android - 为什么我在 android 11 上的一些 .so 文件会因 segv_maperr 而崩溃?
问题描述
我正在将 Yamagi Quake II 引擎移植到 Android 上。游戏有不同版本的游戏逻辑的 .so 文件,它使用 dlopen() 为不同的 mod 打开。主游戏逻辑的 .so 工作正常,游戏可玩且一切正常,但任何 mod 的所有 .so 文件都会因分段错误“SEGV_MAPERR”而崩溃。他们似乎在访问移植游戏的 .so 中的内存时会这样做,main() 函数就在其中。这是一个示例段错误:
04-03 01:52:42.979 25861 25889 F libc : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x6ae54822b5f32a in tid 25889 (SDLThread), pid 25861 (SDLActivity)
04-03 01:52:43.040 25936 25936 I crash_dump64: obtaining output fd from tombstoned, type: kDebuggerdTombstone
04-03 01:52:43.040 917 917 I tombstoned: received crash request for pid 25889
04-03 01:52:43.041 25936 25936 I crash_dump64: performing dump of process 25861 (target tid = 25889)
04-03 01:52:43.056 25936 25936 F DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
04-03 01:52:43.056 25936 25936 F DEBUG : Build fingerprint: 'google/taimen/taimen:11/RP1A.201005.004.A1/6934943:user/release-keys'
04-03 01:52:43.057 25936 25936 F DEBUG : Revision: 'rev_10'
04-03 01:52:43.057 25936 25936 F DEBUG : ABI: 'arm64'
04-03 01:52:43.057 25936 25936 F DEBUG : Timestamp: 2021-04-03 01:52:43-0700
04-03 01:52:43.057 25936 25936 F DEBUG : pid: 25861, tid: 25889, name: SDLThread >>> org.echoline.quake2vr <<<
04-03 01:52:43.057 25936 25936 F DEBUG : uid: 10366
04-03 01:52:43.057 25936 25936 F DEBUG : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x6ae54822b5f32a
04-03 01:52:43.057 25936 25936 F DEBUG : x0 0000006db0f0b508 x1 0000006d5191cf90 x2 0000006d5191ad38 x3 0000000000000400
04-03 01:52:43.058 25936 25936 F DEBUG : x4 0000000000000001 x5 0000006d5191ce24 x6 5f726574736e6f6d x7 6e69207265796c66
04-03 01:52:43.058 25936 25936 F DEBUG : x8 a96ae54822b5f10a x9 0000000000000000 x10 0000000000000001 x11 0000000000000000
04-03 01:52:43.058 25936 25936 F DEBUG : x12 0000006d556bd2d8 x13 0000006d556bd2e0 x14 0000006d556bd2dc x15 0000000000000000
04-03 01:52:43.058 25936 25936 F DEBUG : x16 0000006db1100c88 x17 0000006db1095110 x18 0000006d5168c000 x19 0000006f30912760
04-03 01:52:43.058 25936 25936 F DEBUG : x20 0000000000000000 x21 0000006f30912760 x22 0000006d5191f000 x23 0000006f30912818
04-03 01:52:43.058 25936 25936 F DEBUG : x24 0000006dacf08b28 x25 0000006d5191f000 x26 000000000000000b x27 0000000000000003
04-03 01:52:43.058 25936 25936 F DEBUG : x28 0000006d5191dec0 x29 0000006d5191de60
04-03 01:52:43.058 25936 25936 F DEBUG : lr 0000006db10956a4 sp 0000006d5191cea0 pc 0000006db10951a8 pst 0000000060000000
04-03 01:52:43.178 25936 25936 F DEBUG : backtrace:
04-03 01:52:43.178 25936 25936 F DEBUG : #00 pc 000000000008c1a8 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libxatrix.so (SV_Impact+152) (BuildId: c0666b981714b52d06244557ae02680180ed4a6e)
04-03 01:52:43.178 25936 25936 F DEBUG : #01 pc 000000000008c6a0 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libxatrix.so (SV_FlyMove+740) (BuildId: c0666b981714b52d06244557ae02680180ed4a6e)
04-03 01:52:43.178 25936 25936 F DEBUG : #02 pc 000000000008ee9c /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libxatrix.so (SV_Physics_Step+1408) (BuildId: c0666b981714b52d06244557ae02680180ed4a6e)
04-03 01:52:43.178 25936 25936 F DEBUG : #03 pc 000000000008f114 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libxatrix.so (G_RunEntity+188) (BuildId: c0666b981714b52d06244557ae02680180ed4a6e)
04-03 01:52:43.178 25936 25936 F DEBUG : #04 pc 000000000007f168 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libxatrix.so (G_RunFrame+460) (BuildId: c0666b981714b52d06244557ae02680180ed4a6e)
04-03 01:52:43.178 25936 25936 F DEBUG : #05 pc 00000000000e9e68 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (SV_SpawnServer+1724) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #06 pc 00000000000eaaac /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (SV_Map+1212) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #07 pc 00000000000e3ed4 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (SV_GameMap_f+980) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #08 pc 000000000003b624 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (Cmd_ExecuteString+248) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #09 pc 000000000003ba58 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (Cbuf_Execute+872) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #10 pc 000000000009bd70 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (CL_Frame+496) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #11 pc 00000000000499b0 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (Qcommon_Frame+1896) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #12 pc 0000000000049238 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (Qcommon_Mainloop+128) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #13 