In the Google Developer Console i see more and more crashes of my app coming from a tgkill+8 command.
The stack trace looks always like this:
#00 pc 000000000006a808 /system/lib64/libc.so (tgkill+8)
#00 pc 000000000001db50 /system/lib64/libc.so (abort+88)
#00 pc 0000000000007f4c /system/lib64/liblog.so (__android_log_assert+304)
#00 pc 0000000000135ae8 /system/lib64/libandroid_runtime.so (Bitmap_copyColorSpace(_JNIEnv*, _jobject*, long, long)+180)
#00 pc 0000000000ae57d0 /system/framework/arm64/boot-framework.oat (offset 0x628000) (android.content.res.AssetManager.copyTheme [DEDUPED]+160)
#00 pc 0000000000b7641c /system/framework/arm64/boot-framework.oat (offset 0x628000) (android.graphics.Bitmap.createBitmap+2556)
#00 pc 0000000000b77678 /system/framework/arm64/boot-framework.oat (offset 0x628000) (android.graphics.Bitmap.createScaledBitmap+376)
#00 pc 0000000000509638 /system/lib64/libart.so (art_quick_invoke_static_stub+600)
#00 pc 00000000000d80b4 /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+260)
#00 pc 00000000002821e0 /system/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::DexFile::CodeItem const*, art::ShadowFrame*, art::JValue*)+352)
#00 pc 000000000027c8a8 /system/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+672)
#00 pc 00000000004f2134 /system/lib64/libart.so (MterpInvokeStatic+468)
#00 pc 00000000004fae94 /system/lib64/libart.so (ExecuteMterpImpl+14612)
#00 pc 000000000025d624 /system/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::DexFile::CodeItem const*, art::ShadowFrame&, art::JValue, bool)+444)
#00 pc 0000000000263d24 /system/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::DexFile::CodeItem const*, art::ShadowFrame*, art::JValue*)+212)
#00 pc 000000000027c888 /system/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+640)
#00 pc 00000000004f2134 /system/lib64/libart.so (MterpInvokeStatic+468)
#00 pc 00000000004fae94 /system/lib64/libart.so (ExecuteMterpImpl+14612)
#00 pc 000000000025d624 /system/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::DexFile::CodeItem const*, art::ShadowFrame&, art::JValue, bool)+444)
#00 pc 0000000000263d24 /system/lib64/libart.so (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::DexFile::CodeItem const*, art::ShadowFrame*, art::JValue*)+212)
#00 pc 000000000027d018 /system/lib64/libart.so (bool art::interpreter::DoCall<false, true>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+1520)
#00 pc 0000000000297914 /system/lib64/libart.so (bool art::interpreter::DoInvoke<(art::InvokeType)0, false, true>(art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+612)
#00 pc 000000000028c828 /system/lib64/libart.so (art::JValue art::interpreter::ExecuteSwitchImpl<true, false>(art::Thread*, art::DexFile::CodeItem const*, art::ShadowFrame&, art::JValue, bool)+36540)
#00 pc 000000000025d700 /system/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::DexFile::CodeItem const*, art::ShadowFrame&, art::JValue, bool)+664)
#00 pc 00000000004e4a8c /system/lib64/libart.so (artQuickToInterpreterBridge+1468)
#00 pc 000000000051281c /system/lib64/libart.so (art_quick_to_interpreter_bridge+92)
#00 pc 0000000000643ca8 /system/framework/arm64/boot-framework.oat (offset 0x628000) (android.app.Activity.dispatchActivityResult+1512)
#00 pc 00000000006e8c34 /system/framework/arm64/boot-framework.oat (offset 0x628000) (android.app.ActivityThread.deliverResults+420)
#00 pc 00000000006f672c /system/framework/arm64/boot-framework.oat (offset 0x628000) (android.app.ActivityThread.handleSendResult+1116)
#00 pc 00000000006e52e4 /system/framework/arm64/boot-framework.oat (offset 0x628000) (android.app.ActivityThread.-wrap20+52)
#00 pc 00000000006e0fa0 /system/framework/arm64/boot-framework.oat (offset 0x628000) (android.app.ActivityThread$H.handleMessage+8336)
#00 pc 00000000006dca6c /system/framework/arm64/boot-framework.oat (offset 0x628000) (android.os.Handler.dispatchMessage+188)
#00 pc 000000000101be80 /system/framework/arm64/boot-framework.oat (offset 0x628000) (android.os.Looper.loop+1184)
#00 pc 00000000006fbc78 /system/framework/arm64/boot-framework.oat (offset 0x628000) (android.app.ActivityThread.main+1560)
