'SIGABRT in the Chromium WebView when calling isAppUsingDarkTheme
We receive interesting native crash reports from our users. According to the log, the exception happens in the com.google.android.webview library when requesting theme attributes, specifically isAppUsingDarkTheme. The final method which fails is android::NativeApplyStyle(_JNIEnv*, _jclass*, long, long, int, int, long, _jintArray*, long, long).
According to user activity logs, there is a web content shown in the WebView before the crash. Here is the full stack of the issue.
backtrace:
#00 pc 000000000004e40c /apex/com.android.runtime/lib64/bionic/libc.so (abort+164)
#00 pc 000000000055d72c /apex/com.android.art/lib64/libart.so (art::Runtime::Abort(char const*)+2308)
#00 pc 0000000000013be4 /system/lib64/libbase.so (android::base::SetAborter(std::__1::function<void (char const*)>&&)::$_3::__invoke(char const*)+76)
#00 pc 0000000000012fb4 /system/lib64/libbase.so (android::base::LogMessage::~LogMessage()+320)
#00 pc 0000000000120660 /system/lib64/libandroid_runtime.so (android::NativeApplyStyle(_JNIEnv*, _jclass*, long, long, int, int, long, _jintArray*, long, long)+348)
#00 pc 0000000000201e20 /system/framework/arm64/boot-framework.oat (art_jni_trampoline+240)
#00 pc 0000000000385368 /system/framework/arm64/boot-framework.oat (android.content.res.AssetManager.applyStyle+216)
#00 pc 000000000038f414 /system/framework/arm64/boot-framework.oat (android.content.res.ResourcesImpl$ThemeImpl.obtainStyledAttributes+244)
#00 pc 00000000003896f4 /system/framework/arm64/boot-framework.oat (android.content.res.Resources$Theme.obtainStyledAttributes+84)
#00 pc 00000000002b6224 /data/app/~~p8SKPpSzs5AfQaojVfFlHw==/com.google.android.webview-1wbeQSnfamx66qteIYrtdw==/oat/arm64/base.odex (kp.a+116)
#00 pc 00000000002de064 /data/app/~~p8SKPpSzs5AfQaojVfFlHw==/com.google.android.webview-1wbeQSnfamx66qteIYrtdw==/oat/arm64/base.odex (org.chromium.android_webview.AwDarkMode.isAppUsingDarkTheme+52)
#00 pc 0000000000133564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548)
#00 pc 00000000001a8a78 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200)
#00 pc 00000000005556d0 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+468)
#00 pc 0000000000555870 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+92)
#00 pc 00000000003a0d58 /apex/com.android.art/lib64/libart.so (art::JNI<false>::CallBooleanMethodV(_JNIEnv*, _jobject*, _jmethodID*, std::__va_list)+660)
#00 pc 00000000044b14ec /data/app/~~q2NFNMmXLCDOwTWYx91GOQ==/com.google.android.trichromelibrary_484408834-D4_y5yNsScUQXhSZirfHYg==/base.apk!libmonochrome_64.so (offset 0x6f8000)
#00 pc 0000000001bce710 /data/app/~~q2NFNMmXLCDOwTWYx91GOQ==/com.google.android.trichromelibrary_484408834-D4_y5yNsScUQXhSZirfHYg==/base.apk!libmonochrome_64.so (offset 0x6f8000)
#00 pc 0000000001bce66c /data/app/~~q2NFNMmXLCDOwTWYx91GOQ==/com.google.android.trichromelibrary_484408834-D4_y5yNsScUQXhSZirfHYg==/base.apk!libmonochrome_64.so (offset 0x6f8000)
#00 pc 0000000001bd9470 /data/app/~~q2NFNMmXLCDOwTWYx91GOQ==/com.google.android.trichromelibrary_484408834-D4_y5yNsScUQXhSZirfHYg==/base.apk!libmonochrome_64.so (offset 0x6f8000) (Java_J_N_MrAp8rc4+5068)
#00 pc 000000000016f13c /data/app/~~p8SKPpSzs5AfQaojVfFlHw==/com.google.android.webview-1wbeQSnfamx66qteIYrtdw==/oat/arm64/base.odex (art_jni_trampoline+188)
#00 pc 00000000002e23a0 /data/app/~~p8SKPpSzs5AfQaojVfFlHw==/com.google.android.webview-1wbeQSnfamx66qteIYrtdw==/oat/arm64/base.odex (org.chromium.android_webview.AwSettings.populateWebPreferences+96)
#00 pc 0000000000133564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548)
#00 pc 00000000001a8a78 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200)
#00 pc 00000000005556d0 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+468)
#00 pc 0000000000555870 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+92)
#00 pc 00000000003abbbc /apex/com.android.art/lib64/libart.so (art::JNI<false>::CallVoidMethodV(_JNIEnv*, _jobject*, _jmethodID*, std::__va_list)+660)
#00 pc 0000000003b92d18 /data/app/~~q2NFNMmXLCDOwTWYx91GOQ==/com.google.android.trichromelibrary_484408834-D4_y5yNsScUQXhSZirfHYg==/base.apk!libmonochrome_64.so (offset 0x6f8000)
#00 pc 0000000001bda1d4 /data/app/~~q2NFNMmXLCDOwTWYx91GOQ==/com.google.android.trichromelibrary_484408834-D4_y5yNsScUQXhSZirfHYg==/base.apk!libmonochrome_64.so (offset 0x6f8000)
#00 pc 00000000043d54f4 /data/app/~~q2NFNMmXLCDOwTWYx91GOQ==/com.google.android.trichromelibrary_484408834-D4_y5yNsScUQXhSZirfHYg==/base.apk!libmonochrome_64.so (offset 0x6f8000)
#00 pc 00000000023d0504 /data/app/~~q2NFNMmXLCDOwTWYx91GOQ==/com.google.android.trichromelibrary_484408834-D4_y5yNsScUQXhSZirfHYg==/base.apk!libmonochrome_64.so (offset 0x6f8000)
