search

ElderDrivers / EdXposed

Elder driver Xposed Framework.
https://edxp.meowcat.org/
GNU General Public License v3.0
5.37k stars 621 forks source link

[BUG] crashing when trying to hook "nativeLoad" method #770

Closed rhjdvsgsgks closed 3 years ago

rhjdvsgsgks commented 3 years ago

什么情况/What happened?

crashing when trying to hook "nativeLoad" method

Xposed模块列表/Xposed Module List

pseudo code

Runtime::class.java.hookAfterMethod("nativeLoad", String::class.java, ClassLoader::class.java) { 
//do nothing
}

Magisk模块列表/Magisk Module List

Riru Riru - EdXposed Riru - Enhanced mode for Storage Isolation Riru - IFW Enhance

版本信息/Versions

Android: 9

Magisk: 21.1

Riru: 23.1

EdXposed: 4653 sandhook

相关日志/Related Logs

--------- beginning of information
Architecture: arm64-v8a
Android version: 9
Android sdk: 28
EdXposed version: v0.5.1.3_4653-master (SandHook)
EdXposed api: 93
Riru version: v23.1 (51)
Riru api: 10
Magisk: 21.1 (21100)
--------- beginning of crash
12-25 21:34:35.545  9194  9194 D EdXposed: LoadedApk#<init> starts: pkg=games.wfs.anothereden, prc=games.wfs.anothereden
12-25 21:34:35.545  9194  9194 D EdXposed: LoadedApk#<init> ends: /data/app/com.android.webview-1OPG2JvSz6xzHmpBuPS31Q==/base.apk: pkg=games.wfs.anothereden, prc=games.wfs.anothereden
12-25 21:34:35.566  9194  9194 D EdXposed: LoadedApk#getClassLoader starts: pkg=games.wfs.anothereden, prc=games.wfs.anothereden
12-25 21:34:35.566  9194  9194 D EdXposed: LoadedApk#getClassLoader ends: /data/app/com.android.webview-1OPG2JvSz6xzHmpBuPS31Q==/base.apk -> dalvik.system.PathClassLoader[DexPathList[[zip file "/data/app/com.android.webview-1OPG2JvSz6xzHmpBuPS31Q==/base.apk"],nativeLibraryDirectories=[/data/app/com.android.webview-1OPG2JvSz6xzHmpBuPS31Q==/lib/arm64, /data/app/com.android.webview-1OPG2JvSz6xzHmpBuPS31Q==/base.apk!/lib/arm64-v8a, /system/lib64, /system/vendor/lib64]]]: pkg=games.wfs.anothereden, prc=games.wfs.anothereden
12-25 21:34:35.661  9194  9194 F webviewchromium_plat_support: Unable to find class 'com/android/webview/chromium/DrawGLFunctor'
12-25 21:34:35.663  9194  9194 F libc    : Fatal signal 6 (SIGABRT), code -6 (SI_TKILL) in tid 9194 (wfs.anothereden), pid 9194 (wfs.anothereden)
12-25 21:34:35.773  9281  9281 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
12-25 21:34:35.773  9281  9281 F DEBUG   : Build fingerprint: 'xx'
12-25 21:34:35.773  9281  9281 F DEBUG   : Revision: '0'
12-25 21:34:35.773  9281  9281 F DEBUG   : ABI: 'arm64'
12-25 21:34:35.773  9281  9281 F DEBUG   : pid: 9194, tid: 9194, name: wfs.anothereden  >>> games.wfs.anothereden <<<
12-25 21:34:35.773  9281  9281 F DEBUG   : signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
12-25 21:34:35.773  9281  9281 F DEBUG   : Abort message: 'Unable to find class 'com/android/webview/chromium/DrawGLFunctor''
12-25 21:34:35.773  9281  9281 F DEBUG   :     x0  0000000000000000  x1  00000000000023ea  x2  0000000000000006  x3  0000000000000008
12-25 21:34:35.773  9281  9281 F DEBUG   :     x4  fefefeff73716e6f  x5  fefefeff73716e6f  x6  fefefeff73716e6f  x7  7f7f7f7f7f7f7f7f
12-25 21:34:35.773  9281  9281 F DEBUG   :     x8  0000000000000083  x9  053e9798120c86a2  x10 0000000000000000  x11 fffffffc7ffffbdf
12-25 21:34:35.773  9281  9281 F DEBUG   :     x12 0000000000000001  x13 ffffffffffffffff  x14 ffffffffff000000  x15 ffffffffffffffff
12-25 21:34:35.773  9281  9281 F DEBUG   :     x16 00000072cfcb12b0  x17 00000072cfbd29d8  x18 0000000000000010  x19 00000000000023ea
12-25 21:34:35.773  9281  9281 F DEBUG   :     x20 00000000000023ea  x21 000000724e0c8e00  x22 00000072d3f035e0  x23 0000007ff15d606c
12-25 21:34:35.773  9281  9281 F DEBUG   :     x24 000000724950a740  x25 0000000000000089  x26 000000724719ae00  x27 000000724e014c00
12-25 21:34:35.773  9281  9281 F DEBUG   :     x28 000000724e0e8460  x29 0000007ff15d5920
12-25 21:34:35.773  9281  9281 F DEBUG   :     sp  0000007ff15d58e0  lr  00000072cfbc400c  pc  00000072cfbc4034
12-25 21:34:36.222  9281  9281 F DEBUG   : 
12-25 21:34:36.222  9281  9281 F DEBUG   : backtrace:
12-25 21:34:36.222  9281  9281 F DEBUG   :     #00 pc 0000000000022034  /system/lib64/libc.so (abort+116)
12-25 21:34:36.222  9281  9281 F DEBUG   :     #01 pc 0000000000008644  /system/lib64/liblog.so (__android_log_assert+296)
12-25 21:34:36.222  9281  9281 F DEBUG   :     #02 pc 00000000000014b8  /system/lib64/libwebviewchromium_plat_support.so (android::RegisterDrawGLFunctor(_JNIEnv*)+128)
12-25 21:34:36.222  9281  9281 F DEBUG   :     #03 pc 000000000000177c  /system/lib64/libwebviewchromium_plat_support.so (JNI_OnLoad+60)
