Navicat连接数据库后密码找回【亲测有效】 首先从文件—>导出连接打开在线运行工具 https://tool.lu/coderunner/,运行以下代码：<?php namespace FatSmallTools; class NavicatPassword { protected $version = 0; protected $aesKey = 'libcckeylibcckey'; protected $aesIv = 'libcciv libcciv '; protected $blowString = '3DC5CA39'; protected $blowKey = null; protected $blowIv = null; public function __construct($version = 12) { $this->version = $version; $this->blowKey = sha1('3DC5CA39', true); $this->blowIv = hex2bin('d9c7c3c8870d64bd'); } public function encrypt($string){ $result = FALSE; switch ($this->version) { case 11: $result = $this->encryptEleven($string); break; case 12: $result = $this->encryptTwelve($string); break; default: break; } return $result; } protected function encryptEleven($string){ $round = intval(floor(strlen($string) / 8)); $leftLength = strlen($string) % 8; $result = ''; $currentVector = $this->blowIv; for ($i = 0; $i < $round; $i++) { $temp = $this->encryptBlock($this->xorBytes(substr($string, 8 * $i, 8), $currentVector)); $currentVector = $this->xorBytes($currentVector, $temp); $result .= $temp; } if ($leftLength) { $currentVector = $this->encryptBlock($currentVector); $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector); } return strtoupper(bin2hex($result)); } protected function encryptBlock($block){ return openssl_encrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA|OPENSSL_NO_PADDING); } protected function decryptBlock($block) { return openssl_decrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA|OPENSSL_NO_PADDING); } protected function xorBytes($str1, $str2) { $result = ''; for ($i = 0; $i < strlen($str1); $i++) { $result .= chr(ord($str1[$i]) ^ ord($str2[$i])); } return $result; } protected function encryptTwelve($string) { $result = openssl_encrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv); return strtoupper(bin2hex($result)); } public function decrypt($string) { $result = FALSE; switch ($this->version) { case 11: $result = $this->decryptEleven($string); break; case 12: $result = $this->decryptTwelve($string); break; default: break; } return $result; } protected function decryptEleven($upperString) { $string = hex2bin(strtolower($upperString)); $round = intval(floor(strlen($string) / 8)); $leftLength = strlen($string) % 8; $result = ''; $currentVector = $this->blowIv; for ($i = 0; $i < $round; $i++) { $encryptedBlock = substr($string, 8 * $i, 8); $temp = $this->xorBytes($this->decryptBlock($encryptedBlock), $currentVector); $currentVector = $this->xorBytes($currentVector, $encryptedBlock); $result .= $temp; } if ($leftLength) { $currentVector = $this->encryptBlock($currentVector); $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector); } return $result; } protected function decryptTwelve($upperString) { $string = hex2bin(strtolower($upperString)); return openssl_decrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv); } } use FatSmallTools\NavicatPassword; //需要指定版本，11或12 11查不到就用12 //$navicatPassword = new NavicatPassword(12); $navicatPassword = new NavicatPassword(15); //解密 $decode = $navicatPassword->decrypt('your-navicat-password'); echo $decode."\n"; 3.将导出的加密密码替换致“your-navicat-password”,如： $decode = $navicatPassword->decrypt('999111155556666777788889999ABCDEF');

Nginx日志文件太大，如何清理 我通过以下命令找出大于1G的文件find / -type f -size +1000000k | xargs ls -lat发现nginx的access.log日志文件很大，如何清理呢，以下三种方式：以一个空文件替换该文件 ，既不需要重启，又不需要切换配置文件cat /dev/null > access.log 进入到nginx 的logs文件夹下，输入truncate清空access.log文件truncate -s 0 access.log 备注： truncate命令可以将一个文件缩小或者扩展到某个给定的大小可以利用该命令和-s选项来特别指定文件的大小删除access.log 文件 并重启nginx

是什么杀死了我的进程 dmesg -T| grep -E -i -B100 'killed process'其中-B100表示杀死发生之前的行数。在 Mac 操作系统上省略-T 。

docker常用命令 查看容器，-a查看所有docker ps进入容器docker exec -it 容器id /bin/shdocker-compose重启docker-compose -f your_compose.yaml restart 容器id查看容器日志：docker logs -f 容器找其中包含某些内容docker logs 容器名字或者 ID 2>&1 | grep xxx如果需要导出日志文件，可以# grep 的 -i 表示不区分大小写 docker inspect 容器名字或者ID | grep -i logpathinspect查询容器信息// 查询挂载信息 docker inspect 容器id | grep Mounts -A 100重启容器：docker restart 容器id

