Caton analysis of iFLYTEK application

background

According to user feedback, our app runs Caton on iFLYTEK's customized system. 1. After clicking to enter the application, the user clicks no response, and the system prompts ANR. 2. Debug runs without jamming, and Release runs with jamming

analysis

Get traces file of ANR

Methods: under the directory: / data/anr /, find traces Txt file Result: the: / data/anr / directory has no traces Txt stack file Method: by bugreport Get system error message $ adb bugreport View the bugreport file: grep (find) ANR in (no results) grep (look up) am_anr find the time when anr occurred There is no other stack information to navigate to the specific location 

09-22 10:48:01.699  1000   949   985 I am_anr  : [0,5214,Package name******,953695812,Input dispatching timed out (Waiting to send non-key event because the touched window has not finished processing certain input events that were delivered to it over 500.0ms ago.  Wait queue length: 8.  Wait queue head age: 6920.6ms.)]
Time: 09-22 10:48:01.699
 Input response timeout, process number: 5214 
Process name: ******
ANR Type: Input dispatching timed out

Analyze Release/Debug build differences

The following methods were tried: 1,./ Gradlew assemblyrelease: build a local Release package. / / an ANR exists and the problem of continuous integration environment is eliminated 2,build. The gradle file sets the alignment between the config configuration and Debug configuration of Rlease. / / locate the ANR error caused by the specific config configuration.

The reason for the error is that the Release enables the anti debugging detection, the anti debugging component detects an exception and terminates the process

Why does debugged component cause ANR?

1. The debuggable plugin is loaded using the Demo program, and the Demo app exits directly. 2. Our APP loads the anti debugging plugin. The APP is stuck on the startup page all the time. Click to display ANR (the APP process has not been exited). To view logcat logs:

2021-09-26 09:30:14.887 992-992/? I/Zygote: Process 21231 exited due to signal 9 (Killed)
2021-09-26 09:30:14.888 1546-4458/? I/ActivityManager: Process ****** (pid 21231) has died: fg  TOP 
2021-09-26 09:30:14.888 1546-4458/? W/ActivityManager: Canceling start item Intent { cmp=******/******.timer.calendar.CalendarSystemAlarmService } in service ******/******.timer.calendar.CalendarSystemAlarmService
2021-09-26 09:30:14.888 1546-4458/? W/ActivityManager: Scheduling restart of crashed service ******/******.timer.calendar.CalendarSystemAlarmService in 426112ms for start-requested
2021-09-26 09:30:14.890 1546-1608/? I/libprocessgroup: Successfully killed process cgroup uid 10271 pid 21231 in 0ms
2021-09-26 09:30:14.891 1546-1594/? D/CompatibilityChangeReporter: Compat change id reported: 135634846; UID 10271; state: DISABLED
2021-09-26 09:30:14.892 1546-1607/? D/CompatibilityChangeReporter: Compat change id reported: 143937733; UID 10271; state: DISABLED
2021-09-26 09:30:14.910 992-992/? D/Zygote: Forked child process 22007
2021-09-26 09:30:14.913 1546-1607/? I/ActivityManager: Start proc 22007:******/u0a271 for top-activity {******/******.WwMainActivity}

A log named Forked child process 22007 is found in logcat. When the app was killed, a new process was triggered by Forked. As a result, the app process has not been killed and ANR appears

Commands used during debugging

adb close application $ADB shell am force stop package name

Get system information $ adb shell getprop ro.build.version.release 9

Get cpu Information $ adb shell cat /proc/cpuinfo

Get memory information $ adb shell cat /proc/meminfo Memtotal: 1870388 KB = 1826m = 1.78g / / total memory MemFree: 210684 KB = 205m = 0.2g / / system available memory Memavailable: 829500 KB = 810m = 0.79g / / the available memory of the application is approximately equal to MemFree + Buffers + Cached Buffers: 24616 kB = 24M Cached: 645764 kB = 630M

conclusion

1. The Release package released by APP has opened the reverse adjustment test certificate 2. IFLYTEK's ROM mode is userdebug, and it cannot run under anti debugging detection (it shows that APP has ANR) 3. After the anti debugging kil drops the app process, the system automatically fork s a new process to start. After starting, the detection fails again. In this way, it enters the cycle and app gets stuck.

reference resources

Get the construction mode of mobile phone system https://likfe.com/2017/10/09/android-usermode/

Added by NogDog on Thu, 16 Dec 2021 19:46:59 +0200

Popular Keywords

©2025 Programming VIP