0
我得到的本機代碼的邪惡的崩潰。 到目前爲止,我的代碼在所有設備上運行良好,除了這一個:SIGILL在NVIDIA的Tegra 2 Android原生代碼(在BL指令)
LG-P990(具有NVIDIA Tegra 2雙核1 GHz處理器)。
LGP990 /原廠/ LGE/LGE_STAR/P990/P990:2.2.2/FRG83G/LGP990-V10D.2ED2ED2216:USER/RELEASE密鑰
它發生的每一次。
崩潰似乎是屬於到libC++(所以我沒有對應的C++代碼)的碼。我必須錯過一些東西,因爲崩潰似乎在BL指令上?
Application.mk被配置爲建立適用於所有平臺,讓有問題的手機應該是使用armeabi-V7A。
1022 1022 I DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
1022 1022 I DEBUG : Build fingerprint: 'lge/lge_star/p990/p990:2.2.2/FRG83G/lgp990-V10d.2ED2ED2216:user/release-keys'
1022 1022 I DEBUG : pid: 3932, tid: 3942 >>> com.package.appdebug <<<
1022 1022 I DEBUG : signal 4 (SIGILL), fault addr 819372a8
1022 1022 I DEBUG : r0 00000000 r1 4056c000 r2 00000000 r3 002fe356
1022 1022 I DEBUG : r4 00000000 r5 002fe354 r6 4a754540 r7 4a7543c8
1022 1022 I DEBUG : r8 4a7543b0 r9 00000000 10 00000000 fp ffffffff
1022 1022 I DEBUG : ip 00000002 sp 4a754310 lr 819372a0 pc 819372a8 cpsr 20000010
1022 1022 I DEBUG : d0 000084c000002601 d1 461c0000bf800000
1022 1022 I DEBUG : d2 461c0800461c0400 d3 bf800000461c0c00
1022 1022 I DEBUG : d4 0000005b00000000 d5 00000000000084c0
1022 1022 I DEBUG : d6 4056c00000000000 d7 4056c00000000000
1022 1022 I DEBUG : d8 0000000000000000 d9 0000000000000000
1022 1022 I DEBUG : d10 0000000000000000 d11 0000000000000000
1022 1022 I DEBUG : d12 0000000000000000 d13 0000000000000000
1022 1022 I DEBUG : d14 0000000000000000 d15 0000000000000000
1022 1022 I DEBUG : scr 20000012
1022 1022 I DEBUG :
1022 1022 I DEBUG : #00 pc 001372a8 /data/data/com.package.appdebug/lib/libthor.so
1022 1022 I DEBUG : #01 lr 819372a0 /data/data/com.package.appdebug/lib/libthor.so
1022 1022 I DEBUG :
1022 1022 I DEBUG : code around pc:
1022 1022 I DEBUG : 81937288 e3a00006 e08f1001 ebfcf395 e1a00005
1022 1022 I DEBUG : 81937298 e28d1004 ebfcf251 e59d3004 e1530005
1022 1022 I DEBUG : 819372a8 ec410b30 eef77be0 edc67a00 0a000002
1022 1022 I DEBUG : 819372b8 e5d33000 e3530000 0a00000c eddf7a25
1022 1022 I DEBUG : 819372c8 e3a03004 edc67a00 e5873000 e3a00006
1022 1022 I DEBUG :
1022 1022 I DEBUG : code around lr:
1022 1022 I DEBUG : 81937280 ebfcf20d e59f10e8 e3a00006 e08f1001
1022 1022 I DEBUG : 81937290 ebfcf395 e1a00005 e28d1004 ebfcf251
1022 1022 I DEBUG : 819372a0 e59d3004 e1530005 ec410b30 eef77be0
1022 1022 I DEBUG : 819372b0 edc67a00 0a000002 e5d33000 e3530000
1022 1022 I DEBUG : 819372c0 0a00000c eddf7a25 e3a03004 edc67a00
1022 1022 I DEBUG :
1022 1022 I DEBUG : stack:
1022 1022 I DEBUG : 4a7542d0 81969250
1022 1022 I DEBUG : 4a7542d4 8192b700 /data/data/com.package.appdebug/lib/libthor.so
1022 1022 I DEBUG : 4a7542d8 0000002d
