Recently, some native crashes of the android 4.3 system have been received on the crashed system, and they are mainly based on OPPO phones. For example, the crash stack log:
Thread 119 (crashed) 0 libc.so + 0x1d1e0 r0 = 0x6cebe000 r1 = 0x00000000 r2 = 0x00000000 r3 = 0x00000002 r4 = 0x6cebdf00 r5 = 0x00000154 r6 = 0x00000180 r7 = 0x00000140 r8 = 0x00000000 r9 = 0x733d1af4 r10 = 0x402bbcf8 r12 = 0x40450cf0 fp = 0x733d1c84 sp = 0x733d1914 lr = 0x402be1d4 pc = 0x400661e0 Found by: given as instruction pointer in context 1 libutils.so + 0x12969 sp = 0x733d1960 pc = 0x400e396b Found by: sta ck scanning 2 libui.so + 0x80d3 sp = 0x733d1978 pc = 0x4059e0d5 Found by: stack scanning 3 libui.so + 0x83dd sp = 0x733d1988 pc = 0x4059e3df Found by: stack scanning 4 libui.so + 0xae9a sp = 0x733d19a0 pc = 0x405a0e9c Found by: stack scanning 5 libc.so + 0x10bf9 sp = 0x733d19b0 pc = 0x40059bfb Found by: stack scanning 6 libc.so + 0x47ffe sp = 0x733d19b4 pc = 0x40091000 Found by: stack scanning 7 libui.so + 0xae9a sp = 0x733d19c0 pc = 0x405a0e9c Found by: stack scanning 8 libc.so + 0xdba7 sp = 0x733d19c8 pc = 0x40056ba9 Found by: stack scanning 9 libui.so + 0xacd6 sp = 0x733d19cc pc = 0x405a0cd8 Found by: stack scanning10 libutils.so + 0xf9b7 sp = 0x733d19d0 pc = 0x400e09b9 Found by: stack scanning11 libui.so + 0x7701 sp = 0x733d19e0 pc = 0x4059d703 Found by: stack scanning12 libui.so + 0x806d sp = 0x733d19e8 pc = 0x4059e06f Found by: stack scanning13 libskia.so + 0x c701e sp = 0x733d19f8 pc = 0x402e9020 Found by: stack scanning14 libskia.so + 0xc8306 sp = 0x733d1a30 pc = 0x402ea308 Found by: stack scanning15 libskia.so + 0xc5d0e sp = 0x733d1a58 pc = 0x402e7d10 Found by: stack scanning16 libskia.so + 0x8d86a sp = 0x733d1a60 pc = 0x402af86c Found by: stack scanning17 libc.so + 0x10bf9 sp = 0x733d1ab0 pc = 0x40059bfb Found by: stack scanning18 libc.so + 0x47ffe sp = 0x733d1ab4 pc = 0x40091000 Found by: stack scanning19 dalvik-heap (deleted) + 0x28c5ffe sp = 0x733d1ac0 pc = 0x43e10000 Found by: stack scanning20 libskia.so + 0x90ac2 sp = 0x733d1ae8 pc = 0x402b2ac4 Found by: stack scanning21 libc.so + 0x10805 sp = 0x733d1af0 pc = 0x40059807 Found by: stack scanning22 dalvik-heap (deleted) + 0x28c5ffe sp = 0x733d1b28 pc = 0x43e10000 Found by: stack scanning23 libicui18n.so + 0x41782 sp = 0x733d1b34 pc = 0x407aa784 Found by: stack scanni ng24 libandroid_runtime.so + 0xb288e sp = 0x733d1b54 pc = 0x401ed890 Found by: stack scanning25 libc.so + 0x10bf9 sp = 0x733d1b60 pc = 0x40059bfb Found by: stack scanning26 libc.so + 0x47ffe sp = 0x733d1b64 pc = 0x40091000 Found by: stack scanning27 libandroid_runtime.so + 0xb288e sp = 0x733d1b74 pc = 0x401ed890 Found by: stack scanning28 libui.so + 0xacd6 sp = 0x733d1b7c pc = 0x405a0cd8 Found by: stack scanning29 libutils.so + 0xf9b7 sp = 0x733d1b80 pc = 0x400e09b9 Found by: stack scanning30 libc.so + 0x10805 sp = 0x733d1b98 pc = 0x40059807 Found by: stack scanning31 libandroid_runtime.so + 0x6366f sp = 0x733d1ba0 pc = 0x4019e671 Found by: stack scanning32 libskia.so + 0x227d12 sp = 0x733d1bb8 pc = 0x40449d14 Found by: stack scanning33 libskia.so + 0x227d12 sp = 0x733d1bbc pc = 0x40449d14 Found by: stack scanning34 libskia.so + 0x22ecc2 sp = 0x733d1bc0 pc = 0x40450cc4 Found by: stack scanning35 libskia.so + 0x92592 sp = 0x733d1c08 pc = 0x402b4594 Found by: stack scanning36 libLLVM.so + 0x697ffe sp = 0x733d1c10 pc = 0x41400000 Found by: stack scanning37 libicui18n.so + 0x96ffe sp = 0x733d1c48 pc = 0x40800000 Found by: stack scanning38 dalvik-LinearAlloc (deleted) + 0x46ed6 sp = 0x733d1c5c pc = 0x574f5ed8 Found by: stack scanning39 libdvm.so + 0x203ce sp = 0x733d1c68 pc = 0x408b73d0 Found by: stack scanning40 libdvm.so + 0x4bd3f sp = 0x733d1c70 pc = 0x408e2d41 Found by: stack scanning41 dalvik-heap (deleted) + 0x1cb96 sp = 0x733d1c80 pc = 0x41566b98 Found by: stack scanning42 libdvm.so + 0x50d99 sp = 0x733d1c88 pc = 0x408e7d9b Found by: stack scanning43 system@[email protected]@classes.dex + 0x60d210 sp = 0x733d1c90 pc = 0x5914d212 Found by: stack scanning44 libandroid_runtime.so + 0x777c9 sp = 0x733d1c94 pc = 0x401b27cb Found by: sta ck scanning45 libdvm.so + 0x7babb sp = 0x733d1cc8 pc = 0x40912abd Found by: stack scanning46 libdvm.so + 0x2053e sp = 0x733d1cd0 pc = 0x408b7540 Found by: stack scanning47 dalvik-LinearAlloc (deleted) + 0x351a6 sp = 0x733d1cd8 pc = 0x574e41a8 Found by: stack scanning48 libdvm.so + 0x75569 sp = 0x733d1cf0 pc = 0x4090c56b Found by: stack scanning49 libc.so + 0xe89e sp = 0x733d1d28 pc = 0x400578a0 Found by: stack scanning50 dalvik-heap (deleted) + 0x14d7ab2 sp = 0x733d1d50 pc = 0x42a21ab4 Found by: stack scanning51 dalvik-heap (deleted) + 0x14d7aae sp = 0x733d1d54 pc = 0x42a21ab0 Found by: stack scanning52 libdvm.so + 0x558d7 sp = 0x733d1d70 pc = 0x408ec8d9 Found by: stack scanning53 system@[email protected]@classes.dex + 0x215d86 sp = 0x733d1d80 pc = 0x58d55d88 Found by: stack scanning54 libdvm.so + 0x50c07 sp = 0x733d1d90 pc = 0x408e7c09 Found by: stack scanning55 dalvik- jit-code-cache (deleted) + 0x216 sp = 0x733d1da0 pc = 0x69563218 Found by: stack scanning56 libdvm.so + 0x30b32 sp = 0x733d1dac pc = 0x408c7b34 Found by: stack scanning57 dalvik-LinearAlloc (deleted) + 0x5b1a76 sp = 0x733d1dc0 pc = 0x57a60a78 Found by: stack scanning58 dalvik-heap (deleted) + 0x17bb95e sp = 0x733d1dc4 pc = 0x42d05960 Found by: stack scanning59 libdvm.so + 0x2e21a sp = 0x733d1dc8 pc = 0x408c521c Found by: stack scanning60 libicui18n.so + 0x26ffe sp = 0x733d1e00 pc = 0x40790000 Found by: stack scanning61 libicui18n.so + 0x41782 sp = 0x733d1e08 pc = 0x407aa784 Found by: stack scanning62 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx+ 0x169eb3 sp = 0x733d1e40 pc = 0x5e2a2eb5 Found by: stack scanning63 dalvik-LinearAlloc (deleted) + 0x5b1a76 sp = 0x733d1e4c pc = 0x57a60a78 Found by: stack scanning64 libdvm.so + 0x62df3 sp = 0x733d1e58 pc = 0x408f9df5 Found by: stack scanning65 dalvik-LinearAlloc (deleted) + 0x5b1a76 sp = 0x733d1e60 pc = 0x57a60a78 Found by: stack scanning66 dalvik-heap (deleted) + 0x17bb95e sp = 0x733d1e64 pc = 0x42d05960 Found by: stack scanning67 libdvm.so + 0x62e1d sp = 0x733d1e88 pc = 0x408f9e1f Found by: stack scanning68 libdvm.so + 0x57b95 sp = 0x733d1ea4 pc = 0x408eeb97 Found by: stack scanning69 libdvm.so + 0x57af3 sp = 0x733d1edc pc = 0x408eeaf5 Found by: stack scanning70 libc.so + 0xcba2 sp = 0x733d1ee8 pc = 0x40055ba4 Found by: stack scanning71 libc.so + 0xcd1e sp = 0x733d1f00 pc = 0x40055d20 Found by: stack scanning
或者:
由于这些崩溃日志大多集中在oppo系列手机,而且崩溃不是必现,所以开始的时候把自己引导了一个错误方向,认为可能是oppo手机的系统定制问题,然后按照这个方向查询了一下用户的操作log,发现崩溃居然没有什么操作规律,但是可以定位都是在某个activity里面导致,于是仔细分析了一下崩溃栈,发现oppo原来只是之前集中使用4.3系统,所以被躺枪了,
分析下日志发现,libskia和libui都是android图形界面的底层处理类,所以可以定位问题在ui上,例如bitmap,canvas,ui交互等等的处理,不过这个范围还是太广了,自定义控件很多也是锁定canvas绘制的,然后再仔细看一下崩溃线程,发现崩溃线程居然都不是主线程,那这样就好分析多了,ui交互上崩溃,而且不是主线程的,一般就可以大致锁定在surfaceview,surfacetexture,GLsurface等等这些上面了,集合上面日志发现的在某个activity里面,通过查找代码,发现这个里面有几个组件是使用surfaceview实现的画布绘制,
接下来继续分析定位,由于日志显示问题不是必现的,而且是进入activity后不定时时间内会触发崩溃,那么说明这个崩溃来自于某个操作,由于操作这块日志并不太详细,所以只能综合日志情况,而且也借用相同的机型系统机器操作模拟,刚好这个activity里面有个比较特殊的操作,滑动清屏,移动所有view组件,于是多次操作这个后,崩溃必现,就这样定位到了问题,猜测应该是4.3系统手机上surfaceview在滑动的时候lockcanvas绘制会很大几率导致绘制冲突,不过具体诱发原因还需要后期深入源码排查
所以通过定位上了问题,既然4.3手机不支持滑动surfaceview时绘制,那么就只能判断4.3手机通过其他方式去实现surfaceview的操作了,例如改成GLsurfaceview,采用子window层等等。 . .