#00 pc 0000000000509638 /system/lib64/libart.so (art_quick_invoke_static_stub+600)
#00 pc 00000000000d80b4 /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+260)
#00 pc 0000000000431120 /system/lib64/libart.so (art::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::ArgArray*, art::JValue*, char const*)+104)
#00 pc 0000000000432c78 /system/lib64/libart.so (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1460)
#00 pc 00000000003bc968 /system/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobject*)+52)
#00 pc 00000000002684a4 /system/framework/arm64/boot.oat (offset 0x1dc000) (java.lang.Class.getDeclaredMethodInternal [DEDUPED]+180)
#00 pc 0000000001777d58 /system/framework/arm64/boot-framework.oat (offset 0x628000) (com.android.internal.os.Zygote$MethodAndArgsCaller.run+136)
#00 pc 000000000177bfc0 /system/framework/arm64/boot-framework.oat (offset 0x628000) (com.android.internal.os.ZygoteInit.main+3472)
#00 pc 0000000000509638 /system/lib64/libart.so (art_quick_invoke_static_stub+600)
#00 pc 00000000000d80b4 /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+260)
#00 pc 0000000000431120 /system/lib64/libart.so (art::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::ArgArray*, art::JValue*, char const*)+104)
#00 pc 0000000000430d7c /system/lib64/libart.so (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+424)
#00 pc 0000000000346794 /system/lib64/libart.so (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+624)
#00 pc 00000000000bbe38 /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+120)
#00 pc 00000000000be09c /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+844)
#00 pc 0000000000002630 /system/bin/app_process64 (main+1592)
#00 pc 000000000001b850 /system/lib64/libc.so (__libc_init+88)
#00 pc 0000000000001f58 /system/bin/app_process64 (do_arm64_start+80)
From what i can interpret from this trace is that the crash most likely happens in onActivityResult() when android.graphics.Bitmap.createScaledBitmap is called in Java.
But adding safeguards around any call of android.graphics.Bitmap.createScaledBitmap to make sure the sizes are valid (32px-192px) and the source bitmap is valid does not help.
Unfortunately the trace does not give more hints where in the java source code to look. It can also not be ruled out that the actual call of createScaledBitmap() is in one of the standard android libraries.
There are however some properties unique to this crash that make it very specific:
It only happens on Huawei devices
It only happens on devices with Android 8.0
The crash seems to (nearly) only happen once for each user. There are in total 47 reports of the crash for 45 unique users.
Expecially the last property is something that is most likely specific to my app and suggests that it might be something that happens only when the application is started for the first time. The app shows a "Welcome Screen" and a tutorial the first time it is started, and the tutorial is also opened from the onActivityResult() function. However, this view does not use any bitmap related code from my site, also all used graphics are based on vector drawables or other primitives.
It is not possible for me to reproduce this bug, as it only seems to happen once per device and i do not have access to any Huawei device with Android 8.0.
I already took a look at similar question here on stackoverflow, like:
Native Crash tgkill+8 for MediaPlayer (Samsung Oreo 8.0)
Crashes on Huawei Android 7-10
Android 8 native crash at native library
native crashes for android 8.0 devices tgkill
All crashes are however either caused by a used library, are specific to another Android version/manufacturers or do not have a solution. The answer from the last question to not use "minifyEnabled" did not solve the problem, the call to tgkill+8 also happened in the version that had it disabled.
I know it is really hard to find the root cause of the problem based on the information i can provide. However there is a little hope, that maybe someone else also has stumbled upon this crash and was able to find out more about the reason.
