Android 4.4 KitKat random crash

Question

EDIT: Before down-voting and implying things, please understand I cannot reproduce this error. This happens constantly on certain devices which I do not have access to, but not after a firmware reset!

I recently discovered random crashes in an app I am developing for a customer. The app has roughly 100.000 active users now after 3 years.

We've seen the crash on Nexus 4 and 5, both with Android 4.4 KitKat.

We cannot reproduce it on our own Nexus 4 and 5 running 4.4.

We've had a customer through our support. He told us the crash happens every time at the same place when invoking a new activity. He was running Dalvik, not ART. After resetting the firmware the app worked fine and could not reproduce it again!

I cannot post the source or layout for legal reasons, but have this stacktrace:

java.lang.RuntimeException: Unable to start activity ComponentInfo{xx.xxx.xxxxx.xxx.xxxxxx.prod/xx.xxx.xxxxx.xxx.PaymentsActivity}: java.lang.NullPointerException at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2176) at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2226) at android.app.ActivityThread.access$700(ActivityThread.java:135) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1397) at android.os.Handler.dispatchMessage(Handler.java:102) at android.os.Looper.loop(Looper.java:137) at android.app.ActivityThread.main(ActivityThread.java:4998) at java.lang.reflect.Method.invokeNative(Native Method) at java.lang.reflect.Method.invoke(Method.java:515) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:777) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:593) at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:126) at dalvik.system.NativeStart.main(Native Method) Caused by: java.lang.NullPointerException at android.view.View.sendAccessibilityEventUncheckedInternal(View.java:4938) at android.view.View.sendAccessibilityEventUnchecked(View.java:4919) at android.view.View$SendViewStateChangedAccessibilityEvent.run(View.java:19433) at android.view.View$SendViewStateChangedAccessibilityEvent.runOrPost(View.java:19465) at android.view.View.notifyViewAccessibilityStateChangedIfNeeded(View.java:7265) at android.view.View.setFlags(View.java:8990) at android.view.View.setVisibility(View.java:6020) at android.view.LayoutInflater.parseInclude(LayoutInflater.java:859) at de.robv.android.xposed.XposedBridge.invokeOriginalMethodNative(Native Method) at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:547) at android.view.LayoutInflater.parseInclude(Native Method) at android.view.LayoutInflater.rInflate(LayoutInflater.java:745) at android.view.LayoutInflater.inflate(LayoutInflater.java:492) at de.robv.android.xposed.XposedBridge.invokeOriginalMethodNative(Native Method) at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:547) at android.view.LayoutInflater.inflate(Native Method) at android.view.LayoutInflater.inflate(LayoutInflater.java:397) at android.view.LayoutInflater.inflate(LayoutInflater.java:353) at com.android.internal.policy.impl.PhoneWindow.setContentView(PhoneWindow.java:290) at android.app.Activity.setContentView(Activity.java:1928) at xx.xxx.xxxxx.xxx.StandardActivity.setContentView(StandardActivity.java:289) at xx.xxx.xxxxx.xxx.PaymentsActivity.onCreate(PaymentsActivity.java:61) at android.app.Activity.performCreate(Activity.java:5243) at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1087) at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2140) ... 12 more 

EDIT: Second stacktrace without xposed

java.lang.RuntimeException: Unable to start activity ComponentInfo{xx.xxx.xxxxx.xxx.xxxxx.prod/xx.xxx.xxxxx.xxx.PaymentsActivity}: java.lang.NullPointerException at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2176) at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2226) at android.app.ActivityThread.access$700(ActivityThread.java:135) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1397) at android.os.Handler.dispatchMessage(Handler.java:102) at android.os.Looper.loop(Looper.java:137) at android.app.ActivityThread.main(ActivityThread.java:4998) at java.lang.reflect.Method.invokeNative(Native Method) at java.lang.reflect.Method.invoke(Method.java:515) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:777) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:593) at dalvik.system.NativeStart.main(Native Method) Caused by: java.lang.NullPointerException at android.view.View.sendAccessibilityEventUncheckedInternal(View.java:4938) at android.view.View.sendAccessibilityEventUnchecked(View.java:4919) at android.view.View$SendViewStateChangedAccessibilityEvent.run(View.java:19433) at android.view.View$SendViewStateChangedAccessibilityEvent.runOrPost(View.java:19465) at android.view.View.notifyViewAccessibilityStateChangedIfNeeded(View.java:7265) at android.view.View.setFlags(View.java:8990) at android.view.View.setVisibility(View.java:6020) at android.view.LayoutInflater.parseInclude(LayoutInflater.java:859) at android.view.LayoutInflater.rInflate(LayoutInflater.java:745) at android.view.LayoutInflater.inflate(LayoutInflater.java:492) at android.view.LayoutInflater.inflate(LayoutInflater.java:397) at android.view.LayoutInflater.inflate(LayoutInflater.java:353) at com.android.internal.policy.impl.PhoneWindow.setContentView(PhoneWindow.java:290) at android.app.Activity.setContentView(Activity.java:1928) at xx.xxx.xxxxx.xxx.StandardActivity.setContentView(StandardActivity.java:289) at xx.xxx.xxxxx.xxx.PaymentsActivity.onCreate(PaymentsActivity.java:61) at android.app.Activity.performCreate(Activity.java:5243) at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1087) at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2140) ... 11 more 

