Our app has millions of user, and we have encountered one wicked crash problem when we try to load our private so in a worker thread, about 0.01% of our users will crash during System.load().
Log like:
608dd000-608de000 r--p 00000000 b3:07 8514 /data/data/com.UCMobile/com/core/version.0/lib/libWebCore_UC.so
Thread Name: '<unregistered>'
pid: 16879, tid: 16947 >>> com.UCMobile <<<
signal 7 (SIGBUS), code 2 (BUS_ADRERR), fault addr 61e3eb64
r0 61e3eb64 r1 00000000 r2 00000480 r3 c0000000
r4 00000000 r5 00000000 r6 00000000 r7 00000000
r8 000e7094 r9 00000005 10 6110a000 fp 0000006b
ip 00000000 sp 60bec8c8 lr 00000000 pc 40062698 cpsr a0000010
#00 pc 40062698 /system/bin/linker
#01 pc 40061ce0 /system/bin/linker
#02 pc 4005fc22 /system/bin/linker
#03 pc 40060172 /system/bin/linker
#04 pc 400614fe /system/bin/linker
#05 pc 0006755c /system/lib/libdvm.so
#06 pc 00091f68 /system/lib/libdvm.so
#07 pc 000273a0 /system/lib/libdvm.so
#08 pc 0002b2dc /system/lib/libdvm.so
#09 pc 00084e44 /system/lib/libdvm.so
#10 pc 00093f98 /system/lib/libdvm.so
#11 pc 000273a0 /system/lib/libdvm.so
#12 pc 0002b2dc /system/lib/libdvm.so
#13 pc 00084a94 /system/lib/libdvm.so
#14 pc 00084b20 /system/lib/libdvm.so
#15 pc 000700f8 /system/lib/libdvm.so
#16 pc 0000e4a4 /system/lib/libc.so
>>> [Dalvik stack info] <<<
at java.lang.Runtime.nativeLoad(Native Method)
at java.lang.Runtime.load(Runtime.java:339)
at java.lang.System.load(System.java:500)
And when we looked into linker's code, we figured out the line of code where app crashed:
http://androidxref.com/4.4.4_r1/xref/bionic/linker/linker_phdr.cpp#348
bool ElfReader::LoadSegments() {
347 if ((phdr->p_flags & PF_W) != 0 && PAGE_OFFSET(seg_file_end) > 0) {
348 memset((void*)seg_file_end, 0, PAGE_SIZE - PAGE_OFFSET(seg_file_end)); --> crash when memset
349 }
350
In most cases, fault addr is equal to "seg_file_end". (We can verify it by the info of readelf -l libWebCore_UC.so.)
And if one user crashed like these, he will crash again and again. (some users crashed hundreds of times.)
And we have checked so's size before we loaded it, its size must be the same as we expect.
Most of these kind of crash is sigbus, sometimes is SIGSEGV.
Anyone has any idea about this?
Referring to code from the Linux kernel:
int filemap_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
{
int error;
struct file *file = vma->vm_file;
struct address_space *mapping = file->f_mapping;
struct file_ra_state *ra = &file->f_ra;
struct inode *inode = mapping->host;
pgoff_t offset = vmf->pgoff;
struct page *page;
loff_t size;
int ret = 0;
size = round_up(i_size_read(inode), PAGE_SIZE);
if (offset >= size >> PAGE_SHIFT)
return VM_FAULT_SIGBUS;
...
/* Things didn't work out. Return zero to tell the mm layer so. */
shrink_readahead_size_eio(file, ra);
return VM_FAULT_SIGBUS;
}
It has two failure situations. One of them is that the file size is not large enough to cover the vma, the other is reading from filesystem has failed.
And you should ask me before posting this.
Related
suddenly when opening my app i got one crash and i uploaded the crash log below.But it happens sometime only not every time and every device.
Can anyone help me to understand the crash log and why its happening for sometimes and some devices. what is main reason for the below crash?