查询数据库大小 查询所有数据库的总大小查询数据库大小：use information_schema; select concat(round(sum(DATA_LENGTH/1024/1024),2),'MB') as data from TABLES;统计一下所有库数据量 每张表数据量=AVG_ROW_LENGTH*TABLE_ROWS+INDEX_LENGTHSELECT SUM(AVG_ROW_LENGTH*TABLE_ROWS+INDEX_LENGTH)/1024/1024 AS total_mb FROM information_schema.TABLES 统计每个库大小：SELECT table_schema,SUM(AVG_ROW_LENGTH*TABLE_ROWS+INDEX_LENGTH)/1024/1024 AS total_mb FROM information_schema.TABLES group by table_schema; 查看指定数据库的大小use information_schema; select concat(round(sum(DATA_LENGTH/1024/1024),2),'MB') as data from TABLES where table_schema='test';1.查看所有数据库各容量大小select table_schema as '数据库', sum(table_rows) as '记录数', sum(truncate(data_length/1024/1024, 2)) as '数据容量(MB)', sum(truncate(index_length/1024/1024, 2)) as '索引容量(MB)' from information_schema.tables group by table_schema order by sum(data_length) desc, sum(index_length) desc;2.查看所有数据库各表容量大小select table_schema as '数据库', table_name as '表名', table_rows as '记录数', truncate(data_length/1024/1024, 2) as '数据容量(MB)', truncate(index_length/1024/1024, 2) as '索引容量(MB)' from information_schema.tables order by data_length desc, index_length desc;3.查看指定数据库容量大小例：查看mysql库容量大小select table_schema as '数据库', sum(table_rows) as '记录数', sum(truncate(data_length/1024/1024, 2)) as '数据容量(MB)', sum(truncate(index_length/1024/1024, 2)) as '索引容量(MB)' from information_schema.tables where table_schema='mysql';　4.查看指定数据库各表容量大小例：查看mysql库各表容量大小select table_schema as '数据库', table_name as '表名', table_rows as '记录数', truncate(data_length/1024/1024, 2) as '数据容量(MB)', truncate(index_length/1024/1024, 2) as '索引容量(MB)' from information_schema.tables where table_schema='mysql' order by data_length desc, index_length desc;

linux命令dd dd命令的作用是用指定大小的块拷贝一个文件，并在拷贝的同时进行指定的转换。可以用于测试磁盘命令、数据备份或恢复等dd 命令格式如下：dd [bs=<字节数>][cbs=<字节数>][conv=<关键字>][count=<区块数>][ibs=<字节数>][if=<文件>][obs=<字节数>][of=<文件>][seek=<区块数>][skip=<区块数>][--help][--version]dd if=path/to/input_file of=/path/to/output_file bs=block_size count=number_of_blocksif=file 　　　　　　　　输入文件名，缺省为标准输入。 从file读取，如if=/dev/zero,该设备无穷尽地提供0,（不产生读磁盘IO）of=file 　　　　　　　　输出文件名，缺省为标准输出。 向file写出，可以写文件，可以写裸设备。如of=/dev/null，"黑洞"，它等价于一个只写文件. 所有写入它的内容都会永远丢失. （不产生写磁盘IO）ibs=bytes 　　　　　　　一次读入 bytes 个字节(即一个块大小为 bytes 个字节)。obs=bytes 　　　　　　　一次写 bytes 个字节(即一个块大小为 bytes 个字节)。bs=bytes 　　　　　　　同时设置读写块的大小为 bytes ，可代替 ibs 和 obs。如bs=8k 每次读或写的大小，即一个块的大小为8K。cbs=bytes 　　　　　　 一次转换 bytes 个字节，即转换缓冲区大小。skip=blocks 　　　　　从输入文件开头跳过 blocks 个块后再开始复制。seek=blocks 　　从输出文件开头跳过 blocks 个块后再开始复制。(通常只有当输出文件是磁盘或磁带时才有效)。count=blocks 　　　　仅拷贝 blocks 个块，块大小等于 ibs 指定的字节数。iflag=FLAGS　　　　　 指定读的方式FLAGS，参见“FLAGS参数说明”oflag=FLAGS　　　　　 指定写的方式FLAGS，参见“FLAGS参数说明”测试方式：使用dd指令，对磁盘进行连续写入，不使用内存缓冲区，每次写入8k的数据，总共写入20万次，产生1.6G大小的文件。测试指令：dd if=/dev/zero of=/data01/test.dbf bs=8k count=200k conv=fdatasyncdd用于复制，从if读出，写到of；if=/dev/zero（产生字符）不产生IO，因此可以用来测试纯写速度；bs是每次读或写的大小，即一个块的大小，count是读写块的数量；conv=fdatasync表示只把文件的“数据”写入磁盘会在/data01下生成一个文件test.dbf，count * bs 等于最终大小，记得删除。从源 /dev/zero 读取写入到驱动盘的时候（测试写），当从驱动盘读取时写入到/dev/null（测试读）。在整个操作过程中， DD 命令会跟踪数据传输的速度并且报告出结果。/dev/null和/dev/zero的区别/dev/null，它是空设备，也称为位桶（bit bucket）、回收站、无底洞，可以向它输出任何数据。任何写入它的输出都会被抛弃。如果不想让消息以标准输出显示或写入文件，那么可以将消息重定向到位桶。/dev/zero，是一个输入设备，可用它来初始化文件。该设备无穷尽地提供0，可以使用任何需要的数目——设备提供的要多的多。他可以用于向设备或文件写入字符串0。使用sync、fsync、fdatasync、dsyncconv=fsync，表示把文件的“数据”和“metadata”都写入磁盘（metadata包括size、访问时间st_atime & st_mtime等等），因为文件的数据和metadata通常存在硬盘的不同地方，因此fsync至少需要两次IO写操作，fsync 与fdatasync相差不大。conv=fdatasync，dd命令执行到最后会真正执行一次“同步(sync)”操作，，这样算出来的时间才是比较符合实际使用结果的。conv=fdatasync表示只把文件的“数据”写入磁盘，fsync 与fdatasync相差不大。oflag=dsync，dd在执行时每次都会进行同步写入操作。每次读取8k后就要先把这8k写入磁盘，然后再读取下面一个8k，一共重复4K次，生成一个32M文件。这是最慢的一种方式了，基本上没有用到写缓存(write cache)。也是比较准确的。conv=fdatasync与oflag=dsync的区别在于：sync函数只是将所有修改过的块缓冲区排入写队列，然后就返回，它并不等待实际写磁盘操作结束。fsync函数只对由文件描述符filedes指定的单一文件起作用，并且等待写磁盘操作结束，然后返回。所以看到的fdatasync速度比dsync好。如果不加任何参数，dd默认的方式不包括“同步(sync)”命令（没加关于操作系统“写缓存”的参数，默认“写缓存”启作用），也就是说，dd命令完成前并没有让系统真正把文件写到磁盘上。dd先把数据写到操作系统“写缓存”，就完成了写操作。所以以上命令只是单纯地把数据读到内存缓冲当中（写缓存[write cache]）。通常称为update的系统守护进程会周期性地（一般每隔30秒）调用sync函数，把“写缓存”中的数据刷入磁盘。

Android之ActivityThread 每一个App在启动时，都会由Zygote fork出一个进程，进程具有独立的资源空间，用于承载App上运行的各种Activity/Service等组件。当进程创建后就要真正去启动一个App了，会调用ActivityThread的main方法。 frameworks/base/core/java/android/app/ActivityThread.java ActivityThread分析:main方法public static void main(String[] args) { ...... //1.创建主线程looper,主线程初始化 Looper.prepareMainLooper(); //2.主线程Handler初始化 ActivityThread thread = new ActivityThread(); thread.attach(false); if (sMainThreadHandler == null) { sMainThreadHandler = thread.getHandler(); } Looper.loop(); }主线程初始化frameworks/base/core/java/android/os/Looper.java//主线程Looper的初始化 public static void prepareMainLooper() { prepare(false); synchronized (Looper.class) { if (sMainLooper != null) { throw new IllegalStateException("The main Looper has already been prepared."); } sMainLooper = myLooper(); } } //普通线程初始化 public static void prepare() { prepare(true); } private static void prepare(boolean quitAllowed) { if (sThreadLocal.get() != null) { throw new RuntimeException("Only one Looper may be created per thread"); } sThreadLocal.set(new Looper(quitAllowed)); } public static @Nullable Looper myLooper() { return sThreadLocal.get(); }从上面的代码中可以看出，主线程初始化时，prepare传入false，而普通线程初始化时传入true，这个参数为quitAllowed，表示线程是否可以退出，主线程无法退出。prepare函数中创建一个Looper对象，并将对象保存在ThreadLocal中。