Wednesday, July 21, 2010

G1 bootloader loop, zygote memory access error. signal 11 (SIGSEGV), fault addr

My friend got a G1 and he really love it. he hacked it and load it up with the 2.1. One day, the phone just crashed. and the lovely T-mobile logo appears on the bootup screen and never disappear. then he comes to me for any hints about the crash.

the first thing, I want to check the stacktace, or the logcat.
   then I run “Adb Shell Logcat “ , Get some interesting Loops. basically, the runtime cant start zygote which is the system library process owner.
   the stack looks like this.

I/Zygote  (  764): Preloading classes...
D/dalvikvm(  764): GC freed 793 objects / 50568 bytes in 5ms
D/dalvikvm(  764): GC freed 251 objects / 16168 bytes in 6ms
D/dalvikvm(  764): GC freed 295 objects / 18768 bytes in 7ms
D/dalvikvm(  764): GC freed 214 objects / 13712 bytes in 8ms
D/dalvikvm(  764): GC freed 415 objects / 26552 bytes in 9ms
D/skia    (  764): ------ build_power_table 1.4
D/skia    (  764): ------ build_power_table 0.714286
D/dalvikvm(  764): GC freed 416 objects / 28336 bytes in 10ms
D/dalvikvm(  764): Trying to load lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  764): Added shared lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  764): Trying to load lib /system/lib/libexif.so 0x0
D/dalvikvm(  764): Added shared lib /system/lib/libexif.so 0x0
D/dalvikvm(  764): GC freed 2303 objects / 121184 bytes in 13ms
D/dalvikvm(  764): Trying to load lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  764): Shared lib '/system/lib/libmedia_jni.so' already loaded in same CL 0x0
D/dalvikvm(  764): Trying to load lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  764): Shared lib '/system/lib/libmedia_jni.so' already loaded in same CL 0x0
D/dalvikvm(  764): Trying to load lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  764): Shared lib '/system/lib/libmedia_jni.so' already loaded in same CL 0x0
D/dalvikvm(  764): Trying to load lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  764): Shared lib '/system/lib/libmedia_jni.so' already loaded in same CL 0x0
D/dalvikvm(  764): GC freed 3790 objects / 197016 bytes in 23ms
D/dalvikvm(  764): GC freed 459 objects / 26008 bytes in 21ms
D/dalvikvm(  764): GC freed 303 objects / 17560 bytes in 22ms
D/dalvikvm(  764): GC freed 204 objects / 11448 bytes in 25ms
D/dalvikvm(  764): GC freed 161 objects / 8728 bytes in 26ms
D/dalvikvm(  764): Trying to load lib /system/lib/libsrec_jni.so 0x0
D/dalvikvm(  764): Added shared lib /system/lib/libsrec_jni.so 0x0
D/dalvikvm(  764): Trying to load lib /system/lib/libsrec_jni.so 0x0
D/dalvikvm(  764): Shared lib '/system/lib/libsrec_jni.so' already loaded in same CL 0x0
D/dalvikvm(  764): GC freed 365 objects / 71664 bytes in 28ms
D/dalvikvm(  764): GC freed 790 objects / 48088 bytes in 39ms
D/dalvikvm(  764): GC freed 331 objects / 38184 bytes in 40ms
D/dalvikvm(  764): GC freed 418 objects / 25784 bytes in 41ms
D/dalvikvm(  764): Trying to load lib /system/lib/libwebcore.so 0x0
D/dalvikvm(  764): Added shared lib /system/lib/libwebcore.so 0x0
D/dalvikvm(  764): GC freed 432 objects / 25168 bytes in 42ms
I/DEBUG   (  189): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
I/DEBUG   (  189): Build fingerprint: 'google/passion/passion/mahimahi:2.1-update1/ERE27/24178:user/release-ke
I/DEBUG   (  189): pid: 764, tid: 764  >>> zygote <<<
I/DEBUG   (  189): signal 11 (SIGSEGV), fault addr ef2d002b
I/DEBUG   (  189):  r0 f0b00720  r1 00000002  r2 0000e16c  r3 00000000
I/DEBUG   (  189):  r4 ef2d0023  r5 00000005  r6 00000000  r7 4104ee7c
I/DEBUG   (  189):  r8 ad00f3c0  r9 0000bcf0  10 4104edc0  fp 00000000
I/DEBUG   (  189):  ip ad0800d4  sp be8b47b0  lr ad0277fb  pc ad034514  cpsr a0000030
I/DEBUG   (  189):          #00  pc 00034514  /system/lib/libdvm.so
I/DEBUG   (  189):          #01  pc 00054664  /system/lib/libdvm.so
I/DEBUG   (  189):          #02  pc 00013f98  /system/lib/libdvm.so
I/DEBUG   (  189):          #03  pc 000198e4  /system/lib/libdvm.so
I/DEBUG   (  189):          #04  pc 00018da8  /system/lib/libdvm.so
I/DEBUG   (  189):          #05  pc 0004d850  /system/lib/libdvm.so
I/DEBUG   (  189):          #06  pc 0004d882  /system/lib/libdvm.so
I/DEBUG   (  189):          #07  pc 00034e1c  /system/lib/libdvm.so
I/DEBUG   (  189):          #08  pc 00034bca  /system/lib/libdvm.so
