Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JNI DETECTED ERROR IN APPLICATION: JNI ERROR (app bug): jclass is an invalid global reference: 0x25afa (deleted reference at index 4823) #1260

Closed
escamoteur opened this issue Jul 11, 2024 · 6 comments · Fixed by #1261
Closed

JNI DETECTED ERROR IN APPLICATION: JNI ERROR (app bug): jclass is an invalid global reference: 0x25afa (deleted reference at index 4823) #1260

escamoteur opened this issue Jul 11, 2024 · 6 comments · Fixed by #1261
Assignees
@brianquinlan
Labels
package:cronet_http type-bug Incorrect behavior (everything from a crash to more subtle misbehavior)

Comments

@escamoteur
Copy link

escamoteur commented Jul 11, 2024
edited
Loading

Sometimes my app crashes with this output:

cronet V 1.3.1
Cronet version: 126.0.6452.4, arch: aarch64

Flutter version 3.22.1

So far it only happened while debugging

F/e.cached_images(24599): java_vm_ext.cc:591] JNI DETECTED ERROR IN APPLICATION: JNI ERROR (app bug): jclass is an invalid global reference: 0x25afa (deleted reference at index 4823)
F/e.cached_images(24599): java_vm_ext.cc:591]     in call to IsInstanceOf
F/e.cached_images(24599): runtime.cc:691] Runtime aborting...
F/e.cached_images(24599): runtime.cc:691] Dumping all threads without mutator lock held
F/e.cached_images(24599): runtime.cc:691] All threads:
F/e.cached_images(24599): runtime.cc:691] DALVIK THREADS (317):
F/e.cached_images(24599): runtime.cc:691] "main" prio=10 tid=1 Native
F/e.cached_images(24599): runtime.cc:691]   | group="" sCount=1 ucsCount=0 flags=1 obj=0x71f97e88 self=0xb4000078ea5ac7b0
F/e.cached_images(24599): runtime.cc:691]   | sysTid=24599 nice=-10 cgrp=default sched=0/0 handle=0x79aac3bd18
F/e.cached_images(24599): runtime.cc:691]   | state=S schedstat=( 822529650 40882113 1483 ) utm=64 stm=18 core=0 HZ=100
F/e.cached_images(24599): runtime.cc:691]   | stack=0x7fd4442000-0x7fd4444000 stackSize=8188KB
F/e.cached_images(24599): runtime.cc:691]   | held mutexes=
F/e.cached_images(24599): runtime.cc:691]   native: #00 pc 000c7d28  /apex/com.android.runtime/lib64/bionic/libc.so (__epoll_pwait+8) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
F/e.cached_images(24599): runtime.cc:691]   native: #01 pc 0000fc28  /system/lib64/libutils.so (android::Looper::pollOnce+184) (BuildId: c07f08c7e5a964a8f8c6bc5c820fb795)
F/e.cached_images(24599): runtime.cc:691]   native: #02 pc 0018c53c  /system/lib64/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce+44) (BuildId: 07fe69a1909e86b0aa90b83a17bd2e07)
F/e.cached_images(24599): runtime.cc:691]   native: #03 pc 00351e30  /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #04 pc 0033b3a4  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #05 pc 00511658  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>+1976) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #06 pc 004914fc  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+2092) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #07 pc 003545d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #08 pc 001fcc68  /system/framework/framework.jar (android.os.MessageQueue.next)
F/e.cached_images(24599): runtime.cc:691]   native: #09 pc 0036e6ec  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute +232) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #10 pc 00512324  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>+5252) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #11 pc 004910c4  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+1012) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #12 pc 003545d8  /apex/com.android.art/lib64/libart.so art::interpreter::DoCall<false>+2364) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #06 pc 00491434  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+1892) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #07 pc 003545d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #08 pc 0010ed14  /apex/com.android.art/javalib/core-oj.jar (java.lang.Thread.sleep)
F/e.cached_images(24599): runtime.cc:691]   native: #09 pc 0036e6ec  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute +232) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #10 pc 00512324  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>+5252) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #11 pc 00491434  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+1892) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #12 pc 003545d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #13 pc 0010ecf8  /apex/com.android.art/javalib/core-oj.jar (java.lang.Thread.sleep)
F/e.cached_images(24599): runtime.cc:691]   native: #14 pc 0036e6ec  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute +232) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #15 pc 00512324  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>+5252) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #16 pc 00491434  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+1892) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #17 pc 003545d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #18 pc 0002b230  /apex/com.android.art/javalib/core-libart.jar (java.lang.Daemons$FinalizerWatchdogDaemon.sleepForNanos)
F/e.cached_images(24599): runtime.cc:691]   native: #19 pc 0036e6ec  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute +232) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #20 pc 00512324  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>+5252) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #21 pc 004914fc  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+2092) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #22 pc 003545d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #23 pc 0002b474  /apex/com.android.art/javalib/core-libart.jar (java.lang.Daemons$FinalizerWatchdogDaemon.waitForProgress)
F/e.cached_images(24599): runtime.cc:691]   native: #24 pc 0036e6ec  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute +232) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #25 pc 00512324  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>+5252) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #26 pc 004914fc  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+2092) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #27 pc 003545d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #28 pc 0002b8fc  /apex/com.android.art/javalib/core-libart.jar (java.lang.Daemons$FinalizerWatchdogDaemon.runInternal)
