2. 对于很多其他的异常信号 (SIGILL, SIGABRT, SIGBUS, SIGFPE, SIGSEGV, SIGSTKFLT ), Android进程 在退出前,会生成 tombstone文件。记录该进程退出前的轨迹。一个典型的tombstone文件内容如下:
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** Build fingerprint: 'verizon/pasteur/pasteur:3.2.2/1.6.0_241/eng.drmn68.20111115.094123:eng/test-keys' pid: 181, tid: 322 >>> /system/bin/mediaserver <<< signal 8 (SIGFPE), code 0 (?), fault addr 000000b5 r0 00000000 r1 00000008 r2 ffffffff r3 00000020 r4 00000008 r5 00000000 r6 000000a5 r7 00000025 r8 662f9c00 r9 662f9c00 10 00000001 fp 00000000 ip aff17699 sp 4057f9dc lr aff176a7 pc aff0c684 cpsr 00000010 d0 6f762f6f69647502 d1 0000562202000000 d2 0000000400000300 d3 400120dc00000000 d4 0000000000000000 d5 0000000000000000 d6 3ce449db86666666 d7 3e4ccccd3e4ccccd d8 000000000035c6a8 d9 000000000035c6a8 d10 0000000000000000 d11 0000000000000000 d12 0000000000000000 d13 0000000000000000 d14 0000000000000000 d15 0000000000000000 d16 0000000000000000 d17 3e582f8f86b6a000 d18 3fe0000000000000 d19 3fe000000c17c7c3 d20 3f11504c292739d4 d21 bebbb371092382c4 d22 3ff0000000000000 d23 3ff43d135cda918c d24 3e66376972bea4d0 d25 0000000000000000 d26 0000000000000000 d27 0000000000000000 d28 0000000000000000 d29 0000000000000000 d30 0000000000000000 d31 0000000000000000 scr 20000010 #00 pc 0000c684 /system/lib/libc.so (kill) #01 pc 000176a4 /system/lib/libc.so (raise) libc base address: aff00000 code around pc: aff0c664 e2601000 e0100001 116f0f10 12600020 aff0c674 e12fff1e e92d50f0 e3a07025 ef000000 aff0c684 e8bd50f0 e1b00000 512fff1e ea00ade7 aff0c694 e92d50f0 e3a070ee ef000000 e8bd50f0 aff0c6a4 e1b00000 512fff1e ea00ade0 f5d0f000 code around lr: aff17684 00029e2e 461cb537 e9cd17dd f7f34500 aff17694 bd3eef02 4604b510 ed5ef7f3 f7f44621 aff176a4 bd10efea 49034602 2300b510 f7f44802 aff176b4 bd10edf6 28121969 fee1dead 2400b513 aff176c4 94019400 ec9cf7f4 bf00bd1c 4c11b570 stack: 4057f99c a2b6fd15 /system/lib/libstagefright.so 4057f9a0 00000000 4057f9a4 a2b6fe51 /system/lib/libstagefright.so 4057f9a8 000fb02c 4057f9ac a2b6fde7 /system/lib/libstagefright.so 4057f9b0 4057fa14 4057f9b4 000fb030 4057f9b8 00000000 4057f9bc a2b6fe79 /system/lib/libstagefright.so 4057f9c0 000fafe0 4057f9c4 00000000 4057f9c8 4057fa14 4057f9cc a2b6fe59 /system/lib/libstagefright.so 4057f9d0 00000001 4057f9d4 a801e509 /system/lib/libutils.so 4057f9d8 4057fa14 #01 4057f9dc 00000008 4057f9e0 00000000 4057f9e4 000000a5 4057f9e8 00000000 4057f9ec aff17699 /system/lib/libc.so 4057f9f0 aff176a7 /system/lib/libc.so 4057f9f4 00000000 4057f9f8 aff0e154 /system/lib/libc.so 4057f9fc 00000000 4057fa00 aff0cf84 /system/lib/libc.so 4057fa04 aff0cf94 /system/lib/libc.so 4057fa08 00000000 4057fa0c 000000a5 4057fa10 00000000 4057fa14 aff0fca4 /system/lib/libc.so 4057fa18 662f9c00 4057fa1c 000000a5 4057fa20 00000000 --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- pid: 181, tid: 181 r0 fffffe00 r1 c0186201 r2 be8b8b98 r3 be8b8b94 r4 0000f5e0 r5 0000f5b0 r6 0000f610 r7 00000036 r8 00000001 r9 0000f5cc 10 0000f5b8 fp 00000000 ip a812336c sp be8b8b78 lr aff25e19 pc aff0b680 cpsr 80000010 d0 000f891000000000 d1 00000004be8b8b00 d2 0069006400650000 d3 00410049002e0000 d4 0000000000000000 d5 0000000000000000 d6 4208000041880000 d7 0000000041a00000 d8 0000000000000000 d9 0000000000000000 d10 0000000000000000 d11 0000000000000000 d12 0000000000000000 d13 0000000000000000 d14 0000000000000000 d15 0000000000000000 d16 0000000000000000 d17 0000000000000000 d18 4000000000000000 d19 3fcce7359d4792d9 d20 3f11504c292739d4 d21 bebbb371092382c4 d22 3ff0000000000000 d23 3ff43d135cda918c d24 3e66376972bea4d0 d25 0000000000000000 d26 0000000000000000 d27 0000000000000000 d28 0000000000000000 d29 0000000000000000 d30 0000000000000000 d31 0000000000000000 scr 60000010 #00 pc 0000b680 /system/lib/libc.so (__ioctl) #01 pc 00025e16 /system/lib/libc.so (ioctl) #02 pc 00016202 /system/lib/libbinder.so (_ZN7android14IPCThreadState14talkWithDriverEb) #03 pc 00016afc /system/lib/libbinder.so (_ZN7android14IPCThreadState14joinThreadPoolEb) #04 pc 00008a94 /system/bin/mediaserver #05 pc 00014aa0 /system/lib/libc.so (__libc_init) libc base address: aff00000 code around pc: aff0b660 ef000000 e8bd0090 e1b00000 512fff1e aff0b670 ea00b1ef e92d0090 e3a07036 ef000000 aff0b680 e8bd0090 e1b00000 512fff1e ea00b1e8 aff0b690 e92d0090 e3a07091 ef000000 e8bd0090 aff0b6a0 e1b00000 512fff1e ea00b1e1 e92d0090 ...
可以看出,它同样包含很多重要的信息(特别是 stack )来帮助我们查找异常的原因。分析tombstone的方法,将单独成篇。我们看到,多数signal的产生是由于某种内部错误。我们在在开发过程中,当然也可以通过系统调用故意生成signal给某进程。主要的方法如果:
1. 在kernel里 使用 kill_proc_info()
2. 在native应用中 使用 kill() 或者raise()
3. java 应用中使用 Procees.sendSignal()等
但是在测试中,最简单的方法某过于通过 adb 工具了。一个典型场景是:
adb root adb shell ps adb shell kill -3 513