I/DEBUG   (  189):          #09  pc 00034c9c  /system/lib/libdvm.so
I/DEBUG   (  189):          #10  pc 00037270  /system/lib/libdvm.so
I/DEBUG   (  189):          #11  pc 00014120  /system/lib/libdvm.so
I/DEBUG   (  189):          #12  pc 000198e4  /system/lib/libdvm.so
I/DEBUG   (  189):          #13  pc 00018da8  /system/lib/libdvm.so
I/DEBUG   (  189):          #14  pc 0004d850  /system/lib/libdvm.so
I/DEBUG   (  189):          #15  pc 0004d882  /system/lib/libdvm.so
I/DEBUG   (  189):          #16  pc 000583b6  /system/lib/libdvm.so
I/DEBUG   (  189):          #17  pc 00058d9e  /system/lib/libdvm.so
I/DEBUG   (  189):          #18  pc 00052204  /system/lib/libdvm.so
I/DEBUG   (  189):          #19  pc 00054154  /system/lib/libdvm.so
I/DEBUG   (  189):          #20  pc 00013f98  /system/lib/libdvm.so
I/DEBUG   (  189):          #21  pc 000198e4  /system/lib/libdvm.so
I/DEBUG   (  189):          #22  pc 00018da8  /system/lib/libdvm.so
I/DEBUG   (  189):          #23  pc 0004d850  /system/lib/libdvm.so
I/DEBUG   (  189):          #24  pc 0003a774  /system/lib/libdvm.so
I/DEBUG   (  189):          #25  pc 000296f4  /system/lib/libandroid_runtime.so
I/DEBUG   (  189):          #26  pc 0002a3d8  /system/lib/libandroid_runtime.so
I/DEBUG   (  189):          #27  pc 00008cae  /system/bin/app_process
I/DEBUG   (  189):          #28  pc 0000c54a  /system/lib/libc.so
I/DEBUG   (  189):          #29  pc b0001a46  /system/bin/linker
I/DEBUG   (  189):
I/DEBUG   (  189): code around pc:
I/DEBUG   (  189): ad034504 25001c27 683ce009 d1e92c00 3c14e7f8
I/DEBUG   (  189): ad034514 280068a0 3501d000 2c006824 2000d1f7
I/DEBUG   (  189): ad034524 d0332d00 2c009c00 0069d00b 22002049
I/DEBUG   (  189):
I/DEBUG   (  189): code around lr:
I/DEBUG   (  189): ad0277e8 60a06061 1cb160e3 43281c08 f7e71c3a
I/DEBUG   (  189): ad0277f8 2800ea38 f00dd001 b005fe37 46c0bdf0
I/DEBUG   (  189): ad027808 1c04b510 d0052800 f7e76880 1c20ec3a
I/DEBUG   (  189):
I/DEBUG   (  189): stack:
I/DEBUG   (  189):     be8b4770  ad00f3c0  /system/lib/libdvm.so
I/DEBUG   (  189):     be8b4774  0000e160  [heap]
I/DEBUG   (  189):     be8b4778  400cce70  /dev/ashmem/mspace/dalvik-heap/zygote/0 (deleted)
I/DEBUG   (  189):     be8b477c  4000cae8  /dev/ashmem/mspace/dalvik-heap/zygote/0 (deleted)
I/DEBUG   (  189):     be8b4780  00000001
I/DEBUG   (  189):     be8b4784  ad059d49  /system/lib/libdvm.so
I/DEBUG   (  189):     be8b4788  00000000
I/DEBUG   (  189):     be8b478c  4192193d  /data/dalvik-cache/system@framework@core.jar@classes.dex
I/DEBUG   (  189):     be8b4790  00015e50  [heap]
I/DEBUG   (  189):     be8b4794  00000000
I/DEBUG   (  189):     be8b4798  be8b47b8  [stack]
I/DEBUG   (  189):     be8b479c  4104ee64
I/DEBUG   (  189):     be8b47a0  ad07ff50  /system/lib/libdvm.so
I/DEBUG   (  189):     be8b47a4  00000000
I/DEBUG   (  189):     be8b47a8  4104ee50
I/DEBUG   (  189):     be8b47ac  ad034501  /system/lib/libdvm.so
I/DEBUG   (  189): #00 be8b47b0  00000001
I/DEBUG   (  189):     be8b47b4  0000035c
I/DEBUG   (  189):     be8b47b8  00015de8  [heap]
I/DEBUG   (  189):     be8b47bc  be8b4820  [stack]
I/DEBUG   (  189):     be8b47c0  4104ede8
I/DEBUG   (  189):     be8b47c4  be8b4818  [stack]
I/DEBUG   (  189):     be8b47c8  4000cae8  /dev/ashmem/mspace/dalvik-heap/zygote/0 (deleted)
I/DEBUG   (  189):     be8b47cc  ad054669  /system/lib/libdvm.so
I/DEBUG   (  189): #01 be8b47d0  417602c8 /data/dalvik-cache/system@framework@core.jar@classes.dex
I/DEBUG   (  189):     be8b47d4  ad013f9c  /system/lib/libdvm.so
I/ServiceManager(  187): service 'media.audio_flinger' died
I/ServiceManager(  187): service 'media.player' died
I/ServiceManager(  187): service 'media.camera' died
I/ServiceManager(  187): service 'media.audio_policy' died
D/libEGL  (  771): Setting TLS: 0xafe43b74 to 0xac70a2ec
D/libEGL  (  772): Setting TLS: 0xafe43b74 to 0xac70a2ec
D/AndroidRuntime(  772):
D/AndroidRuntime(  772): >>>>>>>>>>>>>> AndroidRuntime START <<<<<<<<<<<<<<
D/AndroidRuntime(  772): CheckJNI is OFF
D/AndroidRuntime(  772): --- registering native functions ---
I/        (  771): ServiceManager: 0xad08
I/HTC Acoustic(  771): libhtc_acoustic.so version 1.0.1.2.
E/HTC Acoustic(  771): Fail to open /system/etc/AudioPara_TMUS.csv -1.
I/HTC Acoustic(  771): open /system/etc/AudioPara4.csv success.
I/HTC Acoustic(  771): acoustic table version: Dream_TMU_20090305
I/HTC Acoustic(  771): read_audio_para_from_file success.
