0

墓碑:

05-24 09:56:30.999 W/chromium( 2075): external/chromium/net/disk_cache/backend_impl.cc:1829: [0524/095631:WARNING:backend_impl.cc(1829)] Destroying invalid entry.
05-24 09:56:31.019 W/chromium( 2075): external/chromium/net/disk_cache/backend_impl.cc:1829: [0524/095631:WARNING:backend_impl.cc(1829)] Destroying invalid entry.
05-24 09:56:31.069 W/chromium( 2075): external/chromium/net/disk_cache/backend_impl.cc:1829: [0524/095631:WARNING:backend_impl.cc(1829)] Destroying invalid entry.
05-24 09:56:31.289 D/        ( 2075): ++++++++++++++++++++++Setting up the canvas ID to be 1
05-24 09:56:31.499 W/chromium( 2075): external/chromium/net/disk_cache/backend_impl.cc:1829: [0524/095631:WARNING:backend_impl.cc(1829)] Destroying invalid entry.
05-24 09:56:31.629 D/        ( 2075): ++++++++++++++++++++++Setting up the canvas ID to be 2
05-24 09:56:32.409 W/chromium( 2075): external/chromium/net/disk_cache/backend_impl.cc:1829: [0524/095632:WARNING:backend_impl.cc(1829)] Destroying invalid entry.
05-24 09:56:32.429 F/libc    ( 2075): Fatal signal 11 (SIGSEGV) at 0x6628eab0 (code=1)
05-24 09:56:32.779 I/battery_level(  316): [99,4160,26]
05-24 09:56:32.929 I/DEBUG   ( 2021): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
05-24 09:56:32.929 I/DEBUG   ( 2021): Build fingerprint: 'qcom/msm7627a/msm7627a:4.0.4/IMM76I/TBW592315_8532_V006002:eng/test-keys'
05-24 09:56:32.929 I/DEBUG   ( 2021): pid: 2075, tid: 2101  >>> com.android.browser <<<
05-24 09:56:32.929 I/DEBUG   ( 2021): signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 6628eab0
05-24 09:56:32.929 I/DEBUG   ( 2021):  r0 6628ea00  r1 00fdd890  r2 00000000  r3 00fd7630
05-24 09:56:32.929 I/DEBUG   ( 2021):  r4 0069002f  r5 00007f41  r6 00000140  r7 005f3c3c
05-24 09:56:32.929 I/DEBUG   ( 2021):  r8 00627540  r9 00000000  10 00000000  fp 00000000
05-24 09:56:32.929 I/DEBUG   ( 2021):  ip 00000032  sp 505a3b10  lr 4ef47aa9  pc 4ee35416  cpsr 20000030
05-24 09:56:32.929 I/DEBUG   ( 2021):  d0  7fffffff7fffffff  d1  000000d67fffffff
05-24 09:56:32.929 I/DEBUG   ( 2021):  d2  000001087fffffff  d3  000001400000000a
05-24 09:56:32.929 I/DEBUG   ( 2021):  d4  000053467fffffff  d5  0000555c7fffffff
05-24 09:56:32.929 I/DEBUG   ( 2021):  d6  000001360000000a  d7  3f8000003f800000
05-24 09:56:32.929 I/DEBUG   ( 2021):  d8  0000000000000000  d9  0000000000000000
05-24 09:56:32.929 I/DEBUG   ( 2021):  d10 0000000000000000  d11 0000000000000000
05-24 09:56:32.929 I/DEBUG   ( 2021):  d12 0000000000000000  d13 0000000000000000
05-24 09:56:32.929 I/DEBUG   ( 2021):  d14 0000000000000000  d15 0000000000000000
05-24 09:56:32.929 I/DEBUG   ( 2021):  d16 0000000000000000  d17 0000000000000000
05-24 09:56:32.929 I/DEBUG   ( 2021):  d18 0000580a7fffffff  d19 00005a207fffffff
05-24 09:56:32.929 I/DEBUG   ( 2021):  d20 000001360000000a  d21 00007ee27fffffff
05-24 09:56:32.929 I/DEBUG   ( 2021):  d22 00007ef47fffffff  d23 000000940000000a
05-24 09:56:32.929 I/DEBUG   ( 2021):  d24 3f3dca01dca01dca  d25 0000000000000000
05-24 09:56:32.929 I/DEBUG   ( 2021):  d26 bffb333333333335  d27 3eb0c6f7a0b5ed8d
05-24 09:56:32.929 I/DEBUG   ( 2021):  d28 3fe388f9fb2975c8  d29 3ff0000000000000
05-24 09:56:32.929 I/DEBUG   ( 2021):  d30 0000000000000000  d31 3ff0000000000000
05-24 09:56:32.929 I/DEBUG   ( 2021):  scr 60000011
05-24 09:56:32.929 I/DEBUG   ( 2021): 
05-24 09:56:33.069 I/DEBUG   ( 2021):          #00  pc 00143416  /system/lib/libwebcore.so
05-24 09:56:33.069 I/DEBUG   ( 2021):          #01  pc 00255aa4  /system/lib/libwebcore.so
05-24 09:56:33.069 I/DEBUG   ( 2021):          #02  pc 00255e08  /system/lib/libwebcore.so
05-24 09:56:33.069 I/DEBUG   ( 2021):          #03  pc 00255e74  /system/lib/libwebcore.so
05-24 09:56:33.069 I/DEBUG   ( 2021):          #04  pc 00020130  /system/lib/libdvm.so (dvmPlatformInvoke)
05-24 09:56:33.069 I/DEBUG   ( 2021):          #05  pc 0005a01e  /system/lib/libdvm.so (_Z16dvmCallJNIMethodPKjP6JValuePK6MethodP6Thread)
05-24 09:56:33.069 I/DEBUG   ( 2021): 
05-24 09:56:33.069 I/DEBUG   ( 2021): code around pc:
05-24 09:56:33.069 I/DEBUG   ( 2021): 4ee353f4 477069c0 32f8f8d0 6a18b10b 2000b900  .ipG...2...j... 
05-24 09:56:33.069 I/DEBUG   ( 2021): 4ee35404 bf004770 f8d0b510 b14b32f0 b13c6a1c  pG.......2K..j<.
05-24 09:56:33.069 I/DEBUG   ( 2021): 4ee35414 f8d06820 462030b0 b1084798 e0004620   h...0 F.G.. F..
05-24 09:56:33.069 I/DEBUG   ( 2021): 4ee35424 bd102000 4606b570 6b44460d 4620e004  . ..p..F.FDk.. F
05-24 09:56:33.069 I/DEBUG   ( 2021): 4ee35434 f7ff4629 6ae4fff7 d1f82c00 32f8f8d6  )F.....j.,.....2
05-24 09:56:33.079 I/DEBUG   ( 2021): 
05-24 09:56:33.079 I/DEBUG   ( 2021): code around lr:
05-24 09:56:33.079 I/DEBUG   ( 2021): 4ef47a88 f8cd961c 4649906c 901d4605 f840a81e  ....l.IF.F....@.
05-24 09:56:33.079 I/DEBUG   ( 2021): 4ef47a98 90059d10 301c6d60 9804e050 fcb0f6ed  ....`m.0P.......
05-24 09:56:33.079 I/DEBUG   ( 2021): 4ef47aa8 28004683 6843d046 c02df893 01c1f3cc  .F.(F.Ch..-.....
