0x24cd81ff3f4494    <redacted>
...
26  <unknown>                       0x1d170105007170    <redacted>
27  infusionsoftmobile              0x205002394         realm::js::wrap<T> (jsc_class.hpp:390)
28  JavaScriptCore                  0x382a1d36c         JSC::APICallbackFunction::call<T>

Exception Type: EXC_BAD_ACCESS (SIGBUS)
Exception Codes: BUS_NOOP at 0x0000000000000010
Crashed Thread: 2

Application Specific Information:
Attempted to dereference garbage pointer 0x10.

Thread 2 Crashed:
0   JavaScriptCore                  0x325ee7ff4         JSC::JSFunction::getOwnPropertySlot
1   JavaScriptCore                  0x325773f60         [inlined] JSC::JSObject::get
2   JavaScriptCore                  0x325773f60         JSC::JSObject::get
3   JavaScriptCore                  0x325793d54         JSObjectGetProperty
4   infusionsoftmobile              0x2007cd1d0         realm::js::Object<T>::get_property (jsc_object.hpp:29)
5   infusionsoftmobile              0x2007cd1c0         realm::js::Object<T>::validated_get_object (js_types.hpp:263)
6   infusionsoftmobile              0x2007fd118         realm::js::RealmObjectClass<T>::create_instance (js_realm_object.hpp:135)
7   infusionsoftmobile              0x200801c24         realm::js::NativeAccessor<T>::box (js_object_accessor.hpp:119)
8   infusionsoftmobile              0x200810d20         realm::Results::get<T> (results.hpp:306)
9   infusionsoftmobile              0x200810d0c         realm::js::ResultsClass<T>::get_index (js_results.hpp:268)
10  infusionsoftmobile              0x20080d098         realm::js::wrap<T> (jsc_class.hpp:428)
11  JavaScriptCore                  0x325789dfc         JSC::JSCallbackObject<T>::getOwnPropertySlot
12  JavaScriptCore                  0x32578a448         JSC::JSCallbackObject<T>::getOwnPropertySlotByIndex
13  JavaScriptCore                  0x325d3bf58         llint_slow_path_get_by_val
14  JavaScriptCore                  0x325759038         llint_entry
15  JavaScriptCore                  0x325764cb4         [inlined] <redacted>
16  JavaScriptCore                  0x325764cb4         [inlined] <redacted>
17  JavaScriptCore                  0x325764cb4         <redacted>
18  JavaScriptCore                  0x3257507f8         vmEntryToJavaScript
19  JavaScriptCore                  0x325c8276c         JSC::Interpreter::executeCall
20  JavaScriptCore                  0x325ee115c         JSC::boundThisNoArgsFunctionCall
21  JavaScriptCore                  0x32576673c         <redacted>
...
31  JavaScriptCore                  0x325764cb4         <redacted>
32  JavaScriptCore                  0x3257507f8         vmEntryToJavaScript
33  JavaScriptCore                  0x325c8276c         JSC::Interpreter::executeCall
34  JavaScriptCore                  0x325e64524         JSC::profiledCall
35  JavaScriptCore                  0x325795b20         JSObjectCallAsFunction
36  infusionsoftmobile              0x20080fe04         realm::js::Function<T>::call (jsc_function.hpp:29)
37  infusionsoftmobile              0x20080fdf0         [inlined] realm::js::Function<T>::callback (jsc_function.hpp:38)
38  infusionsoftmobile              0x20080fdf0         realm::js::ResultsClass<T>::add_listener<T>::lambda::operator() (js_results.hpp:430)
39  infusionsoftmobile              0x20080fdd8         realm::CollectionChangeCallback::Impl<T>::after (collection_notifications.hpp:158)
40  infusionsoftmobile              0x2007c514c         realm::CollectionChangeCallback::after (collection_notifications.hpp:122)
41  infusionsoftmobile              0x2007c513c         realm::_impl::CollectionNotifier::after_advance::lambda::operator()<T> (collection_notifier.cpp:332)
42  infusionsoftmobile              0x2007c5050         realm::_impl::CollectionNotifier::for_each_callback<T> (collection_notifier.cpp:378)
43  infusionsoftmobile              0x2007c5008         realm::_impl::CollectionNotifier::after_advance (collection_notifier.cpp:334)
44  infusionsoftmobile              0x2007c5ce8         realm::_impl::NotifierPackage::after_advance (collection_notifier.cpp:490)
45  infusionsoftmobile              0x20086df44         (anonymous namespace)::advance_with_notifications<T> (transact_log_handler.cpp:803)
46  infusionsoftmobile              0x20086ddf4         realm::_impl::transaction::begin (transact_log_handler.cpp:838)
47  infusionsoftmobile              0x20083e7c0         realm::_impl::RealmCoordinator::promote_to_write (realm_coordinator.cpp:868)
48  infusionsoftmobile              0x200853c6c         realm::Realm::begin_transaction (shared_realm.cpp:677)
49  infusionsoftmobile              0x20081714c         realm::js::RealmClass<T>::write (js_realm.hpp:1088)
50  infusionsoftmobile              0x200812394         realm::js::wrap<T> (jsc_class.hpp:390)
51  JavaScriptCore                  0x325788aa0         JSC::APICallbackFunction::call<T>

