hashlink icon indicating copy to clipboard operation
hashlink copied to clipboard

Published 20 hours ago verified publisher icon HaxeFoundation

GC error encountered in Android runtime environment

Open rainyt opened this issue 3 years ago • 5 comments

https://github.com/HaxeFoundation/hashlink/commit/21ede72a8abbc39b71c3c3607eca7c8a5d688d28#r77274896

This is the key cause of the problem.

And i chaneg it:

pextra *e = extra_pages, *prev = NULL;
	while( e ) {
		__android_log_print(ANDROID_LOG_VERBOSE, "SDL", "page_ptr=%d ptr=%d", e->page_ptr,ptr);
		if( e->page_ptr == ptr ) {
			if( prev )
				prev->next = e->next;
			else
				extra_pages = e->next;
			munmap(e->base_ptr, size + EXTRA_SIZE);
			return;
		}
		prev = e;
		e = e->next;
	}
	munmap(ptr,size);

Crash log:

V/SDL: page_ptr=1965359104 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1969422336 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1969881088 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1970536448 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1971322880 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=2070740992 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=2071134208 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=2073100288 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=2100232192 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=2101739520 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=2107703296 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=-37945344 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=-37683200 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=-34406400 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=-33488896 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=-33292288 ptr=0
2022-06-30 06:51:30.315 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=0 ptr=0
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1964441600 ptr=2071134208
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1965359104 ptr=2071134208
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1969422336 ptr=2071134208
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1969881088 ptr=2071134208
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1970536448 ptr=2071134208
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1971322880 ptr=2071134208
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=2070740992 ptr=2071134208
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=2071134208 ptr=2071134208
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1964441600 ptr=2070740992
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1965359104 ptr=2070740992
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1969422336 ptr=2070740992
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1969881088 ptr=2070740992
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1970536448 ptr=2070740992
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1971322880 ptr=2070740992
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=2070740992 ptr=2070740992
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1964441600 ptr=1971322880
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1965359104 ptr=1971322880
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1969422336 ptr=1971322880
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1969881088 ptr=1971322880
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1970536448 ptr=1971322880
2022-06-30 06:51:30.318 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1971322880 ptr=1971322880
2022-06-30 06:51:30.322 24219-24255/com.example.heapsandroid.helloworld D/hl: zygame/core/Start.hx:18: Start.initApp
2022-06-30 06:51:30.322 24219-24255/com.example.heapsandroid.helloworld D/hl: 
2022-06-30 06:51:30.349 24219-24219/com.example.heapsandroid.helloworld V/SDL: onWindowFocusChanged(): true
2022-06-30 06:51:30.361 24219-24255/com.example.heapsandroid.helloworld E/libEGL: validate_display:92 error 3008 (EGL_BAD_DISPLAY)
2022-06-30 06:51:30.363 24219-24255/com.example.heapsandroid.helloworld V/SDL: setOrientation() orientation=-1 width=800 height=600 resizable=true hint=
2022-06-30 06:51:30.386 24219-24255/com.example.heapsandroid.helloworld V/SDL: page_ptr=1878355956 ptr=2073100288
2022-06-30 06:51:30.400 24219-24255/com.example.heapsandroid.helloworld A/libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x6fff6ffe6ffd6ffc in tid 24255 (SDLThread), pid 24219 (roid.helloworld)

rainyt avatar Jun 29 '22 22:06 rainyt

@ncannasse Do you need such printf?

rainyt avatar Jun 29 '22 22:06 rainyt

read memory from 0x4aaa4aaa4aa94aa8 failed (0 of 8 bytes read)

rainyt avatar Jun 29 '22 23:06 rainyt

When I used hashlink1.11 to construct Android, no crash occurred

rainyt avatar Jun 30 '22 00:06 rainyt

I encountered the same bug and I was able to fix this by doing the following changes: Changing this line https://github.com/HaxeFoundation/hashlink/blob/21ede72a8abbc39b71c3c3607eca7c8a5d688d28/src/gc.c#L977 to

        pextra *inf = (pextra*)malloc(sizeof(pextra));

and adding a

    free(e);

after this line https://github.com/HaxeFoundation/hashlink/blob/21ede72a8abbc39b71c3c3607eca7c8a5d688d28/src/gc.c#L1018 This may not be the correct solution, but it doesn't crash for me anymore.

The error seems to stem from the issue that struct pextra is stored in the ptr memory which is susceptible to being overwritten when writing to that block of memory, making the struct values invalid.

RandomityGuy avatar Jul 07 '23 19:07 RandomityGuy

I encountered the same bug and I was able to fix this by doing the following changes: Changing this line

https://github.com/HaxeFoundation/hashlink/blob/21ede72a8abbc39b71c3c3607eca7c8a5d688d28/src/gc.c#L977

to

        pextra *inf = (pextra*)malloc(sizeof(pextra));

and adding a

    free(e);

after this line

https://github.com/HaxeFoundation/hashlink/blob/21ede72a8abbc39b71c3c3607eca7c8a5d688d28/src/gc.c#L1018

This may not be the correct solution, but it doesn't crash for me anymore. The error seems to stem from the issue that struct pextra is stored in the ptr memory which is susceptible to being overwritten when writing to that block of memory, making the struct values invalid.

Thank you, I will try this change.

rainyt avatar Jul 08 '23 04:07 rainyt