Related
I am trying to run a tensorflow lite model in the background (while the app is closed) quite frequently (once every few minutes).
After the app has run for several hours I got this error message signal 11 (SIGSEGV), code 1 (SEGV_MAPERR).
I am aware that there are other people who have received similar issues, but after trying every solution I could find, I think that this might be a different issue.
Google Play Console Crash Log
pid: 0, tid: 0 >>> com.DD.GooglePlay <<<
backtrace:
#00 pc 00000000001cf138 /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000)
#00 pc 00000000001cef98 /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000)
#00 pc 00000000001c75ec /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000)
#00 pc 00000000000828b0 /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000)
#00 pc 00000000000822dc /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000)
#00 pc 00000000000b2ba4 /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000)
#00 pc 00000000000b8470 /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000)
#00 pc 00000000000b70a0 /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000)
#00 pc 00000000000b13a8 /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000)
#00 pc 00000000001dd640 /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000)
#00 pc 00000000001e0414 /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000)
#00 pc 000000000004af50 /data/app/~~PXyjTXZK6uVX_JbQzF-CNA==/com.DD.GooglePlay-qOnVNcJEpWKOgoYLG3cmFQ==/base.apk!libtensorflowlite_jni.so (offset 0xe52000) (Java_org_tensorflow_lite_NativeInterpreterWrapper_run+32)
#00 pc 000000000013ded4 /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+148)
#00 pc 0000000002023f64 /memfd:jit-cache (org.tensorflow.lite.NativeInterpreterWrapper.run+436)
#00 pc 0000000000134564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548)
#00 pc 0000000000198e94 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+204)
#00 pc 000000000030c254 /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376)
#00 pc 000000000030736c /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+884)
#00 pc 000000000063b0d4 /apex/com.android.art/lib64/libart.so (MterpInvokeVirtual+868)
#00 pc 000000000012e814 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_virtual+20)
#00 pc 000000000031b136 [anon:dalvik-classes.dex (org.tensorflow.lite.Interpreter.runForMultipleInputsOutputs+10)
#00 pc 000000000063b310 /apex/com.android.art/lib64/libart.so (MterpInvokeVirtual+1440)
#00 pc 000000000012e814 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_virtual+20)
#00 pc 000000000031b114 [anon:dalvik-classes.dex (org.tensorflow.lite.Interpreter.run+36)
#00 pc 000000000063b310 /apex/com.android.art/lib64/libart.so (MterpInvokeVirtual+1440)
#00 pc 000000000012e814 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_virtual+20)
#00 pc 000000000000f884 [anon:dalvik-classes3.dex (com.DD.GooglePlay.TensorFlowImageClassifier.recognizeImage+36)
#00 pc 000000000063cca4 /apex/com.android.art/lib64/libart.so (MterpInvokeInterface+1840)
#00 pc 000000000012ea14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_interface+20)
#00 pc 000000000000c30a [anon:dalvik-classes3.dex (com.DD.GooglePlay.PhotoTaker.delete+334)
#00 pc 00000000002fed48 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.18441993989064323955)+268)
#00 pc 0000000000629a84 /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+796)
#00 pc 000000000013dff8 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88)
#00 pc 00000000020098e8 /memfd:jit-cache (com.DD.GooglePlay.PhotoTaker$3.run+6344)
#00 pc 0000000000134564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548)
#00 pc 0000000000198e94 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+204)
#00 pc 0000000000532198 /apex/com.android.art/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104)
#00 pc 0000000000533398 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithJValues<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, jvalue const*)+440)
#00 pc 00000000005808b8 /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1272)
#00 pc 00000000000b6374 /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+64)
#00 pc 0000000000050fa4 /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64)
Attempted Solutions
I tried to change the tensorflow version according to this. Additionally, I tried changing the tensorflow implementation the way they did here.
anyone has solved the above? I get the same thing while trying to run the model in the background on a physical device.
I have tried all the solution i could find on internet but with no success.