Exception Type: EXC_BAD_ACCESS (SIGBUS)
Exception Codes: BUS_NOOP at 0x0000000000000010
Crashed Thread: 2

Application Specific Information:
Attempted to dereference garbage pointer 0x10.

Thread 2 Crashed:
0   JavaScriptCore                  0x321591ff4         JSC::JSFunction::getOwnPropertySlot
1   JavaScriptCore                  0x320e1df60         [inlined] JSC::JSObject::get
2   JavaScriptCore                  0x320e1df60         JSC::JSObject::get
3   JavaScriptCore                  0x320e3dd54         JSObjectGetProperty
4   infusionsoftmobile              0x2023a51d0         realm::js::Object<T>::get_property (jsc_object.hpp:29)
5   infusionsoftmobile              0x2023a51c0         realm::js::Object<T>::validated_get_object (js_types.hpp:263)
6   infusionsoftmobile              0x2023d5118         realm::js::RealmObjectClass<T>::create_instance (js_realm_object.hpp:135)
7   infusionsoftmobile              0x2023d9c24         realm::js::NativeAccessor<T>::box (js_object_accessor.hpp:119)
8   infusionsoftmobile              0x2023d95bc         realm::List::get<T> (list.hpp:184)
9   infusionsoftmobile              0x2023d95a8         realm::js::ListClass<T>::get_index (js_list.hpp:147)
10  infusionsoftmobile              0x2023d0c38         realm::js::wrap<T> (jsc_class.hpp:428)
11  JavaScriptCore                  0x320e33dfc         JSC::JSCallbackObject<T>::getOwnPropertySlot
12  JavaScriptCore                  0x320e34448         JSC::JSCallbackObject<T>::getOwnPropertySlotByIndex
13  JavaScriptCore                  0x3213e6e94         llint_slow_path_get_by_val
14  JavaScriptCore                  0x320e03038         llint_entry
15  JavaScriptCore                  0x320e0ecb4         [inlined] <redacted>
...
26  JavaScriptCore                  0x320e0ecb4         <redacted>
27  JavaScriptCore                  0x320dfa7f8         vmEntryToJavaScript
28  JavaScriptCore                  0x32132c76c         JSC::Interpreter::executeCall
29  JavaScriptCore                  0x32150e524         JSC::profiledCall
30  JavaScriptCore                  0x320e3fb20         JSObjectCallAsFunction
31  infusionsoftmobile              0x2023e7e04         realm::js::Function<T>::call (jsc_function.hpp:29)
32  infusionsoftmobile              0x2023e7df0         [inlined] realm::js::Function<T>::callback (jsc_function.hpp:38)
33  infusionsoftmobile              0x2023e7df0         realm::js::ResultsClass<T>::add_listener<T>::lambda::operator() (js_results.hpp:430)
34  infusionsoftmobile              0x2023e7dd8         realm::CollectionChangeCallback::Impl<T>::after (collection_notifications.hpp:158)
35  infusionsoftmobile              0x20239d14c         realm::CollectionChangeCallback::after (collection_notifications.hpp:122)
36  infusionsoftmobile              0x20239d13c         realm::_impl::CollectionNotifier::after_advance::lambda::operator()<T> (collection_notifier.cpp:332)
37  infusionsoftmobile              0x20239d050         realm::_impl::CollectionNotifier::for_each_callback<T> (collection_notifier.cpp:378)
38  infusionsoftmobile              0x20239d008         realm::_impl::CollectionNotifier::after_advance (collection_notifier.cpp:334)
39  infusionsoftmobile              0x20239dce8         realm::_impl::NotifierPackage::after_advance (collection_notifier.cpp:490)
40  infusionsoftmobile              0x202445f44         (anonymous namespace)::advance_with_notifications<T> (transact_log_handler.cpp:803)
41  infusionsoftmobile              0x202445df4         realm::_impl::transaction::begin (transact_log_handler.cpp:838)
42  infusionsoftmobile              0x2024167c0         realm::_impl::RealmCoordinator::promote_to_write (realm_coordinator.cpp:868)
43  infusionsoftmobile              0x20242bc6c         realm::Realm::begin_transaction (shared_realm.cpp:677)
44  infusionsoftmobile              0x2023ef14c         realm::js::RealmClass<T>::write (js_realm.hpp:1088)
45  infusionsoftmobile              0x2023ea394         realm::js::wrap<T> (jsc_class.hpp:390)
46  JavaScriptCore                  0x320e32aa0         JSC::APICallbackFunction::call<T>

