CN107729167B - Application exception handling method and device - Google Patents
Application exception handling method and device Download PDFInfo
- Publication number
- CN107729167B CN107729167B CN201610653675.5A CN201610653675A CN107729167B CN 107729167 B CN107729167 B CN 107729167B CN 201610653675 A CN201610653675 A CN 201610653675A CN 107729167 B CN107729167 B CN 107729167B
- Authority
- CN
- China
- Prior art keywords
- abnormal
- application process
- application
- server
- time period
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0796—Safety measures, i.e. ensuring safe condition in the event of error, e.g. for controlling element
Abstract
The invention relates to an application exception handling method and device, wherein the method comprises the following steps: operating a first application process; when an abnormal file generated by an operating system when the first application process is abnormal is newly added into the abnormal folder, monitoring the abnormal file through a monitoring process; generating abnormal information according to the abnormal file and reporting the abnormal information to a server; receiving a stop operation instruction fed back by the server, wherein the stop operation instruction is generated according to the reported abnormal information; and stopping operating the first application process according to the operation stopping instruction. The application exception handling method and the device can detect the exception even if the first application process is crashed, and can avoid the first application process from being abnormal to a certain extent due to improper operation on the first application process.
Description
Technical Field
The invention relates to the technical field of computers, in particular to an application exception handling method and device.
Background
With the continuous development of the hardware configuration of the terminal, a variety of applications capable of implementing various functions, such as a photographing application, a video application, a music application, or a game application, may be run on the terminal. The application is applied to the situation that abnormity happens inevitably during running, the abnormal information generated when the application is abnormal is stored and is fed back to developers through a certain channel, and the developers can develop the application of a new version according to the abnormal information, so that the problems of the application of an old version can be solved.
According to the currently adopted application exception handling mode, the application process sets the handling modes corresponding to various possible exception conditions during running, and when some exception occurs in the application process, the handling mode under the exception condition is adopted to report corresponding exception information to the server. However, the current application exception handling method requires that the application process itself can run when an exception occurs, and the exception information cannot be reported when the application process itself crashes.
Disclosure of Invention
Therefore, it is necessary to provide an application exception handling method and apparatus for solving the technical problem that the current application exception handling method cannot report exception information when the application process itself crashes.
An application exception handling method comprising:
operating a first application process;
when an abnormal file generated by an operating system when the first application process is abnormal is newly added into the abnormal folder, monitoring the abnormal file through a monitoring process;
generating abnormal information according to the abnormal file and reporting the abnormal information to a server;
receiving a stop operation instruction fed back by the server, wherein the stop operation instruction is generated according to the reported abnormal information;
and stopping operating the first application process according to the operation stopping instruction.
An application exception handling apparatus comprising:
the operation module is used for operating the first application process;
the monitoring module is used for monitoring the abnormal file through the monitoring process when the abnormal file generated by the operating system when the first application process is abnormal is newly added in the abnormal folder;
the reporting module is used for generating abnormal information according to the abnormal file and reporting the abnormal information to the server;
a receiving module, configured to receive an operation stopping instruction fed back by the server, where the operation stopping instruction is generated according to the reported abnormal information;
the operation module is further used for stopping operating the first application process according to the stop operation instruction.
According to the application exception handling method and device, when the first application process is abnormal, the operating system adds the corresponding exception file in the exception folder, and the exception file can be monitored through the monitoring process, so that the first application process is monitored to be abnormal. Even if the first application process breaks down, an abnormal file for recording the breakdown can be generated through the operating system, the abnormality is monitored through the monitoring process, and the abnormal information is reported according to the abnormal file. And after the first application process is operated, if the first application process is abnormal, the server triggers an operation stopping instruction according to the reported abnormal information, and then stops operating the first application process, so that the first application process is prevented from being abnormal to a certain extent due to improper operation on the first application process.
Drawings
FIG. 1 is a diagram of an application environment in which an exception handling system is implemented, according to one embodiment;
fig. 2 is a schematic structural diagram of a terminal in one embodiment;
FIG. 3 is a schematic diagram of a server in one embodiment;
FIG. 4 is a flowchart illustrating a method for exception handling according to one embodiment;
FIG. 5 is a timing diagram illustrating the application of an exception handling method in accordance with another embodiment;
FIG. 6 is a schematic diagram of an advertising information blocking configuration interface in one embodiment;
FIG. 7 is a diagram illustrating an embodiment in which a server remote control terminal turns off an advertisement information interception function;
FIG. 8 is a block diagram of an application exception handling apparatus in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
FIG. 1 is a diagram of an application environment in which an exception handling system is implemented, according to one embodiment. Referring to fig. 1, the application exception handling system includes a terminal 110 and a server 120, and the terminal 110 and the server 120 communicate with each other through a network connection. The terminal 110 may be plural. Wherein, the terminal 110 may be configured to operate a first application process; when an abnormal file generated by an operating system when the first application process is abnormal is newly added into the abnormal folder, monitoring the abnormal file through a monitoring process; and generating abnormal information according to the abnormal file and reporting the abnormal information to the server 120. The server 120 may be configured to generate an operation stop instruction according to the reported abnormal information, and return the operation stop instruction to the terminal 110. The terminal 110 may be configured to receive a stop operation instruction fed back by the server 120; and stopping operating the first application process according to the stop operation instruction.
