[Android] SEGV after change JS Bundle File

[barkatthemoon18]

Description

Greetings to you all.

Don't know if it's exactly a bug, however, I couldn't find anything useful which relates this issue.

I'm trying to use a customized JS Bundle which is written from an external native library to the cache app folder. And, as I'm aware, there's getJSBundleFile which can be overriden with a path to the file itself.
I did it, and the overriden method is being called, but right that, crashes with a SEGV MapErr on a certain memory address.
Tried using an URI from the file path and also the path to the cache itself, but the issue remains the same.

I use loadLibrary before the execution of SoLoader.init to load my own library and perform the bundle file writing onto the cache folder (this is made in the onCreate() method).

The backtrace of the issue differs at times, so I will put both of them.

2022-01-16 17:05:01.809 8194-8194/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2022-01-16 17:05:01.809 8194-8194/? A/DEBUG: Build fingerprint: 'Xiaomi/raphael/raphael:11/RKQ1.200826.002/V12.5.2.0.RFKMIXM:user/release-keys'
2022-01-16 17:05:01.809 8194-8194/? A/DEBUG: Revision: '0'
2022-01-16 17:05:01.809 8194-8194/? A/DEBUG: ABI: 'arm64'
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: Timestamp: 2022-01-16 17:05:01-0300
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: pid: 7768, tid: 8189, name: AsyncTask #1 >>> com.lib <<<
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: uid: 11106
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x536573752c7d85
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: x0 b40000796792de80 x1 b40000796e6cd554 x2 fffffffffffffff3 x3 434b47524f554e44
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: x4 444e554f52474b43 x5 434b47524f554e44 x6 444e554f52474b43 x7 4f52474b4341425f
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: x8 74536573752c7d65 x9 0000000000000026 x10 00000000444e554f x11 0000000000000013
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: x12 41425f50535f4445 x13 444e554f52474b43 x14 0000007984750780 x15 0000000000000000
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: x16 0000007a05d19d38 x17 0000007a082dd9c0 x18 000000790f186000 x19 b400007967b31b10
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: x20 b400007967b31b40 x21 0000000000000001 x22 b40000796e656058 x23 b400007a0b1e5be0
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: x24 b400007a0b1e5be0 x25 b400007967b31728 x26 b400007a0b1e5d78 x27 b400007967a27918
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: x28 b400007a0b1e5d78 x29 0000007910ea18a0
2022-01-16 17:05:01.810 8194-8194/? A/DEBUG: lr 0000007a05d05550 sp 0000007910ea18a0 pc 0000007a05d032ac pst 0000000080000000
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: backtrace:
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #00 pc 000000000002a2ac /system/lib64/libprocessgroup.so (ApplyProfileAction::EnableResourceCaching()+88) (BuildId: 510492375e51cdebebce9b5213e2e17f)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #1 pc 000000000002c54c /system/lib64/libprocessgroup.so (TaskProfiles::SetTaskProfiles(int, std::__1::vector<std::__1::basic_string<char, std::__1::char_traits, std::__1::allocator >, std::__1::allocator<std::__1::basic_string<char, std::__1::char_traits, std::__1::allocator > > > const&, bool)+344) (BuildId: 510492375e51cdebebce9b5213e2e17f)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #2 pc 0000000000014f00 /system/lib64/libutils.so (androidSetThreadPriority+140) (BuildId: 6b453123259887cd16e522119154597b)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #3 pc 0000000000132940 /system/lib64/libandroid_runtime.so (android_os_Process_setCallingThreadPriority(_JNIEnv*, _jobject*, int)+36) (BuildId: a0c9b04aeb0705ef925d1f6cc0b77504)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #4 pc 0000000000209c88 /system/framework/arm64/boot-framework.oat (art_jni_trampoline+152) (BuildId: fa1e2c258c8d325c151e8d5855946976dcf4bdcc)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #5 pc 00000000001337e8 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #6 pc 0000000000197eb0 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+232) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #7 pc 0000000000305328 /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #8 pc 0000000000300440 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+884) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #9 pc 0000000000636680 /apex/com.android.art/lib64/libart.so (MterpInvokeStatic+548) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #10 pc 000000000012d994 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #11 pc 000000000037b492 /system/framework/framework.jar (offset 0x92d000) (android.os.AsyncTask$3.call+26)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #12 pc 00000000006354c8 /apex/com.android.art/lib64/libart.so (MterpInvokeInterface+1840) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #13 pc 000000000012da14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #14 pc 00000000001ef1ea /apex/com.android.art/javalib/core-oj.jar (java.util.concurrent.FutureTask.run+62)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #15 pc 00000000006354c8 /apex/com.android.art/lib64/libart.so (MterpInvokeInterface+1840) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #16 pc 000000000012da14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #17 pc 00000000001fa03a /apex/com.android.art/javalib/core-oj.jar (java.util.concurrent.ThreadPoolExecutor.runWorker+158)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #18 pc 0000000000633b34 /apex/com.android.art/lib64/libart.so (MterpInvokeVirtual+1440) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #19 pc 000000000012d814 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #20 pc 00000000001f8dfc /apex/com.android.art/javalib/core-oj.jar (java.util.concurrent.ThreadPoolExecutor$Worker.run+4)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #21 pc 00000000006354c8 /apex/com.android.art/lib64/libart.so (MterpInvokeInterface+1840) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #22 pc 000000000012da14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #23 pc 00000000000eb840 /apex/com.android.art/javalib/core-oj.jar (java.lang.Thread.run+8)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #24 pc 00000000002f7e1c /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.9529414189519865523)+268) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #25 pc 000000000062250c /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+796) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #26 pc 000000000013cff8 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #27 pc 0000000000133564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #28 pc 0000000000197e94 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+204) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #29 pc 000000000052aefc /apex/com.android.art/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #30 pc 000000000052c0fc /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithJValuesart::ArtMethod*(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, jvalue const*)+440) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #31 pc 0000000000579474 /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1272) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #32 pc 00000000000f4204 /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+64) (BuildId: d2bad1502ac7810a2cce958ef2191244)
2022-01-16 17:05:01.935 8194-8194/? A/DEBUG: #33 pc 000000000008ec64 /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: d2bad1502ac7810a2cce958ef2191244)

