我花了几天的时间在我的Android应用中调试一个令人讨厌的间歇性错误,希望有人能给我一个如何进一步调查的提示...
我收到的崩溃日志是(LogCat):
11-16 10:33:46.051: W/libc(9856): pthread_create failed: clone failed: Try again
11-16 10:33:46.051: A/libc(9856): Fatal signal 11 (SIGSEGV) at 0x7620af00 (code=1), thread 9856 (harrys.laptimer)
11-16 10:33:46.151: I/DEBUG(171): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
11-16 10:33:46.151: I/DEBUG(171): Build fingerprint: 'google/occam/mako:4.3/JWR66Y/776638:user/release-keys'
11-16 10:33:46.151: I/DEBUG(171): Revision: '11'
11-16 10:33:46.151: I/DEBUG(171): pid: 9856, tid: 9856, name: harrys.laptimer >>> com.harrys.laptimer <<<
11-16 10:33:46.151: I/DEBUG(171): signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 7620af00
11-16 10:33:46.281: I/DEBUG(171): r0 7620af00 r1 00000005 r2 beda73fc r3 4008874c
11-16 10:33:46.281: I/DEBUG(171): r4 7620af00 r5 00100000 r6 0000000b r7 73dd652d
11-16 10:33:46.281: I/DEBUG(171): r8 745e2614 r9 7610b000 sl 7620af00 fp 7492fc88
11-16 10:33:46.281: I/DEBUG(171): ip 40088ddc sp beda73e8 lr 40057c1c pc 40059010 cpsr 20030010
11-16 10:33:46.281: I/DEBUG(171): d0 6961676120797254 d1 656c696166206574
11-16 10:33:46.281: I/DEBUG(171): d2 656e6f6c63203a64 d3 3a64656c69616620
11-16 10:33:46.281: I/DEBUG(171): d4 0000000000000047 d5 0000000100000047
11-16 10:33:46.281: I/DEBUG(171): d6 00000001000030c3 d7 0000002000000001
11-16 10:33:46.281: I/DEBUG(171): d8 4424000000000290 d9 4021a000441b99c0
11-16 10:33:46.281: I/DEBUG(171): d10 4021a00000000000 d11 0000000000000000
11-16 10:33:46.281: I/DEBUG(171): d12 0000000000000000 d13 0000000000000000
11-16 10:33:46.281: I/DEBUG(171): d14 0000000000000000 d15 0000000000000000
11-16 10:33:46.281: I/DEBUG(171): d16 4042000000000000 d17 4042400000000000
11-16 10:33:46.281: I/DEBUG(171): d18 3ff8000000000000 d19 0006000500040003
11-16 10:33:46.281: I/DEBUG(171): d20 0052005000520051 d21 0056005500540053
11-16 10:33:46.281: I/DEBUG(171): d22 002e002d002c002b d23 0030002f002e002c
11-16 10:33:46.281: I/DEBUG(171): d24 0008000700060004 d25 000a0008000a0009
11-16 10:33:46.281: I/DEBUG(171): d26 0000000000000000 d27 0000000000000000
11-16 10:33:46.281: I/DEBUG(171): d28 0048004700460044 d29 004a0048004a0049
11-16 10:33:46.281: I/DEBUG(171): d30 000a000a000a000a d31 0000000000000000
11-16 10:33:46.281: I/DEBUG(171): scr 60000013
11-16 10:33:46.291: I/DEBUG(171): backtrace:
11-16 10:33:46.291: I/DEBUG(171): #00 pc 0000e010 /system/lib/libc.so
11-16 10:33:46.291: I/DEBUG(171): #01 pc 0000cc18 /system/lib/libc.so (pthread_create+276)
11-16 10:33:46.291: I/DEBUG(171): #02 pc 000058d7 /system/lib/egl/eglsubAndroid.so (updater_create_surface_state+126)