Fig. 2 is a schematic diagram of an internal structure of the terminal in one embodiment. As shown in fig. 2, the terminal includes a processor, a nonvolatile storage medium, an internal memory, and a network interface, which are connected through a system bus. The non-volatile storage medium of the terminal stores an operating system and further comprises an application exception handling device, and the application exception handling device is used for achieving an application exception handling method. The processor of the terminal is used to provide computing and control capabilities to support the operation of the entire terminal. The internal memory in the terminal provides an environment for the operation of the application exception handling device in the nonvolatile storage medium. The internal memory of the terminal may have stored therein computer-readable instructions that, when executed by the processor, cause the processor to perform a method of application exception handling. The network interface is used for performing network communication with the server, such as reporting abnormal information to the server, receiving an operation stop instruction sent by the server, and the like. The terminal can be a mobile phone, a tablet computer, a personal digital assistant or a wearable device. Those skilled in the art will appreciate that the configuration shown in fig. 2 is a block diagram of only a portion of the configuration associated with the present application and does not constitute a limitation on the terminal to which the present application is applied, and that a particular terminal may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
Fig. 3 is a schematic diagram of an internal structure of the server in one embodiment. As shown in fig. 3, the server includes a processor, a non-volatile storage medium, an internal memory, and a network interface connected through a system bus. The non-volatile storage medium of the server stores an operating system, a database and an application exception handling device suitable for the server, wherein the database can be used for storing data such as historical exception information, and the application exception handling device is used for realizing an application exception handling method suitable for the server. The processor of the server is used for providing calculation and control capacity and supporting the operation of the whole server. The internal memory of the server provides an environment for the operation of the application exception handling apparatus in the nonvolatile storage medium. The network interface of the server is used for communicating with an external terminal through a network connection. The server may be implemented as a stand-alone server or as a server cluster consisting of a plurality of servers. Those skilled in the art will appreciate that the architecture shown in fig. 3 is a block diagram of only a portion of the architecture associated with the subject application, and does not constitute a limitation on the servers to which the subject application applies, as a particular server may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
FIG. 4 is a flowchart illustrating a method for exception handling in one embodiment. Referring to fig. 2, the present embodiment is illustrated by applying the method to the terminal 110 in fig. 1. The application exception handling method specifically comprises the following steps:
s402, operating the first application process.
The first application is an application for monitoring abnormality, and may be a photographing application, a video application, a music application, a game application, or the like. The first application process refers to a process of a first application, which is an instance of the first application. The operation may be a change to code or a modification of data in the first application process, etc. The terminal may operate the first application process through the second application process. The first application process may be a designated application process or any other application process that removes the second application process.
In one embodiment, step S402 includes: code is injected into a first application process. The injection of the code refers to a process of adding code with a specific function to an application process in operation. Code injection may be implemented using a Hook (Hook) function or a createremote thread function, among others.
The code is executable and can be used for realizing functions such as action interception or data modification when being executed in the first application process. In one embodiment, code is used to intercept advertisement information triggered by a first application process when executed. The advertisement information is information pushed to the user, such as commodity advertisement information for recommending commodities, service advertisement information for recommending professional services, or commercial advertisement information for recommending commercial places. Intercepting the advertisement information triggered by the first application process is to not present the advertisement information, and may be to intercept a network request for acquiring the advertisement information, or to intercept an action of displaying the advertisement information. The code may identify the advertising information by keyword matching when executed.
S404, when an abnormal file generated by the operating system when the first application process is abnormal is newly added in the abnormal folder, monitoring the abnormal file through the monitoring process.
Specifically, the terminal establishes a system process through an operating system, and the system process has system authority; when the first application process is abnormal, for example, when the first application process crashes, the terminal acquires an abnormal file generated when the first application process is abnormal through the system process, and newly adds the abnormal file to the abnormal folder. The terminal can monitor the abnormal folder through a monitoring process different from the first application process and different from the system process, so as to monitor the newly added abnormal file in the abnormal folder.
The Exception occurring in the first application process refers to a state in which the first application process fails to run according to a designed normal target, and includes an uncaptured Exception (Uncaught Exception) and a capturable Exception of a set Exception handler. The exception file is a file for recording an exception generated by the first application process, and may include stack information when the first application process is abnormal. The exception file records information such as the type of exception, the location where the exception occurred, and the cause of the exception.
In one embodiment, a first application process is operated by a second application process; the monitoring process is started by the second application process; the second application process and the monitoring process have access rights across the applications. Wherein, the permission of cross-application access refers to that one application process can access the application space of another application process. The second application process and the monitoring process may specifically obtain root rights or system rights, thereby having rights to access across applications.
S406, generating abnormal information according to the abnormal file and reporting the abnormal information to the server.
Specifically, the abnormal information may be generated by a monitoring process created by the second application process according to the abnormal file, and the monitoring process directly reports the abnormal information to the server. The abnormal information can also be generated by a monitoring process established by the second application process according to the abnormal file and transmitted to the second application process, and then the second application process reports the abnormal information to the server. The exception information may include the content of the exception file, and may also include information counted according to the exception file, such as the counted total number of times that the second application process has an exception, or the number of times that the second application process has an exception in a specified period.
And S408, receiving a stop operation instruction fed back by the server, and generating the stop operation instruction according to the reported abnormal information.
Specifically, after receiving the abnormal information, the server may directly determine whether the condition for stopping the operation is satisfied according to the abnormal information, and if so, generate an operation stopping instruction, and then feed back the operation stopping instruction to the terminal that reported the abnormal information this time. The condition for stopping the operation may specifically be a determination condition whether the first application process is operated to cause the abnormality.
In an embodiment, after receiving the abnormal information, the server may further determine whether a condition for stopping operation is satisfied according to the received abnormal information, by combining historical abnormal information reported by the terminal reporting the abnormal information this time, or by combining historical abnormal information reported by a plurality of terminals including the terminal reporting the abnormal information this time, and if so, generate an operation stopping instruction, and further feed the operation stopping instruction back to the terminal reporting the abnormal information this time. The received abnormal information is combined with the historical abnormal information, and specifically, the received abnormal information may be compared with the historical abnormal information to determine whether the condition for stopping the operation is satisfied.