Revision: '14'
ABI: 'arm'
pid: 1834, tid: 8022, name: pool-3-thread-1 >>> com.example <<<
signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
Abort message: 'art/runtime/check_jni.cc:65] JNI DETECTED ERROR IN APPLICATION: java_array == null'
r0 00000000 r1 00001f56 r2 00000006 r3 00000000
r4 942bfdb8 r5 00000006 r6 00000002 r7 0000010c
r8 00000000 r9 b4e4f520 sl af17a800 fp 00000965
ip 00001f56 sp 942bf498 lr b6f26fd5 pc b6f4aeb4 cpsr 60070010
backtrace:
#00 pc 00037eb4 /system/lib/libc.so (tgkill+12)
#01 pc 00013fd1 /system/lib/libc.so (pthread_kill+52)
#02 pc 00014bef /system/lib/libc.so (raise+10)
#03 pc 00011531 /system/lib/libc.so (__libc_android_abort+36)
#04 pc 0000fcbc /system/lib/libc.so (abort+4)
#05 pc 0021d161 /system/lib/libart.so (art::Runtime::Abort()+160)
#06 pc 000a831b /system/lib/libart.so (art::LogMessage::~LogMessage()+1322)
#07 pc 000b1a49 /system/lib/libart.so (art::JniAbort(char const*, char const*)+1060)
#08 pc 000b1fa5 /system/lib/libart.so (art::JniAbortF(char const*, char const*, ...)+60)
#09 pc 001be127 /system/lib/libart.so (art::JNI::GetArrayLength(_JNIEnv*, _jarray*)+570)
#10 pc 00001171 /data/app/com.example-1/lib/arm/library.so (Java_com_example_value_encypt+48)
#11 pc 004986f9 /data/dalvik-cache/arm/data#app#com.example-1#base.apk#classes.dex
This kind of crash was happening to my app too. I could not figure it out through the logs. Once, I got hold of a device on which it crashed and found that it was crashing at a place where I was clearing the WebView cache. The problem was that the function to do that was deprecated, so in most of the phones it worked while in few others, it crashed. Since this was occurring probably even before Crashlytics got initialised, I was not getting any actual crash reports except from these kind of logs from Play Store.
What I would suggest is, check the device models from Play Store, and try to get a hold of one of these devices and try to see logcat crash report as it would point you to the actual problem.
I am running into an issue in my Android app where Galaxy Note 4, Galaxy Edge, and some other devices crash when trying to play H.264 video streamed from a server. I'm fairly certain that the H.264 video is correct, as the same video works using the same decoder on other devices. In addition, the devices that are crashing support the decoder that I'm using.
It doesn't crash in my source code, but it does crash the app. Has anyone ever run into this issue? If so, could you give me some help on what I could do to figure out what is happening? Here's the message I'm getting from the Developer Console in Google Play:
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'Verizon/trltevzw/trltevzw:5.0.1/LRX22C/N910VVRU1BOAF:user/release-keys'
Revision: '12'
ABI: 'arm'
pid: 32467, tid: 32524, name: CodecLooper >>> com.xxxx.xxxx<<<
signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
Abort message: 'frameworks/av/media/libstagefright/ACodec.cpp:1304 CHECK_EQ( mOMX->freeBuffer( mNode, portIndex, info->mBufferID),(status_t)OK) failed: -2147483648 vs. 0'
r0 00000000 r1 00007f0c r2 00000006 r3 00000000
r4 a160fdb8 r5 00000006 r6 00000000 r7 0000010c
r8 00000015 r9 00000000 sl a160fcf4 fp a160fdb0
ip 00007f0c sp a160f6d0 lr b6e9dff5 pc b6ec1998 cpsr 600f0010
backtrace:
#00 pc 00037998 /system/lib/libc.so (tgkill+12)
#01 pc 00013ff1 /system/lib/libc.so (pthread_kill+52)
#02 pc 00014c0f /system/lib/libc.so (raise+10)
#03 pc 00011531 /system/lib/libc.so (__libc_android_abort+36)
#04 pc 0000fcbc /system/lib/libc.so (abort+4)
#05 pc 00007709 /system/lib/libcutils.so (__android_log_assert+88)
#06 pc 000672f9 /system/lib/libstagefright.so (android::ACodec::freeBuffer(unsigned int, unsigned int)+152)
#07 pc 00067589 /system/lib/libstagefright.so (android::ACodec::freeOutputBuffersNotOwnedByComponent()+56)