11-16 10:33:46.291: I/DEBUG(171): #03 pc 000047e3 /system/lib/egl/eglsubAndroid.so
11-16 10:33:46.291: I/DEBUG(171): #04 pc 0000c240 /system/lib/egl/libEGL_adreno200.so (qeglDrvAPI_eglCreateWindowSurface+836)
11-16 10:33:46.291: I/DEBUG(171): #05 pc 0000647c /system/lib/egl/libEGL_adreno200.so (eglCreateWindowSurface+16)
11-16 10:33:46.291: I/DEBUG(171): #06 pc 0000eb3d /system/lib/libEGL.so (eglCreateWindowSurface+200)
11-16 10:33:46.291: I/DEBUG(171): #07 pc 0004d929 /system/lib/libandroid_runtime.so
11-16 10:33:46.291: I/DEBUG(171): #08 pc 0001dc4c /system/lib/libdvm.so (dvmPlatformInvoke+112)
11-16 10:33:46.291: I/DEBUG(171): #09 pc 0004decf /system/lib/libdvm.so (dvmCallJNIMethod(unsigned int const*, JValue*, Method const*, Thread*)+398)
11-16 10:33:46.291: I/DEBUG(171): #10 pc 00027060 /system/lib/libdvm.so
11-16 10:33:46.291: I/DEBUG(171): #11 pc 0002b5ec /system/lib/libdvm.so (dvmInterpret(Thread*, Method const*, JValue*)+184)
11-16 10:33:46.291: I/DEBUG(171): #12 pc 000601df /system/lib/libdvm.so (dvmInvokeMethod(Object*, Method const*, ArrayObject*, ArrayObject*, ClassObject*, bool)+350)
11-16 10:33:46.291: I/DEBUG(171): #13 pc 00067ddf /system/lib/libdvm.so
11-16 10:33:46.291: I/DEBUG(171): #14 pc 00027060 /system/lib/libdvm.so
11-16 10:33:46.291: I/DEBUG(171): #15 pc 0002b5ec /system/lib/libdvm.so (dvmInterpret(Thread*, Method const*, JValue*)+184)
11-16 10:33:46.291: I/DEBUG(171): #16 pc 0005ff21 /system/lib/libdvm.so (dvmCallMethodV(Thread*, Method const*, Object*, bool, JValue*, std::__va_list)+292)
11-16 10:33:46.291: I/DEBUG(171): #17 pc 00049b67 /system/lib/libdvm.so
11-16 10:33:46.291: I/DEBUG(171): #18 pc 0004b697 /system/lib/libandroid_runtime.so
11-16 10:33:46.291: I/DEBUG(171): #19 pc 0004c327 /system/lib/libandroid_runtime.so (android::AndroidRuntime::start(char const*, char const*)+378)
11-16 10:33:46.291: I/DEBUG(171): #20 pc 0000105b /system/bin/app_process
11-16 10:33:46.291: I/DEBUG(171): #21 pc 0000db4f /system/lib/libc.so (__libc_init+50)
11-16 10:33:46.291: I/DEBUG(171): #22 pc 00000d7c /system/bin/app_process
11-16 10:33:46.291: I/DEBUG(171): stack:
11-16 10:33:46.291: I/DEBUG(171): beda73a8 7492fc88
11-16 10:33:46.291: I/DEBUG(171): beda73ac 4005b61f /system/lib/libc.so (dlmalloc+4282)
11-16 10:33:46.291: I/DEBUG(171): beda73b0 73697048 /system/lib/egl/libEGL_adreno200.so
11-16 10:33:46.291: I/DEBUG(171): beda73b4 beda73e8 [stack]
11-16 10:33:46.291: I/DEBUG(171): beda73b8 736721d0
11-16 10:33:46.291: I/DEBUG(171): beda73bc 00000006
11-16 10:33:46.291: I/DEBUG(171): beda73c0 00003040
11-16 10:33:46.291: I/DEBUG(171): beda73c4 00000240
11-16 10:33:46.291: I/DEBUG(171): beda73c8 7492fc80
