Debugging "Native Crash"

2

When I run my instrumented test suite, I always get a "Native Crash" or "Program Crashed" error in one of the test classes. This class runs fine by itself. How do I even begin debugging this? All of my research so far has come up with solutions for debugging native code compiled with the Android NDK. The strange thing is that I am only writing Java code for this project.

For reference, the memory dump from an example crash is bellow:

I/MonitoringInstrumentation( 2064): Activities that are still in CREATED to STOPPED: 0
I/TestRunner( 2064): started: testSleep(bbct.android.common.functional.test.BaseballCardDetailsSleepTest)
I/MonitoringInstrumentation( 2064): Activities that are still in CREATED to STOPPED: 0
I/ActivityManager( 1535): START u0 {act=android.intent.action.MAIN cat=[android.intent.category.HOME] flg=0x1                                                                                                                    0200000 cmp=com.android.launcher/com.android.launcher2.Launcher} from pid 1535
D/        ( 1535): HostConnection::get() New Host Connection established 0x2a282968, tid 1567
D/dalvikvm( 1535): GC_FOR_ALLOC freed 1394K, 43% free 8566K/14820K, paused 120ms, total 127ms
D/dalvikvm( 1535): GC_FOR_ALLOC freed 1295K, 43% free 8554K/14820K, paused 64ms, total 65ms
D/WebViewTimersControl( 7384): onBrowserActivityPause
D/WebViewTimersControl( 7384): Pausing webview timers, view=com.android.browser.BrowserWebView{41701288 VFEDH                                                                                                                    VCL .F...... 0,0-1080,1591}
W/EGL_emulation( 1666): eglSurfaceAttrib not implemented
W/ResourceType( 1666): No known package when getting name for resource number 0x9b010100
W/ResourceType( 1666): No known package when getting name for resource number 0x9b030300
W/ResourceType( 1666): No known package when getting name for resource number 0x9b040400
W/ResourceType( 1666): No known package when getting name for resource number 0x9c020100
W/ResourceType( 1666): No known package when getting name for resource number 0x9c020003
W/ResourceType( 1666): No known package when getting name for resource number 0x9c010003
W/ResourceType( 1666): No known package when getting name for resource number 0x9b010100
W/ResourceType( 1666): No known package when getting name for resource number 0x9b030300
W/ResourceType( 1666): No known package when getting name for resource number 0x9b040400
W/ResourceType( 1666): No known package when getting name for resource number 0x9c020100
W/ResourceType( 1666): No known package when getting name for resource number 0x9c020003
W/ResourceType( 1666): No known package when getting name for resource number 0x9c010003
F/libc    ( 2064): Fatal signal 11 (SIGSEGV) at 0x0000003e (code=1), thread 2080 (roidJUnitRunner)
I/DEBUG   (   35): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
I/DEBUG   (   35): Build fingerprint: 'generic/sdk/generic:4.3.1/JB_MR2/1743067:eng/test-keys'
I/DEBUG   (   35): Revision: '0'
I/DEBUG   (   35): pid: 2064, tid: 2080, name: UNKNOWN  >>> bbct.android <<<
I/DEBUG   (   35): signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0000003e
