Samsum with Android 5 - Native crash at /system/framework/arm/boot.oat

stanga · April 2, 2017, 12:39pm

Recently we started seeing a bunch of native crashes in Google Play console that look like this:

Build fingerprint: 'samsung/kccat6xx/kccat6:5.0.2/LRX22G/G901FXXU1BOC4:user/release-keys' Revision: '2' ABI: 'arm' pid: 25782, tid: 25957, name: GLThread 2824 \>\>\> com.our.package.name \<\<\< signal 11 (SIGSEGV), code 1 (SEGV\_MAPERR), fault addr 0x7ce0308 r0 07ce0270 r1 1350bf60 r2 00000000 r3 137995c0 r4 00000337 r5 1350bf60 r6 713b40f0 r7 136b53a0 r8 0000041d r9 b4e0c000 sl 137995c0 fp b3a38048 ip 0000f515 sp b3a37e70 lr 795ea361 pc 75b84858 cpsr 08030030 backtrace: #00 pc 00b03858 /system/framework/arm/boot.oat #01 pc 0088835f /data/dalvik-cache/arm/data@app@com.our.package.name-1@base.apk@classes.dex

These crashes happen only on Samsung device with Android 5.0 and 5.1.

After searching a bit I found the following posts:

http://stackoverflow.com/questions/29628901/android-native-crash-initiating-from-system-framework-arm-boot-oat

http://stackoverflow.com/questions/36492417/native-crashes-received-in-samsung-devices-only-with-lollipop-5-0-5-1-versions

Both of them suggest the problem is caused when the apk is zipaligned using Zopfli.

Since we don’t use Enterprise, we have no control over the build.gradle file, so we can’t do anything to test and solve this.

Can anything be done by the Corona team to resolve these crashes?

Thanks

rob · April 2, 2017, 4:50pm

I can ask engineering to look into this but they are going to push back needing a project that can cause the crash. If you can make a small project that can cause the crash, it would be super helpful.

Rob

stanga · April 2, 2017, 5:17pm

if I create a test application I can’t be sure it will have the same crash, but I can send you an apk of our app instead.

Where should I send it to?

Note:

We also encountered the following crash on Galaxy S4 (Android 5.0.1), so maybe it’s related?

java.lang.AbstractMethodError: abstract method \"void javax.sql.RowSet.setNClob(java.lang.String, java.sql.NClob)\" Java Stack Trace: android.text.StaticLayout.\<init\>(StaticLayout.java:50) com.ansca.corona.graphics.TextRenderer.createBitmap(TextRenderer.java:253) com.ansca.corona.NativeToJavaBridge.callRenderText(NativeToJavaBridge.java:1505) com.naef.jnlua.LuaState.lua\_pcall(Native Method) com.naef.jnlua.LuaState.call(Unknown Source) com.ansca.corona.CoronaLua.dispatchEvent(CoronaLua.java:138) network.NetworkRequest$LuaCallback$1.executeUsing(NetworkRequest.java:610) com.ansca.corona.CoronaRuntimeTaskDispatcher$TaskEvent.Send(CoronaRuntimeTaskDispatcher.java:170) com.ansca.corona.events.EventManager.sendEvents(EventManager.java:91) com.ansca.corona.Controller.updateRuntimeState(Controller.java:308) com.ansca.corona.graphics.opengl.CoronaGLSurfaceView$CoronaRenderer.onDrawFrame(CoronaGLSurfaceView.java:421) com.ansca.corona.graphics.opengl.GLSurfaceView$GLThread.guardedRun(GLSurfaceView.java:1623) com.ansca.corona.graphics.opengl.GLSurfaceView$GLThread.run(GLSurfaceView.java:1378)

The trigger for this crash was a simple call to display.newText()

local textOptions = { &nbsp; &nbsp; text = "sometext", &nbsp; &nbsp; ... } display.newText(textOptions)

anon63346430 · April 2, 2017, 10:01pm

The crash you are seeing is usually, in my experience, when you are using too much memory (relative to the device’s available memory) and your app gets a hard closed by the kernel.

rob · April 3, 2017, 5:44pm

What version of Corona are you using?

stanga · April 3, 2017, 8:38pm

That version was with 2017.3040

rob · April 4, 2017, 3:51pm

There is another user who’s getting the same crash and it’s happening because they have a tap listener on an object that removes the object as part of the tap. When tapping on it too quickly, they end up trying to do a :removeSelf() on an object that’s already been removed.

If you’re doing something like this, you should use display.remove(object) instead of object:removeSelf() since display.remove() has a test to make sure the object is still valid.

I know I personally use :removeSelf() and Invariably run into a similar problem until I put in a test to make sure the object is still valid.

Check to see if that may be the case for you.

Rob

stanga · April 4, 2017, 6:50pm

Are you referring to the first or the second crash I reported in this thread?

The cause you suggested is not possible, because we don’t have any views that are being removed inside touch listeners.

Plus in that case, won’t I see the crash in an “unhandledError” event with a message like “attempt to call ‘removeSelf’ (a nil value)”?

For these crashes that I mentioned in my first post I don’t get any “unhandledError” event. The game is terminated by the OS without any callback…

rob · April 4, 2017, 7:02pm

I was referring to the first crash. While we do try and trap that with a Lua error, that doesn’t mean that certain device’s forks of Android don’t have issues that’s causing the segment violation. This seems to be limited to a few certain device combinations.

Rob

stanga · April 6, 2017, 12:22pm

Any progress with either the first or the second crashes?

