SIGSEGV crash in v8::internal::Runtime_CreateRegExpLiteral on Android

[06peng]

We are experiencing a crash in our Android application, and the stack trace points to an issue within the libj2v8.so library. The crash occurs with a SIGSEGV signal, indicating an invalid memory access. This issue has been reported by users, but we have not been able to reproduce it locally.

Crash Log:

`pid: 2332, tid: 2401, name: pool-6-thread-1 >>> com.vipshop.vswxk <<<
signal 11 (SIGSEGV), code 128 (SI_KERNEL), fault addr 0x0
x0 00002207bf95fec1 x1 0000000000000000 x2 00002207bf95fed0 x3 00002207bf95fed2
x4 000076ea0d0be7c8 x5 0000000000000004 x6 000076ea2195e600 x7 0000000000000001
x8 00002207bf95fec1 x9 0000000000000001 x10 fffffffffffffffe x11 0000000000000000
x12 000076ea037436c0 x13 00002207bf95fed2 x14 000022d28dbdb319 x15 0000000400000000
x16 00000000000003ab x17 0000000003edfcc0 x18 0000000000000001 x19 00002207bf95fed0
x20 000076ea03743661 x21 00000000fffffffe x22 000000000000000a x23 000076ea2195e5fc
x24 fffffffdfffffffd x25 00002207bf95fed2 x26 00002207bf95fed0 x27 0000000000000000
x28 000076ea0d0be7c8 x29 000076ea0ebe1750
sp 000076ea0ebe1720 lr 0000000003ee0064 pc 000076ea03743714

backtrace:
#00 pc 0000000000000714 <anonymous: 76ea03743000>

build id:

stack:
000076ea0ebe16a0 000076ea0ebe1958 [anon:Mem_0x10000004]
000076ea0ebe16a8 000076ea0d0b1e40 [anon:libc_malloc]
000076ea0ebe16b0 000076ea218ad048 [anon:libc_malloc]
000076ea0ebe16b8 0000000600000003
000076ea0ebe16c0 000000000d0af901
000076ea0ebe16c8 000076ea00000000
000076ea0ebe16d0 000076ea0d0b1e40 [anon:libc_malloc]
000076ea0ebe16d8 0000000000000000
000076ea0ebe16e0 0000000000000000
000076ea0ebe16e8 000076ea0ebe1958 [anon:Mem_0x10000004]
000076ea0ebe16f0 000076ea0ebe1958 [anon:Mem_0x10000004]
000076ea0ebe16f8 000076ea0ebe1958 [anon:Mem_0x10000004]
000076ea0ebe1700 0000000000000000
000076ea0ebe1708 0000000000000000
000076ea0ebe1710 0000000000000000
000076ea0ebe1718 0000000000000000
#00 000076ea0ebe1720 000076ea00000000
000076ea0ebe1728 0000000000000000
000076ea0ebe1730 00002207bf95fec1
000076ea0ebe1738 0000000000000004
000076ea0ebe1740 000076ea2195e600 [anon:libc_malloc]
000076ea0ebe1748 0000000000000001
000076ea0ebe1750 000076ea0ebe1810 [anon:Mem_0x10000004]
000076ea0ebe1758 0000000003ee0064 /data/app/com.vipshop.vswxk-E9lx3-afB1dQwnK-GJQx5w==/lib/arm64/libj2v8.so
000076ea0ebe1760 00002207bf95fed0
000076ea0ebe1768 0000000100000000
000076ea0ebe1770 000076ea0d0b1e40 [anon:libc_malloc]
000076ea0ebe1778 0000000000000026
000076ea0ebe1780 0000000000000077
000076ea0ebe1788 0000000000000003
000076ea0ebe1790 000022d28dbde285
000076ea0ebe1798 000076ea0d0b1f40 [anon:libc_malloc]`

[mayanksinghrajpoot]

Your crash log shows a SIGSEGV with a fault address of 0x0, which is a classic null pointer dereference happening in the native libj2v8.so library. Since this crash occurs on a background worker thread (pool-6-thread-1) and is hard to reproduce, it's almost certainly a multithreading race condition. This typically happens in J2V8 when a background thread tries to access a J2V8 object (like a V8Runtime or V8Object) that has already been .release()d and freed by another thread (like the main thread), or if an object is being accessed from a different thread than the one it was created on without proper locking. The solution is to audit your code and trace the lifecycle of all J2V8 objects, ensuring that no object is ever accessed by any thread after .release() has been called, and that all access respects J2V8's threading rules.