Exception Type: EXC_BAD_ACCESS (SIGBUS)
Exception Codes: BUS_NOOP at 0x0000000000000010
Crashed Thread: 2

Application Specific Information:
Attempted to dereference garbage pointer 0x10.

Thread 2 Crashed:
0   JavaScriptCore                  0x33a67fff4         JSC::JSFunction::getOwnPropertySlot
1   JavaScriptCore                  0x339f0bf60         [inlined] JSC::JSObject::get
2   JavaScriptCore                  0x339f0bf60         JSC::JSObject::get
3   JavaScriptCore                  0x339f2bd54         JSObjectGetProperty
4   infusionsoftmobile              0x200b411d0         realm::js::Object<T>::get_property (jsc_object.hpp:29)
5   infusionsoftmobile              0x200b411c0         realm::js::Object<T>::validated_get_object (js_types.hpp:263)
6   infusionsoftmobile              0x200b71118         realm::js::RealmObjectClass<T>::create_instance (js_realm_object.hpp:135)
7   infusionsoftmobile              0x200b75c24         realm::js::NativeAccessor<T>::box (js_object_accessor.hpp:119)
8   infusionsoftmobile              0x200b755bc         realm::List::get<T> (list.hpp:184)
9   infusionsoftmobile              0x200b755a8         realm::js::ListClass<T>::get_index (js_list.hpp:147)
10  infusionsoftmobile              0x200b6cc38         realm::js::wrap<T> (jsc_class.hpp:428)
11  JavaScriptCore                  0x339f21dfc         JSC::JSCallbackObject<T>::getOwnPropertySlot
12  JavaScriptCore                  0x339f22448         JSC::JSCallbackObject<T>::getOwnPropertySlotByIndex
13  JavaScriptCore                  0x33a4d3f58         llint_slow_path_get_by_val
14  JavaScriptCore                  0x339ef1038         llint_entry
15  JavaScriptCore                  0x339efccb4         [inlined] <redacted>
...
21  JavaScriptCore                  0x339efccb4         <redacted>
22  JavaScriptCore                  0x339ee87f8         vmEntryToJavaScript
23  JavaScriptCore                  0x33a41a76c         JSC::Interpreter::executeCall
24  JavaScriptCore                  0x33a67915c         JSC::boundThisNoArgsFunctionCall
25  JavaScriptCore                  0x339efe73c         <redacted>
...
35  JavaScriptCore                  0x339efccb4         <redacted>
36  JavaScriptCore                  0x339ee87f8         vmEntryToJavaScript
37  JavaScriptCore                  0x33a41a76c         JSC::Interpreter::executeCall
38  JavaScriptCore                  0x33a5fc524         JSC::profiledCall
39  JavaScriptCore                  0x339f2db20         JSObjectCallAsFunction
40  infusionsoftmobile              0x200b83e04         realm::js::Function<T>::call (jsc_function.hpp:29)
41  infusionsoftmobile              0x200b83df0         [inlined] realm::js::Function<T>::callback (jsc_function.hpp:38)
42  infusionsoftmobile              0x200b83df0         realm::js::ResultsClass<T>::add_listener<T>::lambda::operator() (js_results.hpp:430)
43  infusionsoftmobile              0x200b83dd8         realm::CollectionChangeCallback::Impl<T>::after (collection_notifications.hpp:158)
