Sporadic crash on iOS (baseSize() in machine.h)

[revvv]

I get a sporadic exception on my iPad Air. It doesn't play a role if it's armv7 or arm64 binary. Both crash.
I'm using the jMonkeyEngine 3.0 with a private Avian build from today's master (openjdk-1.7.0-u40-unofficial-macosx-x86_64-image).

I got the problem already with an Avian master from 2015-06-01. Any help is appreciated.
The stacktrace is from arm64:

Thread 1Queue : com.apple.main-thread (serial)
#0  0x00000001001b4a8c in vm::baseSize(vm::Thread*, vm::GcObject*, vm::GcClass*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1971
#1  0x00000001001b4a84 in (anonymous namespace)::HeapClient::copiedSizeInWords(void*) at /Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:3393
#2  0x00000001001062a0 in (anonymous namespace)::local::copy2((anonymous namespace)::local::Context*, void*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1068
#3  0x000000010010628c in (anonymous namespace)::local::copy((anonymous namespace)::local::Context*, void*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1113
#4  0x000000010010628c in (anonymous namespace)::local::update3((anonymous namespace)::local::Context*, void*, bool*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1153
#5  0x0000000100106234 in (anonymous namespace)::local::update2((anonymous namespace)::local::Context*, void*, bool*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1164
#6  0x0000000100106228 in (anonymous namespace)::local::update((anonymous namespace)::local::Context*, void**, void*, unsigned int, bool*) at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1257
#7  0x0000000100105ef4 in (anonymous namespace)::local::collect((anonymous namespace)::local::Context*, void**, void*, unsigned int) at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1381
#8  0x0000000100105dd4 in (anonymous namespace)::local::collect((anonymous namespace)::local::Context*, void**) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1573
#9  0x0000000100105dc8 in (anonymous namespace)::local::collect2((anonymous namespace)::local::Context*)::Visitor::visit(void*) at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1750
#10 0x00000001001aaec0 in (anonymous namespace)::visitRoots(vm::Thread*, vm::Heap::Visitor*) at /Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:297
#11 0x00000001001b40f0 in vm::visitRoots(vm::Machine*, vm::Heap::Visitor*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:5558
#12 0x00000001001b40b4 in (anonymous namespace)::HeapClient::visitRoots(vm::Heap::Visitor*) at /Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:3356
#13 0x00000001001046d8 in (anonymous namespace)::local::collect2((anonymous namespace)::local::Context*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1757
#14 0x00000001001043ac in (anonymous namespace)::local::collect((anonymous namespace)::local::Context*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1819
#15 0x00000001001041b4 in (anonymous namespace)::local::MyHeap::collect(vm::Heap::CollectionType, unsigned int, int) at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1989
#16 0x000000010019f4b0 in (anonymous namespace)::doCollect(vm::Thread*, vm::Heap::CollectionType, int) at /Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:3456
#17 0x000000010019f3b8 in vm::collect(vm::Thread*, vm::Heap::CollectionType, int) at /Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:4315
#18 0x000000010019f0e4 in vm::allocate3(vm::Thread*, avian::util::Alloc*, vm::Machine::AllocationType, unsigned int, bool) at /Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:4259
#19 0x00000001001ae02c in vm::allocate2(vm::Thread*, unsigned int, bool) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:4175
#20 0x00000001001ae00c in vm::allocate(vm::Thread*, unsigned int, bool) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1639
#21 0x00000001001ae00c in vm::makeCharArray(vm::Thread*, unsigned long) at /Users/macuser/avian-2015-07-18/avian-master/build/ios-arm64-bootimage-openjdk-src/type-constructors.cpp:1348
#22 0x00000001000bfd38 in (anonymous namespace)::local::MyClasspath::makeString(vm::Thread*, vm::GcObject*, int, int) at /Users/macuser/avian-2015-07-18/avian-master/src/classpath-openjdk.cpp:462
