Thread::park failed invalid argument - android

I tried to do some periodic action in Android R automotive device by ScheduledThreadPoolExecutor.
There is my code:
private static class NamedThreadFactory implements ThreadFactory {
private final AtomicInteger mThreadNumber = new AtomicInteger(1);
private final String mNamePrefix;
NamedThreadFactory(String namePrefix) {
mNamePrefix = namePrefix + "-thread-";
}
#Override
public Thread newThread(Runnable r) {
final Thread thread = new Thread(r, mNamePrefix + mThreadNumber.getAndIncrement());
return thread;
}
}
private ScheduledThreadPoolExecutor mPopDataRefreshExecutor =
new ScheduledThreadPoolExecutor(1, new NamedThreadFactory("refreshPopData"));
mPopDataRefreshExecutor.scheduleAtFixedRate(new PopDataRefresher(),
TimeUnit.MINUTES.toMillis(5),
TimeUnit.MINUTES.toMillis(10),
TimeUnit.MILLISECONDS);
And then, it once raise some native signal 6 exception:
Revision: '0'
ABI: 'arm'
Timestamp: 1912-01-03 13:32:13+0800
pid: 9441, tid: 11146, name: RefreshPopData- >>> com.demo <<<
uid: 1010065
signal 6 (SIGABRT), code -1 (SI_QUEUE), fault addr --------
Abort message: 'Failed to park: Invalid argument'
r0 00000000 r1 00002b8a r2 00000006 r3 bb98eb00
r4 bb98eb14 r5 bb98eaf8 r6 000024e1 r7 0000016b
r8 bb98eb10 r9 bb98eb00 r10 bb98eb30 r11 bb98eb20
ip 00002b8a sp bb98ead0 lr f1fa158f pc f1fa15a2
backtrace:
#00 pc 000545a2 /apex/com.android.runtime/lib/bionic/libc.so (abort+166) (BuildId: ced36bae419d8d9438cf6f91c6feea37)
#01 pc 003a0f7d /apex/com.android.runtime/lib/libart.so (art::Runtime::Abort(char const*)+1980) (BuildId: b1931727e2af1deddf3d63be01bc9e06)
#02 pc 000085e1 /system/lib/libbase.so (android::base::LogMessage::~LogMessage()+488) (BuildId: d8f9959168f480e25050a2b6cf313736)
#03 pc 003cff97 /apex/com.android.runtime/lib/libart.so (art::Thread::Park(bool, long long)+1570) (BuildId: b1931727e2af1deddf3d63be01bc9e06)
#04 pc 003417e9 /apex/com.android.runtime/lib/libart.so (art::Unsafe_park(_JNIEnv*, _jobject*, unsigned char, long long)+440) (BuildId: b1931727e2af1deddf3d63be01bc9e06)
#05 pc 000edfc9 /system/framework/arm/boot.oat (art_jni_trampoline+96) (BuildId: 16090464612e7610f7b849552ef4a978eef87738)
#06 pc 0024e283 /system/framework/arm/boot.oat (java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos+818) (BuildId: 16090464612e7610f7b849552ef4a978eef87738)
#07 pc 003914f7 /system/framework/arm/boot.oat (java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take+326) (BuildId: 16090464612e7610f7b849552ef4a978eef87738)
#08 pc 003600dd /system/framework/arm/boot.oat (sun.nio.fs.UnixPath.getParent [DEDUPED]+36) (BuildId: 16090464612e7610f7b849552ef4a978eef87738)
#09 pc 0034b265 /system/framework/arm/boot.oat (java.util.concurrent.ThreadPoolExecutor.getTask+428) (BuildId: 16090464612e7610f7b849552ef4a978eef87738)
#10 pc 0034c9ff /system/framework/arm/boot.oat (java.util.concurrent.ThreadPoolExecutor.runWorker+222) (BuildId: 16090464612e7610f7b849552ef4a978eef87738)
#11 pc 0034a0a7 /system/framework/arm/boot.oat (java.util.concurrent.ThreadPoolExecutor$Worker.run+54) (BuildId: 16090464612e7610f7b849552ef4a978eef87738)
#12 pc 001da039 /system/framework/arm/boot.oat (java.lang.Thread.run+64) (BuildId: 16090464612e7610f7b849552ef4a978eef87738)
#13 pc 000e4bc5 /apex/com.android.runtime/lib/libart.so (art_quick_invoke_stub_internal+68) (BuildId: b1931727e2af1deddf3d63be01bc9e06)
#14 pc 0045e97b /apex/com.android.runtime/lib/libart.so (art_quick_invoke_stub+250) (BuildId: b1931727e2af1deddf3d63be01bc9e06)
#15 pc 000ecffd /apex/com.android.runtime/lib/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+160) (BuildId: b1931727e2af1deddf3d63be01bc9e06)
#16 pc 0039ab77 /apex/com.android.runtime/lib/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+54) (BuildId: b1931727e2af1deddf3d63be01bc9e06)
#17 pc 0039b881 /apex/com.android.runtime/lib/libart.so (art::InvokeVirtualOrInterfaceWithJValues(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, jvalue const*)+300) (BuildId: b1931727e2af1deddf3d63be01bc9e06)
#18 pc 003d0e73 /apex/com.android.runtime/lib/libart.so (art::Thread::CreateCallback(void*)+982) (BuildId: b1931727e2af1deddf3d63be01bc9e06)
#19 pc 0009c5e7 /apex/com.android.runtime/lib/bionic/libc.so (__pthread_start(void*)+20) (BuildId: ced36bae419d8d9438cf6f91c6feea37)
#20 pc 00055a97 /apex/com.android.runtime/lib/bionic/libc.so (__start_thread+30) (BuildId: ced36bae419d8d9438cf6f91c6feea37)
When I tried to add some log to solve this problem, it never happends again with same apk and same device.
Is any advice to deal with it, I tried to read AOSP code(https://cs.android.com/android/platform/superproject/+/master:art/runtime/thread.cc;l=311?q=Thread::park) and find out this stack mean to futex something failed. But I have no idea what "Failed to park: Invalid argument" means.

