> You may be able to just remove the assertion for your purposes.
>
> For some reason a thread in the "running" state is trying to change to
> "running", i.e. it's a do-nothing operation that just wastes time. It
> also represents a potential problem in that a bit of code that was
> assuming it was in some other state has made incorrect assumptions,
> which could lead to a hang or correctness problems (e.g. it thought it
> was in "vmwait" so blocking synchronization ops are okay). The gdb
> backtrace at the point of failure might be interesting, to see which
> bit of code is doing the redundant update.
Cool -- thanks for this (and sorry for the delay). Here's the
backtrace:
0x00ad97fb in dvmChangeStatus (self=0xf0d057d8,
newStatus=THREAD_RUNNING)
at dalvik/vm/Thread.c:3160
3160 assert(oldStatus != THREAD_RUNNING);
(gdb) bt
#0 0x00ad97fb in dvmChangeStatus (self=0xf0d057d8,
newStatus=THREAD_RUNNING)
at dalvik/vm/Thread.c:3160
#1 0x00ab0bb5 in dvmDbgThreadContinuing (status=1) at dalvik/vm/
Debugger.c:502
#2 0x00afb823 in dvmJdwpPostThreadChange (state=0x805dbe8,
threadId=<value optimized out>, start=true)
at dalvik/vm/jdwp/JdwpEvent.c:992
#3 0x00ab3958 in dvmDbgPostThreadStart (thread=0xf0d057d8)
at dalvik/vm/Debugger.c:2605
#4 0x00ada882 in interpThreadStart (arg=0xf0d057d8) at dalvik/vm/
Thread.c:1687
#5 0x0045f919 in start_thread () from /lib/libpthread.so.0
#6 0x0080bd4e in clone () from /lib/libc.so.6
It doesn't look too informative to me. But I can confirm that
taking out the assertion doesn't obviously break anything.
So I can now attach jdb okay, I have a different problem. To make jdb
finish attaching (and give me a prompt) I have to resume the process
in
gdb. If I resume all threads, then I don't have time to intervene
(since
jdb doesn't suspend execution when it attaches) before the failure
happens. If I try running the VM in gdb's "non-stop" mode, it
segfaults.
I'm going to try hacking in a pause just before the problem Java code,
so
that I can suspend from within jdb. But any clues on this segfault?
It
looks like the JNI dispatch table has been trashed---some of the
entries
are plausible, but others are clearly bogus.
(gdb) set non-stop
(gdb) break main
Breakpoint 1 at 0x804f7f2: file frameworks/base/cmds/runtime/
main_runtime.cpp, line 343.
(gdb) run
Starting program: /home/scratch/skell/android-platform-built-gcc/out/
host/linux-x86/pr/sim/system/bin/runtime
ERROR: ld.so: object '/home/scratch/skell/android-platform-built-gcc/
out/host/linux-x86/pr/sim/system/lib/libwrapsim.so' from LD_PRELOAD
cannot be preloaded: ignored.
[Thread debugging using libthread_db enabled]
Breakpoint 1, main (argc=1, argv=0xffffc144)
at frameworks/base/cmds/runtime/main_runtime.cpp:343
343 {
Missing separate debuginfos, use: debuginfo-install alsa-
lib-1.0.23-1.fc13.i686 glibc-2.12.2-1.i686 libgcc-4.4.4-10.fc13.i686
libstdc++-4.4.4-10.fc13.i686
(gdb) break AndroidRuntime.cpp:974
Breakpoint 2 at 0x1f73be: file frameworks/base/core/jni/
AndroidRuntime.cpp, line 974.
(gdb) cont
Continuing.
I/runtime (30688): commandline args:
I/runtime (30688): 0: '/home/scratch/skell/android-platform-built-
gcc/out/host/linux-x86/pr/sim/system/bin/runtime'
I/runtime (30688): Startup: sys='/home/scratch/skell/android-platform-
built-gcc/out/host/linux-x86/pr/sim/system' asset='/home/scratch/skell/
android-platform-built-gcc/out/host/linux-x86/pr/sim/system/app'
data='/home/scratch/skell/android-platform-built-gcc/out/host/linux-
x86/pr/sim/data'
W/ProcessState(30688): Opening '/dev/binder' failed: No such file or
directory
I/runtime (30688): Entered boot_init()!