12-25 21:34:36.222  9281  9281 F DEBUG   :     #04 pc 00000000002e9244  /system/lib64/libart.so (offset 0x20d000) (art::JavaVMExt::LoadNativeLibrary(_JNIEnv*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, _jobject*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>*)+3192)
12-25 21:34:36.222  9281  9281 F DEBUG   :     #05 pc 0000000000004038  /system/lib64/libopenjdkjvm.so (JVM_NativeLoad+412)
12-25 21:34:36.222  9281  9281 F DEBUG   :     #06 pc 0000000000114bc8  /system/framework/arm64/boot-core-oj.oat (offset 0x114000) (java.lang.Runtime.nativeLoad [DEDUPED]+200)
12-25 21:34:36.222  9281  9281 F DEBUG   :     #07 pc 000000000055604c  /system/lib64/libart.so (offset 0x3e5000) (art_quick_invoke_static_stub+604)
12-25 21:34:36.222  9281  9281 F DEBUG   :     #08 pc 00000000000cf8e8  /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+232)
12-25 21:34:36.222  9281  9281 F DEBUG   :     #09 pc 000000000045d04c  /system/lib64/libart.so (offset 0x3e5000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104)
12-25 21:34:36.222  9281  9281 F DEBUG   :     #10 pc 000000000045eaa0  /system/lib64/libart.so (offset 0x3e5000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1440)
12-25 21:34:36.222  9281  9281 F DEBUG   :     #11 pc 00000000003ee9e0  /system/lib64/libart.so (offset 0x375000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #12 pc 000000000011e6d4  /system/framework/arm64/boot-core-oj.oat (offset 0x114000) (java.lang.Class.getDeclaredMethodInternal [DEDUPED]+180)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #13 pc 0000000000555d88  /system/lib64/libart.so (offset 0x3e5000) (art_quick_invoke_stub+584)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #14 pc 00000000000cf8c8  /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #15 pc 000000000027fac0  /system/lib64/libart.so (offset 0x20d000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+344)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #16 pc 0000000000279ac8  /system/lib64/libart.so (offset 0x20d000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+968)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #17 pc 0000000000524e0c  /system/lib64/libart.so (offset 0x3e5000) (MterpInvokeVirtual+588)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #18 pc 0000000000548414  /system/lib64/libart.so (offset 0x3e5000) (ExecuteMterpImpl+14228)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #19 pc 000000000001c804  /dev/ashmem/dalvik-DEX data (deleted) (com.swift.sandhook.SandHook.callOriginMethod+52)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #20 pc 00000000002537cc  /system/lib64/libart.so (offset 0x20d000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEb.llvm.1430790321+488)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #21 pc 00000000002592c0  /system/lib64/libart.so (offset 0x20d000) (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+216)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #22 pc 0000000000279aac  /system/lib64/libart.so (offset 0x20d000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+940)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #23 pc 0000000000526310  /system/lib64/libart.so (offset 0x3e5000) (MterpInvokeStatic+204)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #24 pc 0000000000548594  /system/lib64/libart.so (offset 0x3e5000) (ExecuteMterpImpl+14612)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #25 pc 000000000001c8be  /dev/ashmem/dalvik-DEX data (deleted) (com.swift.sandhook.SandHook.callOriginMethod+2)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #26 pc 00000000002537cc  /system/lib64/libart.so (offset 0x20d000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEb.llvm.1430790321+488)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #27 pc 00000000002592c0  /system/lib64/libart.so (offset 0x20d000) (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+216)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #28 pc 0000000000279aac  /system/lib64/libart.so (offset 0x20d000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+940)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #29 pc 0000000000526310  /system/lib64/libart.so (offset 0x3e5000) (MterpInvokeStatic+204)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #30 pc 0000000000548594  /system/lib64/libart.so (offset 0x3e5000) (ExecuteMterpImpl+14612)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #31 pc 0000000000021b18  /dev/ashmem/dalvik-DEX data (deleted) (com.swift.sandhook.xposedcompat.hookstub.HookStubManager.hookBridge+300)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #32 pc 00000000002537cc  /system/lib64/libart.so (offset 