I/DEBUG   (   35):     r0 ffffffff  r1 0000003e  r2 00000008  r3 00000001
I/DEBUG   (   35):     r4 ffffffff  r5 4d06f490  r6 2a1b3828  r7 00000002
I/DEBUG   (   35):     r8 00000000  r9 00000002  sl 00000001  fp ffffffff
I/DEBUG   (   35):     ip 41d16dd0  sp 4d16fc40  lr 00000000  pc 4d175504  cpsr 60000030
I/DEBUG   (   35):     d0  4ba558004e8ac8e2  d1  000000354256e0ff
I/DEBUG   (   35):     d2  412e848200000000  d3  3fe0000000000000
I/DEBUG   (   35):     d4  3ff0000000000000  d5  3ff0000000000000
I/DEBUG   (   35):     d6  43e0000000000000  d7  42c800004b31a4f8
I/DEBUG   (   35):     d8  0000000000000000  d9  0000000000000000
I/DEBUG   (   35):     d10 0000000000000000  d11 0000000000000000
I/DEBUG   (   35):     d12 0000000000000000  d13 0000000000000000
I/DEBUG   (   35):     d14 0000000000000000  d15 0000000000000000
I/DEBUG   (   35):     scr 80000010
I/DEBUG   (   35):
I/DEBUG   (   35): backtrace:
I/DEBUG   (   35):     #00  pc 00005504  /dev/ashmem/dalvik-jit-code-cache (deleted)
I/DEBUG   (   35):
I/DEBUG   (   35): stack:
I/DEBUG   (   35):          4d16fc00  41cce4f0  /dev/ashmem/dalvik-heap (deleted)
I/DEBUG   (   35):          4d16fc04  408ec1a0  /system/lib/libdvm.so
I/DEBUG   (   35):          4d16fc08  00000014
I/DEBUG   (   35):          4d16fc0c  40867df0  /system/lib/libdvm.so (dvmMalloc(unsigned int, int)+68)
I/DEBUG   (   35):          4d16fc10  2a1b3828  [heap]
I/DEBUG   (   35):          4d16fc14  4179cf70  /dev/ashmem/dalvik-heap (deleted)
I/DEBUG   (   35):          4d16fc18  0000000e
I/DEBUG   (   35):          4d16fc1c  486dcdf2  /system/framework/framework.odex
I/DEBUG   (   35):          4d16fc20  4d06f524
I/DEBUG   (   35):          4d16fc24  4869cc5e  /system/framework/framework.odex
I/DEBUG   (   35):          4d16fc28  4d06f490
I/DEBUG   (   35):          4d16fc2c  2a1b3828  [heap]
I/DEBUG   (   35):          4d16fc30  00000201
I/DEBUG   (   35):          4d16fc34  4085bdc0  /system/lib/libdvm.so
I/DEBUG   (   35):          4d16fc38  df0027ad
I/DEBUG   (   35):          4d16fc3c  00000000
I/DEBUG   (   35):     #00  4d16fc40  46cc6910  /dev/ashmem/dalvik-LinearAlloc (deleted)
I/DEBUG   (   35):          4d16fc44  fffffe58
I/DEBUG   (   35):          4d16fc48  4086be9c  /system/lib/libdvm.so (dvmMterpStd(Thread*))
I/DEBUG   (   35):          4d16fc4c  00000000
I/DEBUG   (   35):          4d16fc50  4d16fd08
I/DEBUG   (   35):          4d16fc54  2a1b3828  [heap]
I/DEBUG   (   35):          4d16fc58  4d16fc74
I/DEBUG   (   35):          4d16fc5c  46f8c560  /dev/ashmem/dalvik-LinearAlloc (deleted)
I/DEBUG   (   35):          4d16fc60  4176f1f8  /dev/ashmem/dalvik-heap (deleted)
I/DEBUG   (   35):          4d16fc64  40869584  /system/lib/libdvm.so (dvmInterpret(Thread*, Method const*, J                                                                                                                    Value*)+188)
I/DEBUG   (   35):          4d16fc68  4d06fa94
I/DEBUG   (   35):          4d16fc6c  48906239  /system/framework/framework.odex
I/DEBUG   (   35):          4d16fc70  4016db93  /system/lib/libandroid_runtime.so
I/DEBUG   (   35):          4d16fc74  47d5f8f8  /system/framework/core.odex
I/DEBUG   (   35):          4d16fc78  4d06fb3c
I/DEBUG   (   35):          4d16fc7c  46c3b2a8  /dev/ashmem/dalvik-LinearAlloc (deleted)