---

2022-01-16 17:26:36.709 11820-11820/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2022-01-16 17:26:36.709 11820-11820/? A/DEBUG: Build fingerprint: 'Xiaomi/raphael/raphael:11/RKQ1.200826.002/V12.5.2.0.RFKMIXM:user/release-keys'
2022-01-16 17:26:36.709 11820-11820/? A/DEBUG: Revision: '0'
2022-01-16 17:26:36.709 11820-11820/? A/DEBUG: ABI: 'arm64'
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: Timestamp: 2022-01-16 17:26:36-0300
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: pid: 11465, tid: 11817, name: com.lib >>> com.lib <<<
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: uid: 11106
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x3b49502e6876b1
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: x0 0000000000000000 x1 000000790edb51c8 x2 00000079748008c0 x3 000000790edb5500
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: x4 000000790edb5508 x5 0000000000000004 x6 0000000000000001 x7 0000000000000000
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: x8 723b49502e687461 x9 00000079679761c8 x10 0000000000000000 x11 0000000000000000
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: x12 000000000000002d x13 000000790edb72a0 x14 fffffffffc000000 x15 fff8000000000000
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: x16 0000007a083559b0 x17 0000007a0834a478 x18 000000790ea40000 x19 00000079748008c0
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: x20 0000007974802470 x21 000000790edb51c8 x22 000000790edb5008 x23 0000007912e7c000
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: x24 0000007a08368ec0 x25 0000007a0827ac80 x26 0000007900000000 x27 0000000000000004
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: x28 0000007985200980 x29 0000007912e7b5d0
2022-01-16 17:26:36.710 11820-11820/? A/DEBUG: lr 0000007a082d8724 sp 0000007912e7b5d0 pc 0000007a082d8780 pst 0000000060000000
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: backtrace:
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #00 pc 0000000000083780 /apex/com.android.runtime/lib64/bionic/libc.so (je_tcache_arena_associate+140) (BuildId: d2bad1502ac7810a2cce958ef2191244)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #1 pc 0000000000086108 /apex/com.android.runtime/lib64/bionic/libc.so (arena_choose_impl+456) (BuildId: d2bad1502ac7810a2cce958ef2191244)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #2 pc 0000000000083e30 /apex/com.android.runtime/lib64/bionic/libc.so (je_tsd_tcache_data_init+1180) (BuildId: d2bad1502ac7810a2cce958ef2191244)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #3 pc 0000000000083980 /apex/com.android.runtime/lib64/bionic/libc.so (je_tsd_tcache_enabled_data_init+44) (BuildId: d2bad1502ac7810a2cce958ef2191244)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #4 pc 00000000000862dc /apex/com.android.runtime/lib64/bionic/libc.so (je_tsd_fetch_slow+360) (BuildId: d2bad1502ac7810a2cce958ef2191244)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #5 pc 000000000004dd94 /apex/com.android.runtime/lib64/bionic/libc.so (je_malloc+308) (BuildId: d2bad1502ac7810a2cce958ef2191244)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #6 pc 0000000000045c80 /apex/com.android.runtime/lib64/bionic/libc.so (malloc+40) (BuildId: d2bad1502ac7810a2cce958ef2191244)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #7 pc 000000000004ef54 /system/lib64/libc++.so (operator new(unsigned long)+24) (BuildId: 4eccf98481702c54f932a523b3616bf0)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #8 pc 000000000059cd44 /apex/com.android.art/lib64/libart.so (art::ThreadList::Register(art::Thread*)+232) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #9 pc 0000000000579bc8 /apex/com.android.art/lib64/libart.so (art::Thread::Init(art::ThreadList*, art::JavaVMExt*, art::JNIEnvExt*)+328) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #10 pc 0000000000578fe4 /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+104) (BuildId: fb3bb09798b56b49f9a198b10862a495)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #11 pc 00000000000f4204 /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+64) (BuildId: d2bad1502ac7810a2cce958ef2191244)
2022-01-16 17:26:36.713 11820-11820/? A/DEBUG: #12 pc 000000000008ec64 /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: d2bad1502ac7810a2cce958ef2191244)