In my Flutter app, I got following crash log at Google Play Console which is a native crash. I am not able to understand it fully. This Flutter app has android java code as well. In the crash log, it is pointing to my android java code com.xxxx.xxx where I have already handled the Exception and Error.
pid: 0, tid: 0 >>> com.xxxx.xxxx <<<
backtrace:
#00 pc 000000000005f356 /apex/com.android.runtime/lib/bionic/libc.so (abort+166)
#00 pc 0000000000021d38 /system/lib/libinput.so (abort_with_message(char const*)+24)
#00 pc 0000000000021d7c /system/lib/libinput.so (ubsan_handle_sub_overflow_minimal_abort+24)
#00 pc 0000000000012cb9 /system/lib/libinput.so (android::MotionEvent::getAxisValue(int, unsigned int) const+236)
#00 pc 0000000002202d19 /system/framework/arm/boot-framework.oat (art_jni_trampoline+128)
#00 pc 000000000204b00d /memfd:/jit-cache (com.xxxx.d.a.a.a+1484)
#00 pc 00000000000d7bc5 /apex/com.android.runtime/lib/libart.so (art_quick_invoke_stub_internal+68)
#00 pc 000000000042e457 /apex/com.android.runtime/lib/libart.so (art_quick_invoke_stub+250)
#00 pc 00000000000dffb7 /apex/com.android.runtime/lib/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+174)
#00 pc 0000000000210a09 /apex/com.android.runtime/lib/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+280)
#00 pc 000000000020d009 /apex/com.android.runtime/lib/libart.so (bool art::interpreter::DoCall<true, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+524)
#00 pc 0000000000427ee5 /apex/com.android.runtime/lib/libart.so (MterpInvokeDirectRange+240)
#00 pc 00000000000d2c14 /apex/com.android.runtime/lib/libart.so (mterp_op_invoke_direct_range+20)
#00 pc 00000000009188d2 /data/app/com.xxxx.xxxx-s9KFO5IYGTIBXr0bo3dYLA==/oat/arm/base.vdex (com.xxxx.d.a.a.<init>+42)
#00 pc 00000000004280b5 /apex/com.android.runtime/lib/libart.so (MterpInvokeDirectRange+704)
#00 pc 00000000000d2c14 /apex/com.android.runtime/lib/libart.so (mterp_op_invoke_direct_range+20)
#00 pc 000000000092b4e4 /data/app/com.xxxx.xxxx-s9KFO5IYGTIBXr0bo3dYLA==/oat/arm/base.vdex (com.xxxx.services.xxxx.f.a+44)
#00 pc 0000000000425edf /apex/com.android.runtime/lib/libart.so (MterpInvokeStatic+910)
#00 pc 00000000000d2994 /apex/com.android.runtime/lib/libart.so (mterp_op_invoke_static+20)
#00 pc 0000000000929e42 /data/app/com.xxxx.xxxx-s9KFO5IYGTIBXr0bo3dYLA==/oat/arm/base.vdex (com.xxxx.services.xxxx.f$17.run+54)
#00 pc 00000000001ec285 /apex/com.android.runtime/lib/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.4051875684531665263)+192)
#00 pc 00000000001f0a69 /apex/com.android.runtime/lib/libart.so (art::interpreter::EnterInterpreterFromEntryPoint(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*)+124)
#00 pc 0000000000417fc9 /apex/com.android.runtime/lib/libart.so (artQuickToInterpreterBridge+808)
#00 pc 00000000000dc5a1 /apex/com.android.runtime/lib/libart.so (art_quick_to_interpreter_bridge+32)
#00 pc 000000000138be01 /system/framework/arm/boot-framework.oat (android.os.Handler.dispatchMessage+64)
#00 pc 0000000001392dbf /system/framework/arm/boot-framework.oat (android.os.Looper.loop+1302)
I am aware about abort and signal crashes, due to such crashes app gets crashed even before the application code handles the crash. Is there any way we can prevent or handle the native crashes (C, C++)?
I'm getting this backtrace, this only happens only on Android devices 7.0, 7.1.1, 7.1.2.
Does anyone have an idea how debug it further or try to find a solution for it?
