[TIMOB-5335] iOS: registeredProxies mutated during -[KrollBridge didReceiveMemoryWarning:]
| GitHub Issue | n/a |
|---|---|
| Type | Bug |
| Priority | High |
| Status | Closed |
| Resolution | Fixed |
| Resolution Date | 2011-09-22T10:45:38.000+0000 |
| Affected Version/s | Release 1.7.2 |
| Fix Version/s | Sprint 2011-38, Release 1.8.0 |
| Components | iOS |
| Labels | branch-5062 |
| Reporter | Stephen Tramer |
| Assignee | Stephen Tramer |
| Created | 2011-09-22T05:29:04.000+0000 |
| Updated | 2011-12-10T10:53:35.000+0000 |
Description
We have a little bit of a problem with memory warnings in KrollBridge. Apparently, registeredProxies can be mutated while the fast iteration in -[KrollBridge didReceiveMemoryWarning:] is proceeding (see http://networkpx.blogspot.com/2009/07/analyzing-objective-cs-for-in-loop-fast.html for a description of how fast enumeration is unrolled, and judge for yourself how "smart" the OS is about preempting this at EXACTLY the wrong time to disrupt the mutationsPtr). And yes: jetsam apparently doesn't interact with any kind of scheduling to ensure that only an application's main thread is being run. This crash report is evidence enough of that. Wish we could have a good, hard, reproducible test case for Apple so they could try and fix this (is there really precedence for a watchdog application taking over kernel scheduling?)
Anyway, here we go...
Incident Identifier: EA23A633-B2EE-48EF-916D-B1B83BEDBEB4
CrashReporter Key: 38cb7cb670efe80e40368cb85b5503770ed373ae
Hardware Model: iPad1,1
Process: tiapplication [924]
Path: /var/mobile/Applications/10B644A6-1147-4754-BED5-DDC27F30259F/tiapplication.app/tiapplication
Identifier: tiapplication
Version: ??? (???)
Code Type: ARM (Native)
Parent Process: launchd [1]
Date/Time: 2011-09-21 18:14:03.062 +0200
OS Version: iPhone OS 4.2.1 (8C148)
Report Version: 104
Exception Type: EXC_CRASH (SIGABRT)
Exception Codes: 0x00000000, 0x00000000
Crashed Thread: 0
Thread 0 Crashed:
0 libSystem.B.dylib 0x30d7c2d4 __kill + 8
1 libSystem.B.dylib 0x30d7c2c4 kill + 4
2 libSystem.B.dylib 0x30d7c2b6 raise + 10
3 libSystem.B.dylib 0x30d90d72 abort + 50
4 libstdc++.6.dylib 0x34981a20 __gnu_cxx::__verbose_terminate_handler() + 376
5 libobjc.A.dylib 0x34a83594 _objc_terminate + 104
6 libstdc++.6.dylib 0x3497fdf2 __cxxabiv1::__terminate(void (*)()) + 46
7 libstdc++.6.dylib 0x3497fe46 std::terminate() + 10
8 libstdc++.6.dylib 0x3497ff16 __cxa_throw + 78
9 libobjc.A.dylib 0x34a824c4 objc_exception_throw + 64
10 CoreFoundation 0x3587c12c -[NSObject(NSObject) doesNotRecognizeSelector:] + 96
11 CoreFoundation 0x35823aa2 ___forwarding___ + 502
12 CoreFoundation 0x35823858 _CF_forwarding_prep_0 + 40
13 tiapplication 0x00091b3a -[TiProxy toString:] (TiProxy.m:1137)
14 tiapplication 0x00091bcc -[TiProxy description] (TiProxy.m:1145)
15 CoreFoundation 0x3580e63e -[NSObject(NSObject) _copyDescription] + 18
16 CoreFoundation 0x3580e564 CFCopyDescription + 80
17 CoreFoundation 0x3588bcec __CFBasicHashStandardCopyKeyDescription + 8
18 CoreFoundation 0x3588d224 __CFBasicHashCopyDescription_block_invoke_1 + 236
19 CoreFoundation 0x357e60f4 CFBasicHashApply + 124
20 CoreFoundation 0x3588d65c CFBasicHashCopyDescription + 680
21 CoreFoundation 0x3588d768 __CFBasicHashCopyDescription + 44
22 CoreFoundation 0x35855092 __CFDictionaryCopyDescription + 2
23 CoreFoundation 0x3580e5a2 CFCopyDescription + 142
24 CoreFoundation 0x3587a2be __NSFastEnumerationMutationHandler + 138
25 libobjc.A.dylib 0x34a88486 objc_enumerationMutation + 18
26 tiapplication 0x00033008 -[KrollBridge didReceiveMemoryWarning:] (KrollBridge.mm:224)
27 Foundation 0x3117561c _nsnote_callback + 136
28 CoreFoundation 0x3580111c __CFXNotificationPost_old + 396
29 CoreFoundation 0x35800dbc _CFXNotificationPostNotification + 112
