Crash while loading JS bundle correlated with new JSC
ide opened this issue · comments
We received a increase in crash reports from developers after releasing Expo with the new JSC (216113.0.2). The crashes are in JSStringCreateWithUTF8CString so we suspect there is an issue inside of JSC. Unfortunately the crashes are non-deterministic.
Galaxy S7, API Level 23:
11-01 17:35:43.846: D/ReactNative(4011): Initializing React Xplat Bridge.
11-01 17:35:43.846: D/PermissionCache(3003): checking android.permission.READ_FRAME_BUFFER for uid=2000 => granted (252 us)
11-01 17:35:43.846: D/ReactNative(4011): Initializing React Xplat Bridge before initializeBridge
11-01 17:35:43.856: D/ReactNative(4011): Initializing React Xplat Bridge after initializeBridge
11-01 17:35:43.856: D/ReactNative(4011): CatalystInstanceImpl.runJSBundle()
11-01 17:35:43.856: D/ReactNative(4011): ReactInstanceManager.setupReactContext()
11-01 17:35:43.856: D/ReactNative(4011): CatalystInstanceImpl.initialize()
11-01 17:35:43.856: D/ReactNative(4011): ReactInstanceManager.attachRootViewToInstance()
11-01 17:35:43.866: W/unknown:Fresco(4011): Fresco has already been initialized! `Fresco.initialize(...)` should only be called 1 single time to avoid memory leaks!
11-01 17:35:43.866: D/b(4011): Do not have cached source file for https://d1wp6m56sqw74a.cloudfront.net/%40crash%2Fcrasher%2F1.0.4%2F06107da86759ea357eea8bb48bf0b65f-22.0.0-android.js
11-01 17:35:43.876: A/libc(4011): Fatal signal 7 (SIGBUS), code 2, fault addr 0xd2257416 in tid 4313 (mqt_js)
11-01 17:35:43.936: I/System.out(3959): INFO: New Screen: Optional.of(ScreenNode {Id=1, PackageName=com.crash.crasher, ActivityName=Optional.of(host.exp.exponent.experience.ShellAppActivity)})
11-01 17:35:43.936: A/DEBUG(3014): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
11-01 17:35:43.936: A/DEBUG(3014): Build fingerprint: 'samsung/heroltexx/herolte:6.0.1/MMB29K/G930FXXS1APG3:user/release-keys'
11-01 17:35:43.936: A/DEBUG(3014): Revision: '8'
11-01 17:35:43.936: A/DEBUG(3014): ABI: 'arm'
11-01 17:35:43.936: A/DEBUG(3014): pid: 4011, tid: 4313, name: mqt_js >>> com.crash.crasher <<<
11-01 17:35:43.936: D/CustomFrequencyManagerService(3357): releaseDVFSLockLocked : Getting Lock type frm List : DVFS_MIN_LIMIT frequency : 1872000 uid : 1000 pid : 3357 tag : ACTIVITY_RESUME_BOOSTER@9
11-01 17:35:43.936: A/DEBUG(3014): signal 7 (SIGBUS), code 2 (BUS_ADRERR), fault addr 0xd2257416
11-01 17:35:43.946: D/MdnieScenarioControlService(3357): packageName : com.crash.crasher className : host.exp.exponent.experience.ShellAppActivity
11-01 17:35:43.986: A/DEBUG(3014): r0 0000007f r1 d23fd458 r2 0000fffd r3 d0d868b0
11-01 17:35:43.986: A/DEBUG(3014): r4 d2257416 r5 00000000 r6 00000000 r7 00000062
11-01 17:35:43.986: A/DEBUG(3014): r8 00000001 r9 00000062 sl d0a3a82c fp 00000000