I/runtime (30688): Binder driver not found. Processes not supported.
I/AndroidRuntime(30688): Using TCP socket for JDWP
I/AndroidRuntime(30688): Assertions enabled: '-ea'
[New Thread 0x1edeb70 (LWP 30923)]
[New Thread 0x28dfb70 (LWP 30924)]
[New Thread 0x32e0b70 (LWP 30925)]
[New Thread 0x3ce1b70 (LWP 30926)]
Breakpoint 2, android::AndroidRuntime::start (this=0x8055fa8,
className=0x80507b0 "com/android/server/SystemServer",
startSystemServer=false) at frameworks/base/core/jni/
AndroidRuntime.cpp:974
974 env->CallStaticVoidMethod(startClass, startMeth,
strArray);
(gdb) step
_JNIEnv::CallStaticVoidMethod (this=0xf6fe1090, clazz=0xf6acce14,
methodID=0xf6fe0f58)
at dalvik/libnativehelper/include/nativehelper/jni.h:789
789 void CallStaticVoidMethod(jclass clazz, jmethodID
methodID, ...)
(gdb) step
792 va_start(args, methodID);
(gdb) step
793 functions->CallStaticVoidMethodV(this, clazz,
methodID, args);
(gdb) step
Program received signal SIGSEGV, Segmentation fault.
0x00000000 in ?? ()
(gdb) bt
#0 0x00000000 in ?? ()
#1 0x001f790a in _JNIEnv::CallStaticVoidMethod (this=0xf6fe1090,
clazz=0xf6acce14, methodID=0xf6fe0f58)
at dalvik/libnativehelper/include/nativehelper/jni.h:793
#2 0x080548c8 in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb) frame 1
#1 0x001f790a in _JNIEnv::CallStaticVoidMethod (this=0xf6fe1090,
clazz=0xf6acce14, methodID=0xf6fe0f58)
at dalvik/libnativehelper/include/nativehelper/jni.h:793
793 functions->CallStaticVoidMethodV(this, clazz,
methodID, args);
(gdb) print *this
$1 = {functions = 0xf6fa6360}
(gdb) print this->functions
$2 = (const JNINativeInterface *) 0xf6fa6360
(gdb) print *this->functions
$3 = {reserved0 = 0xf6fa6360, reserved1 = 0x0, reserved2 = 0x0,
reserved3 = 0x0, GetVersion = 0, DefineClass = 0, FindClass =
0xf68d675e,
FromReflectedMethod = 0, FromReflectedField = 0x30011,
ToReflectedMethod = 0x50000026, GetSuperclass = 0x8062d68,
IsAssignableFrom = 0x7, ToReflectedField = 0, Throw = 0x1, ThrowNew
= 0x14,
ExceptionOccurred = 0, ExceptionDescribe = 0, ExceptionClear =
0xffffffff,
FatalError = 0xf6fa6558, PushLocalFrame = 0, PopLocalFrame = 0,
NewGlobalRef = 0, DeleteGlobalRef = 0x4, DeleteLocalRef =
0xf6a4b948,
IsSameObject = 0x15, NewLocalRef = 0xf6a4b9a0, EnsureLocalCapacity =
0x3a,
AllocObject = 0xf6a4bde8, NewObject = 0x44, NewObjectV =
0xf6a4c9b8,
NewObjectA = 0x4, GetObjectClass = 0xf6a4cad0, IsInstanceOf = 0x5,
GetMethodID = 0xf6a4caf8, CallObjectMethod = 0x3, CallObjectMethodV
= 0x3,
CallObjectMethodA = 0xf6a4b960, CallBooleanMethod = 0xe0000000,
CallBooleanMethodV = 0xf68bf2e8, CallBooleanMethodA = 0x1,
CallByteMethod = 0xf6fa6360, CallByteMethodV = 0xf694afeb,
CallByteMethodA = 0xf68d1e65, CallCharMethod = 0x1a,
CallCharMethodV = 0xd9bf9553, CallCharMethodA = 0x2c7e5503,
CallShortMethod = 0, CallShortMethodV = 0x13b,
CallShortMethodA = 0xf6fa6360, CallIntMethod = 0,
CallIntMethodV = 0xf6fb6a78, CallIntMethodA = 0, CallLongMethod =
0,