Related

webview_flutter in not working getting a platform error

am trying to activate the payment gateway in my app. after getting all data needed to open the payment page ( this includes all necessary data like token first name.... etc. ) . after that I should display a page. in this page the user must enter his card info.
my issue is: when trying to or when trying to open page using the WebView() am getting error like
java.lang.IllegalStateException: Platform view hasn't been initialized from the platform view channel.
I have already added the permission of using the internet in the manifesto file.
also, i set the minSdkVersion to 19 & compileSdkVersion 32 . in addention to that i run the flutter clean many times but this did not solve the issue .
my code below :
import 'dart:async';
import 'dart:io';
import 'package:flutter/material.dart';
import 'package:flutter/src/foundation/key.dart';
import 'package:flutter/src/widgets/framework.dart';
import 'package:webview_flutter/webview_flutter.dart';
import '../../shared/components/components.dart';
import '../../shared/components/const.dart';
class VisaCard extends StatefulWidget {
const VisCard({Key? key}) : super(key: key);
#override
State<VisCard> createState() => _VisCardState();
}
class _VisCardState extends State<VisCard> {
final Completer<WebViewController> _controller =
Completer<WebViewController>();
void initState() {
super.initState();
if (Platform.isAndroid) {
WebView.platform = SurfaceAndroidWebView();
}
}
#override
Widget build(BuildContext context) {
return Scaffold(
body: WebView(
initialUrl:"https://xxxxxxx/api/acceptance/iframes/684162?payment_token=${paymobFinalTokenCard}",
javascriptMode: JavascriptMode.unrestricted,
onWebViewCreated: (WebViewController webViewController) {
_controller.complete(webViewController);
},
// onProgress: (int progress) {
// print('WebView is loading (progress : $progress%)');
// },
javascriptChannels: <JavascriptChannel>{
_toasterJavascriptChannel(context),
},
onPageFinished: (String url) {
print('Page finished loading: $url');
},
gestureNavigationEnabled: true,
backgroundColor: const Color(0x00000000),
),
);
}
JavascriptChannel _toasterJavascriptChannel(BuildContext context) {
return JavascriptChannel(
name: 'Toaster',
onMessageReceived: (JavascriptMessage message) {
showSnackBar(context,message.toString() );
});
}
}
error message :
[WARNING:dns_config_service_android.cc(153)] Failed to read DnsConfig.
D/EGL_emulation( 8941): eglMakeCurrent: 0x7f336f68cf90: ver 2 0 (tinfo 0x7f359bd14080)
(first time)
**E/flutter ( 8941): [ERROR:flutter/fml/platform/android/jni_util.cc(204)] java.lang.IllegalStateException: Platform view hasn't been initialized from the platform view channel.**
E/flutter ( 8941): at io.flutter.plugin.platform.PlatformViewsController.initializePlatformViewIfNeeded(PlatformViewsController.java:732)
E/flutter ( 8941): at io.flutter.plugin.platform.PlatformViewsController.onDisplayPlatformView(PlatformViewsController.java:791)
E/flutter ( 8941): at io.flutter.embedding.engine.FlutterJNI.onDisplayPlatformView(FlutterJNI.java:1380)
E/flutter ( 8941): at android.os.MessageQueue.nativePollOnce(Native Method)
E/flutter ( 8941): at android.os.MessageQueue.next(MessageQueue.java:335)
E/flutter ( 8941): at android.os.Looper.loopOnce(Looper.java:161)
E/flutter ( 8941): at android.os.Looper.loop(Looper.java:288)
E/flutter ( 8941): at android.app.ActivityThread.main(ActivityThread.java:7839)
E/flutter ( 8941): at java.lang.reflect.Method.invoke(Native Method)
E/flutter ( 8941): at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:548)
E/flutter ( 8941): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1003)
E/flutter ( 8941):
F/flutter ( 8941): [FATAL:flutter/shell/platform/android/platform_view_android_jni_impl.cc(1469)] Check failed: fml::jni::CheckException(env).
F/libc ( 8941): Fatal signal 6 (SIGABRT), code -6 (SI_TKILL) in tid 8941 (ample.paymobone), pid 8941 (ample.paymobone)
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'google/sdk_gphone64_x86_64/emulator64_x86_64_arm64:12/SE1A.211212.001.B1/8023802:user/release-keys'
Revision: '0'
ABI: 'x86_64'
Timestamp: 2022-10-18 02:10:20.176569800+0300
Process uptime: 0s
Cmdline: com.example.paymobone
pid: 8941, tid: 8941, name: ample.paymobone >>> com.example.paymobone <<<
uid: 10160
signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
Abort message: '[FATAL:flutter/shell/platform/android/platform_view_android_jni_impl.cc(1469)] Check failed: fml::jni::CheckException(env).
'
rax 0000000000000000 rbx 00000000000022ed rcx 00007f357d3205cf rdx 0000000000000006
r8 00007ffee229c9d0 r9 00007ffee229c9d0 r10 00007ffee229c970 r11 0000000000000217
r12 00007f334f6d4bf0 r13 00007ffee229cad0 r14 00007ffee229c968 r15 00000000000022ed
rdi 00000000000022ed rsi 00000000000022ed
rbp 0000000000000007 rsp 00007ffee229c960 rip 00007f357d3205cf
backtrace:
#00 pc 000000000005e5cf /apex/com.android.runtime/lib64/bionic/libc.so (abort+191) (BuildId: 5db8d317d3741b337ef046540bbdd0f7)
#01 pc 000000000160bf95 /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#02 pc 0000000001631394 /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#03 pc 00000000016183d6 /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#04 pc 0000000001d847d9 /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#05 pc 00000000019b6578 /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#06 pc 00000000019b506a /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#07 pc 00000000019b5be3 /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#08 pc 00000000019b6b0d /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#09 pc 00000000019b553b /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#10 pc 00000000019b5234 /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#11 pc 00000000019b6d9c /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#12 pc 0000000001631f33 /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#13 pc 000000000163734a /data/app/~~MrR5iAtJNiBzJu6ee3Fmmg==/com.example.paymobone-cvQMP3KIgkxZaQO8P_dSzg==/lib/x86_64/libflutter.so (BuildId: 9292ed7a57d628289a096bc46aa71468ce209e08)
#14 pc 0000000000018475 /system/lib64/libutils.so (android::Looper::pollInner(int)+1013) (BuildId: 0b21e18f17c36471b0becec44f99518b)
#15 pc 000000000001801e /system/lib64/libutils.so (android::Looper::pollOnce(int, int*, int*, void**)+126) (BuildId: 0b21e18f17c36471b0becec44f99518b)
#16 pc 000000000015d253 /system/lib64/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce(_JNIEnv*, _jobject*, long, int)+35) (BuildId: f90004a78069fa4c4e587a2081d386cd)
#17 pc 00000000001ab568 /system/framework/x86_64/boot-framework.oat (art_jni_trampoline+120) (BuildId: 5ead3b6496eb4808298a4612fe10561bbd30f354)
#18 pc 0000000002003e6e /memfd:jit-cache (deleted) (android.os.MessageQueue.next+206)
#19 pc 0000000002007082 /memfd:jit-cache (deleted) (android.os.Looper.loopOnce+162)
#20 pc 0000000000395376 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+806) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#21 pc 000000000041da09 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+233) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#22 pc 00000000005a335c /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+428) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#23 pc 000000000059d16c /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+1036) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#24 pc 000000000097c172 /apex/com.android.art/lib64/libart.so (MterpInvokeStatic+1410) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#25 pc 000000000037e899 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_static+25) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#26 pc 000000000044d768 /system/framework/framework.jar
#27 pc 000000000097c90d /apex/com.android.art/lib64/libart.so (MterpInvokeStatic+3357) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#28 pc 000000000037e899 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_static+25) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#29 pc 00000000001c85ca /system/framework/framework.jar
#30 pc 0000000000594b42 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool)+306) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#31 pc 0000000000959a6f /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+1007) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#32 pc 00000000003a04bc /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+140) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#33 pc 0000000000395376 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+806) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#34 pc 000000000041da09 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+233) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#35 pc 0000000000819502 /apex/com.android.art/lib64/libart.so (_jobject* art::InvokeMethod<(art::PointerSize)8>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1442) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#36 pc 0000000000772728 /apex/com.android.art/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+56) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#37 pc 00000000000b5a30 /apex/com.android.art/javalib/x86_64/boot.oat (art_jni_trampoline+144) (BuildId: d92cc57761604ac2f5849e74a41f38bf70ac7a09)
#38 pc 0000000000395014 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+756) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#39 pc 000000000041d9fa /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+218) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#40 pc 00000000005a335c /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+428) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#41 pc 000000000059d16c /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+1036) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#42 pc 000000000096e305 /apex/com.android.art/lib64/libart.so (MterpInvokeVirtual+1349) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#43 pc 000000000037e719 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_virtual+25) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#44 pc 000000000024800e /system/framework/framework.jar
#45 pc 0000000000594b42 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool)+306) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#46 pc 0000000000959a6f /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+1007) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#47 pc 00000000003a04bc /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+140) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#48 pc 00000000008b3621 /system/framework/x86_64/boot-framework.oat (com.android.internal.os.ZygoteInit.main+2049) (BuildId: 5ead3b6496eb4808298a4612fe10561bbd30f354)
#49 pc 0000000000395376 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+806) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#50 pc 000000000041da09 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+233) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#51 pc 0000000000819eb1 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, __va_list_tag*)+465) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#52 pc 00000000006ce8ac /apex/com.android.art/lib64/libart.so (art::JNI<true>::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, __va_list_tag*)+620) (BuildId: cfc3de5d1c7b2855effeb77a784fc353)
#53 pc 00000000000c6374 /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+164) (BuildId: f90004a78069fa4c4e587a2081d386cd)
#54 pc 00000000000d2a71 /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+865) (BuildId: f90004a78069fa4c4e587a2081d386cd)
#55 pc 0000000000002f9f /system/bin/app_process64 (main+1599) (BuildId: 5c47dfdf42370b14f9eaa0b58a1dedf3)
#56 pc 0000000000050079 /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+89) (BuildId: 5db8d317d3741b337ef046540bbdd0f7)
**Lost connection to device.**