#08 pc 0006b86f /system/lib/libstagefright.so (android::ACodec::ExecutingState::onOMXEvent(OMX_EVENTTYPE, unsigned int, unsigned int)+210)
#09 pc 0006ba23 /system/lib/libstagefright.so (android::ACodec::BaseState::onOMXMessage(android::sp<android::AMessage> const&)+342)
#10 pc 0006bc71 /system/lib/libstagefright.so (android::ACodec::BaseState::onMessageReceived(android::sp<android::AMessage> const&)+84)
#11 pc 0006c0e1 /system/lib/libstagefright.so (android::ACodec::ExecutingState::onMessageReceived(android::sp<android::AMessage> const&)+652)
#12 pc 00009819 /system/lib/libstagefright_foundation.so (android::AHierarchicalStateMachine::handleMessage(android::sp<android::AMessage> const&)+44)
#13 pc 00061a6f /system/lib/libstagefright.so
#14 pc 0000a5a3 /system/lib/libstagefright_foundation.so (android::ALooperRoster::deliverMessage(android::sp<android::AMessage> const&)+166)
#15 pc 00009f25 /system/lib/libstagefright_foundation.so (android::ALooper::loop()+220)
#16 pc 0000ef11 /system/lib/libutils.so (android::Thread::_threadLoop(void*)+112)
#17 pc 0000ea81 /system/lib/libutils.so
#18 pc 000137bb /system/lib/libc.so (__pthread_start(void*)+30)
#19 pc 0001189b /system/lib/libc.so (__start_thread+6)
Some users of my game that are trying to play it in a Samsung Galaxy Note 4 updated to Android Lollipop 5.0 are experiencing a game crash at startup:
Build fingerprint: 'samsung/trlteuc/trlteatt:5.0.1/LRX22C/N910AUCU1COC2:user/release-keys'
Revision: '12'
ABI: 'arm'
pid: 20911, tid: 20927, name: GLThread 270611 >>> com.mangoprotocol.psychotic.mechanika <<<
signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
r0 00000000 r1 000051bf r2 00000006 r3 00000000
r4 b39ffdb8 r5 00000006 r6 00000002 r7 0000010c
r8 a0e1a140 r9 00000000 sl 00000001 fp aa934c40
ip 000051bf sp b39ff830 lr b6e8cff5 pc b6eb0998 cpsr 600b0010
backtrace:
#00 pc 00037998 /system/lib/libc.so (tgkill+12)
#01 pc 00013ff1 /system/lib/libc.so (pthread_kill+52)
#02 pc 00014c0f /system/lib/libc.so (raise+10)
#03 pc 00011531 /system/lib/libc.so (__libc_android_abort+36)
#04 pc 0000fcbc /system/lib/libc.so (abort+4)
#05 pc 00001259 /system/lib/libstdc++.so
#06 pc 00000afb /system/lib/libstdc++.so (__cxa_pure_virtual+6)
#07 pc 000e4595 /system/vendor/lib/egl/libGLESv2_adreno.so (EsxGlObject::DecRefCount(EsxContext*)+28)
#08 pc 000b4b67 /system/vendor/lib/egl/libGLESv2_adreno.so (EsxContext::GlUseProgram(unsigned int)+150)
#09 pc 000e02d3 /system/vendor/lib/egl/libGLESv2_adreno.so (EsxGlApiParamValidate::GlUseProgram(EsxDispatch*, unsigned int)+34)
#10 pc 000abd75 /system/vendor/lib/egl/libGLESv2_adreno.so (glUseProgram+44)
#11 pc 002e9887 /data/dalvik-cache/arm/data#app#com.mangoprotocol.psychotic.mechanika-1#base.apk#classes.dex
I don't know if this is related to the OpenGL ES driver for the GPU (Adreno 420) if it is a more general issue with the OS (Android Lollipop 5.0), or if it has something to do with libGDX (the game framework I'm using). What I know is that the games works like a charm in a Nexus 6 (also with Adreno 420) updated to Lollipop 5.1.
Do you have any idea about how to solve this issue or how to work around it?
Android Lolipop has an api that allows for easy transitions between shared elements in different activities.
Activity transitions
It looks like this api doesn't support a transition with multiple views. Is there a way to do this using the same api?
EDIT
Following the advice from #pskink I use a different method
ActivityOptions options = ActivityOptions
.makeSceneTransitionAnimation(this, Pair.create((View)view, "viewPager"), Pair.create((View) fab, "fab"));
startActivity(intent, options.toBundle());
This worked fine from ActivityA to ActivityB but hitting the back button results in this stacktrace
A/OpenGLRenderer(17305): requireSurface() called but no surface set!