I/HTC Acoustic(  771): get_audpp_filter
I/HTC Acoustic(  771): open /system/etc/AudioFilter.csv success.
I/HTC Acoustic(  771): ADRC Filter ADRC FLAG = ffff.
I/HTC Acoustic(  771): ADRC Filter COMP THRESHOLD = 2600.
I/HTC Acoustic(  771): ADRC Filter COMP SLOPE = b333.
I/HTC Acoustic(  771): ADRC Filter COMP RMS TIME = 106.
I/HTC Acoustic(  771): ADRC Filter COMP ATTACK[0] = 7f7d.
I/HTC Acoustic(  771): ADRC Filter COMP ATTACK[1] = 3096.
I/HTC Acoustic(  771): ADRC Filter COMP RELEASE[0] = 7ff7.
I/HTC Acoustic(  771): ADRC Filter COMP RELEASE[1] = 4356.
I/HTC Acoustic(  771): ADRC Filter COMP DELAY = 16.
I/HTC Acoustic(  771): EQ flag = 00.
I/HTC Acoustic(  771): get_audpre_filter
I/HTC Acoustic(  771): open /system/etc/AudioPreProcess.csv success.
D/AudioHardwareMSM72XX(  771): mNumSndEndpoints = 48
D/AudioHardwareMSM72XX(  771): BT MATCH HANDSET
D/AudioHardwareMSM72XX(  771): BT MATCH SPEAKER
D/AudioHardwareMSM72XX(  771): BT MATCH HEADSET
D/AudioHardwareMSM72XX(  771): BT MATCH BT
D/AudioHardwareMSM72XX(  771): BT MATCH CARKIT
D/AudioHardwareMSM72XX(  771): BT MATCH TTY_FULL
D/AudioHardwareMSM72XX(  771): BT MATCH TTY_VCO
D/AudioHardwareMSM72XX(  771): BT MATCH TTY_HCO
D/AudioHardwareMSM72XX(  771): BT MATCH NO_MIC_HEADSET
D/AudioHardwareMSM72XX(  771): BT MATCH FM_HEADSET
D/AudioHardwareMSM72XX(  771): BT MATCH HEADSET_AND_SPEAKER
D/AudioHardwareMSM72XX(  771): BT MATCH FM_SPEAKER
D/AudioHardwareMSM72XX(  771): BT MATCH BT_EC_OFF
D/AudioHardwareMSM72XX(  771): BT MATCH CURRENT
D/AudioHardwareMSM72XX(  771): BT MATCH BT_EC_OFF
D/AudioHardwareInterface(  771): setMode(NORMAL)
I/AudioHardwareMSM72XX(  771): Set master volume to 5.
I/CameraService(  771): CameraService started: pid=771
I/AudioFlinger(  771): AudioFlinger's thread 0xce98 ready to run
I/AudioHardwareMSM72XX(  771): Routing audio to Speakerphone
D/HTC Acoustic(  771): msm72xx_enable_audpp: 0x0001
D/AudioHardwareMSM72XX(  771): setVoiceVolume(1.000000)
I/AudioHardwareMSM72XX(  771): Setting in-call volume to 5 (available range is 0 to 5)
I/SamplingProfilerIntegration(  772): Profiler is disabled.
I/Zygote  (  772): Preloading classes...
D/dalvikvm(  772): GC freed 793 objects / 50568 bytes in 6ms
D/dalvikvm(  772): GC freed 251 objects / 16168 bytes in 6ms
D/dalvikvm(  772): GC freed 295 objects / 18768 bytes in 7ms
D/dalvikvm(  772): GC freed 214 objects / 13712 bytes in 8ms
D/dalvikvm(  772): GC freed 415 objects / 26552 bytes in 9ms
D/skia    (  772): ------ build_power_table 1.4
D/skia    (  772): ------ build_power_table 0.714286
D/dalvikvm(  772): GC freed 416 objects / 28336 bytes in 10ms
D/dalvikvm(  772): Trying to load lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  772): Added shared lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  772): Trying to load lib /system/lib/libexif.so 0x0
D/dalvikvm(  772): Added shared lib /system/lib/libexif.so 0x0
D/dalvikvm(  772): GC freed 2303 objects / 121184 bytes in 13ms
D/dalvikvm(  772): Trying to load lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  772): Shared lib '/system/lib/libmedia_jni.so' already loaded in same CL 0x0
D/dalvikvm(  772): Trying to load lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  772): Shared lib '/system/lib/libmedia_jni.so' already loaded in same CL 0x0
D/dalvikvm(  772): Trying to load lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  772): Shared lib '/system/lib/libmedia_jni.so' already loaded in same CL 0x0
D/dalvikvm(  772): Trying to load lib /system/lib/libmedia_jni.so 0x0
D/dalvikvm(  772): Shared lib '/system/lib/libmedia_jni.so' already loaded in same CL 0x0
D/dalvikvm(  772): GC freed 3790 objects / 197016 bytes in 23ms
D/dalvikvm(  772): GC freed 459 objects / 26008 bytes in 21ms
D/dalvikvm(  772): GC freed 303 objects / 17560 bytes in 22ms
D/dalvikvm(  772): GC freed 204 objects / 11448 bytes in 25ms
D/dalvikvm(  772): GC freed 161 objects / 8728 bytes in 26ms
D/dalvikvm(  772): Trying to load lib /system/lib/libsrec_jni.so 0x0
D/dalvikvm(  772): Added shared lib /system/lib/libsrec_jni.so 0x0
D/dalvikvm(  772): Trying to load lib /system/lib/libsrec_jni.so 0x0
D/dalvikvm(  772): Shared lib '/system/lib/libsrec_jni.so' already loaded in same CL 0x0
D/dalvikvm(  772): GC freed 365 objects / 71664 bytes in 28ms
D/dalvikvm(  772): GC freed 790 objects / 48088 bytes in 39ms
D/dalvikvm(  772): GC freed 331 objects / 38184 bytes in 40ms