11-16 10:33:46.291: I/DEBUG(171): beda73cc 3bb849b6
11-16 10:33:46.291: I/DEBUG(171): beda73d0 0000000b
11-16 10:33:46.291: I/DEBUG(171): beda73d4 00100000
11-16 10:33:46.291: I/DEBUG(171): beda73d8 0000000b
11-16 10:33:46.291: I/DEBUG(171): beda73dc 73dd652d /system/lib/egl/eglsubAndroid.so
11-16 10:33:46.291: I/DEBUG(171): beda73e0 df0027ad
11-16 10:33:46.291: I/DEBUG(171): beda73e4 00000000
11-16 10:33:46.291: I/DEBUG(171): #00 beda73e8 00000005
11-16 10:33:46.291: I/DEBUG(171): beda73ec beda73fc [stack]
11-16 10:33:46.291: I/DEBUG(171): beda73f0 0000000b
11-16 10:33:46.291: I/DEBUG(171): beda73f4 00100000
11-16 10:33:46.291: I/DEBUG(171): beda73f8 0000000b
11-16 10:33:46.291: I/DEBUG(171): beda73fc 40057c1c /system/lib/libc.so (pthread_create+280)
11-16 10:33:46.291: I/DEBUG(171): #01 beda7400 ffffffff
11-16 10:33:46.291: I/DEBUG(171): beda7404 00000000
11-16 10:33:46.291: I/DEBUG(171): beda7408 4009429c /system/lib/libc.so
11-16 10:33:46.291: I/DEBUG(171): beda740c 00001000
11-16 10:33:46.291: I/DEBUG(171): beda7410 00003084
11-16 10:33:46.291: I/DEBUG(171): beda7414 745e25c0
11-16 10:33:46.291: I/DEBUG(171): beda7418 00000000
11-16 10:33:46.291: I/DEBUG(171): beda741c 73672208
11-16 10:33:46.291: I/DEBUG(171): beda7420 beda74c0 [stack]
11-16 10:33:46.291: I/DEBUG(171): beda7424 00000001
11-16 10:33:46.291: I/DEBUG(171): beda7428 00003084
11-16 10:33:46.291: I/DEBUG(171): beda742c 73672208
11-16 10:33:46.291: I/DEBUG(171): beda7430 745e23b8
11-16 10:33:46.291: I/DEBUG(171): beda7434 73dd68db /system/lib/egl/eglsubAndroid.so (updater_create_surface_state+130)
11-16 10:33:46.291: I/DEBUG(171): #02 beda7438 7492f8a0
11-16 10:33:46.291: I/DEBUG(171): beda743c 73dd31a3 /system/lib/egl/eglsubAndroid.so
11-16 10:33:46.291: I/DEBUG(171): beda7440 7492f8a0
11-16 10:33:46.291: I/DEBUG(171): beda7444 745e24d0
11-16 10:33:46.291: I/DEBUG(171): beda7448 7492f8a0
11-16 10:33:46.291: I/DEBUG(171): beda744c 73dd57e7 /system/lib/egl/eglsubAndroid.so
我的解释是:当在本机级别(pthread_create)上创建线程时,这是Dalvik引擎内发生的崩溃。在这种特殊情况下,创建的线程似乎是用于服务UI前端的线程(我不在该主题中)。所以这个创作是由Android触发的,而不是我的应用程序。特别是这个线程是在触摸我的应用程序的界面后创建的,它已经坐了大约15到30分钟而没有触摸它(屏幕被迫显示而不是进入睡眠状态)。 但这仅仅是一个示例... 我使用了在应用程序中运行的THREAD_POOL_EXECUTOR的AsyncTask,它随着时间的推移创建了线程 - 并且它产生了同样的崩溃。我改为使用专用的Thread对象,崩溃消失了。此外,我还添加了一个测试用例,用于创建和运行大量Java线程。在创建数千个线程(有时是数十万个(当然是按顺序))后,崩溃随机出现。所以我要说的是“线程创建 - 本机驱动,或者通过创建Java线程 - 间歇性地生成这种类型的崩溃”。
我已经读过pthread_create崩溃通常是由于堆损坏。由于应用程序大量使用JNI(大约50%的代码),这肯定是触发崩溃的候选者...我使用了几个工具来保护堆而没有结果。此外,JNI代码可以在不同的平台(iOS)上使用而不会出现问题。最重要的是,我没有得到任何其他与堆腐败相关的崩溃。它仅适用于创建线程......
回到我的主要问题:任何想法如何调试那个野兽?知道还有什么可以在pthread_create中引发崩溃?
如果需要更多信息,请告诉我。
谢谢, 哈拉尔德
P.S。同时测试了Java和本机堆的使用情况。这里没有泄漏,本机堆通常大约为7到8 MB。测试设备是谷歌Nexus 4(它有更多的内存可用)。