11-01 17:35:43.986: A/DEBUG(3014): ip 00000003 sp d3a6fb54 lr 00000062 pc d559ed14 cpsr 800d0030
11-01 17:35:43.986: A/DEBUG(3014): backtrace:
11-01 17:35:43.986: A/DEBUG(3014): #00 pc 003c0d14 /data/app/com.crash.crasher-1/lib/arm/libjsc.so
11-01 17:35:43.986: A/DEBUG(3014): #01 pc 000307cf /data/app/com.crash.crasher-1/lib/arm/libjsc.so (JSStringCreateWithUTF8CString+104)
11-01 17:35:43.986: A/DEBUG(3014): #02 pc 0003018f /data/app/com.crash.crasher-1/lib/arm/libreactnativejni_abi22_0_0.so (_ZN8facebook5react11JSCExecutor11adoptStringESt10unique_ptrIKNS0_11JSBigStringESt14default_deleteIS4_EE+42)
11-01 17:35:43.986: A/DEBUG(3014): #03 pc 00030ff9 /data/app/com.crash.crasher-1/lib/arm/libreactnativejni_abi22_0_0.so (_ZN8facebook5react11JSCExecutor21loadApplicationScriptESt10unique_ptrIKNS0_11JSBigStringESt14default_deleteIS4_EESs+140)
11-01 17:35:43.986: A/DEBUG(3014): #04 pc 00033bf3 /data/app/com.crash.crasher-1/lib/arm/libreactnativejni_abi22_0_0.so
11-01 17:35:43.986: A/DEBUG(3014): #05 pc 000336e1 /data/app/com.crash.crasher-1/lib/arm/libreactnativejni_abi22_0_0.so
11-01 17:35:43.986: A/DEBUG(3014): #06 pc 00016125 /data/app/com.crash.crasher-1/lib/arm/libreactnativejni_abi22_0_0.so (_ZNKSt8functionIFvvEEclEv+12)
11-01 17:35:43.986: A/DEBUG(3014): #07 pc 0001de15 /data/app/com.crash.crasher-1/lib/arm/libreactnativejni_abi22_0_0.so
11-01 17:35:43.986: A/DEBUG(3014): #08 pc 00016125 /data/app/com.crash.crasher-1/lib/arm/libreactnativejni_abi22_0_0.so (_ZNKSt8functionIFvvEEclEv+12)
11-01 17:35:43.986: A/DEBUG(3014): #09 pc 00017da9 /data/app/com.crash.crasher-1/lib/arm/libreactnativejni_abi22_0_0.so
11-01 17:35:43.986: A/DEBUG(3014): #10 pc 00017de7 /data/app/com.crash.crasher-1/lib/arm/libreactnativejni_abi22_0_0.so
11-01 17:35:43.986: A/DEBUG(3014): #11 pc 01cdfe4f /data/app/com.crash.crasher-1/oat/arm/base.odex (offset 0x1cdc000)
Nexus 5, Virtual, API Level 19:
11-01 20:36:08.224: D/ReactNative(5467): Initializing React Xplat Bridge after initializeBridge
11-01 20:36:08.224: D/ReactNative(5467): CatalystInstanceImpl.runJSBundle()
11-01 20:36:08.224: A/libc(5467): Fatal signal 11 (SIGSEGV) at 0x747fe000 (code=2), thread 5572 (mqt_js)
11-01 20:36:08.224: D/ReactNative(5467): ReactInstanceManager.setupReactContext()
11-01 20:36:08.224: D/ReactNative(5467): CatalystInstanceImpl.initialize()
11-01 20:36:08.234: D/ReactNative(5467): ReactInstanceManager.attachRootViewToInstance()
11-01 20:36:08.234: D/dalvikvm(5467): Trying to load lib /data/app-lib/com.crash.crasher-1/libyoga_abi22_0_0.so 0x950806f8
11-01 20:36:08.234: D/dalvikvm(5467): Added shared lib /data/app-lib/com.crash.crasher-1/libyoga_abi22_0_0.so 0x950806f8
11-01 20:36:08.234: W/unknown:Fresco(5467): Fresco has already been initialized! `Fresco.initialize(...)` should only be called 1 single time to avoid memory leaks!