I/DEBUG   (   35):
I/DEBUG   (   35): memory near r5:
I/DEBUG   (   35):     4d06f470 00000001 41c09d48 00000000 4d06f4cc
I/DEBUG   (   35):     4d06f480 4869ceda 46d55828 4869cc5e 00000000
I/DEBUG   (   35):     4d06f490 00000001 00000002 00000000 00000001
I/DEBUG   (   35):     4d06f4a0 ffffffff 41d16dd0 00000000 00000032
I/DEBUG   (   35):     4d06f4b0 00000002 ffffffff 4d06f500 4869ceb6
I/DEBUG   (   35):     4d06f4c0 46d559f0 4869ceda 00000000 4d06f524
I/DEBUG   (   35):     4d06f4d0 41d16dd0 00000000 00000032 4179cf80
I/DEBUG   (   35):     4d06f4e0 00000002 ffffffff 00000000 4d06f524
I/DEBUG   (   35):     4d06f4f0 486dce02 46d559b8 4869ceb6 00000000
I/DEBUG   (   35):     4d06f500 00000000 4179cf80 00000002 ffffffff
I/DEBUG   (   35):     4d06f510 4d06f584 486da0ca 47042e40 486dce02
I/DEBUG   (   35):     4d06f520 00000000 4179cf58 00000000 00000000
I/DEBUG   (   35):     4d06f530 417ab9c8 4d06f568 486dc24c 46e03e70
I/DEBUG   (   35):     4d06f540 486db948 00000000 00000000 ffffffff
I/DEBUG   (   35):     4d06f550 00000002 ffffffff 4179cf80 4179cf70
I/DEBUG   (   35):     4d06f560 486dc24c 00000000 4179cf58 417ab9c8
I/DEBUG   (   35):
I/DEBUG   (   35): memory near r6:
I/DEBUG   (   35):     2a1b3808 006d6f00 31c10b28 2a1b31a0 2a1b31a0
I/DEBUG   (   35):     2a1b3818 2a214328 85851ad2 03c7e0e0 00000453
I/DEBUG   (   35):     2a1b3828 486db7f4 4d06f490 46d55828 48caa000
I/DEBUG   (   35):     2a1b3838 00000002 ffffffff 4d16fc40 00000000
I/DEBUG   (   35):     2a1b3848 4d16fc74 0000000b 00000000 4085bdc0
I/DEBUG   (   35):     2a1b3858 00000000 00000000 4637f670 4d06c300
I/DEBUG   (   35):     2a1b3868 00000000 00000000 00000001 00004000
I/DEBUG   (   35):     2a1b3878 00000000 2a04d540 4085bdc0 40860c80
I/DEBUG   (   35):     2a1b3888 00000000 40864d7c 40864df0 40864ca0
I/DEBUG   (   35):     2a1b3898 40864cc0 40864d1c 00000000 4d175491
I/DEBUG   (   35):     2a1b38a8 2a1c2c88 00000028 00000000 00000000
I/DEBUG   (   35):     2a1b38b8 00000000 00000006 00002000 408ec8c4
I/DEBUG   (   35):     2a1b38c8 41639928 46edae00 00000000 2a1b1e08
I/DEBUG   (   35):     2a1b38d8 00000001 00000040 00000200 00000000
I/DEBUG   (   35):     2a1b38e8 00000007 47d41bae 47d41bae 0000000d
I/DEBUG   (   35):     2a1b38f8 47d41ba8 46c696f8 1b1a73ac 1b80e588
I/DEBUG   (   35):
I/DEBUG   (   35): memory near ip:
I/DEBUG   (   35):     41d16db0 00000000 41cc63f8 417e24f0 41bf5778
I/DEBUG   (   35):     41d16dc0 00000000 00000000 00000030 0000020b
I/DEBUG   (   35):     41d16dd0 41453aa0 00000000 0000003e 00000000
I/DEBUG   (   35):     41d16de0 00000000 ffffffff 00000001 ffffffff
I/DEBUG   (   35):     41d16df0 00000002 ffffffff 00000003 ffffffff
I/DEBUG   (   35):     41d16e00 00000004 ffffffff 00000005 ffffffff
I/DEBUG   (   35):     41d16e10 00000007 ffffffff 00000008 ffffffff
I/DEBUG   (   35):     41d16e20 00000009 ffffffff 0000000a ffffffff
I/DEBUG   (   35):     41d16e30 0000000b ffffffff 0000000c ffffffff
I/DEBUG   (   35):     41d16e40 0000000d ffffffff 0000000e ffffffff
I/DEBUG   (   35):     41d16e50 0000000f ffffffff 00000010 ffffffff
I/DEBUG   (   35):     41d16e60 00000011 ffffffff 00000012 ffffffff
I/DEBUG   (   35):     41d16e70 00000013 ffffffff 00000014 ffffffff
