收到RECEIVE_REQ_MSG消息时会执行下面的代码,这里因为某种原因m_receiverSlaverController的值仍为NULL,并没有指向具体的CReceiverSlaverController类。执行到ReceiveHandler函数时,在ReceiveHandler函数中,会通过CReceiverSlaverController类的成员变量m_measurementAgent(类型为Agent类)调用Agent类的成员函数handleMessage,然后在ReceiveHandler函数中发生了访问非法内存0xE8A4的异常。
这是因为:在执行m_receiverSlaverController->ReceiveHandler时,虽然m_receiverSlaverController指针的值为NULL,但由于类的成员函数是所有类对象的共享代码,所以通过空指针m_receiverSlaverController是可以调用ReceiveHandler函数的(经查看汇编代码,调用该函数时,地址是写死的),但在执行到ReceiveHandler内部的代码时出现了问题,这是因为在ReceiveHandler函数中,获取类CReceiverSlaverController的成员变量m_measurementAgent地址的办法是从m_receiverSlaverController处(实际上就是类第一个成员变量m_srioInterface所在地址处)偏移0xE8A4得到,因为m_receiverSlaverController为空,所以计算得到的m_measurementAgent地址就是0xE8A4,所以从地址0xE8A4处读取m_measurementAgent的值会出问题,这涉及了读取非法内存0xE8A4的操作,所以TI DSP CPU的L1D内存控制器会检测到该非法访问,并通过EXCEPTION机制上报该错误。
case RECEIVE_REQ_MSG:
{
m_receiverSlaverController->ReceiveHandler(&messagePointer);
//m_receiverSlaverController为类CReceiverSlaverController指针
break;
}
... ....
void CReceiverSlaverController::ReceiveHandler(void** ninja_message)
{
m_measurementAgent->handleMessage(ninja_message);
}
类CReceiverSlaverController:
class CPuschReceiverSlaverController
{
public:
......................
void ReceiveHandler(void** ninja_message);
......................
private:
void *m_srioInterface;
......................
Agent *m_measurementAgent; //该成员变量相对于类第一个成员变量m_srioInterface的偏移为0xE8A4. Agent为类的类型.
......................
}
非法内存读的上报log:
FATAL EXCEPTION Nid:0x1271 TYPE:EXTERNAL:[0xEA07A]CpuL1DMemoryProtectionFault Violated memory address(L1DMPFAR):0x0000E8A4Local access type:supervisor read **
021817 17.06 17:47:03.421 [192.168.255.1] ** FATAL APPLICATION ERROR Nid:0x1271 Total count of exceptions INT:0 EXT:1 OTHER:0 Current program address(NRP):0x820F4024 (该地址是进入EXCEPTION代码之前保存的返回地址,该地址就是handleMessage函数某条指令的地址)**
DSP开发中遇到的问题 - 类指针未初始化后果,布布扣,bubuko.com
原文:http://blog.csdn.net/yiyeguzhou100/article/details/37611223