0x20d000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEb.llvm.1430790321+488)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #33 pc 00000000002592c0  /system/lib64/libart.so (offset 0x20d000) (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+216)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #34 pc 0000000000279aac  /system/lib64/libart.so (offset 0x20d000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+940)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #35 pc 0000000000526310  /system/lib64/libart.so (offset 0x3e5000) (MterpInvokeStatic+204)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #36 pc 0000000000548594  /system/lib64/libart.so (offset 0x3e5000) (ExecuteMterpImpl+14612)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #37 pc 0000000000026e28  /dev/ashmem/dalvik-DEX data (deleted) (com.swift.sandhook.xposedcompat.hookstub.MethodHookerStubs64.stub_hook_1+28)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #38 pc 00000000002537cc  /system/lib64/libart.so (offset 0x20d000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEb.llvm.1430790321+488)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #39 pc 00000000005156a0  /system/lib64/libart.so (offset 0x3e5000) (artQuickToInterpreterBridge+1020)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #40 pc 000000000055eefc  /system/lib64/libart.so (offset 0x3e5000) (art_quick_to_interpreter_bridge+92)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #41 pc 0000000000184f7c  /system/framework/arm64/boot-core-oj.oat (offset 0x114000) (java.lang.Runtime.loadLibrary0+188)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #42 pc 000000000018aa20  /system/framework/arm64/boot-core-oj.oat (offset 0x114000) (java.lang.System.loadLibrary+96)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #43 pc 00000000001c1970  /data/app/com.android.webview-1OPG2JvSz6xzHmpBuPS31Q==/oat/arm64/base.odex (offset 0xef000) (com.android.webview.chromium.WebViewChromiumFactoryProvider.f+3504)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #44 pc 00000000001bfd18  /data/app/com.android.webview-1OPG2JvSz6xzHmpBuPS31Q==/oat/arm64/base.odex (offset 0xef000) (com.android.webview.chromium.WebViewChromiumFactoryProvider.<init>+472)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #45 pc 0000000000334390  /data/app/com.android.webview-1OPG2JvSz6xzHmpBuPS31Q==/oat/arm64/base.odex (offset 0xef000) (com.android.webview.chromium.WebViewChromiumFactoryProviderForO.<init> [DEDUPED]+48)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #46 pc 0000000000334544  /data/app/com.android.webview-1OPG2JvSz6xzHmpBuPS31Q==/oat/arm64/base.odex (offset 0xef000) (com.android.webview.chromium.WebViewChromiumFactoryProviderForP.create+84)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #47 pc 000000000055604c  /system/lib64/libart.so (offset 0x3e5000) (art_quick_invoke_static_stub+604)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #48 pc 00000000000cf8e8  /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+232)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #49 pc 000000000045d04c  /system/lib64/libart.so (offset 0x3e5000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #50 pc 000000000045eaa0  /system/lib64/libart.so (offset 0x3e5000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1440)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #51 pc 00000000003ee9e0  /system/lib64/libart.so (offset 0x375000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #52 pc 000000000011e6d4  /system/framework/arm64/boot-core-oj.oat (offset 0x114000) (java.lang.Class.getDeclaredMethodInternal [DEDUPED]+180)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #53 pc 0000000000bafc18  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.webkit.WebViewFactory.getProvider+936)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #54 pc 0000000000ded0e8  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.webkit.WebView.setOverScrollMode+104)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #55 pc 0000000000c6897c  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.view.View.<init>+572)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #56 pc 0000000000c68da4  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.view.View.<init>+116)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #57 pc 0000000000d34318  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.view.ViewGroup.<init>+72)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #58 pc 0000000000dea75c  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.webkit.WebView.<init>+76)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #59 pc 0000000000dea638  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.webkit.WebView.