This may be a bug in Flutter, you can check out the bug#112542 on GitHub。

How to debug and solve null pointer dereference in Android libgui.so

I'm trying to get the Sony Stock Camera from their tama devices working on Android 12.
I'm getting the following backtrace:
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'Sony/H8324/H8324:10/52.1.A.3.49/052001A003004902006556692:user/release-keys'
Revision: '0'
ABI: 'arm64'
Timestamp: 2022-08-16 20:04:11.168778323+0200
Process uptime: 0s
Cmdline: com.sonyericsson.android.camera
pid: 3646, tid: 3678, name: ImageReader >>> com.sonyericsson.android.camera <<<
uid: 10133
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
Cause: null pointer dereference
x0 0000007c7081b5d0 x1 0000007ee0a7f7cc x2 0000000000000000 x3 0000000000000010
x4 0000000000000000 x5 0000007bce6a9fa8 x6 0000007f020ff000 x7 0000000000001ac8
x8 0000007eebfefa38 x9 0000007eebfb6d00 x10 0000007eebfefa28 x11 000000007081b5e8
x12 0000ffff00000eff x13 00000000db4450c6 x14 003b7c4575e22800 x15 0000e787a5a92f54
x16 0000007ef28a97f8 x17 0000007ee09e4c78 x18 0000007bce16e000 x19 ffffffff9d042408
x20 0000007da07ef240 x21 00000000ce6aa260 x22 0000000000000000 x23 0000007bce6ab000
x24 0000007c4d808d00 x25 0000007bce6aa470 x26 0000007bce6aa484 x27 0000007bce6aa470
x28 0000007bce6aa360 x29 0000007bce6aa210
lr 0000007eebfac2b8 sp 0000007bce6aa200 pc 0000007eebfac2dc pst 0000000060000000
backtrace:
#00 pc 00000000000e22dc /system/lib64/libgui.so (android::Surface::Surface(android::sp<android::IGraphicBufferProducer> const&, bool, android::sp<android::IBinder> const&)+128) (BuildId: 5f0e35ac67a320ebbf7dbfedaba3b4f3)
#01 pc 000000000000103c /system/system_ext/lib64/libgui_shim.so (android::Surface::Surface(android::sp<android::IGraphicBufferProducer> const&, bool)+40) (BuildId: f763096071886df8dfce73855c765827)
#02 pc 0000000000011eb4 /system/lib64/libimageprocessorjni.so (BypassCameraBurstBufferManager_initializeSurface+216) (BuildId: c3128a7b0c9351c6fe96247d3e3c35b7)
#03 pc 000000000000e8c4 /system/lib64/libimageprocessorjni.so (BypassCameraPhoto_prepareSnapshot+84) (BuildId: c3128a7b0c9351c6fe96247d3e3c35b7)
#04 pc 000000000000c580 /system/lib64/libimageprocessorjni.so (Java_com_sonymobile_imageprocessor_bypasscamera2_BypassCamera_nativeRequestPrepareSnapshot+24) (BuildId: c3128a7b0c9351c6fe96247d3e3c35b7)
#05 pc 0000000000222244 /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+148) (BuildId: 143d4d521718f1d1b0005e86eb8ae170)
#06 pc 0000000000212b80 /apex/com.android.art/lib64/libart.so (nterp_helper+5648) (BuildId: 143d4d521718f1d1b0005e86eb8ae170)
#07 pc 000000000068c7bc /system/priv-app/SemcCameraUI-xxhdpi-release/SemcCameraUI-xxhdpi-release.apk (com.sonymobile.imageprocessor.bypasscamera2.BypassCamera.requestPrepareSnapshot+4)
#08 pc 00000000002124c4 /apex/com.android.art/lib64/libart.so (nterp_helper+3924) (BuildId: 143d4d521718f1d1b0005e86eb8ae170)
#09 pc 00000000005c3c84 /system/priv-app/SemcCameraUI-xxhdpi-release/SemcCameraUI-xxhdpi-release.apk (com.sonyericsson.android.camera.device.BypassCameraController.requestPrepareSnapshot+184)
#10 pc 00000000002124c4 /apex/com.android.art/lib64/libart.so (nterp_helper+3924) (BuildId: 143d4d521718f1d1b0005e86eb8ae170)
#11 pc 00000000005c2b28 /system/priv-app/SemcCameraUI-xxhdpi-release/SemcCameraUI-xxhdpi-release.apk (com.sonyericsson.android.camera.device.BypassCameraController.access$5400+0)
#12 pc 00000000002115a4 /apex/com.android.art/lib64/libart.so (nterp_helper+52) (BuildId: 143d4d521718f1d1b0005e86eb8ae170)
#13 pc 00000000005c0652 /system/priv-app/SemcCameraUI-xxhdpi-release/SemcCameraUI-xxhdpi-release.apk (com.sonyericsson.android.camera.device.BypassCameraController$1.run+474)
#14 pc 0000000000519190 /system/framework/arm64/boot-framework.oat (android.os.Handler.dispatchMessage+80) (BuildId: 37e0b9b91b95ea25a00d76a0661686229fcf1085)
#15 pc 000000000051c08c /system/framework/arm64/boot-framework.oat (android.os.Looper.loopOnce+1148) (BuildId: 37e0b9b91b95ea25a00d76a0661686229fcf1085)
#16 pc 000000000051bb74 /system/framework/arm64/boot-framework.oat (android.os.Looper.loop+516) (BuildId: 37e0b9b91b95ea25a00d76a0661686229fcf1085)
#17 pc 000000000051b058 /system/framework/arm64/boot-framework.oat (android.os.HandlerThread.run+536) (BuildId: 37e0b9b91b95ea25a00d76a0661686229fcf1085)
#18 pc 0000000000218964 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: 143d4d521718f1d1b0005e86eb8ae170)
#19 pc 0000000000284208 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+188) (BuildId: 143d4d521718f1d1b0005e86eb8ae170)
#20 pc 000000000061fab0 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithJValues<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, jvalue const*)+460) (BuildId: 143d4d521718f1d1b0005e86eb8ae170)
#21 pc 000000000066e674 /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1184) (BuildId: 143d4d521718f1d1b0005e86eb8ae170)
#22 pc 00000000000b1810 /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+264) (BuildId: 6bfaf10f10e5ff343703efae2f1bdbdb)
#23 pc 00000000000512f0 /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: 6bfaf10f10e5ff343703efae2f1bdbdb)
Since libimageprocessorjni.so is closed source and there's no updated lib which matches the new Surface constructor I had to create a shim:
#include <cutils/log.h>
#include <gui/IGraphicBufferProducer.h>
#define LOG_TAG "libgui_shim"
extern "C" void _ZN7android7SurfaceC1ERKNS_2spINS_22IGraphicBufferProducerEEEbRKNS1_INS_7IBinderEEE(
const android::sp<android::IGraphicBufferProducer>& bufferProducer, bool controlledByApp = false,
const android::sp<android::IBinder>& surfaceControlHandle = nullptr);
extern "C" void _ZN7android7SurfaceC1ERKNS_2spINS_22IGraphicBufferProducerEEEb(
const android::sp<android::IGraphicBufferProducer>& bufferProducer, bool controlledByApp) {
if (bufferProducer == nullptr) {
ALOGE("bufferProducer == nullptr");
}
_ZN7android7SurfaceC1ERKNS_2spINS_22IGraphicBufferProducerEEEbRKNS1_INS_7IBinderEEE(bufferProducer, controlledByApp);
}
As you can see I've already tried to figure out where the null pointer happens exactly (It isn't bufferProducer because there's no bufferProducer == nullptr in the log).
I don't think it's the surfaceControlHandle but the method definition in my shim exactly matches the one from libgui: https://android.googlesource.com/platform/frameworks/native/+/refs/tags/android-12.1.0_r22/libs/gui/include/gui/Surface.h#93
Running addr2line is not that helpful either:
$ aarch64-linux-android-addr2line -e libgui.so -s -f -C 00000000000e22dc
aarch64-linux-android-addr2line: libgui.so: don't know how to handle section `.relr.dyn' [0x 13]
sp
StrongPointer.h:273
Checking StrongPointer.h at line 273 (https://android.googlesource.com/platform/system/core/+/refs/tags/android-12.1.0_r22/libutils/include/utils/StrongPointer.h#273) I can see that other must be NULL.
Is there any convenient way to find out what other is and how to solve my null pointer dereference?
EDIT: The partial output from stack by reading in the tombstone as described here:
Stack Trace:
RELADDR FUNCTION FILE:LINE
v--------------> android::sp<android::IGraphicBufferProducer>::sp(android::sp<android::IGraphicBufferProducer> const&) system/core/libutils/include/utils/StrongPointer.h:273
00000000000e22dc android::Surface::Surface(android::sp<android::IGraphicBufferProducer> const&, bool, android::sp<android::IBinder> const&)+128 frameworks/native/libs/gui/Surface.cpp:67
000000000000103c android::Surface::Surface(android::sp<android::IGraphicBufferProducer> const&, bool)+40 device/sony/tama-common/libshims/gui_shim.cpp:10 (discriminator 2)
0000000000011eb4 BypassCameraBurstBufferManager_initializeSurface+216) (BuildId: c3128a7b0c9351c6fe96247d3e3c35b7 /system/lib64/libimageprocessorjni.so
000000000000e8c4 BypassCameraPhoto_prepareSnapshot+84) (BuildId: c3128a7b0c9351c6fe96247d3e3c35b7 /system/lib64/libimageprocessorjni.so
000000000000c580 Java_com_sonymobile_imageprocessor_bypasscamera2_BypassCamera_nativeRequestPrepareSnapshot+24) (BuildId: c3128a7b0c9351c6fe96247d3e3c35b7 /system/lib64/libimageprocessorjni.so
0000000000222244 art_quick_generic_jni_trampoline+148) (BuildId: 143d4d521718f1d1b0005e86eb8ae170 /apex/com.android.art/lib64/libart.so
0000000000212b80 nterp_helper+5648) (BuildId: 143d4d521718f1d1b0005e86eb8ae170 /apex/com.android.art/lib64/libart.so
000000000068c7bc com.sonymobile.imageprocessor.bypasscamera2.BypassCamera.requestPrepareSnapshot+4 /system/priv-app/SemcCameraUI-xxhdpi-release/SemcCameraUI-xxhdpi-release.apk
00000000002124c4 nterp_helper+3924) (BuildId: 143d4d521718f1d1b0005e86eb8ae170 /apex/com.android.art/lib64/libart.so
00000000005c3c84 com.sonyericsson.android.camera.device.BypassCameraController.requestPrepareSnapshot+184 /system/priv-app/SemcCameraUI-xxhdpi-release/SemcCameraUI-xxhdpi-release.apk
00000000002124c4 nterp_helper+3924) (BuildId: 143d4d521718f1d1b0005e86eb8ae170 /apex/com.android.art/lib64/libart.so
00000000005c2b28 com.sonyericsson.android.camera.device.BypassCameraController.access$5400+0 /system/priv-app/SemcCameraUI-xxhdpi-release/SemcCameraUI-xxhdpi-release.apk
00000000002115a4 nterp_helper+52) (BuildId: 143d4d521718f1d1b0005e86eb8ae170 /apex/com.android.art/lib64/libart.so
00000000005c0652 com.sonyericsson.android.camera.device.BypassCameraController$1.run+474 /system/priv-app/SemcCameraUI-xxhdpi-release/SemcCameraUI-xxhdpi-release.apk
0000000000519190 android.os.Handler.dispatchMessage+80) (BuildId: 37e0b9b91b95ea25a00d76a0661686229fcf1085 /system/framework/arm64/boot-framework.oat
000000000051c08c android.os.Looper.loopOnce+1148) (BuildId: 37e0b9b91b95ea25a00d76a0661686229fcf1085 /system/framework/arm64/boot-framework.oat
000000000051bb74 android.os.Looper.loop+516) (BuildId: 37e0b9b91b95ea25a00d76a0661686229fcf1085 /system/framework/arm64/boot-framework.oat
000000000051b058 android.os.HandlerThread.run+536) (BuildId: 37e0b9b91b95ea25a00d76a0661686229fcf1085 /system/framework/arm64/boot-framework.oat
0000000000218964 art_quick_invoke_stub+548) (BuildId: 143d4d521718f1d1b0005e86eb8ae170 /apex/com.android.art/lib64/libart.so
0000000000284208 art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+188) (BuildId: 143d4d521718f1d1b0005e86eb8ae170 /apex/com.android.art/lib64/libart.so
000000000061fab0 art::JValue art::InvokeVirtualOrInterfaceWithJValues<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, jvalue const*)+460) (BuildId: 143d4d521718f1d1b0005e86eb8ae170 /apex/com.android.art/lib64/libart.so
000000000066e674 art::Thread::CreateCallback(void*)+1184) (BuildId: 143d4d521718f1d1b0005e86eb8ae170 /apex/com.android.art/lib64/libart.so
00000000000b1810 __pthread_start(void*)+264) (BuildId: 6bfaf10f10e5ff343703efae2f1bdbdb /apex/com.android.runtime/lib64/bionic/libc.so
00000000000512f0 __start_thread+64) (BuildId: 6bfaf10f10e5ff343703efae2f1bdbdb
So this must be the bufferPRoducer somehow. If i use patchelf to replace libgui with the stock version from Android 10 and a bunch of related other libs the error is gone. It must be somehow possible to use shims to get the old behavior back instead of pushing 25 old stock libs on my device.