44  infusionsoftmobile              0x200b3914c         realm::CollectionChangeCallback::after (collection_notifications.hpp:122)
45  infusionsoftmobile              0x200b3913c         realm::_impl::CollectionNotifier::after_advance::lambda::operator()<T> (collection_notifier.cpp:332)
46  infusionsoftmobile              0x200b39050         realm::_impl::CollectionNotifier::for_each_callback<T> (collection_notifier.cpp:378)
47  infusionsoftmobile              0x200b39008         realm::_impl::CollectionNotifier::after_advance (collection_notifier.cpp:334)
48  infusionsoftmobile              0x200bb2af8         realm::_impl::RealmCoordinator::process_available_async (realm_coordinator.cpp:920)
49  infusionsoftmobile              0x200bc80c8         realm::Realm::notify (shared_realm.cpp:808)
50  infusionsoftmobile              0x200bed1a4         realm::_impl::WeakRealmNotifier::Callback::operator() (weak_realm_notifier.cpp:42)
51  CoreFoundation                  0x32cdfa014         __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__
@rajivshah3
Copy link
Contributor

We're seeing similar stacktraces on our app as well:

EXC_BAD_ACCESS Attempted to dereference garbage pointer 0x10. 
    Frameworks/JavaScriptCore.framework/JavaScriptCore JSC::JSGlobalObject::getOwnPropertySlot(JSC::JSObject*, JSC::ExecState*, JSC::PropertyName, JSC::PropertySlot&)
    /Users/vagrant/git/src/mobile/node_modules/realm/src/jsc/jsc_value.hpp:63:12 is_array
    /Users/vagrant/git/src/mobile/node_modules/realm/src/js_realm.hpp:956:9 create
    /Users/vagrant/git/src/mobile/node_modules/realm/src/jsc/jsc_class.hpp:390:9 wrap<&realm::js::RealmClass<realm::jsc::Types>::create>
    Frameworks/JavaScriptCore.framework/JavaScriptCore long long JSC::APICallbackFunction::call<JSC::JSCallbackFunction>(JSC::ExecState*)
    /Users/vagrant/git/src/mobile/node_modules/realm/src/jsc/jsc_class.hpp:390:9 wrap<&realm::js::RealmClass<realm::jsc::Types>::write>
    Frameworks/JavaScriptCore.framework/JavaScriptCore long long JSC::APICallbackFunction::call<JSC::JSCallbackFunction>(JSC::ExecState*)
    iotaWallet facebook::react::JSCExecutor::callFunction(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, folly::dynamic const&)
    iotaWallet std::__1::__function::__func<facebook::react::NativeToJsBridge::runOnExecutorQueue(std::__1::function<void (facebook::react::JSExecutor*)>)::$_7, std::__1::allocator<facebook::react::NativeToJsBridge::runOnExecutorQueue(std::__1::function<void (facebook::react::JSExecutor*)>)::$_7>, void ()>::operator()()
    iotaWallet facebook::react::tryAndReturnError(std::__1::function<void ()> const&)
    iotaWallet facebook::react::RCTMessageThread::tryFunc(std::__1::function<void ()> const&)
    Frameworks/CoreFoundation.framework/CoreFoundation ___CFRUNLOOP_IS_CALLING_OUT_TO_A_BLOCK__
    Frameworks/Foundation.framework/Foundation -[NSThread main]