CallLongMethodV = 0, CallLongMethodA = 0xf68d75d9, CallFloatMethod =
0,
CallFloatMethodV = 0x30001, CallFloatMethodA = 0x50000000,
CallDoubleMethod = 0x8062d68, CallDoubleMethodV = 0x7,
CallDoubleMethodA = 0, CallVoidMethod = 0x1, CallVoidMethodV =
0x50,
CallVoidMethodA = 0, CallNonvirtualObjectMethod = 0,
CallNonvirtualObjectMethodV = 0xffffffff,
CallNonvirtualObjectMethodA = 0xf6fa6558,
CallNonvirtualBooleanMethod = 0,
CallNonvirtualBooleanMethodV = 0, CallNonvirtualBooleanMethodA = 0,
CallNonvirtualByteMethod = 0x1, CallNonvirtualByteMethodV =
0xf6a43008,
CallNonvirtualByteMethodA = 0x18, CallNonvirtualCharMethod =
0xf6a43158,
CallNonvirtualCharMethodV = 0x21, CallNonvirtualCharMethodA =
0xf6a43640,
CallNonvirtualShortMethod = 0x2b, CallNonvirtualShortMethodV =
0xf6a44010,
CallNonvirtualShortMethodA = 0x1, CallNonvirtualIntMethod =
0xf6a440c8,
CallNonvirtualIntMethodV = 0x1, CallNonvirtualIntMethodA =
0xf6a440d8,
CallNonvirtualLongMethod = 0x10, CallNonvirtualLongMethodV = 0xa,
CallNonvirtualLongMethodA = 0xf6a43010,
CallNonvirtualFloatMethod = 0xffc00000,
CallNonvirtualFloatMethodV = 0xf69104bc, CallNonvirtualFloatMethodA
= 0x6,
CallNonvirtualDoubleMethod = 0xf6fa6420,
CallNonvirtualDoubleMethodV = 0xf68fcc3d,
CallNonvirtualDoubleMethodA = 0xf68ce671, CallNonvirtualVoidMethod =
0x19,
CallNonvirtualVoidMethodV = 0xa, CallNonvirtualVoidMethodA =
0xf6fa6420,
GetFieldID = 0xf6fa6420, GetObjectField = 0xf68fd08b,
GetBooleanField = 0xf68ce671, GetByteField = 0x19, GetCharField =
0x1,
GetShortField = 0xf6fa6420, GetIntField = 0xf6fa6420,
GetLongField = 0xf68fde98, GetFloatField = 0xf68ce671,
GetDoubleField = 0x1a, SetObjectField = 0xf4240,
SetBooleanField = 0xf6fa6420, SetByteField = 0xf6fa6420,
SetCharField = 0xf68fe29b, SetShortField = 0xf68ce671, SetIntField =
0x19,
SetLongField = 0x5, SetFloatField = 0xf6fa6420, SetDoubleField =
0xf6fa6420,
GetStaticMethodID = 0xf6922173, CallStaticObjectMethod =
0xf68ce671,
CallStaticObjectMethodV = 0xa, CallStaticObjectMethodA = 0x5,
CallStaticBooleanMethod = 0, CallStaticBooleanMethodV = 0xf6fa6420,
CallStaticBooleanMethodA = 0xf6924052, CallStaticByteMethod =
0xf68d75ac,
CallStaticByteMethodV = 0xa, CallStaticByteMethodA = 0,
CallStaticCharMethod = 0, CallStaticCharMethodV = 0,
CallStaticCharMethodA = 0xab, CallStaticShortMethod = 0xf6fa6360,
CallStaticShortMethodV = 0, CallStaticShortMethodA = 0,
CallStaticIntMethod = 0, CallStaticIntMethodV = 0,
CallStaticIntMethodA = 0,
---Type <return> to continue, or q <return> to quit---q
CQuit
(gdb) print *this->functions->CallStaticVoidMethodV
Cannot access memory at address 0x0
I'll keep digging on this one... I can confirm that at the same point
when not in non-stop
mode, all the function pointers look sane. The pause hack will
probably be enough to
get me going anyway. But as always, thanks for any suggestions!
Stephen
--
unsubscribe: android-porting+unsubscr...@googlegroups.com
website: http://groups.google.com/group/android-porting