30 Foundation 0x31164d1c -[NSNotificationCenter postNotificationName:object:userInfo:] + 64
31 Foundation 0x3116e23a -[NSNotificationCenter postNotificationName:object:] + 18
32 UIKit 0x342aada2 -[UIApplication _performMemoryWarning] + 42
33 UIKit 0x342ab9c4 -[UIApplication _receivedMemoryNotification] + 120
34 UIKit 0x342a8770 _memoryStatusChanged + 36
35 CoreFoundation 0x358310c6 __CFNotificationCenterDarwinCallBack + 18
36 CoreFoundation 0x35817be0 __CFMachPortPerform + 204
37 CoreFoundation 0x3580f6f8 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 20
38 CoreFoundation 0x3580f6bc __CFRunLoopDoSource1 + 160
39 CoreFoundation 0x35801f76 __CFRunLoopRun + 514
40 CoreFoundation 0x35801c80 CFRunLoopRunSpecific + 224
41 CoreFoundation 0x35801b88 CFRunLoopRunInMode + 52
42 GraphicsServices 0x320c84a4 GSEventRunModal + 108
43 GraphicsServices 0x320c8550 GSEventRun + 56
44 UIKit 0x341dc322 -[UIApplication _run] + 406
45 UIKit 0x341d9e8c UIApplicationMain + 664
46 tiapplication 0x00003bb8 main (main.m:36)
47 tiapplication 0x0000345c 0x1000 + 9308
Thread 3:
0 libSystem.B.dylib 0x30d31398 pread + 20
1 libsqlite3.dylib 0x3617afaa _sqlite3_purgeEligiblePagerCacheMemory + 218
2 libsqlite3.dylib 0x3617ccb6 _sqlite3_purgeEligiblePagerCacheMemory + 7654
3 libsqlite3.dylib 0x361727d8 sqlite3_db_status + 996
4 libsqlite3.dylib 0x36189062 sqlite3_extended_errcode + 18502
5 libsqlite3.dylib 0x361890fa sqlite3_extended_errcode + 18654
6 libsqlite3.dylib 0x36189126 sqlite3_extended_errcode + 18698
7 libsqlite3.dylib 0x36189168 sqlite3_extended_errcode + 18764
8 libsqlite3.dylib 0x36189246 sqlite3_extended_errcode + 18986
9 libsqlite3.dylib 0x36192e80 sqlite3_column_bytes16 + 5752
10 libsqlite3.dylib 0x361b0c48 fts3DbExec + 21492
11 libsqlite3.dylib 0x36171de4 sqlite3_step + 56
12 tiapplication 0x0002abe8 -[PLSqliteResultSet next] (PLSqliteResultSet.m:147)
13 tiapplication 0x000a7b52 -[TiDatabaseProxy execute:] (TiDatabaseProxy.m:153)
14 CoreFoundation 0x35825cfc __invoking___ + 60
15 CoreFoundation 0x35825bce -[NSInvocation invoke] + 102
16 tiapplication 0x0003a622 -[KrollMethod call:] (KrollMethod.m:247)
17 tiapplication 0x0003984e KrollCallAsFunction (KrollMethod.m:42)
18 tiapplication 0x00171c80 TI::TiCallbackObject<TI::TiObject>::call(TI::TiExcState*, TI::TiObject*, TI::TiValue, TI::ArgList const&) (TiCallbackObjectFunctions.h:396)
19 tiapplication 0x0015d550 TI::Interpreter::privateExecute(TI::Interpreter::ExecutionFlag, TI::RegisterFile*, TI::TiExcState*, TI::TiValue*) (Interpreter.cpp:3645)
20 tiapplication 0x0015f966 TI::Interpreter::execute(TI::FunctionExecutable*, TI::TiExcState*, TI::TiFunction*, TI::TiObject*, TI::ArgList const&, TI::ScopeChainNode*, TI::TiValue*) (Interpreter.cpp:815)
21 tiapplication 0x00169718 TI::TiFunction::call(TI::TiExcState*, TI::TiValue, TI::ArgList const&) (TiFunction.cpp:146)
22 tiapplication 0x001447fa TI::call(TI::TiExcState*, TI::TiValue, TI::CallType, TI::CallData const&, TI::TiValue, TI::ArgList const&) (CallData.cpp:46)
23 tiapplication 0x00170594 TiObjectCallAsFunction (TiObjectRef.cpp:449)
24 tiapplication 0x000403fa -[KrollObject triggerEvent:withObject:thisObject:] (KrollObject.m:1528)
25 tiapplication 0x00034ec0 -[KrollEvent invoke:] (KrollContext.mm:658)
26 tiapplication 0x00035ec6 -[KrollContext invoke:] (KrollContext.mm:895)
27 tiapplication 0x00036baa -[KrollContext main] (KrollContext.mm:1207)
28 Foundation 0x3116c192 -[NSThread main] + 38
29 Foundation 0x31165242 __NSThread__main__ + 966
30 libSystem.B.dylib 0x30d7d886 _pthread_start + 242
31 libSystem.B.dylib 0x30d72a88 thread_start + 0
The real problem, of course, is that we can't suspend/block our OWN threads as soon as a memory warning comes in. We need to have a discussion about memory management infrastructure vs. threading.
qe cannot test - closing