死机问题的解决 - 反汇编的应用(2)
遇到死机问题,有如下提示:
==============================================================================================================
> do_page_fault() #2: sending SIGSEGV to #UIFrameworkTas for invalid read access from
0000000c (epc == 2af0b124, ra == 2ab1d7f8)
(!) [ 483: 0.000] --> Caught signal 11 (at 0xc, invalid address) <--
(!!!) *** WARNING [still objects in 'Layer Region Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Layer Context Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Surface Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
Aborted
==============================================================================================================
epc 应该是应用程序Crash时程序指针地址,ra 应该是当前函数要返回的地址。
反汇编:
/opt/tuxbuilder-1.0/mipsel-unknown-linux-gnu/cross/bin/mipsel-unknown-linux-gnu-objdump -D stb225/build_STBmico_NANDflash_HDdecoding/rootfs/opt/nxp/bin/appCabotMico > dumplog
到dumplog中找两个地址或其近似地址,没有!!!
估计两个地址源于动态库文件中,方法是把动态库作为静态库链接到程序中,再进行反汇编。
关键需要加入IceAuroraDVR, tmNxpDVR等库,方法如下:
IceAuroraDVR - makefile
all: lib
+ rm $(BUILDROOT)/rootfs/opt/nxp/lib/libIceAuroraDVR.so //大概目的是使appCabotMico在链接时找不到动态库,然后找静态库
tmNxpDVR - makefile
all: lib
+ rm $(BUILDROOT)/rootfs/opt/nxp/lib/libtmNxpDVR.so
tmNxpMediaPlayer - makefile
all: lib
+ rm $(BUILDROOT)/rootfs/opt/nxp/lib/libtmNxpMediaPlayer.so
appCabotMico - makefile
LIBS = tmUIPenguinDVR \
IceAuroraDVR \
- tmNxpDVR
+ tmNxpDVR \
+ tmNxpMediaPlayer \
+ phStbKBufMgr \
+ phStbVideoRenderer \
+ phStbImage \
+ tmhwClock
这样,重新生成appCabotMico, 复现死机问题,得到如下打印:
==============================================================================================================
> do_page_fault() #2: sending SIGSEGV to #UIFrameworkTas for invalid read access from
0000000c (epc == 2ac21124, ra == 004b70f8)
(!) [ 594: 0.000] --> Caught signal 11 (at 0xc, invalid address) <--
(!!!) *** WARNING [still objects in 'Layer Region Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Layer Context Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Surface Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
Aborted
==============================================================================================================
反汇编:
/opt/tuxbuilder-1.0/mipsel-unknown-linux-gnu/cross/bin/mipsel-unknown-linux-gnu-objdump -D stb225/build_STBmico_NANDflash_HDdecoding/rootfs/opt/nxp/bin/appCabotMico > dumplog
打开dumplog, 查找近似地址,发现:
==============================================================================================================
004b70d0 <FROST_MutexLock>:
... ...
4b70f8: 0320f809 jalr t9
... ...
==============================================================================================================
所以问题应该是:FROST_MutexLock调用了某个函数,在该函数内部(epc == 2ac21124)出现非法地址访问。
发现FROST_MutexLock()函数没有排除Null指针的问题,修正后情况发生变化,该函数不再有问题,但是出现其它错误。信息如下:
==============================================================================================================
00000018 (epc == 004b712c, ra == 00658fcc)
(!) [ 668: 0.000] --> Caught signal 11 (at 0x18, invalid address) <--
(!!!) *** WARNING [still objects in 'Layer Region Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Layer Context Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Surface Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
Aborted
==============================================================================================================
反汇编:
/opt/tuxbuilder-1.0/mipsel-unknown-linux-gnu/cross/bin/mipsel-unknown-linux-gnu-objdump -D stb225/build_STBmico_NANDflash_HDdecoding/rootfs/opt/nxp/bin/appCabotMico > dumplog
打开dumplog,查找地址发现
==============================================================================================================
004b711c <FROST_MutexUnlock>:
... ...
4b712c: 03200008 jr t9
... ...
00658d2c <_ZN7DemoApp16onUsbDetectTimerERK14UITimerMessage>:
... ...
658fcc: 8fbc0040 lw gp,64(sp)
... ...