Both are reproducing quite a bit, and both only to Samsung devices running Android 5…

rob · April 6, 2017, 2:47pm

We really need a test case that causes the problem and a bug report filed to get Engineering a chance to find this. Since this is going to be hard to reproduce and we had a similar report that’s related to removing an object that’s already been removed, I would suggest that you check your code to see there are any places where you might be double removing an object. :removeSelf() calls that don’t test to see if the object exists before removing them.

These kinds of problems are tough to narrow down. Perhaps you could ask around and see if a developer has the same device that you’re seeing these crashes on and see if they can get a console log of the crash that might clue us in to where the problem is occurring.

Rob

stanga · May 16, 2017, 9:54am

I added a pcall around the creation of the text view that is causing the crash.

It still crashes on some Samsung devices with Android 5, but most of the crashes are caught

In the detected crashes, I see the following stack traces

java.lang.IllegalStateException Java Stack Trace: java.util.concurrent.ConcurrentLinkedQueue$Itr.remove(ConcurrentLinkedQueue.java:710) java.util.concurrent.ConcurrentLinkedDeque$DescendingItr.startNode(ConcurrentLinkedDeque.java:1355) java.util.concurrent.ConcurrentLinkedDeque$AbstractItr.advance(ConcurrentLinkedDeque.java:1310) java.util.concurrent.ConcurrentLinkedDeque$AbstractItr.\<init\>(ConcurrentLinkedDeque.java:1300) java.util.concurrent.ConcurrentLinkedDeque$DescendingItr.\<init\>(ConcurrentLinkedDeque.java:1354) java.util.concurrent.ConcurrentLinkedDeque$DescendingItr.\<init\>(ConcurrentLinkedDeque.java:1354) java.util.concurrent.ConcurrentLinkedDeque.descendingIterator(ConcurrentLinkedDeque.java:1273) android.text.TextUtils.getChars(TextUtils.java:85) android.text.TextUtils.indexOf(TextUtils.java:118) android.text.StaticLayout.generate(StaticLayout.java:184) android.text.StaticLayout.\<init\>(StaticLayout.java:141) android.text.StaticLayout.\<init\>(StaticLayout.java:92) android.text.StaticLayout.\<init\>(StaticLayout.java:70) android.text.StaticLayout.\<init\>(StaticLayout.java:50) com.ansca.corona.graphics.TextRenderer.createBitmap(TextRenderer.java:253) com.ansca.corona.NativeToJavaBridge.callRenderText(NativeToJavaBridge.java:1505) com.naef.jnlua.LuaState.lua\_pcall(Native Method) com.naef.jnlua.LuaState.call(Unknown Source) com.ansca.corona.CoronaLua.dispatchEvent(CoronaLua.java:138) network.NetworkRequest$LuaCallback$1.executeUsing(NetworkRequest.java:610) com.ansca.corona.CoronaRuntimeTaskDispatcher$TaskEvent.Send(CoronaRuntimeTaskDispatcher.java:170) com.ansca.corona.events.EventManager.sendEvents(EventManager.java:91) com.ansca.corona.Controller.updateRuntimeState(Controller.java:308) com.ansca.corona.graphics.opengl.CoronaGLSurfaceView$CoronaRenderer.onDrawFrame(CoronaGLSurfaceView.java:421) com.ansca.corona.graphics.opengl.GLSurfaceView$GLThread.guardedRun(GLSurfaceView.java:1623) com.ansca.corona.graphics.opengl.GLSurfaceView$GLThread.run(GLSurfaceView.java:1378)

and

java.lang.AbstractMethodError: abstract method \"int java.sql.Savepoint.getSavepointId()\" Java Stack Trace: android.text.StaticLayout.\<init\>(StaticLayout.java:51) com.ansca.corona.graphics.TextRenderer.createBitmap(TextRenderer.java:253) com.ansca.corona.NativeToJavaBridge.callRenderText(NativeToJavaBridge.java:1505) com.naef.jnlua.LuaState.lua\_pcall(Native Method)\n\tcom.naef.jnlua.LuaState.call(Unknown Source) com.ansca.corona.CoronaLua.dispatchEvent(CoronaLua.java:138) network.NetworkRequest$LuaCallback$1.executeUsing(NetworkRequest.java:610) com.ansca.corona.CoronaRuntimeTaskDispatcher$TaskEvent.Send(CoronaRuntimeTaskDispatcher.java:170) com.ansca.corona.events.EventManager.sendEvents(EventManager.java:91) com.ansca.corona.Controller.updateRuntimeState(Controller.java:308) com.ansca.corona.graphics.opengl.CoronaGLSurfaceView$CoronaRenderer.onDrawFrame(CoronaGLSurfaceView.java:421) com.ansca.corona.graphics.opengl.GLSurfaceView$GLThread.guardedRun(GLSurfaceView.java:1623) com.ansca.corona.graphics.opengl.GLSurfaceView$GLThread.run(GLSurfaceView.java:1378)

and all of these errors are triggered by the same call to:

local textOptions = { &nbsp; &nbsp; text = messageVariable, &nbsp; &nbsp; ... } display.newText(textOptions)

To remind you, this crash (detected or not) only occurs on Samsung devices running android 5.X.

What could possibly trigger these errors when creating a new text object?

It has to be something with the message itself that is being shown, but what about it?

A long message? a certain character? Why would one message be ok and another not?

Any help would be greatly appreciated…

rob · May 16, 2017, 3:18pm

We certainly would like to see more code. The complete constructor would be helpful. What would be best is a simple test case that causes the crash on that specific platform where our Engineers could see the crash happen… i.e. an bug report

Rob

rob · April 2, 2017, 4:50pm