在prepare之后，又将主线程Looper赋值给了成员变量sMainLooper，这个成员变量的作用是向其他线程提供主线程Looper对象。public static Looper getMainLooper() { synchronized (Looper.class) { return sMainLooper; } }这样当我们调用Looper.getMainLooper()时可以获取到主线程的Looper对象了。主线程Handler初始化在main方法下创建了ActivityThread对象，并获取了主线程的Handler。final H mH = new H(); final Handler getHandler() { return mH; }由此可见主线程的Handler作为ActivityThread的成员变量，是在ActivityThread的main方法被执行，ActivityThread被创建时而初始化。ActivityThread.attch()frameworks/base/core/java/android/app/ActivityThread.javafinal ApplicationThread mAppThread = new ApplicationThread(); private void attach(boolean system) { ...... final IActivityManager mgr = ActivityManagerNative.getDefault(); try { mgr.attachApplication(mAppThread); } catch (RemoteException ex) { throw ex.rethrowFromSystemServer(); } ...... }ApplicationThread是ActivityThread内部类，继承自IApplicationThread.Stub，作为服务端接受AMS发出的请求并执行，ApplicationThread是ActivityThread与AMS连接的桥梁。attch方法实际调用了AMS的attachApplication方法，去看下AMS里的实现:frameworks/base/services/core/java/com/android/server/am/ActivityManagerService.java@Override public final void attachApplication(IApplicationThread thread) { synchronized (this) { int callingPid = Binder.getCallingPid(); final long origId = Binder.clearCallingIdentity(); attachApplicationLocked(thread, callingPid); Binder.restoreCallingIdentity(origId); } }AMS中的attachApplicationLocked方法有些复杂，这个流程可以理解为ActivityThread创建时（App启动时）需要向AMS注册自己，用于AMS管理ActivityThread中的所有四大组件的生命周期。我们看下attachApplicationLocked中的关键部分:private final boolean attachApplicationLocked(IApplicationThread thread, int pid) { ... //1.创建Application thread.bindApplication(...); ... //2.创建Activity if (mStackSupervisor.attachApplicationLocked(app)) { ... } }thread.bindApplicationAMS通过远程调用，最终又会调用到ActivityThread中ApplicationThread内部类方法。public final void bindApplication(String processName, ApplicationInfo appInfo, List<ProviderInfo> providers, ComponentName instrumentationName, ProfilerInfo profilerInfo, Bundle instrumentationArgs, IInstrumentationWatcher instrumentationWatcher, IUiAutomationConnection instrumentationUiConnection, int debugMode, boolean enableBinderTracking, boolean trackAllocation, boolean isRestrictedBackupMode, boolean persistent, Configuration config, CompatibilityInfo compatInfo, Map<String, IBinder> services, Bundle coreSettings) { if (services != null) { // Setup the service cache in the ServiceManager ServiceManager.initServiceCache(services); } setCoreSettings(coreSettings); AppBindData data = new AppBindData(); data.processName = processName; data.appInfo = appInfo; data.providers = providers; data.instrumentationName = instrumentationName; data.instrumentationArgs = instrumentationArgs; data.instrumentationWatcher = instrumentationWatcher; data.instrumentationUiAutomationConnection = instrumentationUiConnection; data.debugMode = debugMode; data.enableBinderTracking = enableBinderTracking; data.trackAllocation = trackAllocation; data.restrictedBackupMode = isRestrictedBackupMode; data.persistent = persistent; data.config = config; data.compatInfo = compatInfo; data.initProfilerInfo = profilerInfo; sendMessage(H.BIND_APPLICATION, data); }在方法中将AMS传递回的数据又发送给主线程中case BIND_APPLICATION: Trace.traceBegin(Trace.TRACE_TAG_ACTIVITY_MANAGER, "bindApplication"); AppBindData data = (AppBindData)msg.obj; handleBindApplication(data); Trace.traceEnd(Trace.TRACE_TAG_ACTIVITY_MANAGER); break;在主线程中调用handleBindApplication处理:private void handleBindApplication(AppBindData data) { ...... // send up app name; do this *before* waiting for debugger //设置进程名, 也就是说进程名是在进程真正创建以后的BIND_APPLICATION过程中才取名 Process.setArgV0(data.processName); android.ddm.DdmHandleAppName.setAppName(data.processName, UserHandle.myUserId()); //重置时区 TimeZone.setDefault(null); LocaleList.setDefault(data.config.getLocales()); //获取LoadedApk对象 // (public final LoadedApk getPackageInfoNoCheck()) data.info = getPackageInfoNoCheck(data.appInfo, data.compatInfo); ...... try { // If the app is being launched for full backup or restore, bring it up in // a restricted environment with the base application class. Application app = data.info.makeApplication(data.restrictedBackupMode, null); mInitialApplication = app; if (!data.restrictedBackupMode) { if (!ArrayUtils.isEmpty(data.providers)) { installContentProviders(app, data.providers); // For process that contains content providers, we want to // ensure that the JIT is enabled "at some point". mH.sendEmptyMessageDelayed(H.ENABLE_JIT, 10*1000); } } mInstrumentation.onCreate(data.instrumentationArgs); //调用Application.onCreate()回调方法 mInstrumentation.callApplicationOnCreate(app); } finally { StrictMode.setThreadPolicy(savedPolicy); } }handleBindApplication中调用LoadedApk类中makeApplication方法:public