问题现象
压力测试骁龙相机,发现camera provicer 进程崩溃。无法正常打开相机,只有重新启动设备。
相关的log:
03-23 08:17:08.592 15634 15634 F DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
03-23 08:17:08.592 15634 15634 F DEBUG : Build fingerprint: 'SEUIC/d520/d520:9/D520.20201117/D520_V0.2.5:userdebug/release-keys'
03-23 08:17:08.592 15634 15634 F DEBUG : Revision: '0'
03-23 08:17:08.592 15634 15634 F DEBUG : ABI: 'arm'
03-23 08:17:08.592 15634 15634 F DEBUG : pid: 720, tid: 15621, name: HwBinder:720_2 >>> /vendor/bin/hw/android.hardware.camera.provider@2.4-service <<<
03-23 08:17:08.592 15634 15634 F DEBUG : signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
03-23 08:17:08.593 15634 15634 F DEBUG : Abort message: 'FORTIFY: FD_SET: file descriptor 1070 >= FD_SETSIZE 128'
03-23 08:17:08.593 15634 15634 F DEBUG : r0 00000000 r1 00003d05 r2 00000006 r3 00000008
03-23 08:17:08.593 15634 15634 F DEBUG : r4 000002d0 r5 00003d05 r6 dda7ba3c r7 0000010c
03-23 08:17:08.593 15634 15634 F DEBUG : r8 0000042e r9 dda7bb38 r10 e11e0856 r11 00000000
03-23 08:17:08.593 15634 15634 F DEBUG : ip ea3a43cc sp dda7ba28 lr ea30f115 pc ea305fde
03-23 08:17:08.595 720 15595 I mm-camera: <IFACE >< INFO> 1792: iface_streamon_to_thread: iface_streamon_to_thread: X, session id = 3, user stream id = 3
03-23 08:17:08.595 720 15595 I mm-camera: <MCT >< INFO> 4301: mct_pipeline_process_set: STREAM-ON success for stream 0x30003, stream type=3
03-23 08:17:08.597 720 15595 I mm-camera: <MCT >< INFO> 4147: mct_pipeline_process_set: command=8000008
03-23 08:17:08.597 720 15595 I mm-camera: <MCT >< INFO> 4286: mct_pipeline_process_set: STREAM-ON on stream 0x30004 stream type=3
03-23 08:17:08.597 15634 15634 F DEBUG :
03-23 08:17:08.597 15634 15634 F DEBUG : backtrace:
03-23 08:17:08.597 720 15595 I mm-camera: <IFACE >< INFO> 1763: iface_streamon_to_thread: iface_streamon_to_thread: E, session id = 3, user stream id = 4
03-23 08:17:08.597 15634 15634 F DEBUG : #00 pc 0001cfde /system/lib/libc.so (abort+58)
03-23 08:17:08.597 15634 15634 F DEBUG : #01 pc 0003da83 /system/lib/libc.so (__fortify_fatal(char const*, ...)+26)
03-23 08:17:08.597 720 15604 I mm-camera: <IFACE >< INFO> 2110: iface_streamon: E, session_id 3 mct_stream_id = 4
03-23 08:17:08.597 15634 15634 F DEBUG : #02 pc 0003d9f1 /system/lib/libc.so (__FD_SET_chk+68)
03-23 08:17:08.597 15634 15634 F DEBUG : #03 pc 00003ac3 /vendor/lib/libthermalclient.so (do_listen+418)
03-23 08:17:08.598 15634 15634 F DEBUG : #04 pc 0007217d /system/lib/libc.so (__pthread_start(void*)+22)
03-23 08:17:08.597 720 15604 I mm-camera: <IFACE >< INFO> 12107: iface_util_get_user_streams_by_bundle: got No.3 bundled streamon, mct stream id 4total bundled stream num = 4
03-23 08:17:08.598 15634 15634 F DEBUG : #05 pc 0001e005 /system/lib/libc.so (__start_thread+24)
03-23 08:17:08.599 720 15595 I mm-camera: <IFACE >< INFO> 1792: iface_streamon_to_thread: iface_streamon_to_thread: X, session id = 3, user stream id = 4
03-23 08:17:08.599 720 15595 I mm-camera: <MCT >< INFO> 4301: mct_pipeline_process_set: STREAM-ON success for stream 0x30004, stream type=3
03-23 08:17:08.600 720 15595 I mm-camera: <MCT >< INFO> 4147: mct_pipeline_process_set: command=8000008
03-23 08:17:08.600 720 15595 I mm-camera: <MCT >< INFO> 4286: mct_pipeline_process_set: STREAM-ON on stream 0x30005 stream type=11
03-23 08:17:08.600 720 15595 I mm-camera: <IFACE >< INFO> 1763: iface_streamon_to_thread: iface_streamon_to_thread: E, session id = 3, user stream id = 5
03-23 08:17:08.602 720 15604 I mm-camera: <IFACE >< INFO> 2110: iface_streamon: E, session_id 3 mct_stream_id = 5
03-23 08:17:08.604 720 15604 I mm-camera: <IFACE >< INFO> 12101: iface_util_get_user_streams_by_bundle: streamon, got all bundled streamon!
