在調(diào)試Wifi時,,一旦開始搜索Wifi,系統(tǒng)就會down掉,,打開debug信息,,發(fā)現(xiàn)如下內(nèi)容
I/ActivityManager( 825): Starting activity: Intent { act=android.intent.action.MAIN cmp=com.android.settings/.wifi.WifiSettings }
D/dalvikvm( 893): GC freed 3772 objects / 231344 bytes in 79ms
D/SettingsWifiEnabler( 893): Received wifi state changed from Enabling to Enabled
I/ActivityManager( 825): Displayed activity com.android.settings/.wifi.WifiSettings: 707 ms (total 707 ms)
I/wpa_supplicant( 966): CTRL-EVENT-SCAN-RESULTS Ready
V/WifiStateTracker( 825): Connection to supplicant established, state=SCANNING
D/NetworkStateTracker( 825): setDetailed state, old =IDLE and new state=SCANNING
D/ConnectivityService( 825): ConnectivityChange for WIFI: DISCONNECTED/SCANNING
D/DataConnectionTracker( 875): enableApnType(default), isApnTypeActive = false and state = IDLE
I/wpa_supplicant( 966): CTRL-EVENT-SCAN-RESULTS Ready
W/dalvikvm( 825): JNI WARNING: illegal start byte 0xb3
W/dalvikvm( 825): string: 'bssid / frequency / signal level / flags / ssid
W/dalvikvm( 825): 00:10:18:00:00:b6 2437 171 wireless
W/dalvikvm( 825): 02:2c:7c:04:c7:01 2437 169 [IBSS] WZD-成人教育學(xué)院'
W/dalvikvm( 825): in Landroid/net/wifi/WifiNative;.scanResultsCommand ()Ljava/lang/String; (NewStringUTF)
I/dalvikvm( 825): "Binder Thread #5" prio=5 tid=63 NATIVE
I/dalvikvm( 825): | group="main" sCount=0 dsCount=0 s=N obj=0x43a5ea30 self=0x3b1178
I/dalvikvm( 825): | sysTid=911 nice=0 sched=0/0 cgrp=unknown handle=3871032
I/dalvikvm( 825): at android.net.wifi.WifiNative.scanResultsCommand(Native Method)
I/dalvikvm( 825): at com.android.server.WifiService.getScanResults(WifiService.java:1050)
I/dalvikvm( 825): at android.net.wifi.IWifiManager$Stub.onTransact(IWifiManager.java:126)
I/dalvikvm( 825): at android.os.Binder.execTransact(Binder.java:287)
I/dalvikvm( 825): at dalvik.system.NativeStart.run(Native Method)
I/dalvikvm( 825):
E/dalvikvm( 825): VM aborting
I/DEBUG ( 811): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
I/DEBUG ( 811): Build fingerprint: 'ky6410/ky6410/ky6410/:2.1-update1/ECLAIR/eng.kyon.20100609.214617:eng/test-keys'
I/DEBUG ( 811): pid: 825, tid: 911 >>> system_server <<<
I/DEBUG ( 811): signal 11 (SIGSEGV), fault addr deadd00d
I/DEBUG ( 811): r0 00000328 r1 afe1332d r2 0000000c r3 deadd00d
I/DEBUG ( 811): r4 00000026 r5 47f6ab74 r6 000000c0 r7 fffe6184
I/DEBUG ( 811): r8 47f6bb90 r9 46215ef8 10 46215ee4 fp 003b1108
I/DEBUG ( 811): ip ad07f14c sp 47f6ab18 lr afe142e9 pc ad035006 cpsr 20000030
I/DEBUG ( 811): #00 pc 00035006 /system/lib/libdvm.so
I/DEBUG ( 811): #01 pc 00027698 /system/lib/libdvm.so
I/DEBUG ( 811): #02 pc 00028220 /system/lib/libdvm.so
I/DEBUG ( 811): #03 pc 00028298 /system/lib/libdvm.so
I/DEBUG ( 811): #04 pc 0003595a /system/lib/libandroid_runtime.so
I/DEBUG ( 811): #05 pc 00035d54 /system/lib/libandroid_runtime.so
I/DEBUG ( 811): #06 pc 00035d92 /system/lib/libandroid_runtime.so
I/DEBUG ( 811): #07 pc 0000ef74 /system/lib/libdvm.so
I/DEBUG ( 811): #08 pc 00037b28 /system/lib/libdvm.so
I/DEBUG ( 811): #09 pc 000311f2 /system/lib/libdvm.so
I/DEBUG ( 811): #10 pc 00013c88 /system/lib/libdvm.so
I/DEBUG ( 811): #11 pc 00019588 /system/lib/libdvm.so
I/DEBUG ( 811): #12 pc 00018a5c /system/lib/libdvm.so
I/DEBUG ( 811): #13 pc 0004d1ee /system/lib/libdvm.so
具體錯誤在
W/dalvikvm( 825): in Landroid/net/wifi/WifiNative;.scanResultsCommand ()Ljava/lang/String; (NewStringUTF)
這句提交了一個illegal的UTF8字符
Google半天,大意為Google的UTF8是經(jīng)過修改過的,,對一些UTF8字符不兼容,。
在dalvik/vm/checkjni.c中做判斷
/*
* Verify that "bytes" points to valid "modified UTF-8" data.