And S410, stopping operating the first application process according to the stop operation instruction.
Specifically, after receiving the operation stop instruction, the terminal may respond to the operation stop instruction through the second application process, thereby stopping the operation on the first application process.
In one embodiment, if step S402 includes: injecting code into a first application process; step S410 includes: and stopping injecting the code into the first application process according to the stop operation instruction. In this embodiment, if the operation stop instruction is received, the second application process does not inject any more codes into the first application process when the first application process subsequently runs, and the first application process is prevented from being abnormal due to the fact that codes are forcibly injected into the first application process by the server to remotely control the behavior of the codes injected into the first application process on the terminal.
According to the application exception handling method, when the first application process is abnormal, the operating system adds the corresponding exception file in the exception folder, and the exception file can be monitored through the monitoring process, so that the first application process is monitored to be abnormal. Even if the first application process breaks down, an abnormal file for recording the breakdown can be generated through the operating system, the abnormality is monitored through the monitoring process, and the abnormal information is reported according to the abnormal file. And after the first application process is operated, if the first application process is abnormal, the server triggers an operation stopping instruction according to the reported abnormal information, and then stops operating the first application process, so that the first application process is prevented from being abnormal to a certain extent due to improper operation on the first application process.
Referring to FIG. 5, FIG. 5 is a timing diagram illustrating an exception handling method according to an embodiment. The application exception handling method of the embodiment specifically includes the following steps:
and S502, starting a monitoring process through a second application process.
Wherein the second application process is a process of a second application, the second application being an application distinct from the first application and the operating system. The second application may be an application specifically implementing the application exception handling method, or an application integrated with a software module implementing the application exception handling method. The second application process and the monitoring process may both have cross-application access rights, and in particular may have root rights or system rights.
S504, monitoring abnormal folders through a monitoring process.
Specifically, the terminal may monitor the abnormal folder in real time or periodically through a monitoring process, and specifically may monitor whether the abnormal folder has a newly added abnormal file.
S506, injecting codes into the first application process through the second application process, wherein the codes carry application characteristics of the second application process.
Specifically, code injection may be implemented using a Hook (Hook) function or a createremote thread function, or the like. The code is used for realizing functions such as action interception or data modification when being executed in the first application process. The code is particularly operable to intercept, when executed, advertising information triggered by the first application process. The application characteristic of the second application process may specifically be an identifier of the second application, such as a packet name or a name, and may also be a data structure characteristic specific to the second application. Injecting code into the first application process is a specific step of step S402.
And S508, generating an abnormal file when the first application process is abnormal through the system process of the operating system, and storing the abnormal file in an abnormal folder.
Specifically, if an exception occurs during running of the first application process, an exception message is sent to a system process, which is dedicated to monitoring application exceptions, of the operating system through an exception handling mechanism of the operating system. The exception message carries the application characteristics mentioned above, and also includes environment information when the exception occurs. And the system process generates an abnormal file according to the abnormal message and stores the abnormal file into an abnormal folder.
And S510, monitoring the newly added abnormal files in the abnormal folder through the monitoring process.
S512, through the monitoring process, when the application characteristics are detected in the abnormal file, abnormal information is generated according to the abnormal file and reported to the server.
Specifically, the terminal can detect whether the application characteristics exist in the newly added abnormal file or not by monitoring the process and adopting a keyword matching mode. If the application characteristics exist, the terminal can generate abnormal information according to the monitoring process and the newly added abnormal file and report the abnormal information to the server. If the application features do not exist, the terminal may return to step S504 through the monitoring process to continue monitoring the abnormal folder.
S514, receiving an injection stopping instruction fed back by the server through the second application process, and generating the injection stopping instruction according to the reported abnormal information; and stopping injecting the code into the first application process according to the injection stopping instruction.
Wherein, the stop injection instruction is a stop operation instruction. Specifically, after receiving the abnormal information, the server may directly determine whether a condition for stopping injection of the code is satisfied according to the abnormal information, and if so, generate an injection stopping instruction, and then feed back the injection stopping instruction to the terminal that reported the abnormal information this time. The condition for stopping injecting the code may specifically be a judgment condition whether the code is injected into the first application process to cause the exception.
Further, the terminal can receive the injection stopping instruction through the monitoring process and transmit the injection stopping instruction to the second application process, so that the injection stopping instruction is received through the second application process. The terminal can also receive the injection stopping instruction fed back by the server directly through the second application process. And the terminal responds to the injection stopping instruction through the second application process, and codes are not injected into the first application process when the first application process runs subsequently. Stopping the code injection into the first application process according to the stop operation instruction is a specific step of step S410.
In this embodiment, the second application process injects a code into the first application process, so that the first application process may have a function that the first application process itself does not have. If the second application is abnormal after the codes are injected, after the abnormal information is reported to the server, the injection stopping instruction triggered by the server according to the abnormal information is received, and then the codes are stopped being injected into the first application process, so that the abnormality of the first application process caused by the injection of the codes can be avoided to a certain extent, and the usability of the injected codes is ensured. Furthermore, after the application characteristics are detected in the abnormal file, the abnormal information is generated according to the abnormal file and reported to the server, so that the abnormal information possibly caused by the injected codes can be screened out and reported, irrelevant abnormal files are filtered out, and the accuracy of code injection control can be improved.