1022 1022 I DEBUG : 4a7542dc 00000000
1022 1022 I DEBUG : 4a7542e0 00000000
1022 1022 I DEBUG : 4a7542e4 00000000
1022 1022 I DEBUG : 4a7542e8 00000000
1022 1022 I DEBUG : 4a7542ec 00000000
1022 1022 I DEBUG : 4a7542f0 00000000
1022 1022 I DEBUG : 4a7542f4 00000000
1022 1022 I DEBUG : 4a7542f8 00000000
1022 1022 I DEBUG : 4a7542fc 00000000
1022 1022 I DEBUG : 4a754300 002fe354 [heap]
1022 1022 I DEBUG : 4a754304 4a754540
1022 1022 I DEBUG : 4a754308 df002777
1022 1022 I DEBUG : 4a75430c e3a070ad
1022 1022 I DEBUG : #00 4a754310 4a7543c8
1022 1022 I DEBUG : 4a754314 002fe356 [heap]
1022 1022 I DEBUG : 4a754318 4a754368
1022 1022 I DEBUG : 4a75431c 4a754358
1022 1022 I DEBUG : 4a754320 4a754368
1022 1022 I DEBUG : 4a754324 4a7543c8
1022 1022 I DEBUG : 4a754328 002fe354 [heap]
1022 1022 I DEBUG : 4a75432c 4a7543b0
1022 1022 I DEBUG : 4a754330 81969348
1022 1022 I DEBUG : 4a754334 8192cb34 /data/data/com.package.appdebug/lib/libthor.so
1022 1022 I DEBUG : 4a754338 00000000
1022 1022 I DEBUG : 4a75433c ffffffff
1022 1022 I DEBUG : 4a754340 4a754420
1022 1022 I DEBUG : 4a754344 4a7543c8
1022 1022 I DEBUG : 4a754348 4a754368
1022 1022 I DEBUG : 4a75434c 00000000
1022 1022 I DEBUG : 4a754350 4a7543f8
1022 1022 I DEBUG : 4a754354 00000020
這裏的目標文件的反彙編: 崩潰(程序計數器)是地址137270
00137238 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi>:
137238: e92d45f0 push {r4, r5, r6, r7, r8, sl, lr}
13723c: e1a05000 mov r5, r0
137240: e24dd00c sub sp, sp, #12 ; 0xc
137244: e1a06001 mov r6, r1
137248: e3a00006 mov r0, #6 ; 0x6
13724c: e3a01000 mov r1, #0 ; 0x0
137250: e1a07002 mov r7, r2
137254: ebfcf3a4 bl 740ec <_ZN7_JNIEnv12NewGlobalRefEP8_jobject-0x7c>
137258: e250a000 subs sl, r0, #0 ; 0x0
13725c: 01a0400a moveq r4, sl
137260: 0a00000b beq 137294 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0x5c>
137264: ebfcf250 bl 73bac <_ZN7_JNIEnv12NewGlobalRefEP8_jobject-0x5bc>
137268: e2808001 add r8, r0, #1 ; 0x1
13726c: e1a00008 mov r0, r8
137270: eb000b5b bl 139fe4 <_Znaj>
137274: e1a0100a mov r1, sl
137278: e1a02008 mov r2, r8
13727c: e1a04000 mov r4, r0
137280: ebfcf20d bl 73abc <_ZN7_JNIEnv12NewGlobalRefEP8_jobject-0x6ac>
137284: e59f10e8 ldr r1, [pc, #232] ; 137374 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0x13c>
137288: e3a00006 mov r0, #6 ; 0x6
13728c: e08f1001 add r1, pc, r1
137290: ebfcf395 bl 740ec <_ZN7_JNIEnv12NewGlobalRefEP8_jobject-0x7c>
137294: e1a00005 mov r0, r5
137298: e28d1004 add r1, sp, #4 ; 0x4
13729c: ebfcf251 bl 73be8 <_ZN7_JNIEnv12NewGlobalRefEP8_jobject-0x580>
1372a0: e59d3004 ldr r3, [sp, #4]
1372a4: e1530005 cmp r3, r5
1372a8: ec410b30 vmov d16, r0, r1