Of course, if I just use the original index.android.bundle built in assets folder, the application runs smoothly. No crashes or misbehavior are reflected.

I would appreciate any help or orientation if it's not being done correctly.

Best regards.

Version

0.66.4

Output of npx react-native info

System:
OS: Windows 10 10.0.19042
CPU: (12) x64 Intel(R) Core(TM) i7-10750H CPU @ 2.60GHz
Memory: 663.03 MB / 15.83 GB
Binaries:
Node: 16.6.2 - C:\Program Files\nodejs\node.EXE
Yarn: 1.22.5 - C:\Program Files (x86)\Yarn\bin\yarn.CMD
npm: 7.20.3 - C:\Program Files\nodejs\npm.CMD
Watchman: Not Found
SDKs:
Android SDK:
API Levels: 26, 28, 29, 30, 31
Build Tools: 30.0.2, 30.0.3
System Images: android-21 | Intel x86 Atom_64, android-21 | Google APIs Intel x86 Atom, android-21 | Google APIs Intel x86 Atom_64, android-23 | Google APIs Intel x86 Atom, android-23 | Google APIs Intel x86 Atom_64, android-24 | Google APIs Intel x86 Atom, android-24 | Google APIs Intel x86 Atom_64, android-24 | Google Play Intel x86 Atom, android-25 | Intel x86 Atom, android-25 | Google APIs Intel x86 Atom, android-26 | Google APIs Intel
x86 Atom_64, android-27 | Intel x86 Atom_64, android-27 | Google APIs Intel x86 Atom, android-29 | Google APIs Intel x86 Atom, android-29 | Google APIs Intel x86 Atom_64, android-30 | Google APIs Intel x86 Atom, android-30 |
Google Play Intel x86 Atom_64
Android NDK: Not Found
Windows SDK:
AllowDevelopmentWithoutDevLicense: Enabled
AllowAllTrustedApps: Enabled
IDEs:
Android Studio: Not Found
Visual Studio: Not Found
Languages:
Java: 11.0.10 - D:\Android Studio\jre\bin\javac.EXE
npmPackages:
@react-native-community/cli: Not Found
react: Not Found
react-native: Not Found
react-native-windows: Not Found
npmGlobalPackages:
react-native: Not Found

Steps to reproduce

1. React Native template application with 0.66.4 version.
2. Create a simple native library with a JNI_OnLoader method which read the original index.android.bundle from assets and write it down to a cache app folder (just for testing purposes).
3. System.loadLibrary for the newly created library in onCreate() method located in MainApplication
4. Override getJSBundleFile() with a default path for cache app folder including the index.android.bundle file.
5. Assemble the apk and install it.

Snack, code example, screenshot, or link to a repository

No response

[github-actions]

This issue is stale because it has been open 180 days with no activity. Remove stale label or comment or this will be closed in 7 days.

[github-actions]

This issue was closed because it has been stalled for 7 days with no activity.