In one embodiment, the operation stopping instruction is triggered by the server when the first variation is larger than a first preset variation; the first variation is the variation of the second abnormal time mean value compared with the first abnormal time mean value; the first abnormal time average value is an abnormal time average value counted according to the abnormal information reported in the first time period; the second abnormal time average value is an abnormal time average value counted according to the abnormal information reported in a second time period; the first time period precedes the second time period; the time point of operating the first application process is greater than the minimum boundary value of the first time period and less than the maximum boundary value of the second time period.
Specifically, the server may determine a first time period and a second time period such that a point in time to operate the first application process is greater than a minimum boundary value of the first time period and less than a maximum boundary value of the second time period. The time point of operating the first application process may be greater than or equal to a maximum boundary value of a first time period and less than a minimum boundary value of a second time period. If the first time period and the second time period are adjacent, the time point of operating the first application process may be an adjacent time point of the first time period and the second time period. The respective time lengths of the first time period and the second time period may be equal.
Further, the server may obtain a first average number of abnormal times corresponding to the first time period, and obtain a second average number of abnormal times corresponding to the second time period. The first abnormal time average value can be obtained in advance or in a statistical manner according to the abnormal information reported in the first time period when needed, and the second abnormal time average value can be obtained in advance or in a statistical manner according to the abnormal information reported in the second time period when needed.
Further, the server may subtract the second average abnormal number of times from the first average abnormal number of times to obtain the first variation. The server compares the first variation with a first preset variation, if the first variation is larger than the first preset variation, the server triggers an operation stopping instruction, and if the first variation is smaller than the first preset variation, no action is required.
The abnormal information used for statistics may be abnormal information reported by the same terminal, or a set of abnormal information reported by each terminal. Such as 48 hours, 24 hours, or 12 hours, etc. The abnormality number average may be an arithmetic average or a weighted average of the abnormality numbers in the corresponding time period.
In this embodiment, the average value of the abnormal times is counted in different time periods, and the variation of the average value of the abnormal times in each time period may reflect whether the abnormal times of the terminal are within a normal range. If the first variation is larger than the first preset variation, the number of times of abnormality is greatly increased on the whole after the first application process is operated, and the number of times of abnormality is likely to be increased due to the operation of the first application process, and at the moment, the operation stopping instruction is triggered, so that the safety of the operation of the first application process can be improved.
For example, the server may count an average abnormal number of times per day, and for a first day and a second day which are adjacent to each other, if the first application process is operated on the first day or the second day and the average abnormal number of times on the second day is significantly increased from the average abnormal number of times on the first day, it may be determined that the increase of the abnormal number of times is caused by operating the first application process, and at this time, a stop operation instruction is triggered, so that the terminal stops operating the first application process.
In one embodiment, after step S410, a method of application exception handling further comprises: receiving a starting operation instruction sent by a server; the starting operation instruction is triggered by the server when the second variable quantity is smaller than the second preset variable quantity; the second variation is the variation of the fourth abnormal number mean value compared with the third abnormal number mean value; the third abnormal time average value is an abnormal time average value counted according to the abnormal information reported in the third time period; the fourth abnormal number mean value is an abnormal number mean value counted according to the abnormal information reported in the fourth time period; the third time period precedes the fourth time period; the time point of triggering the operation stopping instruction is larger than the minimum boundary value of the third time period and smaller than the maximum boundary value of the fourth time period; the step S402 is started according to the opening operation instruction.
Specifically, the server may determine a third time period and a fourth time period such that a point in time at which the stop operation instruction is triggered is greater than a minimum boundary value of the third time period and less than a maximum boundary value of the fourth time period. The time point of triggering the operation stopping instruction may be greater than or equal to the maximum boundary value of the third time period and smaller than the minimum boundary value of the fourth time period. If the third period of time and the fourth period of time are contiguous, the point in time at which the stop operation instruction is triggered may be a contiguous point in time of the third period of time and the fourth period of time. The respective time lengths of the third and fourth time periods may be equal.
Further, the server may obtain a third average abnormal number of times corresponding to the third time period, and obtain a fourth average abnormal number of times corresponding to the fourth time period. The third abnormal time average value can be obtained in advance or calculated according to the abnormal information reported in the third time period when needed, and the fourth abnormal time average value can be obtained in advance or calculated according to the abnormal information reported in the fourth time period when needed.
Still further, the server may subtract the fourth average abnormal number of times from the third average abnormal number of times to obtain the second variation. The server compares the second variation with a second preset variation, and triggers the start operation instruction if the second variation is smaller than the second preset variation, and can confirm that the trigger stop operation instruction is valid if the second variation is larger than the second preset variation. The opening operation instruction is an instruction for opening a function for operating the first application process. And after the terminal stops operating the first application process according to the stop operation instruction, if the start operation instruction is received, restarting operating the first application process.
In this embodiment, the average value of the abnormal times is counted in different time periods, and the variation of the average value of the abnormal times in each time period may reflect whether the abnormal times of the terminal are within a normal range. If the second variation is smaller than the second preset variation, it indicates that the number of abnormal times is not changed greatly on the whole after stopping the operation on the first application process, which indicates that the stopping of the operation on the first application process does not bring improvement of the number of abnormal times, the triggered stop operation instruction is invalid, and at this time, triggering the start operation instruction can re-trigger the operation on the first application process to correct misjudgment.
For example, the server may count an average value of the number of abnormal times of each day, and for a first day and a second day which are adjacent to each other, if the stop operation instruction is triggered on the first day or the second day, and the average value of the number of abnormal times of the second day has a smaller change than the average value of the number of abnormal times of the first day, it may be determined that stopping the operation of the first application process does not bring improvement of the number of times of occurrence of the abnormality, and at this time, the start operation instruction is triggered and sent to the terminal for execution.