<init>+72)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #60 pc 0000000001da0a9c  /data/app/games.wfs.anothereden-dkILE6vxLbL8X1VWpAHGvQ==/oat/arm64/base.odex (offset 0x5e3000) (net.wrightflyer.toybox.AppActivity.onCreate+652)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #61 pc 0000000000a74c5c  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.app.Activity.performCreate+172)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #62 pc 0000000000764b10  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.app.Instrumentation.callActivityOnCreate+80)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #63 pc 00000000008853c0  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.app.ActivityThread.performLaunchActivity+2112)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #64 pc 000000000088ae88  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.app.ActivityThread.handleLaunchActivity+424)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #65 pc 0000000000a7e2b4  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.app.servertransaction.LaunchActivityItem.execute+372)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #66 pc 00000000007839f4  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.app.servertransaction.TransactionExecutor.executeCallbacks+708)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #67 pc 00000000007836b8  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.app.servertransaction.TransactionExecutor.execute+280)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #68 pc 00000000008776b4  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.app.ActivityThread$H.handleMessage+308)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #69 pc 0000000000ab2644  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.os.Handler.dispatchMessage+180)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #70 pc 0000000000ab5818  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.os.Looper.loop+1560)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #71 pc 00000000008841f8  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (android.app.ActivityThread.main+664)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #72 pc 000000000055604c  /system/lib64/libart.so (offset 0x3e5000) (art_quick_invoke_static_stub+604)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #73 pc 00000000000cf8e8  /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+232)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #74 pc 000000000045d04c  /system/lib64/libart.so (offset 0x3e5000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #75 pc 000000000045eaa0  /system/lib64/libart.so (offset 0x3e5000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1440)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #76 pc 00000000003ee9e0  /system/lib64/libart.so (offset 0x375000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #77 pc 000000000011e6d4  /system/framework/arm64/boot-core-oj.oat (offset 0x114000) (java.lang.Class.getDeclaredMethodInternal [DEDUPED]+180)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #78 pc 0000000000bed618  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+136)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #79 pc 0000000000bf4800  /system/framework/arm64/boot-framework.oat (offset 0x3d1000) (com.android.internal.os.ZygoteInit.main+3088)
12-25 21:34:36.223  9281  9281 F DEBUG   :     #80 pc 000000000055604c  /system/lib64/libart.so (offset 0x3e5000) (art_quick_invoke_static_stub+604)
12-25 21:34:36.224  9281  9281 F DEBUG   :     #81 pc 00000000000cf8e8  /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+232)
12-25 21:34:36.224  9281  9281 F DEBUG   :     #82 pc 000000000045d04c  /system/lib64/libart.so (offset 0x3e5000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104)
12-25 21:34:36.224  9281  9281 F DEBUG   :     #83 pc 000000000045ccac  /system/lib64/libart.so (offset 0x3e5000) (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+424)
12-25 21:34:36.224  9281  9281 F DEBUG   :     #84 pc 000000000036236c  /system/lib64/libart.so (offset 0x20d000) (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+652)
12-25 21:34:36.224  9281  9281 F DEBUG   :     #85 pc 00000000000b179c  /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+116)
12-25 21:34:36.224  9281  9281 F DEBUG   :     #86 pc 00000000000b41c0  /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+752)
12-25 21:34:36.224  9281  9281 F DEBUG   :     #87 pc 000000000000251c  /system/bin/app_process64 (main+2000)
12-25 21:34:36.224  9281  9281 F DEBUG   :     #88 pc 00000000000ca47c  /system/lib64/libc.so (__libc_init+88)