The layout being set in setContentView() contains frames, else it's pretty standard and plain.

Any input is highly appreciated :-)

Answer 1

I've also run into this same problem with some code I was maintaining. I was able to consistently replicate the bug by enabling TalkBack in the accessibility options.

First, here's the method from View.java where the null reference that caused the crash was used, from the KitKat release of Android:

void sendAccessibilityEventUncheckedInternal(AccessibilityEvent event) {     if (!isShown()) {         return;     }     onInitializeAccessibilityEvent(event);     // Only a subset of accessibility events populates text content.     if ((event.getEventType() & POPULATING_ACCESSIBILITY_EVENT_TYPES) != 0) {         dispatchPopulateAccessibilityEvent(event);     }     // In the beginning we called #isShown(), so we know that getParent() is not null.     getParent().requestSendAccessibilityEvent(this, event); } 

For me, the root cause turned out to be a custom View which had overridden View.isShown() like so:

public boolean isShown(){   return someCondition; } 

This meant that sendAccessibilityEventUncheckedInternal would run past the if(!isShown()) check that it makes before proceeding even when the View had a null parent, and so caused the crash.

I had originally thought it was a concurrency problem, because I assumed the isShown() check had ensured the parent wasn't null and that the reference to the View's parent had been changed during the execution of sendAccessibilityEventUncheckedInternal. Wrong!

If you find a similar problem, especially in code you didn't write, you can prevent this crash pretty easily by including the result of the superclass's isShown() (assuming you are changing code in a direct subClass of View):

public boolean isShown(){   return super.isShown() && someCondition; } 

Answer 2

My users have been running into the same problem and it appears to be caused by one or more accessibility options being turned on. Some of my users were using the Pebble smart watch which installs an accessibility option - so it's not just TalkBack, etc.

The diagnosis

Take a look at this bit of KitKat's View#setFlags() method at https://github.com/android/platform_frameworks_base/blob/kitkat-mr1-release/core/java/android/view/View.java#L9006

if (accessibilityEnabled) {   ...   notifyViewAccessibilityStateChangedIfNeeded(                         AccessibilityEvent.CONTENT_CHANGE_TYPE_UNDEFINED); } 

that sends you down the rabbit hole ending in a NullPointerException if it's executed before the View is attached to the view hierarchy (i.e. is has no parent) because in View#sendAccessibilityEventUncheckedInternal() at https://github.com/android/platform_frameworks_base/blob/kitkat-mr1-release/core/java/android/view/View.java#L4952 we have:

getParent().requestSendAccessibilityEvent(this, event); 

My workaround (which looks like it won't work for you)

For my app, I am creating a View subclass programmatically and was calling View#setOnClickListener() in the constructor. Instead, I now call View#setOnClickListener() from

@Override protected void onAttachedToWindow() {     super.onAttachedToWindow();     /* Due to a bug in how Android 4.4 handles accessibility options,      * we can't set the onClick listener until this View has a parent or we will      * get an NPE. */     setOnClickListener(this); } 

It works because this View will have a parent by the time View#onAttachedToWindow() gets called.

Your stack trace is more problematic though. You're falling into the rabbit hole via attributes on an XML layout. I haven't come up with an idea for you. One thought is that this must only happen at app startup - otherwise virtually all inflations of XML layouts would trigger the crash because there are so many paths that take you through View#setFlags(). In my app, this one spot appears to be the only crash and it happens at app startup. It's not a pleasant idea but one possibility is to re-order things to inflate this view later.