Null Pointer Dereference in switchEffectRawNative with Flutter Plugin for Android and DeepAR

I am using DeepAR (https://developer.deepar.ai/) in conjunction with Flutter. I am creating a Flutter plugin for Android. I use the JetPack support library CameraX for camera access. The library provides a use case called "ImageAnalyse" (https://developer.android.com/training/camerax/analyze). I try to combine this with DeepAR. The masks that I want to display with DeepAR via the camera are in the App Bundle as assets. When I call "switchEffect", the app crashes.
The Flutter Plugin
The architecture of the Flutter Plugin follows the recommendations in the Flutter documentation.
class ExamplePlugin : FlutterPlugin, ActivityAware {
private var flutterPluginBinding: FlutterPluginBinding? = null
private var activityPluginBinding: ActivityPluginBinding? = null
// overrides are implemented but left out for simplicity
}
class PluginViewFactory(
private val flutterPluginBinding: FlutterPlugin.FlutterPluginBinding, private val activityPluginBinding: ActivityPluginBinding
) : PlatformViewFactory(StandardMessageCodec.INSTANCE) {
override fun create(context: Context?, id: Int, args: Any?): PlatformView {
return PluginView(flutterPluginBinding, activityPluginBinding, context, id, args)
}
}
class PluginView(
flutterPluginBinding: FlutterPluginBinding,
activityPluginBinding: ActivityPluginBinding,
private val context: Context?,
id: Int,
args: Any?
) : PlatformView, MethodChannel.MethodCallHandler, PluginRegistry.RequestPermissionsResultListener,
AREventListener {
private val activity = activityPluginBinding.activity
// I left out some code for simplicity
Creating the ProcessCameraProvider
private fun startCamera() {
val cameraProviderFuture = ProcessCameraProvider.getInstance(activity)
cameraProviderFuture.addListener({
cameraProvider = cameraProviderFuture.get()
bindPreviewAndAnalysis(cameraProvider)
}, ContextCompat.getMainExecutor(activity))
}
Bind image preview and image analysis use cases
private fun bindPreviewAndAnalysis(cameraProvider: ProcessCameraProvider?) {
// Preview
val imagePreview = Preview.Builder()
.build()
.also {
it.setSurfaceProvider(previewView.surfaceProvider)
}
// Analysis
val cameraPreset = CameraResolutionPreset.P1280x720
val width: Int
val height: Int
val orientation: Int = getScreenOrientation()
if (orientation == ActivityInfo.SCREEN_ORIENTATION_REVERSE_LANDSCAPE || orientation == ActivityInfo.SCREEN_ORIENTATION_LANDSCAPE) {
width = cameraPreset.width
height = cameraPreset.height
} else {
width = cameraPreset.height
height = cameraPreset.width
}
arrayOfNulls<ByteBuffer>(NUMBER_OF_BUFFERS).also { buffers = it }
for (i in 0 until NUMBER_OF_BUFFERS) {
buffers[i] = ByteBuffer.allocateDirect(width * height * 3)
buffers[i]?.order(ByteOrder.nativeOrder())
buffers[i]?.position(0)
}
val imageAnalysis = ImageAnalysis.Builder().setTargetResolution(Size(width, height))
.setBackpressureStrategy(ImageAnalysis.STRATEGY_KEEP_ONLY_LATEST).build()
cameraExecutor?.let {
imageAnalysis.setAnalyzer(
it,
{ image ->
val byteData: ByteArray
val yBuffer: ByteBuffer = image.planes[0].buffer
val uBuffer: ByteBuffer = image.planes[1].buffer
val vBuffer: ByteBuffer = image.planes[2].buffer
val ySize: Int = yBuffer.remaining()
val uSize: Int = uBuffer.remaining()
val vSize: Int = vBuffer.remaining()
byteData = ByteArray(ySize + uSize + vSize)
//U and V are swapped
yBuffer.get(byteData, 0, ySize)
vBuffer.get(byteData, ySize, vSize)
uBuffer.get(byteData, ySize + vSize, uSize)
buffers[currentBuffer]?.put(byteData)
buffers[currentBuffer]?.position(0)
if (deepAR != null) {
deepAR?.receiveFrame(
buffers[currentBuffer],
image.width,
image.height,
image.imageInfo.rotationDegrees,
cameraSelector == CameraSelector.DEFAULT_FRONT_CAMERA,
DeepARImageFormat.YUV_420_888,
image.planes[1].pixelStride
)
}
currentBuffer = (currentBuffer + 1) % NUMBER_OF_BUFFERS
image.close()
})
}
try {
cameraProvider?.unbindAll()
cameraSelector?.let {
cameraProvider?.bindToLifecycle(activity as LifecycleOwner,
it, imagePreview, imageAnalysis)
}
} catch (e: Exception) {
Log.e(TAG, "Use case binding failed", e)
}
}
use DeepAR switchEffect
private fun changeMask(mask: String) {
try {
val loader = FlutterInjector.instance().flutterLoader()
val path = loader.getLookupKeyForAsset("assets/masks/$mask", "my_plugin_name")
val maskFd: AssetFileDescriptor = activity.assets.openFd(path)
deepAR?.switchEffect("masks", maskFd.createInputStream())
} catch (exc: Exception) {
Log.e(TAG, "Could not change mask", exc)
}
}
Error
When the "switchEffect" is called, the app crashes with the following error:
F/libc (20852): Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0 in tid 20852 (.example.app), pid 20852 (.example.app)
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'google/walleye/walleye:11/RP1A.201005.004.A1/6934943:user/release-keys'
Revision: 'MP1'
ABI: 'arm64'
Timestamp: 2021-07-25 13:59:29+0200
pid: 20852, tid: 20852, name: .example.app >>> com.example.app <<<
uid: 10194
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
Cause: null pointer dereference
x0 0000007129de3570 x1 0000007129de3570 x2 0000007139e3b210 x3 0000007119769984
x4 0000007ff61c6788 x5 0000000000000000 x6 0000000000000001 x7 6ced3fea237c8a73
x8 0000000000000000 x9 6ced3fea237c8a73 x10 0000000000430000 x11 0000000029de3576
x12 000000005375645e x13 0000007ff61c68a0 x14 0000000000000002 x15 00000000ebad6a89
x16 00000073acaaa7f8 x17 00000073aabc5bd0 x18 00000073af972000 x19 0000007139e3b210
x20 0000007ff61c68b0 x21 00000071d9d95c70 x22 0000000000000001 x23 0000007ff61c68b4
x24 0000000000000000 x25 00000073af273000 x26 0000000000000069 x27 0000007119d77000
x28 0000007ff61c68c0 x29 0000007ff61c6890
lr 000000707f88e504 sp 0000007ff61c6850 pc 000000707f88e514 pst 0000000060000000
backtrace:
#00 pc 000000000004a514 /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/lib/arm64/libnative-lib.so (Java_ai_deepar_ar_DeepAR_switchEffectRawNative+268) (BuildId: 342abf6bf48a1e62b230a5496cbaeecab0b6c701)
#01 pc 000000000013ced4 /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+148) (BuildId: d0f321775158ed00df284edfabf672b6)
#02 pc 0000000000133564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: d0f321775158ed00df284edfabf672b6)
#03 pc 00000000001a97e8 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200) (BuildId: d0f321775158ed00df284edfabf672b6)
#04 pc 000000000031c040 /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376) (BuildId: d0f321775158ed00df284edfabf672b6)
#05 pc 0000000000313288 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<true, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+696) (BuildId: d0f321775158ed00df284edfabf672b6)
#06 pc 000000000068b144 /apex/com.android.art/lib64/libart.so (MterpInvokeDirectRange+436) (BuildId: d0f321775158ed00df284edfabf672b6)
#07 pc 000000000012dc14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_direct_range+20) (BuildId: d0f321775158ed00df284edfabf672b6)
#08 pc 0000000000162a36 [anon:dalvik-classes.dex extracted in memory from /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/base.apk] (ai.deepar.ar.DeepAR.switchEffect+70)
#09 pc 0000000000685960 /apex/com.android.art/lib64/libart.so (MterpInvokeVirtual+1520) (BuildId: d0f321775158ed00df284edfabf672b6)
#10 pc 000000000012d814 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: d0f321775158ed00df284edfabf672b6)
#11 pc 000000000001a49c [anon:dalvik-classes2.dex extracted in memory from /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/base.apk!classes2.dex] (com.example.plugin.PluginView.changeMask+296)
#12 pc 0000000000687fe8 /apex/com.android.art/lib64/libart.so (MterpInvokeDirect+1248) (BuildId: d0f321775158ed00df284edfabf672b6)
#13 pc 000000000012d914 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_direct+20) (BuildId: d0f321775158ed00df284edfabf672b6)
#14 pc 000000000001a53a [anon:dalvik-classes2.dex extracted in memory from /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/base.apk!classes2.dex] (com.example.plugin.PluginView.changeMaskNative+42)
#15 pc 0000000000687fe8 /apex/com.android.art/lib64/libart.so (MterpInvokeDirect+1248) (BuildId: d0f321775158ed00df284edfabf672b6)
#16 pc 000000000012d914 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_direct+20) (BuildId: d0f321775158ed00df284edfabf672b6)
#17 pc 000000000001a962 [anon:dalvik-classes2.dex extracted in memory from /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/base.apk!classes2.dex] (com.example.plugin.PluginView.onMethodCall+154)
#18 pc 00000000006873a4 /apex/com.android.art/lib64/libart.so (MterpInvokeInterface+1812) (BuildId: d0f321775158ed00df284edfabf672b6)
#19 pc 000000000012da14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: d0f321775158ed00df284edfabf672b6)
#20 pc 000000000036ef32 [anon:dalvik-classes6.dex extracted in memory from /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/base.apk!classes6.dex] (io.flutter.plugin.common.MethodChannel$IncomingMethodCallHandler.onMessage+34)
#21 pc 00000000006873a4 /apex/com.android.art/lib64/libart.so (MterpInvokeInterface+1812) (BuildId: d0f321775158ed00df284edfabf672b6)
#22 pc 000000000012da14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: d0f321775158ed00df284edfabf672b6)
#23 pc 0000000000364daa [anon:dalvik-classes6.dex extracted in memory from /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/base.apk!classes6.dex] (io.flutter.embedding.engine.dart.DartMessenger.handleMessageFromDart+114)
#24 pc 00000000006873a4 /apex/com.android.art/lib64/libart.so (MterpInvokeInterface+1812) (BuildId: d0f321775158ed00df284edfabf672b6)