the application which be hooked will also load other native lib, but only crash on loading /data/app/com.android.webview-1OPG2JvSz6xzHmpBuPS31Q==/lib/arm64/libwebviewchromium.so

i also tried use these code in bilibili, here is the log

12-25 22:23:42.053  1422  1422 D EdXposed: using whitelist, com.bilibili.app.in -> true
12-25 22:23:42.144 23734 23734 I EdXposed: Start to install inline hooks
12-25 22:23:42.144 23734 23734 I EdXposed: Using api level 28
12-25 22:23:42.144 23734 23734 I EdXposed: Start to install Riru hook
12-25 22:23:42.257 23734 23734 I EdXposed: Riru hooks installed
12-25 22:23:42.258 23734 23734 D EdXposed: _ZN3art7Runtime9instance_E = 0x724e04b700
12-25 22:23:42.258 23734 23734 D EdXposed: art::runtime::Heap object: 0x724e0b7600
12-25 22:23:42.258 23734 23734 D EdXposed: art_method hook setup, handle=0x67d9830644a980c7
12-25 22:23:42.258 23734 23734 D EdXposed: Classlinker hook setup, handle=0x67d9830644a980c7
12-25 22:23:42.258 23734 23734 D EdXposed: Classlinker object: 0x724e0c8f40
12-25 22:23:42.260 23734 23734 I EdXposed: ART hooks installed
12-25 22:23:42.294 23734 23734 I EdXposed: init to SDK 28
12-25 22:23:42.312 23734 23734 D EdXposed: not using yahfa
12-25 22:23:42.317 23734 23734 D EdXposed: Done prepare
12-25 22:23:42.367 23734 23734 I EdXposed: HookMain: getArtMethod: 0x70b58e98
12-25 22:23:42.367 23734 23734 D EdXposed: deoptimizing method: 0x70b58e98
12-25 22:23:42.367 23734 23734 D EdXposed: SetEntryPointsToInterpreter start, thiz=0x724e0c8f40, art_method=0x70b58e98
12-25 22:23:42.368 23734 23734 D EdXposed: method deoptimized: 0x70b58e98
12-25 22:23:42.369 23734 23734 D EdXposed: startBootstrapHook starts: isSystem = false
12-25 22:23:42.372 23734 23734 I EdXposed: HookMain: getArtMethod: 0x70d222e0
12-25 22:23:42.372 23734 23734 I EdXposed: HookMain: getArtMethod: 0x70d222e0
12-25 22:23:42.403 23734 23734 I EdXposed: HookMain: getArtMethod: 0x70cc31b8
12-25 22:23:42.403 23734 23734 I EdXposed: HookMain: getArtMethod: 0x70cc31b8
12-25 22:23:42.412 23734 23734 I EdXposed: Loading modules for com.bilibili.app.in
12-25 22:23:42.412 23734 23734 D EdXposed: module list: /data/app/com.example.aaa-bp0kYzbIHK_VW7IMWwxpiA==/base.apk
12-25 22:23:42.413 23734 23734 I EdXposed-Bridge: Loading modules from /data/app/com.example.aaa-bp0kYzbIHK_VW7IMWwxpiA==/base.apk
12-25 22:23:42.422 23734 23734 I EdXposed-Bridge:   Loading class com.example.aaa.XposedInit
12-25 22:23:42.433 23734 23734 D EdXposed: injected xposed into com.bilibili.app.in
12-25 22:23:42.476 23734 23734 D EdXposed: ActivityThread#handleBindApplication() starts: pkg=android, prc=android
12-25 22:23:42.476 23734 23734 D EdXposed: processName=com.bilibili.app.in, packageName=com.bilibili.app.in, appDataDir=/data/user/0/com.bilibili.app.in
12-25 22:23:42.477 23734 23734 D EdXposed: LoadedApk#<init> starts: pkg=com.bilibili.app.in, prc=com.bilibili.app.in
12-25 22:23:42.477 23734 23734 D EdXposed: LoadedApk#<init> ends: /data/app/com.bilibili.app.in-Osu9wehOg6_B49R0QY1MyQ==/base.apk: pkg=com.bilibili.app.in, prc=com.bilibili.app.in
12-25 22:23:42.482 23734 23734 D EdXposed: LoadedApk#<init> has been loaded before, skip: /data/app/com.bilibili.app.in-Osu9wehOg6_B49R0QY1MyQ==/base.apk: pkg=com.bilibili.app.in, prc=com.bilibili.app.in
12-25 22:23:42.681 23734 23734 I EdXposed: HookMain: getArtMethod: 0x70cc35a0
12-25 22:23:42.681 23734 23734 I EdXposed: HookMain: getArtMethod: 0x70cc35a0
12-25 22:23:42.728 23734 23734 D EdXposed: LoadedApk#getClassLoader starts: pkg=com.bilibili.app.in, prc=com.bilibili.app.in
12-25 22:23:42.728 23734 23734 D EdXposed: LoadedApk#getClassLoader ends: /data/app/com.bilibili.app.in-Osu9wehOg6_B49R0QY1MyQ==/base.apk -> dalvik.system.PathClassLoader[DexPathList[[zip file "/system/framework/org.apache.http.legacy.boot.jar", zip file "/data/app/com.bilibili.app.in-Osu9wehOg6_B49R0QY1MyQ==/base.apk"],nativeLibraryDirectories=[/data/app/com.bilibili.app.in-Osu9wehOg6_B49R0QY1MyQ==/lib/arm64, /data/app/com.bilibili.app.in-Osu9wehOg6_B49R0QY1MyQ==/base.apk!/lib/arm64-v8a, /system/lib64, /system/vendor/lib64]]]: pkg=com.bilibili.app.in, prc=com.bilibili.app.in
12-25 22:23:42.730 23734 23734 I EdXposed: HookMain: getArtMethod: 0x700a7730
12-25 22:23:42.730 23734 23734 I EdXposed: HookMain: getArtMethod: 0x700a7730
12-25 22:23:42.849 23734 23734 E EdXposed-Bridge: java.lang.NoClassDefFoundError: Class not found using the boot class loader; no stack trace available
12-25 22:23:42.850 23734 23734 E EdXposed-Bridge: java.lang.NoClassDefFoundError: Class not found using the boot class loader; no stack trace available
eebssk1 commented 3 years ago