In one embodiment, the foregoing application exception handling method is applied to a plurality of terminals; and after analyzing the abnormal distribution characteristics according to the abnormal information reported by the plurality of terminals, the server triggers and feeds back the analyzed abnormal distribution characteristics to the terminal which currently starts the function of operating the first application process when the analyzed abnormal distribution characteristics accord with the public abnormal distribution characteristics.
The abnormal distribution characteristics are characteristics reflecting the distribution of the abnormal conditions in different terminal environments. The terminal environment includes, for example, a hardware environment of the terminal and an operating system environment, the hardware environment can be distinguished by a terminal model, and the operating system environment can be distinguished by an operating system version number. The common abnormality distribution characteristic is a distribution characteristic included in an abnormality determined as a common abnormality. The common exception is an exception existing in a terminal environment exceeding a preset number of categories, and specifically may be an exception existing in a terminal environment exceeding a preset number of categories and occurring in each terminal environment for a number of times exceeding a preset number of times.
Specifically, the terminal may analyze an abnormal distribution characteristic reflecting an abnormal actual distribution according to the abnormal information reported by the plurality of terminals, and then compare the abnormal distribution characteristic with the public abnormal distribution characteristic. If the analyzed abnormal distribution characteristics are matched with the public abnormal distribution characteristics, for example, the analyzed terminal environment with the abnormality exceeds the preset number of types, and the abnormal times in each terminal environment exceed the preset times, triggering a stop operation instruction, and feeding the stop operation instruction back to the terminal which currently starts the function of operating the first application process.
In this embodiment, when the analyzed abnormal distribution feature conforms to the public abnormal distribution feature, it indicates that the abnormality is not an individual problem but a public problem, and at this time, the terminal currently starting the function of operating the first application process is enabled to stop operating the first application process, so that the wide occurrence of the public abnormality can be effectively avoided, and the occurrence of the application abnormality can be effectively controlled.
In one embodiment, when the operation stopping instruction is triggered by the server, the server configures a configuration item used for triggering the operation of the first application process in a configuration file to be closed, wherein the configuration file is used for performing initial configuration when the application used for operating the first application process is installed.
Specifically, the application for operating the first application process is the second application as described above, and when the terminal installs the second application, the terminal needs to download the configuration file from the server, and complete the initialization configuration of the second application according to the configuration file. And when the server triggers the operation instruction, configuring the configuration item used for triggering the operation of the first application process in the configuration file to be closed. When other terminals which do not install the second application subsequently, the operation of the first application process is stopped by default, so that the occurrence of public abnormity on the terminal of the newly added user can be effectively avoided, and the occurrence of application abnormity can be effectively controlled.
In one embodiment, when the first variation is larger than a first preset variation, the operation stopping instruction is triggered by the server after analyzing the abnormal distribution characteristics according to the abnormal information reported by the plurality of terminals, and when the analyzed abnormal distribution characteristics conform to the common abnormal distribution characteristics, the operation stopping instruction is fed back to the terminal currently starting the function of operating the first application process.
The principle of the application exception handling method is described below with a specific application scenario. Specifically, a second application process is run on the terminal a and the terminal B, and the second application process may provide an advertisement information interception configuration interface as shown in fig. 6, and may be configured to set, for each first application process, whether to start a function of intercepting advertisement information. And the second application process starts a monitoring process, and monitors the abnormal folder by the monitoring process. The second application process injects code for intercepting the advertising information into the first application process. When the first application process is abnormal, the system process of the operating system adds the formed abnormal file into the abnormal folder. And monitoring the newly added abnormal file in the abnormal folder by the monitoring process so as to form abnormal information and report the abnormal information to the server. Referring to fig. 7, if the average value of the number of abnormal times of the terminal a and the terminal B reporting the abnormal information in the current day exceeds the average value of the number of abnormal times of the previous day, the server may continue to determine whether the current abnormality is a public problem according to the reported abnormal information. And if the problem is public, sending an injection stopping instruction to all terminals, such as a terminal A and a terminal B, which currently start the advertisement information interception function, so that the corresponding terminals close the advertisement information interception function aiming at the first application process. Meanwhile, the server may configure a configuration item of the advertisement information interception function for the first application process in a configuration file required for installing the application for intercepting the advertisement information function to be closed, and terminals such as the terminal C and the terminal D, which subsequently install the application for intercepting the advertisement information function, may close the advertisement information interception function for the first application process by default.
As shown in fig. 8, in one embodiment, an application exception handling apparatus 800 is provided, comprising: an operation module 810, a monitoring module 820, a reporting module 830 and a receiving module 840.
An operation module 810 is used for operating the first application process.
The monitoring module 820 is configured to monitor the abnormal file through the monitoring process when the abnormal file generated by the operating system when the first application process is abnormal is newly added to the abnormal folder.
And a reporting module 830, configured to generate exception information according to the exception file and report the exception information to the server.
The receiving module 840 is configured to receive an operation stopping instruction fed back by the server, where the operation stopping instruction is generated according to the reported abnormal information.
The operation module 810 is further configured to stop operating the first application process according to the stop operation instruction.
When the first application process is abnormal, the application abnormality processing apparatus 800 adds a corresponding abnormal file in the abnormal folder by the operating system, and can monitor the abnormal file through the monitoring process, thereby monitoring that the first application process is abnormal. Even if the first application process breaks down, an abnormal file for recording the breakdown can be generated through the operating system, the abnormality is monitored through the monitoring process, and the abnormal information is reported according to the abnormal file. And after the first application process is operated, if the first application process is abnormal, the server triggers an operation stopping instruction according to the reported abnormal information, and then stops operating the first application process, so that the first application process is prevented from being abnormal to a certain extent due to improper operation on the first application process.
In one embodiment, the operation module 810 is further for injecting code into the first application process; and the system is also used for stopping injecting the code into the first application process according to the stop operation instruction.