EXC_BAD_ACCESS Attempted to dereference garbage pointer 0x10. 
    Frameworks/JavaScriptCore.framework/JavaScriptCore JSC::JSGlobalObject::getOwnPropertySlot(JSC::JSObject*, JSC::ExecState*, JSC::PropertyName, JSC::PropertySlot&)
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore JSObjectGetProperty
    /Users/vagrant/git/src/mobile/node_modules/realm/src/jsc/jsc_value.hpp:31:30 is_object_of_type
    /Users/vagrant/git/src/mobile/node_modules/realm/src/jsc/jsc_value.hpp:63:12 is_array
    /Users/vagrant/git/src/mobile/node_modules/realm/src/js_realm.hpp:956:9 create
    /Users/vagrant/git/src/mobile/node_modules/realm/src/jsc/jsc_class.hpp:390:9 wrap<&realm::js::RealmClass<realm::jsc::Types>::create>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore JSC::profiledCall(JSC::ExecState*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)
    Frameworks/JavaScriptCore.framework/JavaScriptCore JSObjectCallAsFunction
    /Users/vagrant/git/src/mobile/node_modules/realm/src/jsc/jsc_function.hpp:29:25 realm::js::RealmClass<realm::jsc::Types>::write(OpaqueJSContext const*, OpaqueJSValue*, realm::js::Arguments<realm::jsc::Types>&, realm::js::ReturnValue<realm::jsc::Types>&)
    /Users/vagrant/git/src/mobile/node_modules/realm/src/jsc/jsc_class.hpp:390:9 wrap<&realm::js::RealmClass<realm::jsc::Types>::write>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore <redacted>
    Frameworks/JavaScriptCore.framework/JavaScriptCore JSC::profiledCall(JSC::ExecState*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)
    Frameworks/JavaScriptCore.framework/JavaScriptCore JSObjectCallAsFunction
    iotaWallet facebook::react::Object::callAsFunction(OpaqueJSValue*, int, OpaqueJSValue const* const*) const
    iotaWallet facebook::react::JSCExecutor::callFunction(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, folly::dynamic const&)
    iotaWallet std::__1::__function::__func<facebook::react::NativeToJsBridge::runOnExecutorQueue(std::__1::function<void (facebook::react::JSExecutor*)>)::$_7, std::__1::allocator<facebook::react::NativeToJsBridge::runOnExecutorQueue(std::__1::function<void (facebook::react::JSExecutor*)>)::$_7>, void ()>::operator()()
    iotaWallet facebook::react::tryAndReturnError(std::__1::function<void ()> const&)
    iotaWallet facebook::react::RCTMessageThread::tryFunc(std::__1::function<void ()> const&)
    Frameworks/CoreFoundation.framework/CoreFoundation <redacted>
    Frameworks/CoreFoundation.framework/CoreFoundation <redacted>
    Frameworks/CoreFoundation.framework/CoreFoundation <redacted>
    Frameworks/CoreFoundation.framework/CoreFoundation CFRunLoopRunSpecific
    iotaWallet +[RCTCxxBridge runRunLoop]
    Frameworks/Foundation.framework/Foundation <redacted>
    /usr/lib/system/libsystem_pthread.dylib <redacted>
    /usr/lib/system/libsystem_pthread.dylib _pthread_start
  • Realm JS SDK Version: v2.21.0
  • Node or React Native: RN v0.57.5
  • Client OS & Version: iOS 12.1.4-12.4
  • Which debugger for React Native: None

@kneth
Copy link
Member

kneth commented Aug 12, 2019

@dkpalmer @rajivshah3 Have you observe these crashes in recent versions?