#00 pc 0000000004b62074 /data/app/~~q2NFNMmXLCDOwTWYx91GOQ==/com.google.android.trichromelibrary_484408834-D4_y5yNsScUQXhSZirfHYg==/base.apk!libmonochrome_64.so (offset 0x6f8000) (Java_J_N_MGCvz8lp+64)
#00 pc 000000000016932c /data/app/~~p8SKPpSzs5AfQaojVfFlHw==/com.google.android.webview-1wbeQSnfamx66qteIYrtdw==/oat/arm64/base.odex (art_jni_trampoline+172)
#00 pc 000000000035fdf8 /data/app/~~p8SKPpSzs5AfQaojVfFlHw==/com.google.android.webview-1wbeQSnfamx66qteIYrtdw==/oat/arm64/base.odex (org.chromium.ui.events.devices.InputDeviceObserver.onInputDeviceAdded [DEDUPED]+40)
#00 pc 0000000000133564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548)
#00 pc 00000000001a8a78 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200)
#00 pc 00000000003185c8 /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376)
#00 pc 000000000030e8f4 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+996)
#00 pc 000000000067e650 /apex/com.android.art/lib64/libart.so (MterpInvokeInterface+1032)
#00 pc 000000000012da14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_interface+20)
#00 pc 00000000004d0bf8 /system/framework/framework.jar (android.hardware.input.InputManager$InputDeviceListenerDelegate.handleMessage+32)
#00 pc 0000000000305ef0 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.7972480776628613073)+268)
#00 pc 000000000066b988 /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+780)
#00 pc 000000000013cff8 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88)
#00 pc 000000000064fd64 /system/framework/arm64/boot-framework.oat (android.os.Handler.dispatchMessage+180)
#00 pc 00000000006532c4 /system/framework/arm64/boot-framework.oat (android.os.Looper.loop+1668)
#00 pc 000000000040de40 /system/framework/arm64/boot-framework.oat (android.app.ActivityThread.main+752)
#00 pc 00000000001337e8 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568)
#00 pc 00000000001a8a94 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228)
#00 pc 0000000000555df0 /apex/com.android.art/lib64/libart.so (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1364)
#00 pc 00000000004d5538 /apex/com.android.art/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52)
#00 pc 000000000008a6f4 /apex/com.android.art/javalib/arm64/boot.oat (art_jni_trampoline+180)
#00 pc 00000000008d0968 /system/framework/arm64/boot-framework.oat (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+136)
#00 pc 00000000008d912c /system/framework/arm64/boot-framework.oat (com.android.internal.os.ZygoteInit.main+2444)
#00 pc 00000000001337e8 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568)
#00 pc 00000000001a8a94 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228)
#00 pc 000000000055482c /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+448)
#00 pc 0000000000554ce0 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+92)
#00 pc 0000000000438e64 /apex/com.android.art/lib64/libart.so (art::JNI<true>::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+656)
#00 pc 000000000009b424 /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+124)
#00 pc 00000000000a34e8 /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+836)
#00 pc 0000000000003674 /system/bin/app_process64 (main+1580)
#00 pc 00000000000499e4 /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108)
And here is the code of the NativeApplyStyle, where the crash happens.
static void NativeApplyStyle(JNIEnv* env, jclass /*clazz*/, jlong ptr, jlong theme_ptr,
jint def_style_attr, jint def_style_resid, jlong xml_parser_ptr,
jintArray java_attrs, jlong out_values_ptr, jlong out_indices_ptr) {
ScopedLock<AssetManager2> assetmanager(AssetManagerFromLong(ptr));
Theme* theme = reinterpret_cast<Theme*>(theme_ptr);
CHECK(theme->GetAssetManager() == &(*assetmanager));
(void) assetmanager;
ResXMLParser* xml_parser = reinterpret_cast<ResXMLParser*>(xml_parser_ptr);
uint32_t* out_values = reinterpret_cast<uint32_t*>(out_values_ptr);
uint32_t* out_indices = reinterpret_cast<uint32_t*>(out_indices_ptr);
jsize attrs_len = env->GetArrayLength(java_attrs);
jint* attrs = reinterpret_cast<jint*>(env->GetPrimitiveArrayCritical(java_attrs, nullptr));
if (attrs == nullptr) {
return;
}
ApplyStyle(theme, xml_parser, static_cast<uint32_t>(def_style_attr),
static_cast<uint32_t>(def_style_resid), reinterpret_cast<uint32_t*>(attrs), attrs_len,
out_values, out_indices);
env->ReleasePrimitiveArrayCritical(java_attrs, attrs, JNI_ABORT);
}
Any thoughts?
Solution 1:[1]
Found similar bug posted here https://issuetracker.google.com/issues/225213329
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Android Priya |