pc 0000000000049f60 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (Qcommon_Init+1056) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #14 pc 000000000007d2d0 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (android_main+880) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #15 pc 0000000000039b7c /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (Quake2VR::RunMain()+108) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #16 pc 0000000000039e28 /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/lib/arm64/libyquake2.so (Java_org_echoline_quake2vr_VrActivity_nativeRunMain+32) (BuildId: de1c9afc174fd9682507fe91f60d40e0a6e7b94a)
04-03 01:52:43.178 25936 25936 F DEBUG : #17 pc 000000000013ced4 /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+148) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #18 pc 0000000000133564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #19 pc 00000000001a97e8 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #20 pc 000000000031c040 /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #21 pc 0000000000312228 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+912) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #22 pc 0000000000687d48 /apex/com.android.art/lib64/libart.so (MterpInvokeDirect+576) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #23 pc 000000000012d914 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_direct+20) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #24 pc 000000000002b258 [anon:dalvik-classes2.dex extracted in memory from /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/base.apk!classes2.dex] (org.echoline.quake2vr.VrActivity.runMain+4)
04-03 01:52:43.178 25936 25936 F DEBUG : #25 pc 0000000000685960 /apex/com.android.art/lib64/libart.so (MterpInvokeVirtual+1520) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #26 pc 000000000012d814 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #27 pc 0000000000032034 [anon:dalvik-classes2.dex extracted in memory from /data/app/~~Q7zwr4Li-ZW5yB6WRYqMcA==/org.echoline.quake2vr-B5lP4sN79slxuQs1aCBzFQ==/base.apk!classes2.dex] (org.libsdl.app.SDLMain.run+76)
04-03 01:52:43.178 25936 25936 F DEBUG : #28 pc 00000000006873a4 /apex/com.android.art/lib64/libart.so (MterpInvokeInterface+1812) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #29 pc 000000000012da14 /apex/com.android.art/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #30 pc 00000000000eb7d0 /apex/com.android.art/javalib/core-oj.jar (java.lang.Thread.run+8)
04-03 01:52:43.178 25936 25936 F DEBUG : #31 pc 00000000003094d0 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.7618685802058321727)+264) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #32 pc 00000000006740c0 /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+776) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #33 pc 000000000013cff8 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #34 pc 0000000000133564 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #35 pc 00000000001a97e8 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #36 pc 000000000055c384 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithJValues<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, jvalue const*)+460) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #37 pc 00000000005ac204 /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1308) (BuildId: d0f321775158ed00df284edfabf672b6)
04-03 01:52:43.178 25936 25936 F DEBUG : #38 pc 00000000000b0758 /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+64) (BuildId: c78cdff5b820a550771130d6bde95081)
04-03 01:52:43.178 25936 25936 F DEBUG : #39 pc 0000000000050150 /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: c78cdff5b820a550771130d6bde95081)
SV_Impact 的代码是:
/*
* Two entities have touched, so
* run their touch functions
*/
void
SV_Impact(edict_t *e1, trace_t *trace)
{
edict_t *e2;
if (!e1 || !trace)
{
return;
}
e2 = trace->ent;
if (e1->touch && (e1->solid != SOLID_NOT))
{
e1->touch(e1, e2, &trace->plane, trace->surface);
}
if (e2->touch && (e2->solid != SOLID_NOT))
{
e2->touch(e2, e1, NULL, NULL);
}
}
跟踪结构是从主游戏 yquake2.so 返回的,调用 e2->touch() 时应用程序似乎崩溃了
我认为它可能与 RTLD_LOCAL 而不是 RTLD_GLOBAL 有关,但即使使用 dlopen(..., RTLD_NOW|RTLD_GLOBAL) 加载所有内容似乎也会崩溃
解决方案
推荐阅读
- node.js - 为什么 Postman 在我的 React 应用程序中接收到 express session cookie 但没有接收到我的 post 请求
- ffi - Nim 从 C 头文件导入 typedef
- sql - Redshift 中日期值之间的重复行
- php - PHP:使用套接字身份验证连接到 MySQL
- mysql - 如何增强 JavaFx-MySQL 应用程序的性能
- angular - 中途停止加载组件
- javascript - v-html 的样式在 vue.js 上覆盖了整个应用的样式
- r - 使用前一个方位的 destPoint 查找方位
- rendering - 无法在 3D 场景中引入粒子系统
- c# - 无法在 JetBrains Rider 的物理 iOS 设备上部署 Xamarin 应用程序