Android System Crash Analysis.
需要文件:
1:串口现象dmesg
2:logcat 信息
3:./data/tombstones.//有debuggerd守护进程,输出到此文件stombstones_0x,最多有十个文件.
需要工具
1 addr2line //android/jb-4.x/prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.6/bin/arm-linux-androideabi-addr2line
参数:
a) -e:指定要解析的目标文件,比如.so文件或者可执行文件
b) -f:显示函数名字
eg:/android/jb-4.x/prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.6/bin/arm-linux-androideabi-addr2line -e dtv_svc -f 0xXXXXX;
2 objdump //android/jb-4.x/prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.6/bin/arm-linux-androideabi-objdump
eg: android/jb-4.x/prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.6/bin/arm-linux-androideabi-objdump -S dtv_svc > dump.txt
问题分类
(1) Data Abort /null point (sigal 11)
特点:fault addr 0000000X. addr值比较少.
1):内核态(Kernel Space) Crash..
A.对于串口打印的死机,选择ultraedit打开,Ctrl+F,输入查找关键字,这个通常是因人喜好而异的,我个人比较喜欢输入pc is ,此时定位到的就是死机的瞬间的PC指针的位置,
如下图所示
B:接下面就是call stack.
C:通过objdump dump vmlinx 为汇编代码结合,r0-r3找到对应的函数点.
2) Android 用户态(User Space) Crash
A:对于logcat的信息,我通常习惯输入fatal关键字来查找.找出callstack pc指针.
B:用objdump,程序为汇编代码,根据 code around PC 在代码走查找.对应的地址指针/指令指针.
参考:<<Segment default debug>>
(2) 多线程同步
1)一个线程释放资源,另外一个线程引用.一般通过logcat - v threatime& 来分析.
(3) Memeroy corruption.
1)通过Valgrind memory check tool查
2)改code 支持coredump 来查.
3)参考<<Android中native进程内存泄露的调试技巧.>>
Q&A
Q(1) 怎么在release 的code中编译带symbol的 code.
//加build command SYM_SUPPORT=true
Q(2) tombstone 具体分析
//参考:http://wonview.blog.163.com/blog/static/5850132720121128056704/
Q(3) signal NO 的含义.
SIGHUP 1 Term Hangup detected on controlling terminal
or death of controlling process
SIGINT 2 Term Interrupt from keyboard
SIGQUIT 3 Core Quit from keyboard
SIGILL 4 Core Illegal Instruction
SIGABRT 6 Core Abort signal from abort(3)
SIGFPE 8 Core Floating point exception
SIGKILL 9 Term Kill signal
SIGSEGV 11 Core Invalid memory reference
SIGPIPE 13 Term Broken pipe: write to pipe with no readers
SIGALRM 14 Term Timer signal from alarm(2)
SIGTERM 15 Term Termination signal
SIGUSR1 30,10,16 Term User-defined signal 1
SIGUSR2 31,12,17 Term User-defined signal 2
SIGCHLD 20,17,18 Ign Child stopped or terminated
SIGCONT 19,18,25 Continue if stopped
SIGSTOP 17,19,23 Stop Stop process
SIGTSTP 18,20,24 Stop Stop typed at tty
SIGTTIN 21,21,26 Stop tty input for background process
SIGTTOU 22,22,27 Stop tty output for background process
Q(4)怎么关掉watchdog
//进入到cli,输入:b.so -w 0 0; b.so -p 0