In this embodiment, if the operation stop instruction is received, the second application process does not inject any more codes into the first application process when the first application process subsequently runs, and the first application process is prevented from being abnormal due to the fact that codes are forcibly injected into the first application process by the server to remotely control the behavior of the codes injected into the first application process on the terminal.
In one embodiment, code is used to intercept advertisement information triggered by a first application process when executed.
In one embodiment, the operation module 810 is for injecting code into the first application process through the second application process; the code carries application characteristics of a second application process; the reporting module 830 is further configured to generate abnormal information according to the abnormal file and report the abnormal information to the server if the application characteristic is detected in the abnormal file.
In the embodiment, after the application characteristics are detected in the abnormal file, the abnormal information is generated according to the abnormal file and reported to the server, so that the abnormality possibly caused by the injected code can be screened out and reported, irrelevant abnormal files are filtered out, and the accuracy of code injection control can be improved.
In one embodiment, the operation stopping instruction is triggered by the server when the first variation is larger than a first preset variation; the first variation is the variation of the second abnormal time mean value compared with the first abnormal time mean value; the first abnormal time average value is an abnormal time average value counted according to the abnormal information reported in the first time period; the second abnormal time average value is an abnormal time average value counted according to the abnormal information reported in a second time period; the first time period precedes the second time period; the time point of operating the first application process is greater than the minimum boundary value of the first time period and less than the maximum boundary value of the second time period.
In this embodiment, the average value of the abnormal times is counted in different time periods, and the variation of the average value of the abnormal times in each time period may reflect whether the abnormal times of the terminal are within a normal range. If the first variation is larger than the first preset variation, the number of times of abnormality is greatly increased on the whole after the first application process is operated, and the number of times of abnormality is likely to be increased due to the operation of the first application process, and at the moment, the operation stopping instruction is triggered, so that the safety of the operation of the first application process can be improved.
In one embodiment, the receiving module 840 is further configured to receive an opening operation instruction sent by the server after the operation module 810 stops operating the first application process according to the stop operation instruction; the starting operation instruction is triggered by the server when the second variable quantity is smaller than the second preset variable quantity; the second variation is the variation of the fourth abnormal number mean value compared with the third abnormal number mean value; the third abnormal time average value is an abnormal time average value counted according to the abnormal information reported in the third time period; the fourth abnormal number mean value is an abnormal number mean value counted according to the abnormal information reported in the fourth time period; the third time period precedes the fourth time period; the time point of triggering the operation stopping instruction is larger than the minimum boundary value of the third time period and smaller than the maximum boundary value of the fourth time period;
the operation module 810 is further configured to start operating the first application process according to the start operation instruction.
In this embodiment, after the first application process is stopped, if the second variation is smaller than the second preset variation, it indicates that the abnormal times are not changed greatly on the whole after the first application process is stopped, and it is likely that the abnormal times are increased and are not caused by the operation of the first application process, and at this time, the operation of the first application process can be retriggered by triggering the start operation instruction, so as to correct the misjudgment.
In one embodiment, the application exception handling apparatus 800 is applied to a plurality of terminals; and after analyzing the abnormal distribution characteristics according to the abnormal information reported by the plurality of terminals, the server triggers and feeds back the analyzed abnormal distribution characteristics to the terminal which currently starts the function of operating the first application process when the analyzed abnormal distribution characteristics accord with the public abnormal distribution characteristics.
In this embodiment, when the analyzed abnormal distribution feature conforms to the public abnormal distribution feature, it indicates that the abnormality is not an individual problem but a public problem, and at this time, the terminal currently starting the function of operating the first application process is enabled to stop operating the first application process, so that the wide occurrence of the public abnormality can be effectively avoided, and the occurrence of the application abnormality can be effectively controlled.
In one embodiment, when the operation stopping instruction is triggered by the server, the server configures a configuration item used for triggering the operation of the first application process in a configuration file to be closed, wherein the configuration file is used for performing initial configuration when the application used for operating the first application process is installed.
In this embodiment, when the server triggers the operation instruction, the server configures the configuration item for triggering the operation of the first application process in the configuration file as closed. When other terminals which do not install the second application subsequently, the operation of the first application process is stopped by default, so that the occurrence of public abnormity on the terminal of the newly added user can be effectively avoided, and the occurrence of application abnormity can be effectively controlled.
In one embodiment, the operation module 810 is further configured to operate the first application process through the second application process; the monitoring module is also used for starting a monitoring process through a second application process; the second application process and the monitoring process have access rights across the applications.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a non-volatile computer-readable storage medium, and can include the processes of the embodiments of the methods described above when the program is executed. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), or the like.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above examples only show some embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (20)
1. An application exception handling method comprising:
operating a first application process; the first application process comprises codes injected through a second application process, the codes carry application characteristics of the second application process, and the application characteristics are used for generating corresponding abnormal messages when monitoring application abnormity;
when an abnormal file generated by an operating system when the first application process is abnormal is newly added into the abnormal folder, monitoring the abnormal file through a monitoring process;
generating abnormal information according to the abnormal file and reporting the abnormal information to a server;
receiving a stop operation instruction fed back by the server, wherein the stop operation instruction is generated according to the reported abnormal information;
and stopping operating the first application process according to the operation stopping instruction.
2. The method of claim 1, wherein the step of operating the first application process comprises:
injecting code into a first application process;
the step of stopping the operation of the first application process according to the stop operation instruction comprises the following steps:
and stopping injecting codes into the first application process according to the stop operation instruction.
3. The method of claim 2, wherein the code is configured to intercept advertisement information triggered by the first application process when executed.