A/libc(17305): Fatal signal 6 (SIGABRT), code -6 in tid 17349(RenderThread)
Build fingerprint: 'google/hammerhead/hammerhead:5.0/LRX21O/1570415:user/release-keys'
Revision: '11'
ABI: 'arm'
pid: 3364, tid: 3414, name: RenderThread >>> com.example.package <<<
signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
Abort message: 'requireSurface() called but no surface set!'
r0 00000000 r1 00000d56 r2 00000006 r3 00000000
r4 9e9b5db8 r5 00000006 r6 0000003e r7 0000010c
r8 ac39bacc r9 9e9b5d08 sl 9e9b5d00 fp ac39bb08
ip 00000d56 sp 9e9b5858 lr b6f1faf9 pc b6f435d4 cpsr 600f0010
backtrace:
#00 pc 0003a5d4 /system/lib/libc.so (tgkill+12)
#01 pc 00016af5 /system/lib/libc.so (pthread_kill+52)
#02 pc 00017707 /system/lib/libc.so (raise+10)
#03 pc 00013f75 /system/lib/libc.so (__libc_android_abort+36)
#04 pc 00012a3c /system/lib/libc.so (abort+4)
#05 pc 00007a59 /system/lib/libcutils.so (__android_log_assert+88)
#06 pc 0003b61f /system/lib/libhwui.so
#07 pc 0003b971 /system/lib/libhwui.so
#08 pc 0003cf8d /system/lib/libhwui.so
#09 pc 0003cea5 /system/lib/libhwui.so
#10 pc 0003d885 /system/lib/libhwui.so
#11 pc 0003e27b /system/lib/libhwui.so (android::uirenderer::renderthread::RenderThread::threadLoop()+66)
#12 pc 000104d5 /system/lib/libutils.so (android::Thread::_threadLoop(void*)+112)
#13 pc 0005df4d /system/lib/libandroid_runtime.so (android::AndroidRuntime::javaThreadShell(void*)+72)
#14 pc 00010045 /system/lib/libutils.so
#15 pc 000162e3 /system/lib/libc.so (__pthread_start(void*)+30)
#16 pc 000142d3 /system/lib/libc.so (__start_thread+6)
EDIT2
The only logs that I receive when I filter by package name are below. The first log looks like it is coming from render script, I posted the log above as I thought it is related.
A/OpenGLRenderer(11128): requireSurface() called but no surface set!
A/libc(11128): Fatal signal 6 (SIGABRT), code -6 in tid 11219
(RenderThread)
I/ci(11358): Making Creator dynamically
W/ResourcesManager(11358): Asset path
'/system/framework/com.android.media.remotedisplay.jar' does not exist
or contains no
W/ResourcesManager(11358): Asset path
'/system/framework/com.android.location.provider.jar' does not exist
or contains no
EDIT3
So I was able to get this to work by disabling the mapfragment that was on activityA. I am still investigating why this would happen
New one to me for errors signal 4 SIGILL. When I take a look at the tombstone file and type int he address I get ?? i.e.
Here is someof the tombstone:
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'generic/sdk/generic/:2.2/FRF91/43546:eng/test-keys'
pid: 2083, tid: 2089 >>> com.activities <<<
signal 4 (SIGILL), fault addr 00016b10
r0 00000006 r1 8086caa4 r2 8086fbcf r3 0006b60b
r4 80887fc4 r5 0006b60b r6 00000000 r7 00000000
r8 80813b00 r9 4e23a038 10 00000019 fp 0011d230
ip 808880f8 sp 47bcbca8 lr 8083a8d1 pc 00016b10 cpsr 20000010
#00 pc 00016b10 [heap]
#01 pc 0003a8ce /system/lib/libdvm.so
#02 pc 0003d02c /system/lib/libdvm.so
#03 pc 0001890c /system/lib/libdvm.so
#04 pc 0001e8c4 /system/lib/libdvm.so
#05 pc 0001d790 /system/lib/libdvm.so
#06 pc 0005408e /system/lib/libdvm.so
#07 pc 0005bde2 /system/lib/libdvm.so
#08 pc 00018714 /system/lib/libdvm.so
#09 pc 0001e8c4 /system/lib/libdvm.so
#10 pc 0001d790 /system/lib/libdvm.so
#11 pc 00053eec /system/lib/libdvm.so
#12 pc 00054102 /system/lib/libdvm.so
#13 pc 0004825a /system/lib/libdvm.so
#14 pc 0001103c /system/lib/libc.so
#15 pc 00010b20 /system/lib/libc.so
I go my android-ndk-r7\toolchains\arm-linux-androideabi-4.4.3\prebuilt\windows\bin directory using command window, type in this command and get no function at all.
arm-linux-androideabi--addr2line.exe -C -f -e libdvm.so 0003a8ce
and it returns
??
??:0
I seem to remember this working before...and yes I have the libdvm.so in the same working directory.
Well apparently this occurs only when I test it on the 2.2 emulator. On a myTouch 3G phone the code never crashes. Must be a pointer memory issue or not enough RAM allocated for simulator.