@nileshchavan
Copy link

nileshchavan commented Aug 27, 2019
edited

We have also observed it in v2.28.1 & RN 0.59

@kneth
Copy link
Member

kneth commented Aug 28, 2019

@nileshchavan Thanks for the update.

We haven't been able to reproduce it. Do you know which situations it is happening? Is it during low memory situations?

@nileshchavan
Copy link

@kneth we haven't been able to reproduce it as well. Based on crash reports, it seems that this is happening during low memory situations. Here are more details about the issue:

Environment & crash details:

  • react-native: v0.59.10
  • realm: v2.28.1
  • OS: iOS 11, 12, 13
  • Crash conditions:
    • Stared after realm upgrade to v2.28.1
    • Happens only when the app is in background
    • Happens mostly during low memory situations. Available memory ranges from 1%-10% for majority of crashes
    • Stack traces look very similar to what has been reported by @dkpalmer @rajivshah3
    • Main thread has stoppped at 0x1017157b4 realm::util::ReclaimerThreadStopper::~ReclaimerThreadStopper() + 57380
  • I haven't been able to reproduce this issue by simulating OOM event in simulator.

Besides getOwnPropertySlot, I also see another crash with Fatal Exception: std::__1::system_error: mutex lock failed: Invalid argument

0  libsystem_kernel.dylib         0x1b82539d4 __ulock_wait + 8
1  libsystem_pthread.dylib        0x1b82ccddc _pthread_join$VARIANT$mp + 440
2  libc++.1.dylib                 0x1b786bf90 std::__1::thread::join() + 32
3  <redacted>                    0x1019a17b4 realm::util::ReclaimerThreadStopper::~ReclaimerThreadStopper() + 57380
4  libsystem_pthread.dylib        0x1b82ccddc _pthread_join$VARIANT$mp + 440
5  libsystem_c.dylib              0x1b81acbb4 __cxa_finalize_ranges + 384
6  libsystem_c.dylib              0x1b81acec4 exit + 24
7  UIKitCore                      0x1e5114fec -[UIApplication terminateWithSuccess] + 466
8  UIKitCore                      0x1e49d0d7c __98-[__UICanvasLifecycleMonitor_Compatability deactivateEventsOnly:withContext:forceExit:completion:]_block_invoke.261 + 344
9  UIKitCore                      0x1e51190ac _runAfterCACommitDeferredBlocks + 296
10 UIKitCore                      0x1e5107bfc _cleanUpAfterCAFlushAndRunDeferredBlocks + 352
11 UIKitCore                      0x1e5134a6c _afterCACommitHandler + 116
12 CoreFoundation                 0x1b8647d08 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 32```

@nileshchavan
Copy link

This probably happens when OS tries to terminate the application and app is trying to free up all resources. I found similar issue in componentKit. facebook/componentkit#892

@kneth
Copy link
Member

kneth commented Aug 30, 2019

@nileshchavan Thank you for providing a link.

@KowalskiP
Copy link

Hi, we have similar problem with results listeners. I'm wondering if there is a way to solve it? Results listeners are good mechanism which we want to use

@kneth
Copy link
Member

kneth commented Oct 15, 2019

@KowalskiP Can you reproduce the crash in a simple app? It could help us understand what the cause is.

@thomasarogers
Copy link

Having the same issue in 5.0.3

@tomduncalf tomduncalf mentioned this issue Jul 27, 2022
Closed
@kneth
Copy link
Member

kneth commented Sep 1, 2022

We have recently rewritten how we interact with JavaScriptCore (JSC) by using the new JSI api. I am closing this issue by suggesting you try v11.0.0-rc.1 or later.

@sync-by-unito sync-by-unito bot closed this as completed Sep 1, 2022
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 15, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
O-Community Reproduction-Required T-Bug-Crash
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@bmunkholm @kneth @dkpalmer @KowalskiP @nileshchavan @realm-ci @rajivshah3 @thomasarogers @RealmBot