The webview is isolated package,EdXP ignores it to avoid problem.When some app try to reference it,especially in EdXP's context,the action maybe fail since it's not in EdXP's "mind"(as the log said,the classes are not available).

rhjdvsgsgks commented 3 years ago

@eebssk1 how to make edxposed don't ignore it? I has already tried add webview package to whitelist, but it still crash with same error

eebssk1 commented 3 years ago

@eebssk1 how to make edxposed don't ignore it? I has already tried add webview package to whitelist, but it still crash with same error

Because of its nature that hook webview will cause critical service crash,the logic is hard coded into edxp core now.You should try find another approach.

rhjdvsgsgks commented 3 years ago

Because of its nature that hook webview will cause critical service crash,the logic is hard coded into edxp core now.You should try find another approach.

I'm trying to do some native hook for a application, cause of xposed don't support that, i had to load a external library to do that, and there's some limit of Android about system.load(path) , so i decide to hook nativeload and load my library after original library. if you know that please tell me any approach to load library from a xposed module on Android 9-10

yujincheng08 commented 3 years ago

@rhjdvsgsgks edxp is planning to provide dobby for nativehook. This will be implemented by providing libsearchpath of the pathclassloader. I don't have time to test it. If you are interested in it, you can try this and fire a pr.

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

neervanbiqs commented 2 years ago

Because of its nature that hook webview will cause critical service crash,the logic is hard coded into edxp core now.You should try find another approach.

I'm trying to do some native hook for a application, cause of xposed don't support that, i had to load a external library to do that, and there's some limit of Android about system.load(path) , so i decide to hook nativeload and load my library after original library. if you know that please tell me any approach to load library from a xposed module on Android 9-10

Have you found a solution?