Google play logs, tgkill from google play
pid: 0, tid: 0 >>> name of the app <<<
#00 pc 000000000006b5b4 /system/lib64/libc.so (tgkill+8)
#00 pc 0000000000068a50 /system/lib64/libc.so (pthread_kill+64)
#00 pc 0000000000023f68 /system/lib64/libc.so (raise+24)
#00 pc 000000000001c9ec /system/lib64/libc.so (abort+52)
#00 pc 0000000000005c00 /system/lib64/liblog.so (__android_log_assert+232)
#00 pc 00000000000384e4 /system/lib64/libmedia_jni.so (android::JMediaDataSource::JMediaDataSource(_JNIEnv*, _jobject*)+852)
#00 pc 0000000000042654 /system/lib64/libmedia_jni.so
#00 pc 000000000270575c /system/framework/arm64/boot-framework.oat (offset 0x1fe1000) (android.media.MediaMetadataRetriever._setDataSource+152)
#00 pc 0000000002706e74 /system/framework/arm64/boot-framework.oat (offset 0x1fe1000) (android.media.MediaMetadataRetriever.setDataSource+48)
#00 pc 00000000000d1eb4 /system/lib64/libart.so (art_quick_invoke_stub+580)
#00 pc 00000000000deb88 /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+208)
#00 pc 000000000028dde4 /system/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::DexFile::CodeItem const*, art::ShadowFrame*, art::JValue*)+312)
#00 pc 0000000000286dc0 /system/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+592)
#00 pc 00000000005568ac /system/lib64/libart.so (MterpInvokeVirtualQuick+452)
#00 pc 00000000000c8614 /system/lib64/libart.so (ExecuteMterpImpl+29972)
Sentry logs are sometimes different but the issue is the same tgkill, shows these missing on them
boot-framework.oat
libmedia_jni.so
liblog.so
libreactnativejni.so
libfbjni.so
base.odex
libc.so
libyoga.so
base.odex
libart.so
I know there is a similar question for Android 10. I see occasional abort crashes on Android 11. The backtrackes of these crashes are not 100% identical, but very similar.
Could anyone shed some light on the possible causes?
Here are two backtraces for example:
From a Samsung device:
backtrace:
#00 pc 000000000004f064 /apex/com.android.runtime/lib64/bionic/libc.so (abort+164)
#00 pc 000000000053b008 /apex/com.android.art/lib64/libart.so (art::Runtime::Abort(char const*)+2340)
#00 pc 000000000001394c /system/lib64/libbase.so (android::base::SetAborter(std::__1::function<void (char const*)>&&)::$_3::__invoke(char const*)+76)
#00 pc 0000000000006d10 /system/lib64/liblog.so (__android_log_assert+336)
#00 pc 0000000000041b24 /system/lib64/libmedia_jni.so (android::JMediaCodec::configure(android::sp<android::AMessage> const&, android::sp<android::IGraphicBufferProducer> const&, android::sp<android::ICrypto> const&, android::sp<android::hardware::cas::native::V1_0::IDescrambler> const&, int)+488)
#00 pc 0000000000045668 /system/lib64/libmedia_jni.so (android_media_MediaCodec_native_configure(_JNIEnv*, _jobject*, _jobjectArray*, _jobjectArray*, _jobject*, _jobject*, _jobject*, int)+588)
#00 pc 0000000000253200 /system/framework/arm64/boot-framework.oat (art_jni_trampoline+272)
#00 pc 000000000067a3d0 /system/framework/arm64/boot-framework.oat (android.media.MediaCodec.configure+1472)
#00 pc 000000000067b034 /system/framework/arm64/boot-framework.oat (android.media.MediaCodec.configure+68)
#00 pc 0000000000134564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548)
#00 pc 0000000000198e94 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+204)