==============================================================================================================
说明: DemoApp::onUsbDetectTimer::UITimerMessage()
调用FROST_MutexLock()出现非法访问。
遇到死机问题,有如下提示:
==============================================================================================================
> do_page_fault() #2: sending SIGSEGV to #UIFrameworkTas for invalid read access from
0000000c (epc == 2af0b124, ra == 2ab1d7f8)
(!) [ 483: 0.000] --> Caught signal 11 (at 0xc, invalid address) <--
(!!!) *** WARNING [still objects in 'Layer Region Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Layer Context Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Surface Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
Aborted
==============================================================================================================
epc 应该是应用程序Crash时程序指针地址,ra 应该是当前函数要返回的地址。
反汇编:
/opt/tuxbuilder-1.0/mipsel-unknown-linux-gnu/cross/bin/mipsel-unknown-linux-gnu-objdump -D stb225/build_STBmico_NANDflash_HDdecoding/rootfs/opt/nxp/bin/appCabotMico > dumplog
到dumplog中找两个地址或其近似地址,没有!!!
估计两个地址源于动态库文件中,方法是把动态库作为静态库链接到程序中,再进行反汇编。
关键需要加入IceAuroraDVR, tmNxpDVR等库,方法如下:
IceAuroraDVR - makefile
all: lib
+ rm $(BUILDROOT)/rootfs/opt/nxp/lib/libIceAuroraDVR.so //大概目的是使appCabotMico在链接时找不到动态库,然后找静态库
tmNxpDVR - makefile
all: lib
+ rm $(BUILDROOT)/rootfs/opt/nxp/lib/libtmNxpDVR.so
tmNxpMediaPlayer - makefile
all: lib
+ rm $(BUILDROOT)/rootfs/opt/nxp/lib/libtmNxpMediaPlayer.so
appCabotMico - makefile
LIBS = tmUIPenguinDVR \
IceAuroraDVR \
- tmNxpDVR
+ tmNxpDVR \
+ tmNxpMediaPlayer \
+ phStbKBufMgr \
+ phStbVideoRenderer \
+ phStbImage \
+ tmhwClock
这样,重新生成appCabotMico, 复现死机问题,得到如下打印:
==============================================================================================================
> do_page_fault() #2: sending SIGSEGV to #UIFrameworkTas for invalid read access from
0000000c (epc == 2ac21124, ra == 004b70f8)
(!) [ 594: 0.000] --> Caught signal 11 (at 0xc, invalid address) <--
(!!!) *** WARNING [still objects in 'Layer Region Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Layer Context Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Surface Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
Aborted
==============================================================================================================
反汇编:
/opt/tuxbuilder-1.0/mipsel-unknown-linux-gnu/cross/bin/mipsel-unknown-linux-gnu-objdump -D stb225/build_STBmico_NANDflash_HDdecoding/rootfs/opt/nxp/bin/appCabotMico > dumplog
打开dumplog, 查找近似地址,发现:
==============================================================================================================
004b70d0 <FROST_MutexLock>:
... ...
4b70f8: 0320f809 jalr t9
... ...
==============================================================================================================
所以问题应该是:FROST_MutexLock调用了某个函数,在该函数内部(epc == 2ac21124)出现非法地址访问。
发现FROST_MutexLock()函数没有排除Null指针的问题,修正后情况发生变化,该函数不再有问题,但是出现其它错误。信息如下:
==============================================================================================================
00000018 (epc == 004b712c, ra == 00658fcc)
(!) [ 668: 0.000] --> Caught signal 11 (at 0x18, invalid address) <--
(!!!) *** WARNING [still objects in 'Layer Region Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Layer Context Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
(!!!) *** WARNING [still objects in 'Surface Pool'] *** [object.c:241 in fusion_object_pool_destroy()]
Aborted
==============================================================================================================
反汇编:
/opt/tuxbuilder-1.0/mipsel-unknown-linux-gnu/cross/bin/mipsel-unknown-linux-gnu-objdump -D stb225/build_STBmico_NANDflash_HDdecoding/rootfs/opt/nxp/bin/appCabotMico > dumplog
打开dumplog,查找地址发现
==============================================================================================================
004b711c <FROST_MutexUnlock>:
... ...
4b712c: 03200008 jr t9
... ...
00658d2c <_ZN7DemoApp16onUsbDetectTimerERK14UITimerMessage>:
... ...
658fcc: 8fbc0040 lw gp,64(sp)
... ...
==============================================================================================================
说明: DemoApp::onUsbDetectTimer::UITimerMessage()
调用FROST_MutexLock()出现非法访问。