03-23 08:17:08.632 720 15604 I mm-camera: <IFACE >< INFO> 2401: iface_streamon: X
03-23 08:17:08.632 720 15595 I mm-camera: <IFACE >< INFO> 1792: iface_streamon_to_thread: iface_streamon_to_thread: X, session id = 3, user stream id = 5
03-23 08:17:08.632 720 15595 I mm-camera: <MCT >< INFO> 4301: mct_pipeline_process_set: STREAM-ON success for stream 0x30005, stream type=11
03-23 08:17:08.665 720 15649 I mm-camera: <ISP >< INFO> 1403: isp_handler_module_handle_reg_update: Warning! Invalid reg_update state 0
03-23 08:17:08.819 720 15609 E mm-camera: <STATS_AF ><ERROR> 4413: af_port_handle_pdaf_stats: Fail to init buf divert ack ctrl
03-23 08:17:08.821 720 15612 E mm-camera: <STATS_AF ><ERROR> 959: af_spd_detect_process: ERROR! SPOT_LIGHT_FLAG =0!!! :AEC_grid = 256, BG_grid = 0, ave luma = 0
03-23 08:17:08.879 720 15603 I mm-camera: <ISP >< INFO> 245: ihist_stats46_stats_config_validate: warning: Invalid IHIST ROI from 3A 0 0 0 0
03-23 08:17:08.907 720 15607 I mm-camera: <CPP >< INFO> 371: cpp_hardware_set_clock: Set clock 256000000 BW avg 157464000 BW inst 157464000
03-23 08:17:08.933 720 15596 I mm-camera: <MCT >< INFO> 1076: mct_controller_send_superparam: Skipping sof (current_frame, kernel_frame)= [5, 5] drop_reconfig 1
03-23 08:17:08.933 720 15596 I mm-camera: <MCT >< INFO> 1319: mct_controller_handle_SOF_proc: (sofdelay,curr_sofdelay) = (0,0) ksof 5, drop_reconf 1, sof 5
03-23 08:17:08.933 720 15596 I mm-camera: <MCT >< INFO> 1346: mct_controller_handle_SOF_proc: Remap pending request by 1, l=0, c=0, reg_update_fail=0
03-23 08:17:08.933 720 15596 I mm-camera: <MCT >< INFO> 1217: mct_stream_update_all_frame_id_by: Delay all frame by 1
03-23 08:17:08.933 720 15596 I mm-camera: <MCT >< INFO> 1209: mct_stream_update_frame_id_by: (fr_num, fr_id) = (801, 6)
03-23 08:17:08.933 720 15596 I mm-camera: <MCT >< INFO> 1209: mct_stream_update_frame_id_by: (fr_num, fr_id) = (802, 7)
03-23 08:17:08.934 720 15596 I mm-camera: <MCT >< INFO> 1209: mct_stream_update_frame_id_by: (fr_num, fr_id) = (803, 8)
03-23 08:17:08.934 720 15609 E mm-camera: <STATS_AF ><ERROR> 4413: af_port_handle_pdaf_stats: Fail to init buf divert ack ctrl
03-23 08:17:08.934 720 15596 I mm-camera: <IFACE >< INFO> 3393: iface_handle_control_sof: skip sent by MCT: 1 skip_frame_id: 5 q_idx: 0 max_apply_delay: 2
03-23 08:17:08.934 720 15596 I mm-camera: <IFACE >< INFO> 12367: iface_util_adjust_paramq: 4. Swap q_idx[1] <--> q_idx[0]
03-23 08:17:08.935 720 15596 E mm-camera: <MCT ><ERROR> 996: mct_controller_proc_bus_msg_internal: Failed to issue SOF cmd to all modules.
03-23 08:17:08.947 4134 15582 I SnapCam_SettingsManager: getInstance: sInstance == null?:false
03-23 08:17:08.947 4134 4134 D SnapCam_FocusStateListe: CONTROL_AF_STATE_INACTIVE clearFocus
通过log,可以知道应该时camera provider 进程,对某些文件fd,没有释放,造成的。
通过 adb
ps -A | grep cam
获取camera provider 进程的pid
通过 ls -l /proc/xxpid/fd 获取对应的fd文件。
lr-x------ 1 cameraserver audio 64 1970-01-01 09:02 210 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:02 211 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:03 212 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:03 213 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:05 214 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:05 215 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:04 216 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:03 217 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:03 218 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:03 219 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:03 220 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:03 221 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:03 222 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:04 223 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:05 224 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:04 225 -> /sys/devices/soc0/soc_id
lr-x------ 1 cameraserver audio 64 1970-01-01 09:04 228 -> /sys/devices/soc0/soc_id
从上面camera provider fd列表可以看出,开启相机过程中,使用了/sys/devices/soc0/soc_id 文件,但是没有close
通过代码查找,发现在vendor/qcom/proprietary/mm-camera/ 中有相关文件使用fd,后没有释放。
修改如下:
fd = open("/sys/devices/soc0/soc_id", O_RDONLY);
if (fd >= 0) {
if (read(fd, buf, sizeof(buf) - 1) == -1) {
SERR("Unable to read soc_id");
} else {
soc_id = atoi(buf);
}
/*jicong.wang modify for bug 16578 start {@*/
close(fd);
/*jicong.wang modify for bug 16578 end @}*/
}
更多推荐
Abort message: ‘FORTIFY: FD_SET: file descriptor 1070 >= FD_SETSIZE 128‘
发布评论