#00 pc 000000000030c218 /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376)
#00 pc 0000000000307330 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+884)
#00 pc 0000000000641874 /apex/com.android.art/lib64/libart.so (MterpInvokeVirtualQuick+708)
#00 pc 0000000000132594 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_virtual_quick+20)
From a Xiaomi device:
backtrace:
#00 pc 0000000000089acc /apex/com.android.runtime/lib64/bionic/libc.so (abort+164)
#00 pc 000000000055ebf4 /apex/com.android.art/lib64/libart.so (art::Runtime::Abort(char const*)+2308)
#00 pc 0000000000013978 /system/lib64/libbase.so (android::base::SetAborter(std::__1::function<void (char const*)>&&)::$_3::__invoke(char const*)+76)
#00 pc 0000000000006e18 /system/lib64/liblog.so (__android_log_assert+336)
#00 pc 0000000000040068 /system/lib64/libmedia_jni.so (android::JMediaCodec::configure(android::sp<android::AMessage> const&, android::sp<android::IGraphicBufferProducer> const&, android::sp<android::ICrypto> const&, android::sp<android::hardware::cas::native::V1_0::IDescrambler> const&, int)+488)
#00 pc 0000000000043a80 /system/lib64/libmedia_jni.so (android_media_MediaCodec_native_configure(_JNIEnv*, _jobject*, _jobjectArray*, _jobjectArray*, _jobject*, _jobject*, _jobject*, int)+588)
#00 pc 000000000013ced4 /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+148)
#00 pc 0000000000133564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548)
#00 pc 00000000001a8a78 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200)
#00 pc 0000000000319b78 /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376)
#00 pc 0000000000310f64 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<true, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+696)
#00 pc 0000000000683e10 /apex/com.android.art/lib64/libart.so (MterpInvokeDirectRange+436)
#00 pc 000000000012dc14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_direct_range+20)
#00 pc 00000000004f5410 [anon:dalvik-classes2.dex (android.media.MediaCodec.configure+328)
#00 pc 0000000000683fb0 /apex/com.android.art/lib64/libart.so (MterpInvokeDirectRange+852)
#00 pc 000000000012dc14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_direct_range+20)
#00 pc 00000000004f58cc [anon:dalvik-classes2.dex (android.media.MediaCodec.configure+12)
#00 pc 0000000000685060 /apex/com.android.art/lib64/libart.so (MterpInvokeVirtualQuick+1344)
#00 pc 0000000000131594 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_virtual_quick+20)
same problem. only xiaomi, android 11.
#00 pc 00037700 /apex/com.android.runtime/lib/bionic/libc.so (abort+171) [armeabi-v7a::edc23b5a08cb25fcac190e6392a4d537]
#01 pc 0022e130 __kmp_abort_process + 48 [armeabi-v7a]
This is new bug that happens only on Samsung Qualcomm Snapdragon Android 11 devices.
(Samsung Galaxy S21 Ultra 5G, Samsung Galaxy Note20 Ultra 5G,Samsung Galaxy S10+..)
I have no idea how to even start debugging it - any clue will be helpful
I have reported it to Samsung developer support a month ago - but the only thing they have done is to ask me if they can close this case because there is no new data.
Any other - more serious place to report android bugs?
Any idea how to fix it or debug it if I do not have a USA version?
It happens mostly when choosing high FPS like 60,120 or 240.