1372ac: eef77be0 fcvtsd s15, d16
1372b0: edc67a00 fsts s15, [r6]
1372b4: 0a000002 beq 1372c4 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0x8c>
1372b8: e5d33000 ldrb r3, [r3]
1372bc: e3530000 cmp r3, #0 ; 0x0
1372c0: 0a00000c beq 1372f8 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0xc0>
1372c4: eddf7a25 flds s15, [pc, #148]
1372c8: e3a03004 mov r3, #4 ; 0x4
1372cc: edc67a00 fsts s15, [r6]
1372d0: e5873000 str r3, [r7]
1372d4: e3a00006 mov r0, #6 ; 0x6
1372d8: e1a01004 mov r1, r4
1372dc: ebfcf382 bl 740ec <_ZN7_JNIEnv12NewGlobalRefEP8_jobject-0x7c>
1372e0: e3540000 cmp r4, #0 ; 0x0
1372e4: 0a000001 beq 1372f0 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0xb8>
1372e8: e1a00004 mov r0, r4
1372ec: eb0000ea bl 13769c <_ZdaPv>
1372f0: e28dd00c add sp, sp, #12 ; 0xc
1372f4: e8bd85f0 pop {r4, r5, r6, r7, r8, sl, pc}
1372f8: eef00be0 fabsd d16, d16
1372fc: eddf1b15 vldr d17, [pc, #84] ; 137358 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0x120>
137300: eef40be1 fcmped d16, d17
137304: eef1fa10 fmstat
137308: da000005 ble 137324 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0xec>
13730c: eef57ac0 fcmpezs s15
137310: eef1fa10 fmstat
137314: da00000a ble 137344 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0x10c>
137318: eddf7a11 flds s15, [pc, #68]
13731c: edc67a00 fsts s15, [r6]
137320: ea000009 b 13734c <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0x114>
137324: ed9f7a0f flds s14, [pc, #60]
137328: eef47a47 fcmps s15, s14
13732c: eef1fa10 fmstat
137330: 0afffff8 beq 137318 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0xe0>
137334: ed9f7a0c flds s14, [pc, #48]
137338: eef47a47 fcmps s15, s14
13733c: eef1fa10 fmstat
137340: 1affffe3 bne 1372d4 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0x9c>
137344: eddf7a09 flds s15, [pc, #36]
137348: edc67a00 fsts s15, [r6]
13734c: e3a03004 mov r3, #4 ; 0x4
137350: e5873000 str r3, [r7]
137354: eaffffde b 1372d4 <_ZSt14__convert_to_vIfEvPKcRT_RSt12_Ios_IostateRKPi+0x9c>
137358: e0000000 and r0, r0, r0
13735c: 47efffff undefined
137360: 00000000 andeq r0, r0, r0
137364: 7f7fffff svcvc 0x007fffff
137368: 7f800000 svcvc 0x00800000
13736c: ff800000 undefined instruction 0xff800000
137370: ff7fffff undefined instruction 0xff7fffff
137374: 0001caa8 andeq ip, r1, r8, lsr #21
任何想法?
我覺得你的崩潰實際上是發生在0x1372a8 ---如果你看一下位立即寄存器轉儲下面,你可以看到,Android已經自動爲您計算的偏移量。您能否擴展反彙編以包含該地址? – 2012-03-16 11:17:23
順便說一下,總是值得檢查'code around pc'部分中的字節實際上是否與反彙編相匹配,以確保您正在尋找正確的位置。他們不會完美匹配,因爲拆解會在他們修好之前向您顯示說明,但仔細檢查這一點,多次拯救了我的燻肉。 – 2012-03-16 11:18:55
感謝@DavidGiven的偵探工作 - 更新了拆解 – olafure 2012-03-16 11:25:36