#25 pc 000000000012da14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: d0f321775158ed00df284edfabf672b6)
#26 pc 0000000000363a64 [anon:dalvik-classes6.dex extracted in memory from /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/base.apk!classes6.dex] (io.flutter.embedding.engine.FlutterJNI.handlePlatformMessage+8)
#27 pc 00000000003094d0 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.7618685802058321727)+264) (BuildId: d0f321775158ed00df284edfabf672b6)
#28 pc 00000000006740c0 /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+776) (BuildId: d0f321775158ed00df284edfabf672b6)
#29 pc 000000000013cff8 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: d0f321775158ed00df284edfabf672b6)
#30 pc 0000000000133564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: d0f321775158ed00df284edfabf672b6)
#31 pc 00000000001a97e8 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200) (BuildId: d0f321775158ed00df284edfabf672b6)
#32 pc 000000000055c6f4 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+468) (BuildId: d0f321775158ed00df284edfabf672b6)
#33 pc 000000000055c894 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+92) (BuildId: d0f321775158ed00df284edfabf672b6)
#34 pc 00000000004197f8 /apex/com.android.art/lib64/libart.so (art::JNI<true>::CallVoidMethodV(_JNIEnv*, _jobject*, _jmethodID*, std::__va_list)+656) (BuildId: d0f321775158ed00df284edfabf672b6)
#35 pc 000000000037deac /apex/com.android.art/lib64/libart.so (art::(anonymous namespace)::CheckJNI::CallMethodV(char const*, _JNIEnv*, _jobject*, _jclass*, _jmethodID*, std::__va_list, art::Primitive::Type, art::InvokeType)+2532) (BuildId: d0f321775158ed00df284edfabf672b6)
#36 pc 000000000036bc50 /apex/com.android.art/lib64/libart.so (art::(anonymous namespace)::CheckJNI::CallVoidMethodV(_JNIEnv*, _jobject*, _jmethodID*, std::__va_list)+72) (BuildId: d0f321775158ed00df284edfabf672b6)
#37 pc 000000000132663c /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/lib/arm64/libflutter.so (BuildId: 137d09ab83a412ded1c33ef386351fcc0429a53b)
#38 pc 0000000001326578 /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/lib/arm64/libflutter.so (BuildId: 137d09ab83a412ded1c33ef386351fcc0429a53b)
#39 pc 0000000001322408 /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/lib/arm64/libflutter.so (BuildId: 137d09ab83a412ded1c33ef386351fcc0429a53b)
#40 pc 000000000138428c /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/lib/arm64/libflutter.so (BuildId: 137d09ab83a412ded1c33ef386351fcc0429a53b)
#41 pc 0000000001342568 /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/lib/arm64/libflutter.so (BuildId: 137d09ab83a412ded1c33ef386351fcc0429a53b)
#42 pc 00000000013476f8 /data/app/~~tCz51U3rHjeb2hAFXQB6yw==/com.example.app-xzIovrW9JsSRapHSrOSbnA==/lib/arm64/libflutter.so (BuildId: 137d09ab83a412ded1c33ef386351fcc0429a53b)
#43 pc 000000000001a064 /system/lib64/libutils.so (android::Looper::pollInner(int)+916) (BuildId: b81fad2b6b7b7f85c6217d2cb80c9e61)
#44 pc 0000000000019c68 /system/lib64/libutils.so (android::Looper::pollOnce(int, int*, int*, void**)+112) (BuildId: b81fad2b6b7b7f85c6217d2cb80c9e61)
#45 pc 00000000001120f4 /system/lib64/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce(_JNIEnv*, _jobject*, long, int)+44) (BuildId: 30f3430e4d2a28be49d3c60d623f0a29)
#46 pc 000000000020fadc /system/framework/arm64/boot-framework.oat (art_jni_trampoline+140) (BuildId: da25c976c2d1d3af123868772655a0779f8f6a48)
#47 pc 000000000200b6cc /memfd:jit-cache (deleted) (offset 0x2000000) (android.os.MessageQueue.next+204)
#48 pc 0000000000133564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: d0f321775158ed00df284edfabf672b6)
#49 pc 00000000001a97e8 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200) (BuildId: d0f321775158ed00df284edfabf672b6)
#50 pc 000000000031c040 /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376) (BuildId: d0f321775158ed00df284edfabf672b6)
#51 pc 0000000000312228 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+912) (BuildId: d0f321775158ed00df284edfabf672b6)
#52 pc 00000000006856c0 /apex/com.android.art/lib64/libart.so (MterpInvokeVirtual+848) (BuildId: d0f321775158ed00df284edfabf672b6)
#53 pc 000000000012d814 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: d0f321775158ed00df284edfabf672b6)
#54 pc 0000000000396970 /system/framework/framework.jar (offset 0x92b000) (android.os.Looper.loop+156)
#55 pc 00000000003094d0 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.7618685802058321727)+264) (BuildId: d0f321775158ed00df284edfabf672b6)
#56 pc 0000000000311840 /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+200) (BuildId: d0f321775158ed00df284edfabf672b6)
#57 pc 0000000000312b9c /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, true>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+1772) (BuildId: d0f321775158ed00df284edfabf672b6)
#58 pc 0000000000178658 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<true, false>(art::interpreter::SwitchImplContext*)+58656) (BuildId: d0f321775158ed00df284edfabf672b6)
#59 pc 000000000013f7d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: d0f321775158ed00df284edfabf672b6)
#60 pc 00000000001a1698 /system/framework/framework.jar (android.app.ActivityThread.main)
#61 pc 00000000003095d8 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.7618685802058321727)+528) (BuildId: d0f321775158ed00df284edfabf672b6)
#62 pc 00000000006740c0 /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+776) (BuildId: d0f321775158ed00df284edfabf672b6)
#63 pc 000000000013cff8 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: d0f321775158ed00df284edfabf672b6)
#64 pc 00000000001337e8 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: d0f321775158ed00df284edfabf672b6)
#65 pc 00000000001a9804 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: d0f321775158ed00df284edfabf672b6)
#66 pc 000000000055ce14 /apex/com.android.art/lib64/libart.so (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1364) (BuildId: d0f321775158ed00df284edfabf672b6)
#67 pc 00000000004dba28 /apex/com.android.art/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+48) (BuildId: d0f321775158ed00df284edfabf672b6)
#68 pc 00000000000896f4 /apex/com.android.art/javalib/arm64/boot.oat (art_jni_trampoline+180) (BuildId: 13577ce71153c228ecf0eb73fc39f45010d487f8)
#69 pc 0000000000133564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: d0f321775158ed00df284edfabf672b6)
#70 pc 00000000001a97e8 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200) (BuildId: d0f321775158ed00df284edfabf672b6)
#71 pc 000000000031c040 /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376) (BuildId: d0f321775158ed00df284edfabf672b6)
#72 pc 0000000000312228 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+912) (BuildId: d0f321775158ed00df284edfabf672b6)
#73 pc 00000000006856c0 /apex/com.android.art/lib64/libart.so (MterpInvokeVirtual+848) (BuildId: d0f321775158ed00df284edfabf672b6)
#74 pc 000000000012d814 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: d0f321775158ed00df284edfabf672b6)
#75 pc 000000000044930a /system/framework/framework.jar (offset 0x125d000) (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+22)
#76 pc 00000000003094d0 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.7618685802058321727)+264) (BuildId: d0f321775158ed00df284edfabf672b6)
#77 pc 00000000006740c0 /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+776) (BuildId: d0f321775158ed00df284edfabf672b6)
#78 pc 000000000013cff8 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: d0f321775158ed00df284edfabf672b6)
#79 pc 0000000000897668 /system/framework/arm64/boot-framework.oat (com.android.internal.os.ZygoteInit.main+2280) (BuildId: da25c976c2d1d3af123868772655a0779f8f6a48)
#80 pc 00000000001337e8 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: d0f321775158ed00df284edfabf672b6)
#81 pc 00000000001a9804 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: d0f321775158ed00df284edfabf672b6)
#82 pc 000000000055b830 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+448) (BuildId: d0f321775158ed00df284edfabf672b6)
#83 pc 000000000055bcf4 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+92) (BuildId: d0f321775158ed00df284edfabf672b6)
#84 pc 000000000043ecbc /apex/com.android.art/lib64/libart.so (art::JNI<true>::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+652) (BuildId: d0f321775158ed00df284edfabf672b6)
#85 pc 000000000009948c /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+124) (BuildId: 30f3430e4d2a28be49d3c60d623f0a29)
#86 pc 00000000000a0a0c /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+844) (BuildId: 30f3430e4d2a28be49d3c60d623f0a29)
#87 pc 0000000000003570 /system/bin/app_process64 (main+1320) (BuildId: d4686d3f8282764488eb9ca7cc518583)
#88 pc 00000000000495b4 /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108) (BuildId: c78cdff5b820a550771130d6bde95081)
Lost connection to device.
Environment
Kotlin 1.5.20
Flutter 2.2.3
DeepAR 2.4.1
CameraX 1.1.0-alpha07 / 1.0.0-alpha27
Additional notes
I see this error when running a Flutter App with Flutter Plugin on an Android Emulator (API Level 30) and on a real Android Device (Pixel 2, Android 11). I see this error when running the Flutter App in Debug-Mode and in Release-Mode.
Any help or any suggestions are very welcome. I'm quit new to Flutter and Android-Development, so there is a good chance I may have missed some important aspects.
I also posted this question in the GitHub repo of DeepAR: https://github.com/DeepARSDK/quickstart-android-java/issues/30