backtrace:
#00 pc 000000000004eee4 /apex/com.android.runtime/lib64/bionic/libc.so (abort+164)
#00 pc 0000000000042b00 /apex/com.android.runtime/lib64/bionic/libc.so (scudo::die()+8)
#00 pc 0000000000042444 /apex/com.android.runtime/lib64/bionic/libc.so (scudo::dieOnMapUnmapError(bool)+56)
#00 pc 0000000000042bbc /apex/com.android.runtime/lib64/bionic/libc.so (scudo::map(void*, unsigned long, char const*, unsigned long, scudo::MapPlatformData*)+184)
#00 pc 0000000000046554 /apex/com.android.runtime/lib64/bionic/libc.so (scudo::MapAllocator<scudo::MapAllocatorCache<256u, 256u, 33554432ul, 0, 1000> >::allocate(unsigned long, unsigned long, unsigned long*, bool)+408)
#00 pc 00000000000446ec /apex/com.android.runtime/lib64/bionic/libc.so (scudo::Allocator<scudo::AndroidConfig, &(scudo_malloc_postinit)>::allocate(unsigned long, scudo::Chunk::Origin, unsigned long, bool)+1196)
#00 pc 00000000000441c0 /apex/com.android.runtime/lib64/bionic/libc.so (scudo_calloc+48)
#00 pc 000000000003badc /apex/com.android.runtime/lib64/bionic/libc.so (calloc+52)
#00 pc 0000000000006fb8 /system/lib64/libcamera_metadata.so (allocate_camera_metadata+60)
#00 pc 000000000005696c /system/lib64/libcamera_client.so (android::CameraMetadata::resizeIfNeeded(unsigned long, unsigned long)+144)
#00 pc 0000000000056e00 /system/lib64/libcamera_client.so (android::CameraMetadata::updateImpl(unsigned int, void const*, unsigned long)+312)
#00 pc 0000000000153d34 /system/lib64/libandroid_runtime.so (CameraMetadata_writeValues(_JNIEnv*, _jclass*, int, _jbyteArray*, long)+848)
#00 pc 000000000024bf88 /system/framework/arm64/boot-framework.oat (art_jni_trampoline+200)
#00 pc 000000000200b630 /memfd:jit-cache (android.hardware.camera2.impl.CameraMetadataNative.setBase+752)
#00 pc 0000000002006a40 /memfd:jit-cache (android.hardware.camera2.impl.CameraMetadataNative.set+336)
#00 pc 0000000002003720 /memfd:jit-cache (android.hardware.camera2.impl.CameraDeviceImpl$CameraDeviceCallbacks.onResultReceived+544)
#00 pc 0000000002002bc8 /memfd:jit-cache (android.hardware.camera2.ICameraDeviceCallbacks$Stub.onTransact+856)
#00 pc 000000000074aaec /system/framework/arm64/boot-framework.oat (android.os.Binder.execTransactInternal+844)
#00 pc 000000000074a678 /system/framework/arm64/boot-framework.oat (android.os.Binder.execTransact+296)
#00 pc 0000000000134564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548)
#00 pc 0000000000198e94 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+204)
#00 pc 00000000005309a8 /apex/com.android.art/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104)
#00 pc 0000000000531f44 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+448)
#00 pc 0000000000532128 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+92)
#00 pc 000000000038c958 /apex/com.android.art/lib64/libart.so (art::JNI<false>::CallBooleanMethodV(_JNIEnv*, _jobject*, _jmethodID*, std::__va_list)+660)
#00 pc 000000000009eaa8 /system/lib64/libandroid_runtime.so (_JNIEnv::CallBooleanMethod(_jobject*, _jmethodID*, ...)+124)
#00 pc 000000000012cf8c /system/lib64/libandroid_runtime.so (JavaBBinder::onTransact(unsigned int, android::Parcel const&, android::Parcel*, unsigned int)+160)
#00 pc 000000000004a834 /system/lib64/libbinder.so (android::BBinder::transact(unsigned int, android::Parcel const&, android::Parcel*, unsigned int)+232)
#00 pc 0000000000053ab4 /system/lib64/libbinder.so (android::IPCThreadState::executeCommand(int)+700)
#00 pc 0000000000053748 /system/lib64/libbinder.so (android::IPCThreadState::getAndExecuteCommand()+156)
#00 pc 0000000000054304 /system/lib64/libbinder.so (android::IPCThreadState::joinThreadPool(bool)+116)
#00 pc 000000000007cc00 /system/lib64/libbinder.so (android::PoolThread::threadLoop()+24)
#00 pc 000000000001553c /system/lib64/libutils.so (android::Thread::_threadLoop(void*)+320)
#00 pc 00000000000a48a8 /system/lib64/libandroid_runtime.so (android::AndroidRuntime::javaThreadShell(void*)+144)
#00 pc 0000000000014db0 /system/lib64/libutils.so (thread_data_t::trampoline(thread_data_t const*)+408)
#00 pc 00000000000b61f4 /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+64)
#00 pc 0000000000050e24 /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64)