11-01 20:36:08.244: D/dalvikvm(5440): GC_CONCURRENT freed 1K, 3% free 12783K/13116K, paused 3ms+13ms, total 21ms
11-01 20:36:08.244: I/System.out(5440): INFO: New Screen: Optional.of(ScreenNode {Id=1, PackageName=com.crash.crasher, ActivityName=Optional.of(host.exp.exponent.experience.ShellAppActivity)})
11-01 20:36:08.304: I/GceGrallocRegionRegistry(1329): Mapped gralloc-1329.33 hnd=0xb976fc80 fd=37 base=0xaf2d9000 format=RGBA_8888(0x1) width=1080 height=1776
11-01 20:36:08.304: I/GceGrallocRegionRegistry(5467): Mapped gralloc-1329.33 hnd=0xb7e5cc80 fd=122 base=0x72c9f000 format=RGBA_8888(0x1) width=1080 height=1776
11-01 20:36:08.324: I/DEBUG(1327): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
11-01 20:36:08.324: I/DEBUG(1327): Build fingerprint: 'generic/gce_x86_phone/gce_x86:4.4.4/KTU84P.KXG52/3751183:userdebug/test-keys'
11-01 20:36:08.324: I/DEBUG(1327): Revision: '0'
11-01 20:36:08.324: I/DEBUG(1327): pid: 5467, tid: 5572, name: mqt_js >>> com.crash.crasher <<<
11-01 20:36:08.324: I/DEBUG(1327): signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 747fe000
11-01 20:36:08.974: I/Remoter(1337): Saved screenshot to '/data/screenshots/__pmv__-0118.jpg'
11-01 20:36:10.074: I/Remoter(1337): Saved screenshot to '/data/screenshots/__pmv__-0119.jpg'
11-01 20:36:10.334: E/NativeCrashListener(1706): Exception dealing with report
11-01 20:36:10.334: E/NativeCrashListener(1706): libcore.io.ErrnoException: read failed: EAGAIN (Try again)
11-01 20:36:10.334: E/NativeCrashListener(1706): at libcore.io.Posix.readBytes(Native Method)
11-01 20:36:10.334: E/NativeCrashListener(1706): at libcore.io.Posix.read(Posix.java:128)
11-01 20:36:10.334: E/NativeCrashListener(1706): at libcore.io.BlockGuardOs.read(BlockGuardOs.java:149)
11-01 20:36:10.334: E/NativeCrashListener(1706): at com.android.server.am.NativeCrashListener.consumeNativeCrashData(NativeCrashListener.java:240)
11-01 20:36:10.334: E/NativeCrashListener(1706): at com.android.server.am.NativeCrashListener.run(NativeCrashListener.java:138)
11-01 20:36:10.484: I/DEBUG(1327): eax 747fe000 ebx 78105ff4 ecx 746c0010 edx 00000000
11-01 20:36:10.484: I/DEBUG(1327): AM write failure (32 / Broken pipe)
11-01 20:36:10.484: I/DEBUG(1327): esi 76e64858 edi 739ec0d0
11-01 20:36:10.484: I/DEBUG(1327): xcs 00000073 xds 0000007b xes 0000007b xfs 00000000 xss 0000007b
11-01 20:36:10.484: I/DEBUG(1327): eip b76befb0 ebp 746c0000 esp 76e63fac flags 00210246
11-01 20:36:10.484: E/Corkscrew(1327): unrecognized dwarf lower part encoding: 0xe5
11-01 20:36:10.484: I/DEBUG(1327): backtrace:
11-01 20:36:10.484: I/DEBUG(1327): #00 pc 00040fb0 /system/lib/libc.so (strlen+496)
11-01 20:36:10.484: I/DEBUG(1327): #01 pc 0003c376 /data/app-lib/com.crash.crasher-1/libjsc.so (JSStringCreateWithUTF8CString+54)
11-01 20:36:10.484: I/DEBUG(1327): #02 pc 0005f19f /data/app-lib/com.crash.crasher-1/libreactnativejni_abi22_0_0.so (facebook::react::JSCExecutor::adoptString(std::unique_ptr<facebook::react::JSBigString const, std::default_delete<facebook::react::JSBigString const> >)+111)