Application makeApplication(boolean forceDefaultAppClass, Instrumentation instrumentation) { // 表示Application是个单例 if (mApplication != null) { return mApplication; } Application app = null; // 通过反射初始化Application String appClass = mApplicationInfo.className; if (forceDefaultAppClass || (appClass == null)) { appClass = "android.app.Application"; } try { java.lang.ClassLoader cl = getClassLoader(); if (!mPackageName.equals("android")) { Trace.traceBegin(Trace.TRACE_TAG_ACTIVITY_MANAGER, "initializeJavaContextClassLoader"); initializeJavaContextClassLoader(); Trace.traceEnd(Trace.TRACE_TAG_ACTIVITY_MANAGER); } ContextImpl appContext = ContextImpl.createAppContext(mActivityThread, this); app = mActivityThread.mInstrumentation.newApplication( cl, appClass, appContext); appContext.setOuterContext(app); } catch (Exception e) { if (!mActivityThread.mInstrumentation.onException(app, e)) { Trace.traceEnd(Trace.TRACE_TAG_ACTIVITY_MANAGER); throw new RuntimeException( "Unable to instantiate application " + appClass + ": " + e.toString(), e); } } mActivityThread.mAllApplications.add(app); mApplication = app; ...... return app; }到这里应用的Application 就创建出来了，创建Application后再调用callApplicationOnCreate，回调Application的onCreate方法。mStackSupervisor.attachApplicationLocked(app)mStackSupervisor是AMS的成员变量，是Activity堆栈管理辅助类实例frameworks/base/services/core/java/com/android/server/am/ActivityStackSupervisor.javaboolean attachApplicationLocked(ProcessRecord app) throws RemoteException { final String processName = app.processName; boolean didSomething = false; for (int displayNdx = mActivityDisplays.size() - 1; displayNdx >= 0; --displayNdx) { ArrayList<ActivityStack> stacks = mActivityDisplays.valueAt(displayNdx).mStacks; for (int stackNdx = stacks.size() - 1; stackNdx >= 0; --stackNdx) { final ActivityStack stack = stacks.get(stackNdx); if (!isFocusedStack(stack)) { continue; } ActivityRecord hr = stack.topRunningActivityLocked(); if (hr != null) { if (hr.app == null && app.uid == hr.info.applicationInfo.uid && processName.equals(hr.processName)) { try { if (realStartActivityLocked(hr, app, true, true)) { didSomething = true; } } catch (RemoteException e) { Slog.w(TAG, "Exception in new application when starting activity " + hr.intent.getComponent().flattenToShortString(), e); throw e; } } } } } if (!didSomething) { ensureActivitiesVisibleLocked(null, 0, !PRESERVE_WINDOWS); } return didSomething; }attachApplicationLocked中获取App要启动的top Activity，然后realStartActivityLocked去启动。final boolean realStartActivityLocked(ActivityRecord r, ProcessRecord app, boolean andResume, boolean checkConfig) throws RemoteException { ...... app.thread.scheduleLaunchActivity(new Intent(r.intent), r.appToken, System.identityHashCode(r), r.info, new Configuration(mService.mConfiguration), new Configuration(task.mOverrideConfig), r.compat, r.launchedFromPackage, task.voiceInteractor, app.repProcState, r.icicle, r.persistentState, results, newIntents, !andResume, mService.isNextTransitionForward(), profilerInfo); ...... }调用ApplicationThread的scheduleLaunchActivity方法:@Override public final void scheduleLaunchActivity(Intent intent, IBinder token, int ident, ActivityInfo info, Configuration curConfig, Configuration overrideConfig, CompatibilityInfo compatInfo, String referrer, IVoiceInteractor voiceInteractor, int procState, Bundle state, PersistableBundle persistentState, List<ResultInfo> pendingResults, List<ReferrerIntent> pendingNewIntents, boolean notResumed, boolean isForward, ProfilerInfo profilerInfo) ....... sendMessage(H.LAUNCH_ACTIVITY, r); } case LAUNCH_ACTIVITY: { Trace.traceBegin(Trace.TRACE_TAG_ACTIVITY_MANAGER, "activityStart"); final ActivityClientRecord r = (ActivityClientRecord) msg.obj; r.packageInfo = getPackageInfoNoCheck( r.activityInfo.applicationInfo, r.compatInfo); handleLaunchActivity(r, null, "LAUNCH_ACTIVITY"); Trace.traceEnd(Trace.TRACE_TAG_ACTIVITY_MANAGER);最终调用handleLaunchActivity，最终启动一个Activityprivate void handleLaunchActivity(ActivityClientRecord r, Intent customIntent, String reason) { //通过反射去创建一个Activity，然后会调用Activity的各个生命周期方法 Activity a = performLaunchActivity(r, customIntent); if (a != null) { r.createdConfig = new Configuration(mConfiguration); reportSizeConfigurations(r); Bundle oldState = r.state; // onResume handleResumeActivity(r.token, false, r.isForward, !r.activity.mFinished && !r.startsNotResumed, r.lastProcessedSeq, reason); if (!r.activity.mFinished && r.startsNotResumed) { performPauseActivityIfNeeded(r, reason); if (r.isPreHoneycomb()) { r.state = oldState; } } } else { // If there was an error, for any reason, tell the activity manager to stop us. try { ActivityManagerNative.getDefault() .finishActivity(r.token, Activity.RESULT_CANCELED, null, Activity.DONT_FINISH_TASK_WITH_ACTIVITY); } catch (RemoteException ex) { throw ex.rethrowFromSystemServer(); } } }private Activity performLaunchActivity(ActivityClientRecord r, Intent customIntent) { // 从ActivityClientRecord中获取待启动的Activity的组件信息 ActivityInfo aInfo = r.activityInfo; if (r.packageInfo == null) { r.packageInfo = getPackageInfo(aInfo.applicationInfo, r.compatInfo, Context.CONTEXT_INCLUDE_CODE); } ComponentName component = r.intent.getComponent(); if (component == null) { component = r.intent.resolveActivity( mInitialApplication.getPackageManager()); r.intent.setComponent(component); } if (r.activityInfo.targetActivity != null) { component = new ComponentName(r.activityInfo.packageName, r.activityInfo.targetActivity); } Activity activity = null; try { //反射创建Activity java.lang.ClassLoader cl = r.packageInfo.getClassLoader(); activity = mInstrumentation.newActivity( cl, component.getClassName(), r.intent); StrictMode.incrementExpectedActivityCount(activity.getClass()); r.intent.setExtrasClassLoader(cl); r.intent.prepareToEnterProcess(); if (r.state != null) { r.state.setClassLoader(cl); } } catch (Exception e) { if (!mInstrumentation.onException(activity, e)) { throw new RuntimeException( "Unable to instantiate activity " + component + ": " + e.toString(), e); } } try { //再次调用Application的创建方法，Application是个单例。但是如果这个Activity在另一个进程中，就需要再次创建Application Application app = r.packageInfo.makeApplication(false, mInstrumentation); if (activity != null) { Context appContext = createBaseContextForActivity(r, activity); CharSequence title = r.activityInfo.loadLabel(appContext.getPackageManager()); Configuration config = new Configuration(mCompatConfiguration); if (r.overrideConfig != null) { config.updateFrom(r.overrideConfig); } if (DEBUG_CONFIGURATION) Slog.v(TAG, "Launching activity " + r.activityInfo.name + " with config " + config); Window window = null; if (r.mPendingRemoveWindow != null && r.mPreserveWindow) { window = r.mPendingRemoveWindow; r.mPendingRemoveWindow = null; r.mPendingRemoveWindowManager = null; } activity.attach(appContext, this, getInstrumentation(), r.token, r.ident, app, r.intent, r.activityInfo, title, r.parent, r.embeddedID, r.lastNonConfigurationInstances, config, r.referrer, r.voiceInteractor, window); if (customIntent != null) { activity.mIntent = customIntent; } r.lastNonConfigurationInstances = null; activity.mStartedActivity = false; int theme = r.activityInfo.getThemeResource(); if (theme != 0) { activity.setTheme(theme); } activity.mCalled = false; // 调用Activity的onCreate方法回调，终于看到熟悉的Activity onCreate啦 if (r.isPersistable()) { mInstrumentation.callActivityOnCreate(activity, r.state, r.persistentState); } else { mInstrumentation.callActivityOnCreate(activity, r.state); } if (!activity.mCalled) { throw new SuperNotCalledException( "Activity " + r.intent.getComponent().toShortString() + " did not call through to super.onCreate()"); } r.activity = activity; r.stopped = true; if (!r.activity.mFinished) { // onStart回调 activity.performStart(); r.stopped = false; } if (!r.activity.mFinished) { if (r.isPersistable()) { if (r.state != null || r.persistentState != null) { mInstrumentation.callActivityOnRestoreInstanceState(activity, r.state, r.persistentState); } } else if (r.state != null) { mInstrumentation.callActivityOnRestoreInstanceState(activity, r.state); } } if (!r.activity.mFinished) { activity.mCalled = false; if (r.isPersistable()) { mInstrumentation.callActivityOnPostCreate(activity, r.state, r.persistentState); } else { mInstrumentation.callActivityOnPostCreate(activity, r.state); } if (!activity.mCalled) { throw new SuperNotCalledException( "Activity " + r.intent.getComponent().toShortString() + " did not call through to super.onPostCreate()"); } } } r.paused = true; mActivities.put(r.token, r); } catch (SuperNotCalledException e) { throw e; } catch (Exception e) { if (!mInstrumentation.onException(activity, e)) { throw new RuntimeException( "Unable to start activity " + component + ": " + e.toString(), e); } } return activity; }

