The Android app crashes accidentally after using JNI

advertisements

I have an application which uses a C library through JNI bindings. The same C library is used on iOS without any issues, and it was used for around 2 years already.

I've tried implementing the same library on Android, and in general, everything works as expected, but the app crashes randomly after calling the JNI code.

What I mean is that I call the library, I receive data, I do some things with the data [like update buttons on screen] and then wait for further user input. After around 200-300ms after the call, my app crashes. By random, I mean that 1 out of 3 times it crashes. Sometimes after the first call, sometimes after 4th etc. All the time I use the same set of data, so this issue is not data specific.

Unfortunately, the errors I get are random as well. This leads me to believe, that it must be something with memory management, but damn... I have no idea how to debug it at all.

Here are few examples of the errors I get.

                                                                 ----

----- beginning of crash
06-03 13:35:37.823 6035-6035/com.mycompany.myapp A/libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x30384636 in tid 6035 (mycompany.myapp)

                                                             [ 06-03 13:35:37.829   182:  182 W/         ]
                                                             debuggerd: handling request: pid=6035 uid=10147 gid=10147 tid=6035
06-03 13:35:37.919 6307-6307/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
06-03 13:35:37.919 6307-6307/? A/DEBUG: Build fingerprint: 'nvidia/wx_un_do/shieldtablet:7.0/NRD90M/1928188_850.6612:user/release-keys'
06-03 13:35:37.919 6307-6307/? A/DEBUG: Revision: '0'
06-03 13:35:37.919 6307-6307/? A/DEBUG: ABI: 'arm'
06-03 13:35:37.920 6307-6307/? A/DEBUG: pid: 6035, tid: 6035, name: mycompany.myapp  >>> com.mycompany.myapp <<<
06-03 13:35:37.920 6307-6307/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x30384636
06-03 13:35:37.920 6307-6307/? A/DEBUG:     r0 30384636  r1 00000058  r2 a49016e8  r3 00000058
06-03 13:35:37.920 6307-6307/? A/DEBUG:     r4 a480628c  r5 3038392e  r6 00000000  r7 a4806278
06-03 13:35:37.920 6307-6307/? A/DEBUG:     r8 a53532e8  r9 00000001  sl a53532dc  fp 00000001
06-03 13:35:37.920 6307-6307/? A/DEBUG:     ip a5349860  sp bea94a68  lr a532f97d  pc a5308b26  cpsr 200f0030
06-03 13:35:37.991 6307-6307/? A/DEBUG: backtrace:
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #00 pc 00047b26  /system/lib/libc.so (pthread_mutex_lock+1)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #01 pc 0006e979  /system/lib/libc.so (je_tcache_bin_flush_small+144)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #02 pc 0006e88d  /system/lib/libc.so (je_tcache_event_hard+60)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #03 pc 00064d09  /system/lib/libc.so (je_calloc+776)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #04 pc 0000f94d  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (roxml_malloc+64)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #05 pc 0000eeab  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (roxml_get_name+502)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #06 pc 0000ef8f  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (roxml_get_nodes+42)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #07 pc 0000c079  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (get_attr_content+12)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #08 pc 0000c785  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (get_prodcore_item+92)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #09 pc 0000c82f  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (get_prodcore_items+98)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #10 pc 0000c8d3  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (get_prod_prodcore+54)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #11 pc 0000a1ab  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (parse_prod_file_from_buf+70)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #12 pc 0000acf7  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (mylib_get_basic_info+238)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #13 pc 0000b611  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (mylib_open+388)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #14 pc 0000779d  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (Java_com_mycompany_mylib_mylibJNI_openmylibprod+60)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #15 pc 000ad919  /system/lib/libart.so (art_quick_generic_jni_trampoline+40)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #16 pc 000a8f41  /system/lib/libart.so (art_quick_invoke_stub_internal+64)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #17 pc 0040535d  /system/lib/libart.so (art_quick_invoke_stub+232)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #18 pc 000b0209  /system/lib/libart.so (_ZN3art9ArtMethod6InvokeEPNS_6ThreadEPjjPNS_6JValueEPKc+136)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #19 pc 001ec4eb  /system/lib/libart.so (_ZN3art11interpreter34ArtInterpreterToCompiledCodeBridgeEPNS_6ThreadEPNS_9ArtMethodEPKNS_7DexFile8CodeItemEPNS_11ShadowFrameEPNS_6JValueE+198)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #20 pc 001e6a8b  /system/lib/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+478)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #21 pc 0020d1d3  /system/lib/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+422)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #22 pc 00203259  /system/lib/libart.so (_ZN3art11interpreter17ExecuteSwitchImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b+12904)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #23 pc 001ca845  /system/lib/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameENS_6JValueEb+368)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #24 pc 001cf357  /system/lib/libart.so (_ZN3art11interpreter33ArtInterpreterToInterpreterBridgeEPNS_6ThreadEPKNS_7DexFile8CodeItemEPNS_11ShadowFrameEPNS_6JValueE+114)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #25 pc 001e6a6f  /system/lib/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+450)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #26 pc 0020d1d3  /system/lib/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+422)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #27 pc 00203259  /system/lib/libart.so (_ZN3art11interpreter17ExecuteSwitchImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b+12904)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #28 pc 001ca845  /system/lib/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameENS_6JValueEb+368)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #29 pc 001cf357  /system/lib/libart.so (_ZN3art11interpreter33ArtInterpreterToInterpreterBridgeEPNS_6ThreadEPKNS_7DexFile8CodeItemEPNS_11ShadowFrameEPNS_6JValueE+114)