11-01 20:36:10.484: I/DEBUG(1327): #03 pc 00060a22 /data/app-lib/com.crash.crasher-1/libreactnativejni_abi22_0_0.so (facebook::react::JSCExecutor::loadApplicationScript(std::unique_ptr<facebook::react::JSBigString const, std::default_delete<facebook::react::JSBigString const> >, std::string)+226)
11-01 20:36:10.484: I/DEBUG(1327): stack:
11-01 20:36:10.484: I/DEBUG(1327): 76e63f6c 77f31a0c /data/app-lib/com.crash.crasher-1/libjsc.so
11-01 20:36:10.484: I/DEBUG(1327): 76e63f70 00000026
11-01 20:36:10.484: I/DEBUG(1327): 76e63f74 739f5be0
11-01 20:36:10.484: I/DEBUG(1327): 76e63f78 fffffffb
11-01 20:36:10.484: I/DEBUG(1327): 76e63f7c 0000000e
11-01 20:36:10.484: I/DEBUG(1327): 76e63f80 00000000
11-01 20:36:10.484: I/DEBUG(1327): 76e63f84 769fc980
11-01 20:36:10.484: I/DEBUG(1327): 76e63f88 00000069
11-01 20:36:10.484: I/DEBUG(1327): 76e63f8c 77f4f22e /data/app-lib/com.crash.crasher-1/libjsc.so
11-01 20:36:10.484: I/DEBUG(1327): 76e63f90 769fc990
11-01 20:36:10.484: I/DEBUG(1327): 76e63f94 b7d68c3c [heap]
11-01 20:36:10.484: I/DEBUG(1327): 76e63f98 00000069
11-01 20:36:10.484: I/DEBUG(1327): 76e63f9c 77d5a3c9 /data/app-lib/com.crash.crasher-1/libjsc.so
11-01 20:36:10.484: I/DEBUG(1327): 76e63fa0 00000000
11-01 20:36:10.484: I/DEBUG(1327): 76e63fa4 00000000
11-01 20:36:10.484: I/DEBUG(1327): 76e63fa8 77f6451c /data/app-lib/com.crash.crasher-1/libjsc.so
11-01 20:36:10.484: I/DEBUG(1327): #00 76e63fac 779ec377 /data/app-lib/com.crash.crasher-1/libjsc.so (JSStringCreateWithUTF8CString+55)
11-01 20:36:10.484: I/DEBUG(1327): #01 76e63fb0 746c0000 /data/data/com.crash.crasher/files/22.0.0/cached-bundle-experience-%40crash%2Fcrasher-1657472164-22.0.0
11-01 20:36:10.484: I/DEBUG(1327): 76e63fb4 78105ff4 /data/app-lib/com.crash.crasher-1/libjsc.so
11-01 20:36:10.484: I/DEBUG(1327): 76e63fb8 78105ff4 /data/app-lib/com.crash.crasher-1/libjsc.so
11-01 20:36:10.484: I/DEBUG(1327): 76e63fbc 779ec366 /data/app-lib/com.crash.crasher-1/libjsc.so (JSStringCreateWithUTF8CString+38)
11-01 20:36:10.484: I/DEBUG(1327): 76e63fc0 76e63fd0 [stack:5572]
11-01 20:36:10.484: I/DEBUG(1327): 76e63fc4 b7d68c3c [heap]
11-01 20:36:10.484: I/DEBUG(1327): 76e63fc8 00000069
11-01 20:36:10.484: I/DEBUG(1327): 76e63fcc 746c0000 /data/data/com.crash.crasher/files/22.0.0/cached-bundle-experience-%40crash%2Fcrasher-1657472164-22.0.0
11-01 20:36:10.484: I/DEBUG(1327): 76e63fd0 00000000
11-01 20:36:10.484: I/DEBUG(1327): 76e63fd4 769dbff0
11-01 20:36:10.484: I/DEBUG(1327): 76e63fd8 78105ff4 /data/app-lib/com.crash.crasher-1/libjsc.so
11-01 20:36:10.484: I/DEBUG(1327): 76e63fdc 779ec41e /data/app-lib/com.crash.crasher-1/libjsc.so (JSStringCreateWithUTF8CString+222)
11-01 20:36:10.484: I/DEBUG(1327): 76e63fe0 769dbff4
11-01 20:36:10.484: I/DEBUG(1327): 76e63fe4 b7d68c3c [heap]
11-01 20:36:10.484: I/DEBUG(1327): 76e63fe8 00000069
11-01 20:36:10.484: I/DEBUG(1327): 76e63fec 779ec366 /data/app-lib/com.crash.crasher-1/libjsc.so (JSStringCreateWithUTF8CString+38)
11-01 20:36:10.484: I/DEBUG(1327): ........ ........