Just wanted to let you know, that I have chosen a different approach now. In the end I'm using "switchEffect" with a FileInputStream and that works well:
private fun getMaskAsFileInputStream(mask: String): FileInputStream? {
return try {
val loader = FlutterInjector.instance().flutterLoader()
val path = loader.getLookupKeyForAsset("assets/masks/$mask", "my_plugin_name")
val maskFd: AssetFileDescriptor = activity.assets.openFd(path)
if (maskFd.length > 0) {
maskFd.createInputStream()
} else {
Log.w(TAG, "Mask asset at $path is empty")
null
}
} catch (exc: Exception) {
Log.e(TAG, "Could not get mask as file input stream", exc)
null
}
}
private fun changeMask(mask: String) {
try {
deepAR?.switchEffect("masks", getMaskAsFileInputStream(mask))
} catch (exc: Exception) {
Log.e(TAG, "Could not change mask", exc)
}
}

Android app random native crash in monkey test

Our Android application encounters random native crash in monkey test. We have some jni and native C++ code and have made some modification to try to solve the issue, but that didn't help. The crash stack don't have enough information to help to find the cause.
I could only static review the jni and C++ code, which is slow and helpless. The problem still exists after review. I am a Java developer and not so good at C++, so it is possible that I missed the problematic code. The C++ codebase is large because we used some open source project source code.
Following are some stacks:
/ CRASH: com.my.app (pid 27393)
// Short Msg: Native crash
// Long Msg: Native crash: Segmentation fault
// Build Label: Lenovo/heart/heart:10/QKQ1.191014.001/11.5.250_200614:userdebug/test-keys
// Build Changelist: 11.5.250_200614
// Build Time: 1592147934000
// *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
// Build fingerprint: 'Lenovo/heart/heart:10/QKQ1.191014.001/11.5.250_200614:userdebug/test-keys'
// Revision: '0'
// ABI: 'arm'
// Timestamp: 2020-10-15 22:44:46+0800
// pid: 27393, tid: 27407, name: ReferenceQueueD >>> com.my.app <<<
// uid: 10291
// signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x4
// Cause: null pointer dereference
// r0 b7e49de0 r1 00000000 r2 f087cd15 r3 00000000
// r4 f087cd15 r5 139b8330 r6 139b8330 r7 139b82c8
// r8 00000000 r9 eb15f600 r10 70ea2bd8 r11 139b8308
// ip e5b72bd5 sp c7e43dc0 lr 71c713bb pc f087cd1c
//
// backtrace:
// #00 pc 000add1c /system/lib/libandroid_runtime.so (android::CanvasJNI::delete_canvas(android::Canvas*)+8) (BuildId: 474c53cb68297e45cf00595c65e14fff)
// #01 pc 0004a3b9 /system/framework/arm/boot-core-libart.oat (art_jni_trampoline+120) (BuildId: 533d0af7f4307f5a947d9059c8a7d3c40eb37d1b)
// #02 pc 000bb60f /system/framework/arm/boot-core-libart.oat (libcore.util.NativeAllocationRegistry$CleanerThunk.run+78) (BuildId: 533d0af7f4307f5a947d9059c8a7d3c40eb37d1b)
// #03 pc 0024574b /system/framework/arm/boot.oat (sun.misc.Cleaner.clean+90) (BuildId: 625e004ba4396bf9751878502697218d94469522)
// #04 pc 000d3849 /system/framework/arm/boot.oat (java.lang.ref.ReferenceQueue.enqueueLocked+168) (BuildId: 625e004ba4396bf9751878502697218d94469522)
// #05 pc 000d3925 /system/framework/arm/boot.oat (java.lang.ref.ReferenceQueue.enqueuePending+148) (BuildId: 625e004ba4396bf9751878502697218d94469522)
// #06 pc 000ef941 /system/framework/arm/boot-core-libart.oat (java.lang.Daemons$ReferenceQueueDaemon.runInternal+232) (BuildId: 533d0af7f4307f5a947d9059c8a7d3c40eb37d1b)
// #07 pc 0009e263 /system/framework/arm/boot-core-libart.oat (java.lang.Daemons$Daemon.run+146) (BuildId: 533d0af7f4307f5a947d9059c8a7d3c40eb37d1b)
// #08 pc 00173691 /system/framework/arm/boot.oat (java.lang.Thread.run+64) (BuildId: 625e004ba4396bf9751878502697218d94469522)
// #09 pc 000d7bc5 /apex/com.android.runtime/lib/libart.so (art_quick_invoke_stub_internal+68) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #10 pc 0043d13d /apex/com.android.runtime/lib/libart.so (art_quick_invoke_stub+248) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #11 pc 000dff81 /apex/com.android.runtime/lib/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+168) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #12 pc 0037d507 /apex/com.android.runtime/lib/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+54) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #13 pc 0037e29b /apex/com.android.runtime/lib/libart.so (art::InvokeVirtualOrInterfaceWithJValues(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, jvalue const*)+302) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #14 pc 003afeff /apex/com.android.runtime/lib/libart.so (art::Thread::CreateCallback(void*)+1018) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #15 pc 000ab3bd /apex/com.android.runtime/lib/bionic/libc.so (__pthread_start(void*)+20) (BuildId: b8ea1bc56f976308b1ee7e2335b3127e)
// #16 pc 00061989 /apex/com.android.runtime/lib/bionic/libc.so (__start_thread+30) (BuildId: b8ea1bc56f976308b1ee7e2335b3127e)
// CRASH: com.my.app (pid 10788)
// Short Msg: Native crash
// Long Msg: Native crash: Segmentation fault
// Build Label: Lenovo/heart/heart:10/QKQ1.191014.001/11.5.250_200614:userdebug/test-keys
// Build Changelist: 11.5.250_200614
// Build Time: 1592147934000
// *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
// Build fingerprint: 'Lenovo/heart/heart:10/QKQ1.191014.001/11.5.250_200614:userdebug/test-keys'
// Revision: '0'
// ABI: 'arm'
// Timestamp: 2020-10-16 01:51:56+0800
// pid: 10788, tid: 11437, name: RenderThread >>> com.my.app <<<
// uid: 10291
// signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x38
// Cause: null pointer dereference
// r0 c5ddb380 r1 00000000 r2 c607d148 r3 00000000
// r4 bebe9710 r5 c607d148 r6 00000000 r7 bebe9000
// r8 ef9a30c0 r9 ef9a30e4 r10 ef9a30e8 r11 f050c018
// ip ef9a3a28 sp c607d070 lr ef98611b pc ef95e6b8
//
// backtrace:
// #00 pc 0005a6b8 /system/lib/libgui.so (android::HpGraphicBufferProducer::query(int, int*)+4) (BuildId: 4aade65846c0a0844ffc6abd2cfae7f4)
// #01 pc 00082119 /system/lib/libgui.so (android::Surface::query(int, int*) const+132) (BuildId: 4aade65846c0a0844ffc6abd2cfae7f4)
// #02 pc 001f9073 /system/lib/libhwui.so (android::uirenderer::renderthread::CanvasContext::getNextFrameSize() const+20) (BuildId: 27f32025e8036c1421e970591d6452bf)
// #03 pc 001f9045 /system/lib/libhwui.so (android::uirenderer::TreeInfo::TreeInfo(android::uirenderer::TreeInfo::TraversalMode, android::uirenderer::renderthread::CanvasContext&)+104) (BuildId: 27f32025e8036c1421e970591d6452bf)