4. The method of claim 2, further comprising:
and if the application characteristics are detected in the abnormal file, executing the step of generating abnormal information according to the abnormal file and reporting the abnormal information to a server.
5. The method according to claim 1, wherein the operation stopping instruction is triggered by the server when the first variation is larger than a first preset variation; the first variation is the variation of the second abnormal time mean value compared with the first abnormal time mean value; the first abnormal time average value is an abnormal time average value counted according to the abnormal information reported in the first time period; the second abnormal time average value is an abnormal time average value counted according to the abnormal information reported in a second time period; the first time period precedes the second time period; the time point of operating the first application process is greater than the minimum boundary value of the first time period and less than the maximum boundary value of the second time period.
6. The method according to claim 1, wherein after the step of stopping the operation of the first application process according to the stop operation instruction, the method further comprises:
receiving a starting operation instruction sent by the server; the starting operation instruction is triggered by the server when the second variable quantity is smaller than the second preset variable quantity; the second variation is the variation of the fourth abnormal number mean value compared with the third abnormal number mean value; the third abnormal time average value is an abnormal time average value counted according to the abnormal information reported in the third time period; the fourth abnormal number mean value is an abnormal number mean value counted according to the abnormal information reported in the fourth time period; the third time period precedes the fourth time period; the time point of triggering the operation stopping instruction is larger than the minimum boundary value of the third time period and smaller than the maximum boundary value of the fourth time period;
and starting to execute the first application process according to the opening operation instruction.
7. The method of claim 1, wherein the method is applied to a plurality of terminals; and after analyzing abnormal distribution characteristics according to the abnormal information reported by the plurality of terminals, the server triggers and feeds back the abnormal distribution characteristics to the terminal which currently starts the function of operating the first application process when the analyzed abnormal distribution characteristics accord with the public abnormal distribution characteristics.
8. The method according to claim 7, wherein the stop operation instruction, when triggered by the server, causes the server to configure a configuration item for triggering operation of the first application process in a configuration file for initial configuration when installing an application for operating the first application process as closed.
9. The method of claim 1, wherein the first application process is operated by a second application process; the monitoring process is started by the second application process; the second application process and the monitoring process have cross-application access rights.
10. An application exception handling apparatus, comprising:
the operation module is used for operating the first application process; the first application process comprises codes injected through a second application process, the codes carry application characteristics of the second application process, and the application characteristics are used for monitoring the abnormity of the first application process;
the monitoring module is used for monitoring the abnormal file through the monitoring process when the abnormal file generated by the operating system when the first application process is abnormal is newly added in the abnormal folder;
the reporting module is used for generating abnormal information according to the abnormal file and reporting the abnormal information to the server;
a receiving module, configured to receive an operation stopping instruction fed back by the server, where the operation stopping instruction is generated according to the reported abnormal information;
the operation module is further used for stopping operating the first application process according to the stop operation instruction.
11. The apparatus of claim 10, wherein the operations module is further configured to inject code into a first application process; and the system is also used for stopping injecting codes into the first application process according to the stop operation instruction.
12. The apparatus of claim 11, wherein the code is configured to intercept advertisement information triggered by the first application process when executed.
13. The apparatus of claim 11, wherein the reporting module is further configured to generate exception information according to the exception file and report the exception information to a server if the application feature is detected in the exception file.
14. The apparatus according to claim 10, wherein the stop operation instruction is triggered by the server when the first variation is larger than a first preset variation; the first variation is the variation of the second abnormal time mean value compared with the first abnormal time mean value; the first abnormal time average value is an abnormal time average value counted according to the abnormal information reported in the first time period; the second abnormal time average value is an abnormal time average value counted according to the abnormal information reported in a second time period; the first time period precedes the second time period; the time point of operating the first application process is greater than the minimum boundary value of the first time period and less than the maximum boundary value of the second time period.
15. The apparatus according to claim 10, wherein the receiving module is further configured to receive an opening operation instruction sent by the server after the operation module stops operating the first application process according to the stopping operation instruction; the starting operation instruction is triggered by the server when the second variable quantity is smaller than the second preset variable quantity; the second variation is the variation of the fourth abnormal number mean value compared with the third abnormal number mean value; the third abnormal time average value is an abnormal time average value counted according to the abnormal information reported in the third time period; the fourth abnormal number mean value is an abnormal number mean value counted according to the abnormal information reported in the fourth time period; the third time period precedes the fourth time period; the time point of triggering the operation stopping instruction is larger than the minimum boundary value of the third time period and smaller than the maximum boundary value of the fourth time period;
the operation module is further used for starting to operate the first application process according to the opening operation instruction.
16. The apparatus of claim 10, wherein the apparatus is applied to a plurality of terminals; and after analyzing abnormal distribution characteristics according to the abnormal information reported by the plurality of terminals, the server triggers and feeds back the abnormal distribution characteristics to the terminal which currently starts the function of operating the first application process when the analyzed abnormal distribution characteristics accord with the public abnormal distribution characteristics.
17. The apparatus according to claim 16, wherein the stop operation instruction, when triggered by the server, causes the server to configure a configuration item for triggering the operation of the first application process in a configuration file for initial configuration when installing an application for operating the first application process as closed.
18. The apparatus of claim 10, wherein the operation module is further configured to operate the first application process through a second application process; the monitoring module is further used for starting the monitoring process through the second application process; the second application process and the monitoring process have cross-application access rights.