11-01 20:36:10.484: I/DEBUG(1327): #02 76e647f0 746c0000 /data/data/com.crash.crasher/files/22.0.0/cached-bundle-experience-%40crash%2Fcrasher-1657472164-22.0.0
11-01 20:36:10.484: I/DEBUG(1327): 76e647f4 b7d68ca5 [heap]
11-01 20:36:10.484: I/DEBUG(1327): 76e647f8 76e6480f [stack:5572]
11-01 20:36:10.484: I/DEBUG(1327): 76e647fc 782cb0f3 /data/app-lib/com.crash.crasher-1/libreactnativejni_abi22_0_0.so (facebook::react::ReactMarker::logMarker(facebook::react::ReactMarker::ReactMarkerId)+51)
11-01 20:36:10.484: I/DEBUG(1327): 76e64800 782f1a18 /data/app-lib/com.crash.crasher-1/libreactnativejni_abi22_0_0.so
11-01 20:36:10.484: I/DEBUG(1327): 76e64804 00000005
11-01 20:36:10.484: I/DEBUG(1327): 76e64808 782c2139 /data/app-lib/com.crash.crasher-1/libreactnativejni_abi22_0_0.so (facebook::react::JSCExecutor::adoptString(std::unique_ptr<facebook::react::JSBigString const, std::default_delete<facebook::react::JSBigString const> >)+9)
11-01 20:36:10.484: I/DEBUG(1327): 76e6480c 782f0c4c /data/app-lib/com.crash.crasher-1/libreactnativejni_abi22_0_0.so
11-01 20:36:10.484: I/DEBUG(1327): 76e64810 769dbff0
11-01 20:36:10.484: I/DEBUG(1327): 76e64814 76e64898 [stack:5572]
11-01 20:36:10.484: I/DEBUG(1327): 76e64818 76e64878 [stack:5572]
11-01 20:36:10.484: I/DEBUG(1327): 76e6481c 782c3a23 /data/app-lib/com.crash.crasher-1/libreactnativejni_abi22_0_0.so (facebook::react::JSCExecutor::loadApplicationScript(std::unique_ptr<facebook::react::JSBigString const, std::default_delete<facebook::react::JSBigString const> >, std::string)+227)
11-01 20:36:10.484: I/DEBUG(1327): 76e64820 76e64858 [stack:5572]
11-01 20:36:10.484: I/DEBUG(1327): 76e64824 b7ea7020 [heap]
11-01 20:36:10.484: I/DEBUG(1327): 76e64828 76e64854 [stack:5572]
11-01 20:36:10.484: I/DEBUG(1327): 76e6482c ffffffff
11-01 20:36:10.484: I/DEBUG(1327): memory map around fault addr 747fe000:
11-01 20:36:10.484: I/DEBUG(1327): 746c0000-747fe000 r-- /data/data/com.crash.crasher/files/22.0.0/cached-bundle-experience-%40crash%2Fcrasher-1657472164-22.0.0
11-01 20:36:10.484: I/DEBUG(1327): 747fe000-747ff000 ---
11-01 20:36:10.484: I/DEBUG(1327): 747ff000-74802000 rwx
@ide Which React Native version are you using?
This is with RN 0.49. There could also be a bug in Expo's code but the bundle loading code in Expo hasn't changed recently. The biggest changes were upgrading RN and JSC.
There were also some other crashes that were not figured out. Expo is currently using upstream RN's copy of JSC.
- Did you use the
intlbuild? - Does this reproduce in other RN versions?
- Does this reproduce with other archs (x86)?
- Does this reproduce in a clean example app (react-native init)?
Closing stale issue. Please reopen if able to reproduce with current versions.