Android之WMS WindowManagerService简称WMS，WMS是属于Android系统的其他服务，但是它的重要性和AMS在同一级别，作为“窗口管理员”，它负责窗口的创建、调度、显示以及触摸事件分发。也是一个Android程序猿必须了解的系统服务。在SyetemServer启动时会调用startOtherServices:private void startOtherServices() { WindowManagerService wm = null; //InputManagerService traceBeginAndSlog("StartInputManagerService"); inputManager = new InputManagerService(context); Trace.traceEnd(Trace.TRACE_TAG_SYSTEM_SERVER); traceBeginAndSlog("StartWindowManagerService"); wm = WindowManagerService.main(context, inputManager, mFactoryTestMode != FactoryTest.FACTORY_TEST_LOW_LEVEL, !mFirstBoot, mOnlyCore); ServiceManager.addService(Context.WINDOW_SERVICE, wm); ServiceManager.addService(Context.INPUT_SERVICE, inputManager); Trace.traceEnd(Trace.TRACE_TAG_SYSTEM_SERVER); mActivityManagerService.setWindowManager(wm); inputManager.setWindowManagerCallbacks(wm.getInputMonitor()); inputManager.start(); wm.displayReady(); wm.systemReady(); }可以看到，InputManagerService作为参数传递给了WMS，而WMS又作为参数传给了AMSWMS.mainpublic static WindowManagerService main(final Context context, final InputManagerService im, final boolean haveInputMethods, final boolean showBootMsgs, final boolean onlyCore) { final WindowManagerService[] holder = new WindowManagerService[1]; //运行在"android.display"线程 DisplayThread.getHandler().runWithScissors(new Runnable() { @Override public void run() { holder[0] = new WindowManagerService(context, im, haveInputMethods, showBootMsgs, onlyCore); } }, 0); return holder[0]; }WindowManagerServiceprivate WindowManagerService(Context context, InputManagerService inputManager, boolean haveInputMethods, boolean showBootMsgs, boolean onlyCore) { mContext = context; mHaveInputMethods = haveInputMethods; mAllowBootMessages = showBootMsgs; mOnlyCore = onlyCore; ...... //保存传进来的IMS mInputManager = inputManager; mDisplayManagerInternal = LocalServices.getService(DisplayManagerInternal.class); mDisplaySettings = new DisplaySettings(); mDisplaySettings.readSettingsLocked(); mDisplayManager = (DisplayManager)context.getSystemService(Context.DISPLAY_SERVICE); // 获取Display数组，每个显示设备对应一个Display mDisplays = mDisplayManager.getDisplays(); for (Display display : mDisplays) { // 创建DisplayContent,用于支持多屏幕的功能 createDisplayContentLocked(display); } mActivityManager = ActivityManagerNative.getDefault(); //创建WindowAnimator，用于管理所有的窗口动画 mAnimator = new WindowAnimator(this); mAllowTheaterModeWakeFromLayout = context.getResources().getBoolean( com.android.internal.R.bool.config_allowTheaterModeWakeFromWindowLayout); LocalServices.addService(WindowManagerInternal.class, new LocalService()); //初始化窗口管理策略接口类WindowManagerPolicy initPolicy(); // Add ourself to the Watchdog monitors. Watchdog.getInstance().addMonitor(this); ...... }initPolicyprivate void initPolicy() { //运行在"android.ui"线程 UiThread.getHandler().runWithScissors(new Runnable() { @Override public void run() { WindowManagerPolicyThread.set(Thread.currentThread(), Looper.myLooper()); mPolicy.init(mContext, WindowManagerService.this, WindowManagerService.this); } }, 0); }在initPolicy中，mPolicy实际为PhoneWindowManager。final WindowManagerPolicy mPolicy = new PhoneWindowManager();"system_server"线程中会调用WMS的main方法，main方法中会创建WMS，创建WMS的过程运行在"android.display"线程中，它的优先级更高一些，因此要等创建WMS完毕后才会唤醒处于等待状态的"system_server"线程。WMS初始化时会执行initPolicy方法，initPolicy方法会调用PWM的init方法，这个init方法运行在"android.ui"线程，并且优先级更高，因此要先执行完PWM的init方法后，才会唤醒处于等待状态的"android.display"线程。

Android之Init init是Linux系统中用户控件的第一个进程,init的职责：1.init进程创建系统中的几个关键进程，如zygote进程2.Android系统中有很多属性，于是init提供了一个property service来管理它们。init的工作流程：解析两个配置文件，我们将分析其中对init.rc文件的解析执行各个阶段的动作，创建zygote的工作就是在其中的某个阶段完成的调用property_init初始化属性相关的资源，并且通过property_start_server启动属性服务init进入一个无限循环，并且等待一些事情发生。重点关注init如何处理来自socket和来自属性服务器的相关事情解析配置文件: init会解析两个配置文件，一个是init.rc，另一个与硬件平台相关。解析配置文件调用的parse_config_file函数。这个函数中主要是读取配置文件（read_file），读取结束后调用parse_config函数进行真正的解析keyword.h文件中定义了init中使用关键字通过两次包含得到了一个keyword_info结构体数组。zygote是由init进程fork并且execv（这时会传入一个环境变量，在ZygoteInit.java的main方法中会用到）后创建的。zygote进程死后、它的父进程init会找到代表zygote的那个service并且杀掉zygote创建的所有子进程，Java世界也就崩溃了zygote的重启，zygote死的时候会将service结构体的flags设置为SVC_RESTARTING;inti.c::main函数中有一个代码片段zygote就重启for（;;）{ int nr, i, timeout = -1; for (i = 0; i < fd_count； i++} ufds[i].revents = 0； drain_action_queue () ； //poll A数返回后，会进入下一轮的循环 restart_processes () ； // 这里会重启所有 flag 标志为 SVC_RESTARTING的 service。 }init.rc是一个配置文件，是由Android初始化语言编写的脚本，主要包含五种类型语句：Action、Command、Service、Option、ImportAction动作由一组命令（Commands）组成，动作还包含了一个触发器,决定了运行这个动作的时机。通过触发器trigger,即通过以on开头的语句来决定执行相应的service的时机,具体有如下时机：on early-init; 在初始化早期阶段触发；on init; 在初始化阶段触发；on late-init; 在初始化晚期阶段触发；on boot/charger： 当系统启动/充电时触发；on property:<key>=<value>: 当属性值满足条件时触发；CommandCommand是action 的命令列表中命令，或者是service中的选项onrestart的参数命令，命令将在所属事件发生时被一个一个的执行。常用命令如下：class_start <service_class_name>： 启动属于同一个class的所有服务；class_stop <service_class_name> : 停止指定类的服务start <service_name>： 启动指定的服务，若已启动则跳过；stop <service_name>： 停止正在运行的服务setprop <name> <value>：设置属性值mkdir <path>：创建指定目录symlink <target> <sym_link>： 创建连接到<target>的<sym_link>符号链接；write <path> <string>： 向文件path中写入字符串；exec： fork并执行，会阻塞init进程直到程序完毕；exprot <name> <name>：设定环境变量；loglevel <level>：设置log级别hostname <name> : 设置主机名import <filename> ：导入一个额外的init配置文件Service服务Service,以service开头，由init进程启动，一般运行在init的一个子进程中，所以启动service前需要判断对应的可执行文件是否存在。