// #04 pc 001f8da7 /system/lib/libhwui.so (android::uirenderer::renderthread::DrawFrameTask::run()+74) (BuildId: 27f32025e8036c1421e970591d6452bf)
// #05 pc 0020742d /system/lib/libhwui.so (android::uirenderer::WorkQueue::process()+164) (BuildId: 27f32025e8036c1421e970591d6452bf)
// #06 pc 0020727f /system/lib/libhwui.so (android::uirenderer::renderthread::RenderThread::threadLoop()+54) (BuildId: 27f32025e8036c1421e970591d6452bf)
// #07 pc 0000d96f /system/lib/libutils.so (android::Thread::_threadLoop(void*)+210) (BuildId: 303a9d221465f0db9b5d760e0a0c6abe)
// #08 pc 000ab3bd /apex/com.android.runtime/lib/bionic/libc.so (__pthread_start(void*)+20) (BuildId: b8ea1bc56f976308b1ee7e2335b3127e)
// #09 pc 00061989 /apex/com.android.runtime/lib/bionic/libc.so (__start_thread+30) (BuildId: b8ea1bc56f976308b1ee7e2335b3127e)
// CRASH: com.my.app (pid 7417)
// Short Msg: Native crash
// Long Msg: Native crash: Segmentation fault
// Build Label: Lenovo/heart/heart:10/QKQ1.191014.001/11.5.250_200614:userdebug/test-keys
// Build Changelist: 11.5.250_200614
// Build Time: 1592147934000
// *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
// Build fingerprint: 'Lenovo/heart/heart:10/QKQ1.191014.001/11.5.250_200614:userdebug/test-keys'
// Revision: '0'
// ABI: 'arm'
// Timestamp: 2020-10-16 07:57:24+0800
// pid: 7417, tid: 28261, name: speakLocal tts >>> com.my.app <<<
// uid: 10291
// signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xfffffff4
// r0 df8becc0 r1 00000000 r2 00000000 r3 00000001
// r4 df81ad20 r5 b356b6e0 r6 ef17a9b1 r7 000000a8
// r8 00000000 r9 ef1a4ad4 r10 ef1a4d08 r11 0065c5c0
// ip ef1a4ec4 sp b356b690 lr ef1933fd pc ef1935b4
//
// backtrace:
// #00 pc 000445b4 /system/lib/libmedia.so (android::IMediaDeathNotifier::getMediaPlayerService()+476) (BuildId: 4c77835059177de2000d6c39f9539962)
// #01 pc 0002b9cf /system/lib/libmedia.so (android::MediaPlayer::setDataSource(int, long long, long long)+30) (BuildId: 4c77835059177de2000d6c39f9539962)
// #02 pc 0003b873 /system/lib/libmedia_jni.so (android_media_MediaPlayer_setDataSourceFD(_JNIEnv*, _jobject*, _jobject*, long long, long long)+118) (BuildId: c190a7c755ffba7708c716e1dd16c0a1)
// #03 pc 0029c637 /system/framework/arm/boot-framework.oat (art_jni_trampoline+126) (BuildId: 39c685939f0d8867d4162c7a38d63ad3600807fd)
// #04 pc 006ce41b /system/framework/arm/boot-framework.oat (android.media.MediaPlayer.setDataSource+58) (BuildId: 39c685939f0d8867d4162c7a38d63ad3600807fd)
// #05 pc 006ce365 /system/framework/arm/boot-framework.oat (android.media.MediaPlayer.setDataSource+172) (BuildId: 39c685939f0d8867d4162c7a38d63ad3600807fd)
// #06 pc 000d7bc5 /apex/com.android.runtime/lib/libart.so (art_quick_invoke_stub_internal+68) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #07 pc 0043d13d /apex/com.android.runtime/lib/libart.so (art_quick_invoke_stub+248) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #08 pc 000dff81 /apex/com.android.runtime/lib/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+168) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #09 pc 00214673 /apex/com.android.runtime/lib/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+270) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #10 pc 00210867 /apex/com.android.runtime/lib/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+738) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #11 pc 00437927 /apex/com.android.runtime/lib/libart.so (MterpInvokeVirtualQuick+458) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #12 pc 000d6594 /apex/com.android.runtime/lib/libart.so (mterp_op_invoke_virtual_quick+20) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #13 pc 00455d68 /data/app/com.lenovo.menu_assistant-XzP2MzG5jMAB7n94-EP3IQ==/oat/arm/base.vdex (sy.B+1356)
// #14 pc 00437b91 /apex/com.android.runtime/lib/libart.so (MterpInvokeVirtualQuick+1076) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #15 pc 000d6594 /apex/com.android.runtime/lib/libart.so (mterp_op_invoke_virtual_quick+20) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #16 pc 004555cc /data/app/com.lenovo.menu_assistant-XzP2MzG5jMAB7n94-EP3IQ==/oat/arm/base.vdex (sy.e)
// #17 pc 00434c9f /apex/com.android.runtime/lib/libart.so (MterpInvokeStatic+934) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #18 pc 000d2994 /apex/com.android.runtime/lib/libart.so (mterp_op_invoke_static+20) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #19 pc 00453e6c /data/app/com.lenovo.menu_assistant-XzP2MzG5jMAB7n94-EP3IQ==/oat/arm/base.vdex (sy$g.run+12)
// #20 pc 001f068f /apex/com.android.runtime/lib/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.8590219860024250152+166) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #21 pc 001f50a3 /apex/com.android.runtime/lib/libart.so (art::interpreter::EnterInterpreterFromEntryPoint(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*)+122) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #22 pc 00426b97 /apex/com.android.runtime/lib/libart.so (artQuickToInterpreterBridge+866) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #23 pc 000dc5a1 /apex/com.android.runtime/lib/libart.so (art_quick_to_interpreter_bridge+32) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #24 pc 00173691 /system/framework/arm/boot.oat (java.lang.Thread.run+64) (BuildId: 625e004ba4396bf9751878502697218d94469522)
// #25 pc 000d7bc5 /apex/com.android.runtime/lib/libart.so (art_quick_invoke_stub_internal+68) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #26 pc 0043d13d /apex/com.android.runtime/lib/libart.so (art_quick_invoke_stub+248) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #27 pc 000dff81 /apex/com.android.runtime/lib/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+168) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #28 pc 0037d507 /apex/com.android.runtime/lib/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+54) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #29 pc 0037e29b /apex/com.android.runtime/lib/libart.so (art::InvokeVirtualOrInterfaceWithJValues(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, jvalue const*)+302) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #30 pc 003afeff /apex/com.android.runtime/lib/libart.so (art::Thread::CreateCallback(void*)+1018) (BuildId: 78cb259cd8aba2a9f6063413910ab653)
// #31 pc 000ab3bd /apex/com.android.runtime/lib/bionic/libc.so (__pthread_start(void*)+20) (BuildId: b8ea1bc56f976308b1ee7e2335b3127e)
// #32 pc 00061989 /apex/com.android.runtime/lib/bionic/libc.so (__start_thread+30) (BuildId: b8ea1bc56f976308b1ee7e2335b3127e)