I/DEBUG   (   35):     41d16e80 00000015 ffffffff 00000016 ffffffff
I/DEBUG   (   35):     41d16e90 00000017 ffffffff 00000018 ffffffff
I/DEBUG   (   35):     41d16ea0 00000019 ffffffff 0000001a ffffffff
I/DEBUG   (   35):
I/DEBUG   (   35): memory near sp:
I/DEBUG   (   35):     4d16fc20 4d06f524 4869cc5e 4d06f490 2a1b3828
I/DEBUG   (   35):     4d16fc30 00000201 4085bdc0 df0027ad 00000000
I/DEBUG   (   35):     4d16fc40 46cc6910 fffffe58 4086be9c 00000000
I/DEBUG   (   35):     4d16fc50 4d16fd08 2a1b3828 4d16fc74 46f8c560
I/DEBUG   (   35):     4d16fc60 4176f1f8 40869584 4d06fa94 48906239
I/DEBUG   (   35):     4d16fc70 4016db93 47d5f8f8 4d06fb3c 46c3b2a8
I/DEBUG   (   35):     4d16fc80 47f96000 41821e88 00000000 4d16fda0
I/DEBUG   (   35):     4d16fc90 00000000 4d16fdd4 00000000 00000000
I/DEBUG   (   35):     4d16fca0 00000000 00000000 00000000 00000000
I/DEBUG   (   35):     4d16fcb0 00000000 00000000 00000000 00000000
I/DEBUG   (   35):     4d16fcc0 00000000 00000000 00000000 00000000
I/DEBUG   (   35):     4d16fcd0 00000000 00000000 2a1b3828 46f8c560
I/DEBUG   (   35):     4d16fce0 408e7c88 00000000 414522a8 41821ed8
I/DEBUG   (   35):     4d16fcf0 00000000 4089df7f 2a010f80 408a9ca9
I/DEBUG   (   35):     4d16fd00 4173c698 400721f4 408e7c88 417d1f80
I/DEBUG   (   35):     4d16fd10 41769ed0 400721f4 41821ec8 408a266f
I/DEBUG   (   35):
I/DEBUG   (   35): code around pc:
I/DEBUG   (   35):     4d1754e4 188002ca 9020f8d5 b024f8d5 68036844
I/DEBUG   (   35):     4d1754f4 30fff04f 612c455c f2c060eb f300800b
I/DEBUG   (   35):     4d175504 ebb38008 f0000009 bf8c8005 30fff04f
I/DEBUG   (   35):     4d175514 42402001 60e82800 8010f280 de00e7b6
I/DEBUG   (   35):     4d175524 0054f8df f8dfe001 6ef1004c 1c2d4788
I/DEBUG   (   35):     4d175534 4300e000 47806e70 4869cc66 4300e000
I/DEBUG   (   35):     4d175544 47806e70 4869cc62 4300e000 47806e70
I/DEBUG   (   35):     4d175554 4869cc38 00000002 2a1b0001 46d55828
I/DEBUG   (   35):     4d175564 00130002 00000001 00040103 00000001
I/DEBUG   (   35):     4d175574 00000000 4869cc52 4869cc60 2a1c37c8
I/DEBUG   (   35):     4d175584 f85f0040 68010008 60013101 69e969a8
I/DEBUG   (   35):     4d175594 1e431842 27011ad4 612f42bc 60ab60ec
I/DEBUG   (   35):     4d1755a4 f340606a e7ff8007 4300e000 47806e70
I/DEBUG   (   35):     4d1755b4 4869f28e 4300e000 47806e70 4869f2ac
I/DEBUG   (   35):     4d1755c4 00000002 2a1b0000 470a4618 00000105
I/DEBUG   (   35):     4d1755d4 00000001 00000000 2a1c37cc f85f0030
I/DEBUG   (   35):
I/DEBUG   (   35): code around lr:
I/DEBUG   (   35):     00000000 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     00000010 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     00000020 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     00000030 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     00000040 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     00000050 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     00000060 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     00000070 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     00000080 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     00000090 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     000000a0 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     000000b0 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     000000c0 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     000000d0 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     000000e0 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (   35):     000000f0 ffffffff ffffffff ffffffff ffffffff