a typical memory access error. how it comes?
then run the strace, see any hints

/system/bin/strace –ff –f –t –s 100 –o /dev/null /init
  get IO error

strace -ff -F -tt -s 200 -o /dev/null /init
umovestr: I/O error
umovestr: I/O error
umovestr: I/O error
umovestr: I/O error
umovestr: I/O error
umovestr: I/O error
umovestr: I/O error

I/O error is also a typical error. either caused by physical malfunction, either by code logic.
try switched one new SD card and format it, No luck. that might mean physical disk is good.
then how the code logic.

from the first stacktrace, the jar has been compied and cached to .dex. /data/dalvik-cache/system@framework@core.jar@classes.dex
can I just ask the runtime to recompile the dex.

wipe out those cache.
run “rm –rf /data/dalvik-cache/*.dex”
then “reboot”

error gone, everything works. Applause!
to be safe, I change the acl of thos dex to 111, noboday can override the existing correct dex file.

Posted by Ryan at 5:52 PM
Labels:

1 comment:

Punareay said...

Hello

My phone has similar problem. can tell me how to do it? i see u rund ADB shell but i try connect via USB but it show nothing. please tell me the way to connect it.

April 24, 2011 at 9:42 PM

Post a Comment

Subscribe to: Post Comments (Atom)
 
Locations of visitors to this page