19. A terminal comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the method of any of claims 1 to 9.
20. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610653675.5A CN107729167B (en) | 2016-08-10 | 2016-08-10 | Application exception handling method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610653675.5A CN107729167B (en) | 2016-08-10 | 2016-08-10 | Application exception handling method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107729167A CN107729167A (en) | 2018-02-23 |
| CN107729167B true CN107729167B (en) | 2020-09-11 |
Family
ID=61200334
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610653675.5A Active CN107729167B (en) | 2016-08-10 | 2016-08-10 | Application exception handling method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107729167B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109587345B (en) * | 2018-12-28 | 2021-09-07 | 努比亚技术有限公司 | Abnormal application prompting method, mobile terminal and computer readable storage medium |
| CN113434362A (en) * | 2021-06-24 | 2021-09-24 | 广州欢网科技有限责任公司 | Method and device for automatically early warning when Android program is abnormal |
| CN114564369B (en) * | 2022-04-28 | 2022-08-02 | 云账户技术(天津)有限公司 | Application program abnormity monitoring method and device, electronic equipment and storage medium |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1904852A (en) * | 2006-08-01 | 2007-01-31 | 西安西电捷通无线网络通信有限公司 | Method for monitoring and abnormal processing of computer application program |
| CN101916224A (en) * | 2010-08-20 | 2010-12-15 | 迈普通信技术股份有限公司 | Test progress abnormality detection method and automatic test control device |
| CN102200941A (en) * | 2010-03-25 | 2011-09-28 | 杭州华三通信技术有限公司 | Method and unit for monitoring process state |
| CN104268080A (en) * | 2014-09-25 | 2015-01-07 | 北京金山安全软件有限公司 | Software exception handling method and device |
| CN104503892A (en) * | 2014-12-19 | 2015-04-08 | 宇龙计算机通信科技(深圳)有限公司 | Terminal exception processing method and device and terminal |
| CN105025318A (en) * | 2015-06-30 | 2015-11-04 | 北京奇艺世纪科技有限公司 | Feedback method and device for abnormal log information of application program |
| CN105389249A (en) * | 2015-10-29 | 2016-03-09 | Tcl集团股份有限公司 | Exception log generation configuring method and exception log generation configuring apparatus |
| CN105653455A (en) * | 2015-12-29 | 2016-06-08 | 广东欧珀移动通信有限公司 | Program vulnerability detection method and detection system |
| CN105657046A (en) * | 2016-02-24 | 2016-06-08 | 中国科学技术大学 | Method for injecting advertisements based on Openwrt router |
-
2016
- 2016-08-10 CN CN201610653675.5A patent/CN107729167B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1904852A (en) * | 2006-08-01 | 2007-01-31 | 西安西电捷通无线网络通信有限公司 | Method for monitoring and abnormal processing of computer application program |
| CN102200941A (en) * | 2010-03-25 | 2011-09-28 | 杭州华三通信技术有限公司 | Method and unit for monitoring process state |
| CN101916224A (en) * | 2010-08-20 | 2010-12-15 | 迈普通信技术股份有限公司 | Test progress abnormality detection method and automatic test control device |
| CN104268080A (en) * | 2014-09-25 | 2015-01-07 | 北京金山安全软件有限公司 | Software exception handling method and device |
| CN104503892A (en) * | 2014-12-19 | 2015-04-08 | 宇龙计算机通信科技(深圳)有限公司 | Terminal exception processing method and device and terminal |
| CN105025318A (en) * | 2015-06-30 | 2015-11-04 | 北京奇艺世纪科技有限公司 | Feedback method and device for abnormal log information of application program |
| CN105389249A (en) * | 2015-10-29 | 2016-03-09 | Tcl集团股份有限公司 | Exception log generation configuring method and exception log generation configuring apparatus |
| CN105653455A (en) * | 2015-12-29 | 2016-06-08 | 广东欧珀移动通信有限公司 | Program vulnerability detection method and detection system |
| CN105657046A (en) * | 2016-02-24 | 2016-06-08 | 中国科学技术大学 | Method for injecting advertisements based on Openwrt router |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107729167A (en) | 2018-02-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11683671B2 (en) | System, method, apparatus, and computer program product for providing mobile device support services | |
| CN109743390B (en) | Task scheduling method and device, computer equipment and storage medium | |
| US10764322B2 (en) | Information processing device, information processing method, and computer-readable recording medium | |
| US9183072B1 (en) | Error troubleshooting using a correlated knowledge base | |
| CN111193609B (en) | Application abnormity feedback method and device and application abnormity monitoring system | |
| US10757475B2 (en) | System and method for utilizing set-top box testing in television distribution network | |
| CN107729167B (en) | Application exception handling method and device | |
| US9697574B2 (en) | Data processing method, transmitting apparatus, and anomaly detection system | |
| WO2021121382A1 (en) | Security management of an autonomous vehicle | |
| CN108280346A (en) | A kind of application protecting, monitoring method, apparatus and system | |
| CN104573497A (en) | Processing method and device for starting items | |
| US10318731B2 (en) | Detection system and detection method | |
| GB2542370A (en) | A system for monitoring a plurality of distributed devices | |
| EP2228722A1 (en) | System and method for file integrity monitoring using timestamps | |
| CN104573495A (en) | Startup item processing method and startup item processing device | |
| CN111783081A (en) | Malicious process processing method, terminal device and storage medium | |
| CN106557398B (en) | Information reporting method and device | |
| CN109783261B (en) | Crash processing method and device for terminal application, electronic equipment and storage medium | |
| CN111258860B (en) | Data alarm method, device, computer equipment and storage medium | |
| CN106708706B (en) | Alarm information processing method and device for task program abnormity | |
| KR20080068512A (en) | Device managemet using event | |
| US20230063814A1 (en) | Scalable real-time anomaly detection | |
| CN110457300B (en) | Method and device for cleaning public test library and electronic equipment | |
| CN115484181A (en) | Data reporting method and device | |
| CN116033466A (en) | Fault detection system, method and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |