在等待/ dev / binder响应时__ioctl()中的SIGABRT

时间:2014-03-22 19:44:02

标签: android linux sigabrt ioctl android-binder

先决条件:ARMv7设备,Android平台4.2.2。

我经常在与一个系统服务(一个真正有缺陷的人)交互时获得SIGABRT。堆栈跟踪如下:

#00 pc 000170ac /system/lib/libc.so (__ioctl+8)
#01 pc 0002aa8d /system/lib/libc.so (ioctl+16)
#02 pc 00016ba1 /system/lib/libbinder.so (android::IPCThreadState::talkWithDriver(bool)+132)
#03 pc 0001709d /system/lib/libbinder.so (android::IPCThreadState::waitForResponse(android::Parcel*, int*)+44)
#04 pc 000172b7 /system/lib/libbinder.so (android::IPCThreadState::transact(int, unsigned int, android::Parcel const&, android::Parcel*, unsigned int)+114)
#05 pc 00014a3b /system/lib/libbinder.so (android::BpBinder::transact(unsigned int, android::Parcel const&, android::Parcel*, unsigned int)+34)

__ ioctl解析为以下汇编代码:

000170a4 <__ioctl>:
    170a4:  e92d0090 push   {r4, r7}
    170a8:  e3a07036 mov    r7, #54 ; 0x36
    170ac:  ef000000 svc    0x00000000
    170b0:  e8bd0090 pop    {r4, r7}
    170b4:  e1b00000 movs   r0, r0
    170b8:  512fff1e bxpl   lr
    170bc:  ea0093a6 b  3bf5c

堆栈转储由信号6(SIGABRT)触发,代码-6(SI_KILL),故障地址如0x304,0x330,0x33A(它不时地不同,我甚至不确定它是否真的是一个地址在任何地址空间而不是错误代码或标志组合。)

我不知道信号可能表示什么,即它是否

  • 驱动程序错误(但为什么会以这种奇怪的方式转发而不是返回值?)
  • 一个未被拦截的驱动程序错误(即使没有内核恐慌也是可能的?);
  • 内核故障(在驱动程序调用之外,可能与驱动程序无关);
  • 一个中断的中断向量(为什么不是SIGSEGV或SIGILL?);
  • 在管理员模式下收到的SIGQUIT(Dalvik堆栈跟踪信号)的结果。

在最后一种情况下,我惊讶地回过头来调查阻塞调用冻结原因(被调用进程中的死锁?)。可能,我可以构建一个测试应用程序来重现这个特定的前提条件,但这需要时间。

我发现了许多类似的跟踪和错误报告around the web,表明问题不是设备或供应商特定的(尽管可能是平台版本)。

与之互动的确切服务也无关紧要。

P.S。 logcat的:

03-21 16:21:22.933   772   831 I InputDispatcher: Application is not responding: Window{41000dd8 u0 my.application.package/my.application.package.MyActivity}.  It has been 5008.3ms since event, 5005.7ms since wait started.  Reason: Waiting because the touched window has not finished processing the input events that were previously delivered to it.
03-21 16:21:22.943   772   831 I WindowManager: Input event dispatching timed out sending to my.application.package/my.application.package.MyActivity
03-21 16:21:23.163   772   831 I Process : Sending signal. PID: 16195 SIG: 3
03-21 16:21:23.163 16195 16200 I dalvikvm: threadid=3: reacting to signal 3
03-21 16:21:23.263 16195 16200 I dalvikvm: Wrote stack traces to '/data/anr/traces.txt'
03-21 16:21:23.273   772   831 E ActivityManager: ANR in my.application.package (my.application.package/my.application.package.MyActivity)
03-21 16:21:23.273   772   831 E ActivityManager: Reason: keyDispatchingTimedOut
03-21 16:21:23.273   772   831 E ActivityManager: Load: 0.0 / 0.0 / 0.0
03-21 16:21:23.273   772   831 E ActivityManager: CPU usage from 18140ms to 0ms ago:
-- CPU usage dump, nothing unusual --
03-21 16:21:23.273   772   831 E ActivityManager: 61% TOTAL: 33% user + 27% kernel + 0% iowait + 0.8% softirq
03-21 16:21:23.273   772   831 E ActivityManager: CPU usage from 5686369ms to 5686369ms ago with 0% awake:
03-21 16:21:23.273   772   831 E ActivityManager: 0% TOTAL: 0% user + 0% kernel
03-21 16:21:23.283   772   831 I Process : Sending signal. PID: 16195 SIG: 6
03-21 16:21:23.283 16195 16195 F libc    : Fatal signal 6 (SIGABRT) at 0x00000304 (code=0), thread 16195 (my.application.package)
-- and then the stack dump --

0 个答案:

没有答案
相关问题
最新问题