#23 0x00000001000b23e0 in vm::makeStackTraceElement(vm::Thread*, vm::GcTraceElement*) at /Users/macuser/avian-2015-07-18/avian-master/src/avian/classpath-common.h:282
#24 0x00000001000b7c00 in (anonymous namespace)::local::jvmGetStackTraceElement(vm::Thread*, unsigned long*) at /Users/macuser/avian-2015-07-18/avian-master/src/classpath-openjdk.cpp:3555
#25 0x00000001000ad884 in vmRun ()
#26 0x00000001000b7b68 in vm::runRaw(vm::Thread*, unsigned long long (*)(vm::Thread*, unsigned long*), unsigned long*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1772
#27 0x00000001000b7b18 in vm::run(vm::Thread*, unsigned long long (*)(vm::Thread*, unsigned long*), unsigned long*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1780
#28 0x00000001000b7ae8 in JVM_GetStackTraceElement at /Users/macuser/avian-2015-07-18/avian-master/src/classpath-openjdk.cpp:3569
#29 0x00000001000ad808 in .LdoCall ()
#30 0x00000001001017e8 in vm::dynamicCall(void*, unsigned long*, unsigned char*, unsigned int, unsigned int, unsigned int) at /Users/macuser/avian-2015-07-18/avian-master/src/avian/arm.h:392
#31 0x0000000100100818 in (anonymous namespace)::local::invokeNativeSlow((anonymous namespace)::local::MyThread*, vm::GcMethod*, void*) at /Users/macuser/avian-2015-07-18/avian-master/src/compile.cpp:7244
#32 0x00000001000da7b0 in (anonymous namespace)::local::invokeNative2((anonymous namespace)::local::MyThread*, vm::GcMethod*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/compile.cpp:7323
#33 0x00000001000da740 in (anonymous namespace)::local::invokeNative((anonymous namespace)::local::MyThread*) at /Users/macuser/avian-2015-07-18/avian-master/src/compile.cpp:7354
#34 0x00000001001e89f4 in _binary_codeimage_bin_start ()
#35 0x00000001000fe9e4 in (anonymous namespace)::local::invoke(vm::Thread*, vm::GcMethod*, (anonymous namespace)::local::ArgumentList*) at /Users/macuser/avian-2015-07-18/avian-master/src/compile.cpp:8111
#36 0x00000001000ddbf8 in (anonymous namespace)::local::MyProcessor::invokeList(vm::Thread*, vm::GcMethod*, vm::GcObject*, bool, char*) at /Users/macuser/avian-2015-07-18/avian-master/src/compile.cpp:8742
#37 0x00000001001987b4 in (anonymous namespace)::local::callVoidMethodV(vm::Thread*, unsigned long*) at /Users/macuser/avian-2015-07-18/avian-master/src/jnienv.cpp:989
#38 0x00000001000ad884 in vmRun ()
#39 0x000000010018c5e8 in vm::runRaw(vm::Thread*, unsigned long long (*)(vm::Thread*, unsigned long*), unsigned long*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1772
#40 0x000000010018c598 in vm::run(vm::Thread*, unsigned long long (*)(vm::Thread*, unsigned long*), unsigned long*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1780
#41 0x000000010018c568 in (anonymous namespace)::local::CallVoidMethodV(vm::Thread*, vm::GcObject**, unsigned long, char*) [inlined] at /Users/macuser/avian-2015-07-18/avian-master/src/jnienv.cpp:1000
#42 0x000000010018c55c in (anonymous namespace)::local::CallVoidMethod(vm::Thread*, vm::GcObject**, unsigned long, ...) at /Users/macuser/avian-2015-07-18/avian-master/src/jnienv.cpp:1008
#43 0x00000001000a6b38 in -[jmeAppDelegate glkView:drawInRect:] at /Users/macuser/Documents/mygame/ios/project/jme-ios/jmeAppDelegate.m:245
#44 0x00000001859580f0 in -[GLKView _display:] ()
#45 0x00000001859593dc in -[GLKViewController _updateAndDraw] ()
#46 0x00000001034bc7fc in -[DYDisplayLinkInterposer forwardDisplayLinkCallback:] ()
#47 0x0000000188ca629c in CA::Display::DisplayLinkItem::dispatch() ()
#48 0x0000000188ca6134 in CA::Display::DisplayLink::dispatch_items(unsigned long long, unsigned long long, unsigned long long) ()
#49 0x0000000185a81470 in IODispatchCalloutFromCFMessage ()
#50 0x0000000184872dc4 in __CFMachPortPerform ()
#51 0x0000000184887a54 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ ()
#52 0x00000001848879b4 in __CFRunLoopDoSource1 ()
#53 0x0000000184885934 in __CFRunLoopRun ()
#54 0x00000001847b12d4 in CFRunLoopRunSpecific ()
#55 0x000000018de776fc in GSEventRunModal ()
#56 0x0000000189376fac in UIApplicationMain ()
#57 0x00000001000a57dc in main at /Users/macuser/Documents/mygame/ios/project/jme-ios/main.m:6
#58 0x00000001963faa08 in start ()