Report in Google Play Console with crash in libminikin.so

I have an app in Google Play store and every couple of weeks, I see crash report with native stack like this in the Google Play Console:
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
pid: 0, tid: 0 >>> sk.mimac.slideshow <<<
backtrace:
#00 pc 000000000001ce72 /system/lib/libc.so (abort+62)
#01 pc 00000000000169e8 /system/lib/libminikin.so (abort_with_message(char const*)+24)
#02 pc 0000000000016a44 /system/lib/libminikin.so (__ubsan_handle_add_overflow_minimal_abort+24)
#03 pc 000000000000f22b /system/lib/libminikin.so (void minikin::LayoutCache::getOrCreate<minikin::LayoutAppendFunctor>(minikin::U16StringPiece const&, minikin::Range const&, minikin::MinikinPaint const&, bool, minikin::StartHyphenEdit, minikin::EndHyphenEdit, minikin::LayoutAppendFunctor&)+542)
#04 pc 000000000000ed2d /system/lib/libminikin.so (minikin::Layout::doLayoutWord(unsigned short const*, unsigned int, unsigned int, unsigned int, bool, minikin::MinikinPaint const&, unsigned int, minikin::StartHyphenEdit, minikin::EndHyphenEdit, minikin::LayoutPieces const*, minikin::Layout*, float*, minikin::MinikinExtent*, minikin::MinikinRect*, minikin::LayoutPieces*)+204)
#05 pc 000000000000e8d5 /system/lib/libminikin.so (minikin::Layout::doLayoutRunCached(minikin::U16StringPiece const&, minikin::Range const&, bool, minikin::MinikinPaint const&, unsigned int, minikin::StartHyphenEdit, minikin::EndHyphenEdit, minikin::LayoutPieces const*, minikin::Layout*, float*, minikin::MinikinExtent*, minikin::MinikinRect*, minikin::LayoutPieces*)+244)
#06 pc 000000000000ec09 /system/lib/libminikin.so (minikin::Layout::measureText(minikin::U16StringPiece const&, minikin::Range const&, minikin::Bidi, minikin::MinikinPaint const&, minikin::StartHyphenEdit, minikin::EndHyphenEdit, float*, minikin::MinikinExtent*, minikin::LayoutPieces*)+140)
#07 pc 00000000000890fd /system/lib/libhwui.so (android::MinikinUtils::measureText(android::Paint const*, minikin::Bidi, android::Typeface const*, unsigned short const*, unsigned int, unsigned int, unsigned int, float*)+76)
#08 pc 00000000000d9813 /system/lib/libandroid_runtime.so (android::PaintGlue::getRunAdvance___CIIIIZI_F(_JNIEnv*, _jclass*, long long, _jcharArray*, int, int, int, int, unsigned char, int)+202)
#09 pc 00000000003b3ce3 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.graphics.Paint.nGetRunAdvance+178)
#10 pc 00000000006f0725 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.graphics.Paint.getRunAdvance+172)
#11 pc 00000000006f05c3 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.graphics.Paint.getRunAdvance+250)
#12 pc 0000000000973fb9 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.text.TextLine.getRunAdvance+128)
#13 pc 0000000000974ea9 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.text.TextLine.handleText+312)
#14 pc 0000000000974b67 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.text.TextLine.handleRun+2326)
#15 pc 0000000000975ab1 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.text.TextLine.measure+216)
#16 pc 0000000000975fdd /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.text.TextLine.metrics+44)
#17 pc 0000000000968631 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.text.Layout.getLineExtent+392)
#18 pc 000000000096a8bf /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.text.Layout.drawText+2006)
#19 pc 0000000000969b31 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.text.Layout.draw+128)
#20 pc 0000000000b456fd /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.widget.TextView.onDraw+2804)
#21 pc 0000000000a7a98b /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.View.draw+202)
#22 pc 0000000000a91ec9 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.View.updateDisplayListIfDirty+944)
#23 pc 0000000000a7b78f /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.View.draw+1014)
#24 pc 0000000000b1c4cf /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.ViewGroup.drawChild+54)
#25 pc 0000000000b19a4b /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.ViewGroup.dispatchDraw+1290)
#26 pc 0000000000a7a99b /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.View.draw+218)
#27 pc 0000000000a91ec9 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.View.updateDisplayListIfDirty+944)
#28 pc 0000000000b1a0d7 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.ViewGroup.dispatchGetDisplayList+182)
#29 pc 0000000000a91c0f /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.View.updateDisplayListIfDirty+246)
#30 pc 0000000000b1a0d7 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.ViewGroup.dispatchGetDisplayList+182)
#31 pc 0000000000a91c0f /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.View.updateDisplayListIfDirty+246)
#32 pc 0000000000b1a0d7 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.ViewGroup.dispatchGetDisplayList+182)
#33 pc 0000000000a91c0f /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.View.updateDisplayListIfDirty+246)
#34 pc 0000000000b1a0d7 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.ViewGroup.dispatchGetDisplayList+182)
#35 pc 0000000000a91c0f /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.View.updateDisplayListIfDirty+246)
#36 pc 0000000000b1a0d7 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.ViewGroup.dispatchGetDisplayList+182)
#37 pc 0000000000a91c0f /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.View.updateDisplayListIfDirty+246)
#38 pc 00000000009ba3f5 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.ThreadedRenderer.updateViewTreeDisplayList+76)
#39 pc 00000000009ba155 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.ThreadedRenderer.updateRootDisplayList+212)
#40 pc 00000000009ba4c9 /system/framework/arm/boot-framework.oat (offset 0x3ac000) (android.view.ThreadedRenderer.draw+168)
#41 pc 000000000002b915 /dev/ashmem/dalvik-jit-code-cache (deleted)
So far, I haven't been able to reproduce this bug / problem / crash
Similar reports are coming from various devices, mostly with Android 9 (although it might be just a coincidence)
"sk.mimac.slideshow" is the package of my app
"libminikin" is apparently some Android library, although I have no idea what it does
Is there any way to find out what might be the cause of this crash?

Categories

Resources