05-24 09:56:33.079 I/DEBUG   ( 2021): 4ef47ab8 d13f2900 f8d09a04 f8d0a024 f1029028  .)?.....$...(...
05-24 09:56:33.079 I/DEBUG   ( 2021): 4ef47ac8 e00c001c 93034618 fc9af6ed b1189b03  .....F..........
05-24 09:56:33.079 I/DEBUG   ( 2021): 
05-24 09:56:33.079 I/DEBUG   ( 2021): memory map around addr 6628eab0:
05-24 09:56:33.079 I/DEBUG   ( 2021): 5ee48000-5ee68000 
05-24 09:56:33.079 I/DEBUG   ( 2021): (no map for address)
05-24 09:56:33.079 I/DEBUG   ( 2021): b0001000-b0009000 /system/bin/linker
05-24 09:56:33.079 I/DEBUG   ( 2021): 
05-24 09:56:33.079 I/DEBUG   ( 2021): stack:
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3ad0  408aaebb  /system/lib/libdvm.so
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3ad4  010d4060  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3ad8  010d2678  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3adc  010d2678  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3ae0  005f3c3c  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3ae4  505a3bf0  
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3ae8  4bd9fdf8  
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3aec  4d26c6c1  /data/dalvik-cache/system@framework@framework.jar@classes.dex
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3af0  00b7ec48  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3af4  4ef45da5  /system/lib/libwebcore.so
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3af8  00627540  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3afc  00000001  
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b00  005f3bc0  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b04  4ee36b3f  /system/lib/libwebcore.so
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b08  df0027ad  
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b0c  00000000  
05-24 09:56:33.079 I/DEBUG   ( 2021): #00 505a3b10  005f3bc0  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b14  4ef47aa9  /system/lib/libwebcore.so
05-24 09:56:33.079 I/DEBUG   ( 2021): #01 505a3b18  00000032  
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b1c  0116a5a4  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b20  00000268  
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b24  0065f5a0  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b28  00fdd890  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b2c  505a3b80  
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b30  013ef740  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b34  400e6598  
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b38  00000020  
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b3c  400e6554  
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b40  013ef748  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b44  013ef748  [heap]
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b48  505a3b74  
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b4c  4bedc498  /dev/ashmem/dalvik-LinearAlloc (deleted)
05-24 09:56:33.079 I/DEBUG   ( 2021):     505a3b50  408c7fe0  /system/lib/libdvm.so
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b54  fba765f4  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b58  b0d00005  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b5c  505a3b94  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b60  408aaebb  /system/lib/libdvm.so
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b64  010768a8  [heap]
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b68  006ab848  [heap]
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b6c  b0d00005  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b70  4bd9fdf8  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b74  4d26c6c1  /data/dalvik-cache/system@framework@framework.jar@classes.dex
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b78  505a3c04  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b7c  4085c213  /system/lib/libdvm.so
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b80  00000000  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b84  00000000  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b88  00000140  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b8c  00007f41  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b90  a4400001  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b94  005f3bc0  [heap]
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b98  010768a8  [heap]
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3b9c  505a3bd0  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3ba0  005f3c3c  [heap]
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3ba4  505a3bf0  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3ba8  4bd9fdf8  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3bac  4d26c6c1  /data/dalvik-cache/system@framework@framework.jar@classes.dex
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3bb0  505a3c04  
05-24 09:56:33.089 I/DEBUG   ( 2021):     505a3bb4  4ef47e0d  /system/lib/libwebcore.so