[revvv]

I tried to isolate the problem. Seems it doesn't crash if I add additional checks. Unfortunately printf() also crashes here, so can't tell which condition is met.

// machine.h
inline unsigned baseSize(Thread* t UNUSED, object o, GcClass* class_)
{
    assertT(t, class_->fixedSize() >= BytesPerWord);

    // checks added
    if (class_ == NULL)
    {
        return 0;
    }
    if (o == NULL)
    {
        return 0;
    }
    if (class_->fixedSize() < BytesPerWord)
    {
        return 0;
    }

    // ...
}

Of course it's only a workaround, but I don't know where the wrong values come from.

[joshuawarner32]

My first suggestion would be to try building in debug mode (or, if that doesn't reproduce the problem, debug-fast mode - which turns on all the optimizations, but keeps debug info). After that, it shouldn't be too hard to set breakpoints on each of those return 0; lines, to see which is hit. If that doesn't work, you can always turn those into calls to abort() - which should automatically drop you into the Xcode debugger. Keep in mind that in debug mode, that assert at the top will be enabled, and trigger before your check.

It'd also be interesting to see if this is reproducible somewhere besides iOS. Is it possible to compile your project for OS X? Barring that, it could be interesting to try running it on the simulator (to eliminate any architecture-dependence).

[revvv]

Bad news: The problem still occurs, my workaround doesn't help. (I hate occasionally crashes... and I tested it for so long and it didn't crash...) Thanks for your hints, I will try them. If you have any ideas how I could catch the exception (and return 0 or whatever), please let me know.

Compiling the project for OS X is not possible. At least not for me. It wasn't designed for that. And I couldn't reproduce it in the simulator up to now. Bad conditions.

[dicej]

On Jul 18, 2015 4:36 AM, "revvv" notifications@github.com wrote:

I get a sporadic exception on my iPad Air. I doesn't play a role if it's
armv7 or arm64 binary.

Does that mean the crash only happens with armv6 builds, not armv7 or arm64
ones?

I'm using the jMonkeyEngine 3.0 with a private Avian build from today's
master (openjdk-1.7.0-u40-unofficial-macosx-x86_64-image).

