Post

Native Debug Symbols & Obfuscation in Flutter: What, Why, and How

Posted
By thanhtunguet
3 min read
Native Debug Symbols & Obfuscation in Flutter: What, Why, and How

🛠️ Native Debug Symbols & Obfuscation in Flutter: What, Why, and How

When building Flutter apps for production, optimizing size and security is a priority. Obfuscating code and stripping debug information helps reduce APK/AAB size and deter reverse engineering. However, doing this without proper preparation can lead to white screens, cryptic crash reports, or worse — an app rejected by Google Play.

In this article, we’ll dive into:

  • What obfuscation and native debug symbols are in the context of Flutter
  • Why Google Play warns you about them
  • How to build, test, and upload Flutter app bundles correctly
  • How to resolve common issues like R8 errors and invalid symbol uploads

🚧 Problem Overview

After running:

1

flutter build appbundle --obfuscate --split-debug-info=build/symbols

and uploading your .aab to Play Console, you might see one or both of these warnings:

1. “There is no deobfuscation file associated with this App Bundle.”

This happens because Flutter supports code obfuscation using R8/Proguard (for Java/Kotlin) and Dart-level obfuscation. When you obfuscate your code, you must upload the corresponding deobfuscation file (mapping.txt) to help Play Console de-minify stack traces.

2. “This App Bundle contains native code, and you’ve not uploaded debug symbols.”

Flutter apps are compiled ahead-of-time (AOT) into native ARM machine code. These compiled binaries include native libraries like libflutter.so, and Google requires you to upload debug symbols to symbolicate native crashes and ANRs.

🧠 What Are These “Symbols”?

In simplified terms:

  • Dart symbols: Mapping between obfuscated Dart functions and real function names. Generated with --split-debug-info.
  • Java/Kotlin deobfuscation: mapping.txt generated by R8/Proguard.
  • Native debug symbols: Metadata used to analyze crashes in .so files (e.g. libapp.so, libflutter.so) — mostly for native Flutter engine or C/C++ plugins.

✅ Building the Flutter App Bundle Properly

Use this recommended build command:

1
2
3

flutter build appbundle \
  --obfuscate \
  --split-debug-info=build/symbols

This does three things:

  1. Obfuscates Dart code
  2. Shrinks the Java/Kotlin code via R8
  3. Extracts Dart debug symbols to build/symbols

After build, you’ll get:

1
2
3
4
5

build/
├── symbols/
│   ├── app.android-arm.symbols
│   └── app.android-arm64.symbols
├── app/outputs/mapping/release/mapping.txt

📤 Uploading Files to Google Play Console

✅ Upload mapping.txt (Java/Kotlin obfuscation)

  • Go to Release > App bundle explorer
  • Open the version you uploaded
  • Click Upload deobfuscation file
  • Select build/app/outputs/mapping/release/mapping.txt

✅ Upload native debug symbols (Dart AOT)

  1. Prepare a valid folder structure:
1
2
3
4

mkdir -p symbols-upload/arm64-v8a
mkdir -p symbols-upload/armeabi-v7a
cp build/symbols/app.android-arm64.symbols symbols-upload/arm64-v8a/libapp.so.sym
cp build/symbols/app.android-arm.symbols symbols-upload/armeabi-v7a/libapp.so.sym
  1. Zip the folder:
1
2

cd symbols-upload
zip -r ../native-debug-symbols.zip .
  1. Upload in Play Console:
  • In the same App Bundle release page, click Upload debug symbols
  • Upload native-debug-symbols.zip

⚠️ Common Issues

“Missing class X” when building with R8

You might see:

1

Missing class com.google.android.play.core.splitinstall.SplitInstallManager

🛠 Solution: Add keep rules in android/app/proguard-rules.pro:

# Play Core
-keep class com.google.android.play.core.** { *; }
-keep class io.flutter.embedding.engine.deferredcomponents.** { *; }
-dontwarn com.google.android.play.core.**

“The native debug symbols contain an invalid directory symbols…”

Occurs when you upload symbols/ directly.

🛠 Solution: Rearrange files to follow ABI structure (arm64-v8a, armeabi-v7a) as shown above.

🔍 Verifying Locally Before Release

To test the release AAB exactly like how it will run on user devices:

  1. Generate .apks using bundletool:
1
2
3
4
5
6
7
8

java -jar bundletool-all.jar build-apks \
  --bundle=build/app/outputs/bundle/release/app-release.aab \
  --output=app.apks \
  --ks=your.keystore \
  --ks-key-alias=yourAlias \
  --ks-pass=pass:yourPassword \
  --key-pass=pass:yourPassword \
  --mode=universal
  1. Install on a real device:
1

java -jar bundletool-all.jar install-apks --apks=app.apks

📌 Conclusion

Properly handling native debug symbols and obfuscation is essential for:

  • Reducing app size
  • Obfuscating business logic
  • Analyzing crashes effectively post-release

By following the correct build steps and uploading all required symbols, you’ll avoid Play Console warnings and be well-prepared for real-world errors.

🔗 Resources

Want a ready-to-use shell script for automating all this? Let me know — I’m happy to share a CLI workflow!

Software Development, Mobile
Software Development Mobile Android Flutter
This post is licensed under CC BY 4.0 by the author.