06-03 13:35:37.992 6307-6307/? A/DEBUG:     #30 pc 001e6a6f  /system/lib/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+450)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #31 pc 0020e809  /system/lib/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE1ELb0ELb0EEEbPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+264)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #32 pc 002053c1  /system/lib/libart.so (_ZN3art11interpreter17ExecuteSwitchImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b+21456)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #33 pc 001ca845  /system/lib/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameENS_6JValueEb+368)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #34 pc 001cf357  /system/lib/libart.so (_ZN3art11interpreter33ArtInterpreterToInterpreterBridgeEPNS_6ThreadEPKNS_7DexFile8CodeItemEPNS_11ShadowFrameEPNS_6JValueE+114)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #35 pc 001e6a6f  /system/lib/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+450)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #36 pc 0020e809  /system/lib/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE1ELb0ELb0EEEbPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+264)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #37 pc 002053c1  /system/lib/libart.so (_ZN3art11interpreter17ExecuteSwitchImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b+21456)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #38 pc 001ca845  /system/lib/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameENS_6JValueEb+368)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #39 pc 001cf357  /system/lib/libart.so (_ZN3art11interpreter33ArtInterpreterToInterpreterBridgeEPNS_6ThreadEPKNS_7DexFile8CodeItemEPNS_11ShadowFrameEPNS_6JValueE+114)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #40 pc 001e6a6f  /system/lib/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+450)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #41 pc 0020f641  /system/lib/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE0ELb0ELb0EEEbPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+232)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #42 pc 00203ffd  /system/lib/libart.so (_ZN3art11interpreter17ExecuteSwitchImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b+16396)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #43 pc 001ca845  /system/lib/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameENS_6JValueEb+368)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #44 pc 001cf357  /system/lib/libart.so (_ZN3art11interpreter33ArtInterpreterToInterpreterBridgeEPNS_6ThreadEPKNS_7DexFile8CodeItemEPNS_11ShadowFrameEPNS_6JValueE+114)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #45 pc 001e6a6f  /system/lib/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+450)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #46 pc 0020f033  /system/lib/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE4ELb0ELb0EEEbPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+830)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #47 pc 00205c45  /system/lib/libart.so (_ZN3art11interpreter17ExecuteSwitchImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b+23636)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #48 pc 001ca845  /system/lib/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameENS_6JValueEb+368)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #49 pc 001cf357  /system/lib/libart.so (_ZN3art11interpreter33ArtInterpreterToInterpreterBridgeEPNS_6ThreadEPKNS_7DexFile8CodeItemEPNS_11ShadowFrameEPNS_6JValueE+114)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #50 pc 001e6a6f  /system/lib/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+450)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #51 pc 0020d1d3  /system/lib/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+422)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #52 pc 00203259  /system/lib/libart.so (_ZN3art11interpreter17ExecuteSwitchImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b+12904)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #53 pc 001ca845  /system/lib/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameENS_6JValueEb+368)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #54 pc 001cf357  /system/lib/libart.so (_ZN3art11interpreter33ArtInterpreterToInterpreterBridgeEPNS_6ThreadEPKNS_7DexFile8CodeItemEPNS_11ShadowFrameEPNS_6JValueE+114)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #55 pc 001e6a6f  /system/lib/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+450)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #56 pc 0020f033  /system/lib/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE4ELb0ELb0EEEbPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+830)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #57 pc 00205c45  /system/lib/libart.so (_ZN3art11interpreter17ExecuteSwitchImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b+23636)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #58 pc 001ca845  /system/lib/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameENS_6JValueEb+368)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #59 pc 001cf357  /system/lib/libart.so (_ZN3art11interpreter33ArtInterpreterToInterpreterBridgeEPNS_6ThreadEPKNS_7DexFile8CodeItemEPNS_11ShadowFrameEPNS_6JValueE+114)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #60 pc 001e6a6f  /system/lib/libart.so (_ZN3art11interpreter6DoCallILb0ELb0EEEbPNS_9ArtMethodEPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+450)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #61 pc 0020d1d3  /system/lib/libart.so (_ZN3art11interpreterL8DoInvokeILNS_10InvokeTypeE2ELb0ELb0EEEbPNS_6ThmyappNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+422)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #62 pc 00203259  /system/lib/libart.so (_ZN3art11interpreter17ExecuteSwitchImplILb0ELb0EEENS_6JValueEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameES2_b+12904)
06-03 13:35:37.993 6307-6307/? A/DEBUG:     #63 pc 001ca845  /system/lib/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameENS_6JValueEb+368)

another one:

06-03 14:06:34.775 8746-8746/com.mycompany.myapp A/libc: Fatal signal 11 (SIGSEGV), code 2, fault addr 0x3438379e in tid 8746 (mycompany.myapp)

                                                             [ 06-03 14:06:34.776   182:  182 W/         ]
                                                             debuggerd: handling request: pid=8746 uid=10147 gid=10147 tid=8746
06-03 14:06:34.842 9224-9224/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
06-03 14:06:34.843 9224-9224/? A/DEBUG: Build fingerprint: 'nvidia/wx_un_do/shieldtablet:7.0/NRD90M/1928188_850.6612:user/release-keys'
06-03 14:06:34.843 9224-9224/? A/DEBUG: Revision: '0'
06-03 14:06:34.843 9224-9224/? A/DEBUG: ABI: 'arm'
06-03 14:06:34.843 9224-9224/? A/DEBUG: pid: 8746, tid: 8746, name: mycompany.myapp  >>> com.mycompany.myapp <<<
06-03 14:06:34.843 9224-9224/? A/DEBUG: signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x3438379e
06-03 14:06:34.843 9224-9224/? A/DEBUG:     r0 3438379e  r1 00000058  r2 a4900e50  r3 00000058
06-03 14:06:34.843 9224-9224/? A/DEBUG:     r4 a4806034  r5 3438332e  r6 00000000  r7 a4806020
06-03 14:06:34.843 9224-9224/? A/DEBUG:     r8 a53532e8  r9 00000004  sl a53532dc  fp 00000004
06-03 14:06:34.843 9224-9224/? A/DEBUG:     ip a5349860  sp bea948c8  lr a532f97d  pc a5308b26  cpsr 20070030
06-03 14:06:34.945 9224-9224/? A/DEBUG: backtrace:
06-03 14:06:34.945 9224-9224/? A/DEBUG:     #00 pc 00047b26  /system/lib/libc.so (pthread_mutex_lock+1)
06-03 14:06:34.945 9224-9224/? A/DEBUG:     #01 pc 0006e979  /system/lib/libc.so (je_tcache_bin_flush_small+144)
06-03 14:06:34.945 9224-9224/? A/DEBUG:     #02 pc 00066f09  /system/lib/libc.so (ifree+432)
06-03 14:06:34.945 9224-9224/? A/DEBUG:     #03 pc 000671eb  /system/lib/libc.so (je_free+74)
06-03 14:06:34.945 9224-9224/? A/DEBUG:     #04 pc 00010c2f  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (roxml_del_from_pool+72)

and yet another:

06-03 21:23:53.136 19575-19829/com.mycompany.myapp A/libc: Fatal signal 11 (SIGSEGV), code 2, fault addr 0x3438480a in tid 19829 (RenderThread)

                                                               [ 06-03 21:23:53.137   182:  182 W/         ]
                                                               debuggerd: handling request: pid=19575 uid=10147 gid=10147 tid=19829
06-03 21:23:53.446 19995-19995/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
06-03 21:23:53.446 19995-19995/? A/DEBUG: Build fingerprint: 'nvidia/wx_un_do/shieldtablet:7.0/NRD90M/1928188_850.6612:user/release-keys'
06-03 21:23:53.447 19995-19995/? A/DEBUG: Revision: '0'
06-03 21:23:53.447 19995-19995/? A/DEBUG: ABI: 'arm'
06-03 21:23:53.448 19995-19995/? A/DEBUG: pid: 19575, tid: 19829, name: RenderThread  >>> com.mycompany.myapp <<<
06-03 21:23:53.448 19995-19995/? A/DEBUG: signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x3438480a
06-03 21:23:53.448 19995-19995/? A/DEBUG:     r0 3438392e  r1 8b8fda20  r2 00000001  r3 00000000
06-03 21:23:53.449 19995-19995/? A/DEBUG:     r4 a483aa00  r5 8b8fd3ec  r6 98356000  r7 00000002
06-03 21:23:53.449 19995-19995/? A/DEBUG:     r8 00000001  r9 00000000  sl a4863a84  fp a4863a80
06-03 21:23:53.449 19995-19995/? A/DEBUG:     ip a71ecf18  sp 8b8fd330  lr 98305edf  pc 98305eec  cpsr 00000030
06-03 21:23:53.481 19995-19995/? A/DEBUG: backtrace:
06-03 21:23:53.481 19995-19995/? A/DEBUG:     #00 pc 0000deec  /system/vendor/lib/egl/libEGL_tegra.so
06-03 21:23:53.481 19995-19995/? A/DEBUG:     #01 pc 00013805  /system/vendor/lib/egl/libEGL_tegra.so (eglGetError+4)
06-03 21:23:53.481 19995-19995/? A/DEBUG:     #02 pc 0000c071  /system/lib/libEGL.so (eglGetError+20)
06-03 21:23:53.481 19995-19995/? A/DEBUG:     #03 pc 0000b93f  /system/lib/libEGL.so (eglQuerySurface+22)
06-03 21:23:53.481 19995-19995/? A/DEBUG:     #04 pc 00025963  /system/lib/libhwui.so
06-03 21:23:53.482 19995-19995/? A/DEBUG:     #05 pc 0002311f  /system/lib/libhwui.so
06-03 21:23:53.482 19995-19995/? A/DEBUG:     #06 pc 00024d6b  /system/lib/libhwui.so
06-03 21:23:53.482 19995-19995/? A/DEBUG:     #07 pc 00028181  /system/lib/libhwui.so (_ZN7android10uirenderer12renderthread12RenderThread10threadLoopEv+80)
06-03 21:23:53.482 19995-19995/? A/DEBUG:     #08 pc 0000f155  /system/lib/libutils.so (_ZN7android6Thread11_threadLoopEPv+144)
06-03 21:23:53.482 19995-19995/? A/DEBUG:     #09 pc 00065e75  /system/lib/libandroid_runtime.so (_ZN7android14AndroidRuntime15javaThreadShellEPv+80)
06-03 21:23:53.482 19995-19995/? A/DEBUG:     #10 pc 00047543  /system/lib/libc.so (_ZL15__pthread_startPv+22)
06-03 21:23:53.482 19995-19995/? A/DEBUG:     #11 pc 0001a115  /system/lib/libc.so (__start_thread+6)

I have to admit, I hate this kind of errors. I have no clue where to look for solutions.

Now a bit about the library:

it takes a zip file, unpacks an xml file out of it and parses data from the xml into a struct which then is used to generate an object with all of that data.

That's basically it. In the JNI class I hold the value of JNIEnv because there is a scenario where I have to call java class from C, but not in this case. The calls I make are limited to the description I gave above.

Also, this happens very often on first call so I doubt it has anything to do with that.

Is there anything else I could provide to make it possible to determine the cause of the crashes?

I am a bit fed up with the issue, if it was up to me I would just rewrite the lib in java, but the whole idea of getting the C lib was to have a single code running on all platforms.

I will be grateful for any help.

EDIT I was able to remove a lot of the code from calls to identify the simplest possible way for my app to crash. Now I only have one function which when called will [randomly] crashe the app, and when not called, will never do this.

Here's the JNI code i call, quite simple. Maybe my bug is much simpler then I though.

jlong Java_com_mycompany_product_ProdJNI_openProdBook(JNIEnv* env, jobject this, jstring jprname) {

    // set the jvm variable so other C threads can access java virtual machine
    (*env)->GetJavaVM(env, &jvm);

    const char *prodname = (*env)->GetStringUTFChars(env, jprname, NULL);
    unsigned long ret = product_open(prodname);
    (*env)->ReleaseStringUTFChars(env, jprname, prodname);
    return ret;
}

This is not an answer, but it is too long for a comment. There are two things that I would note. First, your comment that "After around 200-300ms after the call, my app crashes [randomly]", the stack trace in two of the failures include your native library libmylibjni.so:

06-03 13:35:37.991 6307-6307/? A/DEBUG:     #00 pc 00047b26  /system/lib/libc.so (pthread_mutex_lock+1)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #01 pc 0006e979  /system/lib/libc.so (je_tcache_bin_flush_small+144)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #02 pc 0006e88d  /system/lib/libc.so (je_tcache_event_hard+60)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #03 pc 00064d09  /system/lib/libc.so (je_calloc+776)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #04 pc 0000f94d  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (roxml_malloc+64)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #05 pc 0000eeab  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (roxml_get_name+502)
06-03 13:35:37.991 6307-6307/? A/DEBUG:     #06 pc 0000ef8f  /data/app/com.mycompany.myapp-2/lib/arm/libmylibjni.so (roxml_get_nodes+42)

Presumably this is running from a native thread started by libart.so as you see all the way at the bottom of the stack:

06-03 13:35:37.993 6307-6307/? A/DEBUG:     #63 pc 001ca845  /system/lib/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameENS_6JValueEb+368)

While you have not provided us with any of your code, I'm going to hazard a theory and say that you are exchanging memory buffers between C++ and Java, and one of them is corrupting that memory, or failing to abide by mutex control over shared data (which can lead to corruption). Hence the crash during heap operations or otherwise-unrelated code.

A second theory is that libart.so has a bug and that is causing your troubles.

If you have some code to share, we might be able to help more.

Related Articles

The Android app crashed after a while

I've a problem which I do not have a clue on what causing the crash. I have a inner class of Timer which is triggered from the MainActivity onCreate() every minute. timer = new Timer(); timer.scheduleAtFixedRate(new RemindTask(),2000, 10000); This is

The Android app crashes after launch. Button problem?

I got problem with my first Android application. Just after running, my app crashes in emulator with "Unfortunately has stopped." message. I checked many threads on Stack and I read pretty much of official documentation and I really do not know

The Android app crashes when opening Socket Client

I'm developing an android application that uses Client/Server architecture and i have an error i have a server that i built as a java application, and the client as an android application, my problem is when i click on connect button, the server disp

The Android app hangs when you use the AsyncTask runtime method

My app contains class called BackgroundWorker that extends AsyncTask for handling communication with online server. I'm trying to activate the backgroundWorker class from two different classes - one is from my MainActivity class and the other is from

The Android app crashed on the click

my app crashes when i run it and try to navigate to a different class using onclick comand, its just a simple intent so im clueless as to whats wrong. this is my main code package com.example.converter; import android.app.Activity; import android.con

The Android app crashes into Emulator

I'm a novice android app developer. I wrote an application which fetches Bible Readings from online. I wrote the separate Java class for fetching the reading and I tested it and it's working fine. But when I tried to use that in my Android App, my ap

The Android app crashes when adding TTS code

I'm new to Android development and I'm trying to run the basic text to speech (TTS) code on (android 4.4 platform and Samsung Galaxy S4) but the app crashes once it is opened. The main activity code and a capture screen of the system message are give