I got the problem already with an Avian master from 2015-06-01. Any help
is appreciated.
The stacktrace is from arm64:

Thread 1Queue : com.apple.main-thread (serial)
#0 0x00000001001b4a8c in vm::baseSize(vm::Thread_, vm::GcObject_,
vm::GcClass_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1971
#1 0x00000001001b4a84 in (anonymous
namespace)::HeapClient::copiedSizeInWords(void_) at
/Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:3393
#2 0x00000001001062a0 in (anonymous namespace)::local::copy2((anonymous
namespace)::local::Context_, void_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1068
#3 0x000000010010628c in (anonymous namespace)::local::copy((anonymous
namespace)::local::Context_, void_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1113
#4 0x000000010010628c in (anonymous
namespace)::local::update3((anonymous namespace)::local::Context_, void_,
bool_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1153
#5 0x0000000100106234 in (anonymous
namespace)::local::update2((anonymous namespace)::local::Context_, void_,
bool_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1164
#6 0x0000000100106228 in (anonymous namespace)::local::update((anonymous
namespace)::local::Context_, void__, void_, unsigned int, bool_) at
/Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1257
#7 0x0000000100105ef4 in (anonymous
namespace)::local::collect((anonymous namespace)::local::Context_, void**,
void_, unsigned int) at
/Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1381
#8 0x0000000100105dd4 in (anonymous
namespace)::local::collect((anonymous namespace)::local::Context_, void**)
[inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1573
#9 0x0000000100105dc8 in (anonymous
namespace)::local::collect2((anonymous
namespace)::local::Context_)::Visitor::visit(void_) at
/Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1750
#10 0x00000001001aaec0 in (anonymous namespace)::visitRoots(vm::Thread_,
vm::Heap::Visitor_) at
/Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:297
#11 0x00000001001b40f0 in vm::visitRoots(vm::Machine_,
vm::Heap::Visitor_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:5558
#12 0x00000001001b40b4 in (anonymous
namespace)::HeapClient::visitRoots(vm::Heap::Visitor_) at
/Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:3356
#13 0x00000001001046d8 in (anonymous
namespace)::local::collect2((anonymous namespace)::local::Context_)
[inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1757
#14 0x00000001001043ac in (anonymous
namespace)::local::collect((anonymous namespace)::local::Context_)
[inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1819
#15 0x00000001001041b4 in (anonymous
namespace)::local::MyHeap::collect(vm::Heap::CollectionType, unsigned int,
int) at /Users/macuser/avian-2015-07-18/avian-master/src/heap/heap.cpp:1989
#16 0x000000010019f4b0 in (anonymous namespace)::doCollect(vm::Thread_,
vm::Heap::CollectionType, int) at
/Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:3456
#17 0x000000010019f3b8 in vm::collect(vm::Thread_,
vm::Heap::CollectionType, int) at
/Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:4315
#18 0x000000010019f0e4 in vm::allocate3(vm::Thread_, avian::util::Alloc_,
vm::Machine::AllocationType, unsigned int, bool) at
/Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:4259
#19 0x00000001001ae02c in vm::allocate2(vm::Thread_, unsigned int, bool)
[inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/machine.cpp:4175
#20 0x00000001001ae00c in vm::allocate(vm::Thread_, unsigned int, bool)
[inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1639
#21 0x00000001001ae00c in vm::makeCharArray(vm::Thread_, unsigned long)
at
/Users/macuser/avian-2015-07-18/avian-master/build/ios-arm64-bootimage-openjdk-src/type-constructors.cpp:1348
#22 0x00000001000bfd38 in (anonymous
namespace)::local::MyClasspath::makeString(vm::Thread_, vm::GcObject_, int,
int) at
/Users/macuser/avian-2015-07-18/avian-master/src/classpath-openjdk.cpp:462
#23 0x00000001000b23e0 in vm::makeStackTraceElement(vm::Thread_,
vm::GcTraceElement_) at