D/dalvikvm( 7384): GC_FOR_ALLOC freed 1839K, 17% free 10258K/12352K, paused 103ms, total 123ms
I/BootReceiver( 1535): Copying /data/tombstones/tombstone_02 to DropBox (SYSTEM_TOMBSTONE)
D/dalvikvm( 1535): GC_FOR_ALLOC freed 924K, 39% free 9147K/14820K, paused 71ms, total 75ms
W/ActivityManager( 1535): Error in app bbct.android running instrumentation ComponentInfo{bbct.android.test/a                                                                                                                    ndroid.support.test.runner.AndroidJUnitRunner}:
W/ActivityManager( 1535):   Native crash
W/ActivityManager( 1535):   Native crash: Segmentation fault
D/AndroidRuntime( 2054): Shutting down VM
D/jdwp    ( 2054): Got wake-up signal, bailing out of select
D/dalvikvm( 2054): Debugger has detached; object registry had 1 entries
D/Zygote  ( 1329): Process 2064 terminated by signal (11)
I/ActivityManager( 1535): Force stopping package bbct.android appid=10046 user=0
I/ActivityManager( 1535): Killing proc 2064:bbct.android/u0a10046: force stop bbct.android
D/AndroidRuntime( 8089):
D/AndroidRuntime( 8089): >>>>>> AndroidRuntime START com.android.internal.os.RuntimeInit <<<<<<
D/AndroidRuntime( 8089): CheckJNI is ON
D/dalvikvm( 8089): Trying to load lib libjavacore.so 0x0
D/dalvikvm( 8089): Added shared lib libjavacore.so 0x0
D/dalvikvm( 8089): Trying to load lib libnativehelper.so 0x0
D/dalvikvm( 8089): Added shared lib libnativehelper.so 0x0
E/cutils-trace( 8089): Error opening trace file: No such file or directory (2)
D/AndroidRuntime( 8089): Calling main entry com.android.commands.am.Am
D/dalvikvm( 8089): Note: class Landroid/app/ActivityManagerNative; has 163 unimplemented (abstract) methods
I/ActivityManager( 1535): Force stopping package bbct.android appid=10046 user=0

After further research, I turned up these seemingly related questions:

Native crash on an Android-Java based app?

Native crash at /dev/ashmem/dalvik-jit-code-cache

android
debugging
testing
asked on Stack Overflow Aug 15, 2016 by • edited May 23, 2017 by (unknown user)

1 Answer

0

Fatal signal 11 (SIGSEGV) is either a invalid memory reference or segmentation fault.

Clue 1: If you look down past that at I/DEBUG ( 35): backtrace:

You'll find the related libraries that crashed and the address associated with the line of code in that library.

If you don't have access to peek into and modify that library.

Then you should trace to where it exactly crashes in java. Most likely, it was passed a value it couldn't process.

EDIT

If you didn't use any library, there are still cases where it is still possible for the base sdk/api to default like this because it tried to process a value it's not supposed to.

Clue 2. F/libc ( 2064): Fatal .... thread 2080 (roidJUnitRunner)

answered on Stack Overflow Aug 15, 2016 by TWL • edited Aug 16, 2016 by TWL

User contributions licensed under CC BY-SA 3.0