*/
static void checkUtfString(JNIEnv* env, const char* bytes, bool nullOk,
const char* func)
{
const char* origBytes = bytes;
if (bytes == NULL) {
if (!nullOk) {
LOGW("JNI WARNING: unexpectedly null UTF string/n");
goto fail;
}
return;
}
while (*bytes != '/0') {
u1 utf8 = *(bytes++);
// Switch on the high four bits.
switch (utf8 >> 4) {
case 0x00:
case 0x01:
case 0x02:
case 0x03:
case 0x04:
case 0x05:
case 0x06:
case 0x07: {
// Bit pattern 0xxx. No need for any extra bytes.
break;
}
case 0x08:
case 0x09:
case 0x0a:
case 0x0b:
case 0x0f: {
/*
* Bit pattern 10xx or 1111, which are illegal start bytes.
* Note: 1111 is valid for normal UTF-8, but not the
* modified UTF-8 used here.
*/
LOGW("JNI WARNING: illegal start byte 0x%x/n", utf8);
goto fail;
}
case 0x0e: {
// Bit pattern 1110, so there are two additional bytes.
utf8 = *(bytes++);
if ((utf8 & 0xc0) != 0x80) {
LOGW("JNI WARNING: illegal continuation byte 0x%x/n", utf8);
goto fail;
}
// Fall through to take care of the final byte.
}
case 0x0c:
case 0x0d: {
// Bit pattern 110x, so there is one additional byte.
utf8 = *(bytes++);
if ((utf8 & 0xc0) != 0x80) {
LOGW("JNI WARNING: illegal continuation byte 0x%x/n", utf8);
goto fail;
}
break;
}
}
}
return;
fail:
LOGW(" string: '%s'/n", origBytes);
showLocation(dvmGetCurrentJNIMethod(), func);
abortMaybe();
}
如果出現(xiàn)非法的UTF8字符就掛掉,這個也太狠了吧。
繼續(xù)追蹤根源,,非法UTF8字符提交來自/frameworks/base/core/jni/android_net_wifi_Wifi.cpp的函數(shù)
// Send a command to the supplicant, and return the reply as a String
static jstring doStringCommand(JNIEnv *env, const char *cmd)
{
char reply[4096];
if (doCommand(cmd, reply, sizeof(reply)) != 0) {
return env->NewStringUTF(NULL);
} else {
return env->NewStringUTF(reply);
}
}
網(wǎng)上提出的解決方案是將非法頭字符修正為“,?”,將其他非法字符修正為“0x80”,,patch后的函數(shù)如下:
// Send a command to the supplicant, and return the reply as a String
static jstring doStringCommand(JNIEnv *env, const char *cmd)
{
char reply[4096];
char* bytes;
if (doCommand(cmd, reply, sizeof(reply)) != 0) {
return env->NewStringUTF(NULL);
} else {
// Make sure reply only contains valid UTF-8 Characters
// This is borrowed from CheckJni.c
bytes = reply;
while (*bytes != '/0')
{
char utf8 = *bytes;
switch (utf8 >> 4) {
case 0x00:
case 0x01:
case 0x02:
case 0x03:
case 0x04:
case 0x05:
case 0x06:
case 0x07:
{
// Bit pattern 0xxx. No need for any extra bytes.
break;
}
case 0x08:
case 0x09:
case 0x0a:
case 0x0b:
case 0x0f:
{
/*
* Bit pattern 10xx or 1111, which are illegal start bytes.
* Note: 1111 is valid for normal UTF-8, but not the
* modified UTF-8 used here. + */
LOGW("JNI WARNING: illegal start byte 0x%x, changing to '?'/n", utf8);
//return env->NewStringUTF("AP"); //modify by rockie
*bytes = '?';
}
case 0x0e: {
// Bit pattern 1110, so there are two additional bytes.
utf8 = *(++bytes);
if ((utf8 & 0xc0) != 0x80) {
LOGW("JNI WARNING: illegal continuation byte 0x%x, changing to 0x80./n", utf8);
*bytes = 0x80;
}
// Fall through to take care of the final byte.