/Users/macuser/avian-2015-07-18/avian-master/src/avian/classpath-common.h:282
#24 0x00000001000b7c00 in (anonymous
namespace)::local::jvmGetStackTraceElement(vm::Thread_, unsigned long_) at
/Users/macuser/avian-2015-07-18/avian-master/src/classpath-openjdk.cpp:3555
#25 0x00000001000ad884 in vmRun ()
#26 0x00000001000b7b68 in vm::runRaw(vm::Thread_, unsigned long long
()(vm::Thread, unsigned long_), unsigned long_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1772
#27 0x00000001000b7b18 in vm::run(vm::Thread_, unsigned long long
()(vm::Thread, unsigned long_), unsigned long_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1780
#28 0x00000001000b7ae8 in JVM_GetStackTraceElement at
/Users/macuser/avian-2015-07-18/avian-master/src/classpath-openjdk.cpp:3569
#29 0x00000001000ad808 in .LdoCall ()
#30 0x00000001001017e8 in vm::dynamicCall(void_, unsigned long_, unsigned
char_, unsigned int, unsigned int, unsigned int) at
/Users/macuser/avian-2015-07-18/avian-master/src/avian/arm.h:392
#31 0x0000000100100818 in (anonymous
namespace)::local::invokeNativeSlow((anonymous
namespace)::local::MyThread_, vm::GcMethod_, void_) at
/Users/macuser/avian-2015-07-18/avian-master/src/compile.cpp:7244
#32 0x00000001000da7b0 in (anonymous
namespace)::local::invokeNative2((anonymous namespace)::local::MyThread_,
vm::GcMethod_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/compile.cpp:7323
#33 0x00000001000da740 in (anonymous
namespace)::local::invokeNative((anonymous namespace)::local::MyThread_) at
/Users/macuser/avian-2015-07-18/avian-master/src/compile.cpp:7354
#34 0x00000001001e89f4 in binary_codeimage_bin_start ()
#35 0x00000001000fe9e4 in (anonymous
namespace)::local::invoke(vm::Thread, vm::GcMethod_, (anonymous
namespace)::local::ArgumentList_) at
/Users/macuser/avian-2015-07-18/avian-master/src/compile.cpp:8111
#36 0x00000001000ddbf8 in (anonymous
namespace)::local::MyProcessor::invokeList(vm::Thread_, vm::GcMethod_,
vm::GcObject_, bool, char_) at
/Users/macuser/avian-2015-07-18/avian-master/src/compile.cpp:8742
#37 0x00000001001987b4 in (anonymous
namespace)::local::callVoidMethodV(vm::Thread_, unsigned long_) at
/Users/macuser/avian-2015-07-18/avian-master/src/jnienv.cpp:989
#38 0x00000001000ad884 in vmRun ()
#39 0x000000010018c5e8 in vm::runRaw(vm::Thread_, unsigned long long
()(vm::Thread, unsigned long_), unsigned long_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1772
#40 0x000000010018c598 in vm::run(vm::Thread_, unsigned long long
()(vm::Thread, unsigned long_), unsigned long_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/avian/machine.h:1780
#41 0x000000010018c568 in (anonymous
namespace)::local::CallVoidMethodV(vm::Thread_, vm::GcObject__, unsigned
long, char_) [inlined] at
/Users/macuser/avian-2015-07-18/avian-master/src/jnienv.cpp:1000
#42 0x000000010018c55c in (anonymous
namespace)::local::CallVoidMethod(vm::Thread_, vm::GcObject_*, unsigned
long, ...) at
/Users/macuser/avian-2015-07-18/avian-master/src/jnienv.cpp:1008
#43 0x00000001000a6b38 in -[jmeAppDelegate glkView:drawInRect:] at
/Users/macuser/Documents/jackIOS/ios/project/jme-ios/jmeAppDelegate.m:245
#44 0x00000001859580f0 in -GLKView _display:
#45 0x00000001859593dc in -GLKViewController _updateAndDraw
#46 0x00000001034bc7fc in -DYDisplayLinkInterposer
forwardDisplayLinkCallback:
#47 0x0000000188ca629c in CA::Display::DisplayLinkItem::dispatch() ()
#48 0x0000000188ca6134 in
CA::Display::DisplayLink::dispatch_items(unsigned long long, unsigned long
long, unsigned long long) ()
#49 0x0000000185a81470 in IODispatchCalloutFromCFMessage ()
#50 0x0000000184872dc4 in CFMachPortPerform ()
#51 0x0000000184887a54 in
__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION ()
#52 0x00000001848879b4 in __CFRunLoopDoSource1 ()
#53 0x0000000184885934 in __CFRunLoopRun ()
#54 0x00000001847b12d4 in CFRunLoopRunSpecific ()
#55 0x000000018de776fc in GSEventRunModal ()
#56 0x0000000189376fac in UIApplicationMain ()
#57 0x00000001000a57dc in main at
/Users/macuser/Documents/mygame/ios/project/jme-ios/main.m:6
#58 0x00000001963faa08 in start ()