命令：service <name><pathname> [ <argument> ]* <option> <option><name>：表示service的名称<pathname>：表示此 service 所在的路径（ service 为可执行文件，所以存在存储路径）<argument>：表示启动 service 所带的参数<option>：表示对此 service 的约束选项init生成的子进程，定义在rc文件，其中每一个service在启动时会通过fork方式生成子进程。OptionOptions是Service的可选项，与service配合使用disabled: 不随class自动启动，只有根据service名才启动；oneshot: service退出后不再重启；user/group： 设置执行服务的用户/用户组，默认都是root；class：设置所属的类名，当所属类启动/退出时，服务也启动/停止，默认为default；onrestart:当服务重启时执行相应命令；socket: 创建名为/decdcritical: 在规定时间内该service不断重启，则系统会重启并进入恢复模式default: 意味着 disabled=false，oneshot=false，critical=falseImport用来导入其他的 rc 文件命令：import <filename>init.rc实例从Android5.0的版本开始，Android支持64位的编译，因此Zygote本身也支持32位和64位。通过属性ro.zygote来控制不同版本的zygote进程启动。init.rc位于"/system/core/rootdir"目录下，在这个路径下还包括四个关于zygote的rc文件。分别是init.zygote32.rc，init.zygote32_64.rc，init.zygote64.rc，init.zygote64_32.rc，由硬件决定调用哪个文件。import /init.environ.rc import /init.usb.rc import /init.${ro.hardware}.rc import /vendor/etc/init/hw/init.${ro.hardware}.rc import /init.usb.configfs.rc import /init.${ro.zygote}.rc on early-init # Set init and its forked children's oom_adj. write /proc/1/oom_score_adj -1000

Android之Zygote Zygote是Android系统创建新进程的核心进程，负责启动Dalvik虚拟机，加载一些必要的系统资源和系统类，启动system_server进程，随后进入等待处理app应用请求。Zygote进程由init启动：# /vendor/default.prop ro.zygote=zygote64_32 # /init.rc import /init.${ro.zygote}.rc on zygote-start && property:ro.crypto.state=... # A/B update verifier that marks a successful boot. exec_start update_verifier_nonencrypted start netd start zygote start zygote_secondary # /init.zygote64_32.rc service zygote /system/bin/app_process64 -Xzygote /system/bin --zygote --start-system-server --socket-name=zygote class main priority -20 user root group root readproc reserved_disk socket zygote stream 660 root system onrestart write /sys/android_power/request_state wake onrestart write /sys/power/state on onrestart restart audioserver onrestart restart cameraserver onrestart restart media onrestart restart netd onrestart restart wificond writepid /dev/cpuset/foreground/tasks service zygote_secondary /system/bin/app_process32 -Xzygote /system/bin --zygote --socket-name=zygote_secondary --enable-lazy-preload class main priority -20 user root group root readproc reserved_disk socket zygote_secondary stream 660 root system onrestart restart zygote writepid /dev/cpuset/foreground/tasks 属性 ro.zygote 的值包括zygote32、zygote64、zygote32_64、zygote64_32，对应区别如下：init.zygote32.rc：zygote进程对应的执行程序是app_process(纯32bit模式)init.zygote64.rc：zygote进程对应的执行程序是app_process64(纯64bit模式)init.zygote32_64.rc：启动两个zygote进程，对应的执行程序分别是app_process32(主模式)、app_process64init.zygote64_32.rc：启动两个zygote进程，对应的执行程序分别是app_process64(主模式)、app_process32zygote和zygote_secondary其实大同小异，都是执行/system/bin/app_process，其执行的的应用及参数如下:app_process64 -Xzygote /system/bin --zygote --start-system-server --socket-name=zygotemain() AppRuntime::AppRuntime() AndroidRuntime::AndroidRuntime() SkGraphics::Init() // 创建Dalvik缓存 maybeCreateDalvikCache() AndroidRuntime::start("com.android.internal.os.ZygoteInit", args, ) // JniInvocation位于libnativehelper JniInvocation::JniInvocation() /* * 初始化虚拟机环境 * - 加载libart.so, 由art/runtime生成 * - 导出JNI_GetDefaultJavaVMInitArgs * - 导出JNI_CreateJavaVM * - 导出JNI_GetCreatedJavaVMs */ JniInvocation::Init(NULL) AndroidRuntime::startVm(JavaVM, JNIEnv,) // 获取虚拟机参数 AndroidRuntime::parseRuntimeOption() // 位于libnativehelper ??? JNI_CreateJavaVM() JniInvocation::JNI_CreateJavaVM() AppRuntime::onVmCreated() // 向VM注册native函数 AndroidRuntime::startReg() /* * 依次注册预定义的gRegJNI列表, 包括 * frameworks/base/core/jni/android_xxx.cpp * frameworks/base/core/jni/com_xxx.cpp * 下面以android_util_Process.cpp为例 */ register_jni_procs(gRegJNI) register_android_os_Process() /* * 注册 android.os.Process 类 * 注册 android.os.Process.setUid 方法 * ... * * static const JNINativeMethod methods[] = { * ... * {"setUid", "(I)I", (void*)android_os_Process_setUid}, * ... * }; */ RegisterMethodsOrDie(env, "android/os/Process", methods,) AndroidRuntime::registerNativeMethods(env, className, methods, ) jniRegisterNativeMethods() JNINativeInterface::RegisterNatives() /* * 找到入口com.android.internal.os.ZygoteInit(在register_jni_procs中注册) */ JNIEnv::FindClass("com/android/internal/os/ZygoteInit") // 找到入口类的main函数 JNIEnv::GetStaticMethodID(jclass, "main") // 执行com.android.internal.os.ZygoteInit.main() JNIEnv::CallStaticVoidMethod(jclass, jmethodID, jobjectArray) 接下来就是ZygoteInit的执行过程ZygoteInit.main() /* * 在init.zygote*.rc中注册了zygote套接字 * init进程在启动service时会添加环境变量 * 环境变量: "ANDROID_SOCKET_zygote" * * 从环境变量中获取socket的fd * 通过LocalServerSocket()创建服务端 */ ZygoteServer::registerServerSocketFromEnv("zygote") // FIXME: Add More ZygoteInit::preload() // 主动进行GC操作 ZygoteInit::gcAndFinalize() Zygote::nativeSecurityInit() com_android_internal_os_Zygote_nativeSecurityInit() Zygote::nativeUnmountStorageOnInit() com_android_internal_os_Zygote_nativeUnmountStorageOnInit() /* * 启动SystemServer, 重命名为system_server */ ZygoteInit::forkSystemServer() Zygote::forkSystemServer() Zygote::nativeForkSystemServer() com_android_internal_os_Zygote_nativeForkSystemServer() ForkAndSpecializeCommon() fork() // 子进程: com.android.internal.os.Zygote JNIENV::CallStaticVoidMethod("com/android/internal/os/Zygote") // 子进程: FIXME: Add More ZygoteInit::handleSystemServerProcess() ZygoteInit::zygoteInit(, "com.android.server.SystemServer", ) RuntimeInit::commonInit() ZygoteInit::nativeZygoteInit() com_android_internal_os_ZygoteInit_nativeZygoteInit() AppRuntime::onZygoteInit() RuntimeInit::applicationInit() RuntimeInit::findStaticMain("com.android.server.SystemServer", , ) // 执行com.android.server.SystemServer.main() MethodAndArgsCaller.run() /* * 监听zygote socket * 等待客户端消息并处理 * ZygoteConnection用于表示和客户端的连接 */ ZygoteServer::runSelectLoop() ZygoteConnection::processOneCommand() app_process有两种启动模式，都是调用AppRuntime::start()，加载ZygoteInit或RuntimeInit两个Java类Zygote模式: 即初始化zygote进程，也即上面分析的流程Application模式: 即启动普通应用程序，传递的参数有class名字以及class带的参数Zygote启动过程中fork了一个新进程用于启动com.android.server.SystemServer，即SystemServer，文件路径如下:frameworks/base/services/java/com/android/server/SystemServer.javaSystemServer(进程名为system_server)是android服务的提供者，所有service运行在该进程中，主要流程如下:SystemServer::main() SystemServer::run() /* * 一些准备工作 */ Looper.prepareMainLooper() /* * 初始化native服务 * libandroid_servers * <- libservices.core * 由[frameworks/base/services/core/jni/*]编译生成 */ System::loadLibrary("android_servers"); // 位于frameworks/base/services/core/jni/onload.cpp JNI_OnLoad() register_android_server_broadcastradio_BroadcastRadioService() register_android_server_broadcastradio_Tuner() register_android_server_PowerManagerService() /* * 向com.android.server.power.PowerManagerService注册native方法 * 2rd参数: "com/android/server/power/PowerManagerService" * 3rd参数: gPowerManagerServiceMethods * 4rd参数: NELEM(gPowerManagerServiceMethods) */ jniRegisterNativeMethods(JNIEnv, , ,) register_android_server_SerialService() ... // FIXME SystemServer::performPendingShutdown() // 初始化系统上下文 SystemServer::createSystemContext() ActivityThread::systemMain() new ActivityThread() // FIXME: a lot thing seems done ActivityThread::attach(true, 0) ActivityThread::getSystemContext() mSystemServiceManager = new SystemServiceManager() /* * 区别于BinderService, Localservice只在本进程使用 */ LocalServices.addService(SystemServiceManager.class, mSystemServiceManager) /* * 启动关键服务 */ startBootstrapServices(); // FIXME: 读取系统配置 SystemServerInitThreadPool.get().submit(SystemConfig::getInstance, ) /* * 启动[Installer]服务并连接至installd * installd为native服务, 位于frameworks/native/cmds/installd/ */ SystemServiceManager::startService(Installer.class) new Installer() && Installer::onStart() // 启动[设备标识符]服务 SystemServiceManager::startService(DeviceIdentifiersPolicyService.class) new DeviceIdentifiersPolicyService() DeviceIdentifiersPolicyService::onStart() // 启动[AMS]服务 SystemServiceManager::startService(ActivityManagerService.Lifecycle.class) new ActivityManagerService() ActivityManagerService::onStart() // 启动[电源管理服务] SystemServiceManager::startService(PowerManagerService.class) new PowerManagerService() PowerManagerService::onStart() publishBinderService(Context.POWER_SERVICE, new BinderService()); // 向servicemanager注册服务 ServiceManager.addService( , , , ) publishLocalService(PowerManagerInternal.class, new LocalService()); LocalServices.addService( , ) // 初始化电源管理功能 ActivityManagerService::initPowerManagement() SystemServiceManager::startService(RecoverySystemService.class) SystemServiceManager::startService(LightsService.class) // 启动[显示管理服务] SystemServiceManager::startService(DisplayManagerService.class) // 等待默认显示器 SystemServiceManager::startBootPhase(SystemService.PHASE_WAIT_FOR_DE~T_DISPLAY); DisplayManagerService::onBootPhase(SystemService.PHASE_WAIT_FOR_DE~T_DISPLAY) // 启动[PackageManagerService, PMS]服务 PackageManagerService::main(mSystemContext, installer, , ) ActivityManagerService::setSystemProcess() new OverlayManagerService(mSystemContext, installer) SystemServiceManager::startService(mOverlayManagerService) startSensorService() /* * 启动必要服务 */ startCoreServices(); SystemServiceManager::startService(BatteryService.class) SystemServiceManager::startService(UsageStatsService.class) BinderCallsStatsService.start(); /* * 启动其他服务, 太多了, 这里不一一列举 */ startOtherServices(); /* * 进入循环 */ Looper.loop();