F/e.cached_images(24599): runtime.cc:691]   native: #29 pc 0036e6ec  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute +232) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #30 pc 00512324  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>+5252) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #31 pc 004910c4  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+1012) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #32 pc 003545d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #33 pc 0002ad94  /apex/com.android.art/javalib/core-libart.jar (java.lang.Daemons$Daemon.run)
F/e.cached_images(24599): runtime.cc:691]   native: #34 pc 0036e6ec  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute +232) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #35 pc 00512324  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>+5252) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #36 pc 00491f74  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+4772) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #37 pc 003545d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #38 pc 0010eaf0  /apex/com.android.art/javalib/core-oj.jar (java.lang.Thread.run)
F/e.cached_images(24599): runtime.cc:691]   native: #39 pc 0036e6ec  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute +232) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #40 pc 0036dfe4  /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+964) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #41 pc 00351f68  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #42 pc 0033b3a4  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #43 pc 0023a5d0  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke+144) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #44 pc 00539bf4  /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback+1600) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #45 pc 005395a4  /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallbackWithUffdGc+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #46 pc 0006efbc  /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start+204) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
F/e.cached_images(24599): runtime.cc:691]   native: #47 pc 00060d60  /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
F/e.cached_images(24599): runtime.cc:691]   at java.lang.Thread.sleep(Native method)
F/e.cached_images(24599): runtime.cc:691]   - sleeping on <0x06e36d2c> (a java.lang.Object)
F/e.cached_images(24599): runtime.cc:691]   at java.lang.Thread.sleep(Thread.java:450)
F/e.cached_images(24599): runtime.cc:691]   - locked <0x06e36d2c> (a java.lang.Object)
F/e.cached_images(24599): runtime.cc:691]   at java.lang.Thread.sleep(Thread.java:355)
F/e.cached_images(24599): runtime.cc:691]   at java.lang.Daemons$FinalizerWatchdogDaemon.sleepForNanos(Daemons.java:481)
F/e.cached_images(24599): runtime.cc:691]   at java.lang.Daemons$FinalizerWatchdogDaemon.waitForProgress(Daemons.java:527)
F/e.cached_images(24599): runtime.cc:691]   at java.lang.Daemons$FinalizerWatchdogDaemon.runInternal(Daemons.java:412)
F/e.cached_images(24599): runtime.cc:691]   at java.lang.Daemons$Daemon.run(Daemons.java:145)
F/e.cached_images(24599): runtime.cc:691]   at java.lang.Thread.run(Thread.java:1012)
F/e.cached_images(24599): runtime.cc:691]
F/e.cached_images(24599): runtime.cc:691] "FinalizerDaemon" prio=5 tid=11 Waiting
F/e.cached_images(24599): runtime.cc:691]   | group="" sCount=1 ucsCount=0 flags=1 obj=0x12c00638 self=0xb4000078ea5d6330
F/e.cached_images(24599): runtime.cc:691]   | sysTid=24632 nice=4 cgrp=default sched=0/0 handle=0x766d40e770
F/e.cached_images(24599): runtime.cc:691]   | state=S schedstat=( 32206992 12295980 138 ) utm=2 stm=1 core=1 HZ=100
F/e.cached_images(24599): runtime.cc:691]   | stack=0x766d30b000-0x766d30d000 stackSize=1037KB
F/e.cached_images(24599): runtime.cc:691]   | held mutexes=
F/e.cached_images(24599): runtime.cc:691]   native: #00 pc 0008545c  /apex/com.android.runtime/lib64/bionic/libc.so (syscall+28) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
F/e.cached_images(24599): runtime.cc:691]   native: #01 pc 0023247c  /apex/com.android.art/lib64/libart.so (art::ConditionVariable::WaitHoldingLocks+140) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #02 pc 00289058  /apex/com.android.art/lib64/libart.so (art::Monitor::Wait+6120) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #03 pc 00351e30  /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #04 pc 0033b3a4  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #05 pc 00511658  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>+1976) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #06 pc 004910c4  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+1012) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #07 pc 003545d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #08 pc 000fdc54  /apex/com.android.art/javalib/core-oj.jar (java.lang.Object.wait)
F/e.cached_images(24599): runtime.cc:691]   native: #09 pc 0036e6ec  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute +232) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #10 pc 00512324  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>+5252) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #11 pc 004910c4  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+1012) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #12 pc 003545d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #13 pc 001227f0  /apex/com.android.art/javalib/core-oj.jar (java.lang.ref.ReferenceQueue.remove)
F/e.cached_images(24599): runtime.cc:691]   native: #14 pc 0036e6ec  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute +232) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #15 pc 00512324  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>+5252) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #16 pc 004910c4  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>+1012) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #17 pc 003545d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78)
F/e.cached_images(24599): runtime.cc:691]   native: #18 pc 001227d0  /apex/com.android.art/javalib/core-oj.jar (java.lang.ref.ReferenceQueue.remove)