libwebcore.so 纳米:

00143268 0000007e t WebCore::dispatchEventsOnWindowAndFocusedNode(WebCore::Document*, bool)
001432e8 000000a4 t WebCore::FocusController::setActive(bool)
0014338c 00000062 t WebCore::FocusController::setFocused(bool)          
001433f0 00000008 t WebCore::Frame::settings() const
001433f8 0000000e t WebCore::Frame::contentRenderer() const            
00143408 00000020 t WebCore::Frame::ownerRenderer() const                    
00143428 0000003a t WebCore::Frame::updateContentsScale(float)          
00143464 00000018 t WTF::RefPtr<WebCore::DOMWindow>::operator=(WebCore::DOMWindow*)    
0014347c 0000002e t WebCore::Frame::disconnectOwnerElement()

libwebcore.so objdump:

00143408 <_ZNK7WebCore5Frame13ownerRendererEv>:
  143408:       b510            push    {r4, lr}             
  14340a:       f8d0 32f0       ldr.w   r3, [r0, #752]                  
  14340e:       b14b            cbz     r3, 143424 <_ZNK7WebCore5Frame13ownerRendererEv+0x1c>
  143410:       6a1c            ldr     r4, [r3, #32]                  
  143412:       b13c            cbz     r4, 143424 <_ZNK7WebCore5Frame13ownerRendererEv+0x1c>
  143414:       6820            ldr     r0, [r4, #0]
  143416:       f8d0 30b0       ldr.w   r3, [r0, #176]                                 
  14341a:       4620            mov     r0, r4                           
  14341c:       4798            blx     r3
  14341e:       b108            cbz     r0, 143424 <_ZNK7WebCore5Frame13ownerRendererEv+0x1c>
  143420:       4620            mov     r0, r4                                         
  143422:       e000            b.n     143426 <_ZNK7WebCore5Frame13ownerRendererEv+0x1e>
  143424:       2000            movs    r0, #0                                         
  143426:       bd10            pop     {r4, pc}

我将此问题缩小到 C++ 函数 Frame::ownerRenderer(),
源代码:

RenderPart* Frame::ownerRenderer() const
{
    HTMLFrameOwnerElement* ownerElement = m_ownerElement;
    if (!ownerElement)
        return 0;
    RenderObject* object = ownerElement->renderer();
    if (!object)
        return 0;
    // FIXME: If <object> is ever fixed to disassociate itself from frames
    // that it has started but canceled, then this can turn into an ASSERT
    // since m_ownerElement would be 0 when the load is canceled.
    // https://bugs.webkit.org/show_bug.cgi?id=18585
    if (!object->isRenderPart())
        return 0;
    return toRenderPart(object);
}

但是我很困惑,在这个函数中每个引用都有 assert(NULL) 过程,为什么它也会产生 SIGSEGV ?

4

2 回答 2

1

您的指针不是这一事实NULL并不意味着它们也是有效的指针。你确定,那:

  1. 你有正确的m_ownerElement吗?(即:它是你分配的,同时没有人释放它)
  2. 你有一个正确的object(即:ownerElement->renderer()返回可用的东西)?
  3. 你有一个正确的this对象?有时您可以在无效对象上调用函数。

通常这些是此类问题的主要来源。为您的指针 (m_ownerElementobject) 放置一些打印输出,您将它们分配在哪里以及在哪里使用它们。如果它们不一样,那么您就有错误的原因。

于 2013-05-24T07:28:04.163 回答
1

在某些时候,它会尝试取消引用 0x6628eab0,它不是 NULL,但也不是有效地址(在此地址上没有映射任何内容) - 在我看来 m_ownerElement 没有初始化或以某种方式被垃圾覆盖 - 0x6628ea00

于 2013-05-26T02:01:37.123 回答