}
case 0x0c:
case 0x0d: {
// Bit pattern 110x, so there is one additional byte.
utf8 = *(++bytes);
if ((utf8 & 0xc0) != 0x80) {
LOGW("JNI WARNING: illegal continuation byte 0x%x, changing to 0x80./n", utf8);
*bytes = 0x80;
}
break;
}
}
bytes++;
}
return env->NewStringUTF(reply);
}
}
非常不解的是,,patch后還是會有漏網(wǎng)的錯誤字符被提交到checkjni.c,導(dǎo)致系統(tǒng)掛掉
D/wpa_supplicant( 976): Setting scan request: 5 sec 0 usec
W/wifi ( 826): JNI WARNING: illegal start byte 0xb3, changing to '?'
W/wifi ( 826): JNI WARNING: illegal continuation byte 0xc9, changing to 0x80.
W/wifi ( 826): JNI WARNING: illegal continuation byte 0xc8, changing to 0x80.
W/wifi ( 826): JNI WARNING: illegal continuation byte 0xd3, changing to 0x80.
W/wifi ( 826): JNI WARNING: illegal start byte 0xfd, changing to '?'
W/wifi ( 826): JNI WARNING: illegal continuation byte 0xd1, changing to 0x80.
W/dalvikvm( 826): JNI WARNING by rockie : illegal start byte 0x80, changing to '?'
W/dalvikvm( 826): JNI WARNING: illegal continuation byte 0xcb
W/dalvikvm( 826): string: 'bssid / frequency / signal level / flags / ssid
W/dalvikvm( 826): 00:21:91:6f:f1:f2 2437 205 dlink
W/dalvikvm( 826): 00:10:18:00:00:b6 2437 175 wireless
W/dalvikvm( 826): 02:2c:7c:04:c7:01 2437 169 [IBSS] WZD-? 私虁? г?
W/dalvikvm( 826): in Landroid/net/wifi/WifiNative;.scanResultsCommand ()Ljava/lang/String; (NewStringUTF)
I/dalvikvm( 826): "Binder Thread #6" prio=5 tid=67 NATIVE
I/dalvikvm( 826): | group="main" sCount=0 dsCount=0 s=N obj=0x43a15cb8 self=0x3d68f0
I/dalvikvm( 826): | sysTid=951 nice=0 sched=0/0 cgrp=unknown handle=4069976
I/dalvikvm( 826): at android.net.wifi.WifiNative.scanResultsCommand(Native Method)
I/dalvikvm( 826): at com.android.server.WifiService.getScanResults(WifiService.java:1050)
I/dalvikvm( 826): at android.net.wifi.IWifiManager$Stub.onTransact(IWifiManager.java:126)
I/dalvikvm( 826): at android.os.Binder.execTransact(Binder.java:287)
I/dalvikvm( 826): at dalvik.system.NativeStart.run(Native Method)
I/dalvikvm( 826):
E/dalvikvm( 826): VM aborting
I/DEBUG ( 811): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
I/DEBUG ( 811): Build fingerprint: 'ky6410/ky6410/ky6410/:2.1-update1/ECLAIR/eng.kyon.20100714.175405:eng/test-keys'
I/DEBUG ( 811): pid: 826, tid: 951 >>> system_server <<<
I/DEBUG ( 811): signal 11 (SIGSEGV), fault addr deadd00d
I/DEBUG ( 811): r0 00000328 r1 afe1332d r2 0000000c r3 deadd00d
I/DEBUG ( 811): r4 00000026 r5 fffe6184 r6 47f44b6c r7 fffe6184
I/DEBUG ( 811): r8 47f45b90 r9 438f3ef8 10 438f3ee4 fp 003e1a28
I/DEBUG ( 811): ip ad07f14c sp 47f44b08 lr afe142e9 pc ad035006 cpsr 20000030
I/DEBUG ( 811): #00 pc 00035006 /system/lib/libdvm.so
I/DEBUG ( 811): #01 pc 00027698 /system/lib/libdvm.so
I/DEBUG ( 811): #02 pc 00028222 /system/lib/libdvm.so
I/DEBUG ( 811): #03 pc 0002829c /system/lib/libdvm.so
最后,,小改下checkjni.c,,注釋掉goto fail。
不過,,會不會有后遺癥,?