full output in attachment
cronet_jni_crash.txt
@escamoteur escamoteur added package:cronet_http type-bug Incorrect behavior (everything from a crash to more subtle misbehavior) labels Jul 11, 2024
@brianquinlan
Copy link
Collaborator

@HosseinYousefi

@HosseinYousefi
Copy link
Member

Can you provide a minimal reproducible example?

@escamoteur
Copy link
Author

escamoteur commented Jul 11, 2024 via email

@HosseinYousefi
Copy link
Member

Unfortunately it doesn't always happen. I throw a lot of http requests at once on cronet that's basically all. Am 11. Juli 2024, 19:29 +0100 schrieb Hossein Yousefi @.>:

Can you provide a minimal reproducible example? — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you authored the thread.Message ID: @.>

I think I have some ideas based on the logs you provided.

The method JObject.castTo has this assertion to help prevent bugs in debug mode (of course assertions are not run in release mode):

assert(
  Jni.env.IsInstanceOf(reference.pointer, type.jClass.reference.pointer),
  'The object must be of type "${type.signature}".',
);

This method is used internally in the generated bindings as well. Now somehow type.jClass.reference.pointer is null. I could detach the native finalizer from jClass to be sure that gc does not delete it (which is odd, I would assume it shouldn't).

I will make this change. In the mean time I don't think you have to worry about the issue in release mode, because it's something extra we do to help with debugging.

@HosseinYousefi HosseinYousefi mentioned this issue Jul 11, 2024
Merged
@dcharkes dcharkes mentioned this issue Jul 11, 2024
Open
@escamoteur
Copy link
Author

escamoteur commented Jul 11, 2024 via email

@HosseinYousefi
Copy link
Member

Yeah. Thanks a lot for the report! I have published new versions of jni and jnigen, and will soon make a PR to land the fixes here.

@HosseinYousefi HosseinYousefi mentioned this issue Jul 11, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@brianquinlan brianquinlan

Labels
package:cronet_http type-bug Incorrect behavior (everything from a crash to more subtle misbehavior)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Upgrade jni and jnigen to 0.10.1 and 0.10.0 dart-lang/http
3 participants
@brianquinlan @HosseinYousefi @escamoteur