—
Reply to this email directly or view it on GitHub.

[revvv]

Does that mean the crash only happens with armv6 builds, not armv7 or arm64 ones?

I use either "armv7" or "armv7 arm64" as VALID ARCHITECTURES. The crash happens with both settings on my 64 bit iPad Air.

I never used "armv6". AFAIK jMonkeyEngine doesn't support that.

UPDATE: Now I understand why you asked. Updated first posting.

[revvv]

I could not compile Avian with debug mode. (Don't know how to modify the jMonkeyEngine build.xml.)
So I used local variables in machine.h:1971 for all expressions and set breakpoints, but unfortunately the crash does not occur with this modification...

I was really surprised that BytesPerWord can have different values, even 0!
But that can't be true?! It would end in a division by zero and would happen much more often than the crash I was looking for.

[joshuawarner32]

Given the fragility of the problem, debug mode may not have helped anyway.

BytesPerWord should only ever be 4 or 8. If the debugger is telling you otherwise, it's lying. That's not unusual, especially in optimized builds.

The only thing I can think of is trying to set the VM_STRESS or VM_STRESS_MAJOR flags in an effort to make it more reproducible. If you can't modify the external build system, it's not hard to add those flags directly to the avian makefile. E.g.:

diff --git a/makefile b/makefile
index 906fafb..8a147c2 100755
--- a/makefile
+++ b/makefile
@@ -1172,7 +1172,7 @@ ifeq ($(mode),stress-major)
        strip = :
 endif
 ifeq ($(mode),fast)
-       optimization-cflags = $(cflags_fast) -DNDEBUG
+       optimization-cflags = $(cflags_fast) -DNDEBUG -DVM_STRESS
 endif
 ifeq ($(mode),small)
        optimization-cflags = $(cflags_small) -DNDEBUG

You might also try directly modifying the makefile similarly to preserve debug info (using -O0 -g3 or -O2 -g3 instead of -O3, you'll also have to set strip = :).

If you can figure out how to reproduce it reliably, the next step would probably be to start simplifying the test case. Try commenting out large portions of code (both your own and in JME), and see if you can still get the problem to happen.

[dicej]

This certainly seems to be a heap corruption issue, which can either be due to a bug in the VM or some JNI code (e.g. incorrect use of GetPrimitiveArrayCritical such as https://groups.google.com/d/msg/avian/Ibd2p44_kOA/UgFLgq-ibMQJ ). These are hard to debug because the crash generally occurs well after the corruption happens. As Josh noted, the VM_STRESS and VM_STRESS_MAJOR macros can help close the gap between fault and crash, but they're only practical once you've narrowed the test case down a bit and made it more reliably reproduceable.

My advice is to scrutinize any JNI code in your app or libraries that might be hit prior to the crash and make sure it's playing by the rules. If all that looks good, do what you can to simplify the test case like Josh suggested. The narrower it is, the more tools we can throw at it.

[revvv]

@joshuawarner32 With your hints I could build with debug and stress options. With "debug" the problem doesn't occur. With "stress" it crashes immediately on armv7/arm64 and in the simulator, but at a different location. (Same result with our minimalistic default project.)

@dicej Indeed the project uses JNI and jogl.

Thanks for all your help. Closed. IMHO not an Avian bug.