search

LSPosed / LSPlant

A hook framework for Android Runtime (ART)
https://lsposed.org/LSPlant/
GNU Lesser General Public License v3.0
876 stars 213 forks source link

Debug Fatal signal 4 (SIGILL), code 1 (ILL_ILLOPC) on Android 13 (RealmeGT 2 Pro) #36

Closed damadai closed 1 year ago

damadai commented 1 year ago

My Reproduction steps: The first time the application is opened, the hook is successful and taps on the blank screen are normal. After killing the app and opening it again, the hook succeeds, but when i click on the blank screen and leave it for a minute or so, it suddenly crashes.

The test is for the latest Dec 25 code, please point me in the right direction, thanks!

2022-12-23 16:00:41.132 27001-27001/com.demo.thook A/libc: Fatal signal 4 (SIGILL), code 1 (ILL_ILLOPC), fault addr 0x717832f024 in tid 27001 (om.demo.thook), pid 27001 (om.demo.thook)
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Process name is com.demo.thook, not key_process
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: keyProcess: 0
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Build fingerprint: 'realme/RMX3300/RE547F:13/SKQ1.220617.001/S.c61e13-1-458dc:user/release-keys'
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Revision: '0'
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: ABI: 'arm64'
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Timestamp: 2022-12-23 16:00:41.188651293+0800
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Process uptime: 43s
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Cmdline: com.demo.thook
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: pid: 27001, tid: 27001, name: om.demo.thook  >>> com.demo.thook <<<
2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: uid: 10365
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: tagged_addr_ctrl: 0000000000000001 (PR_TAGGED_ADDR_ENABLE)
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: pac_enabled_keys: 000000000000000f (PR_PAC_APIAKEY, PR_PAC_APIBKEY, PR_PAC_APDAKEY, PR_PAC_APDBKEY)
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: signal 4 (SIGILL), code 1 (ILL_ILLOPC), fault addr 0x000000717832f024
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG:     x0  b400007184430020  x1  0000007fd374e930  x2  0000000000000000  x3  2f4f626a6563743b
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG:     x4  3b7463656a624f2f  x5  2f4f626a6563743b  x6  3b7463656a624f2f  x7  7f7f7f7f7f7f7f7f
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG:     x8  0000007fd374e930  x9  000000717fecd000  x10 0000000000000000  x11 000000000000000c
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     x12 0000000000000010  x13 0000000000000003  x14 0000007180247844  x15 0000000000000007
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     x16 0000007182ca3360  x17 000000721275dec0  x18 0000007227ee4000  x19 00000000700f2ca8
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     x20 0000007226fef000  x21 00000071806041e8  x22 0000007fd374e900  x23 0000007226fef000
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     x24 0000007180815000  x25 b400007184410800  x26 0000007180816000  x27 0000007226fef000
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     x28 000000005c000000  x29 0000007fd374e940
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     lr  000000718025e030  sp  0000007fd374e8f0  pc  000000717832f024  pst 0000000060001000
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG: backtrace:
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #00 pc 0000000000000024  <anonymous:717832f000>
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #01 pc 000000000045e02c  /apex/com.android.art/lib64/libart.so (art::jni::JniIdManager::EncodeMethodId(art::ArtMethod*)+108) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #02 pc 00000000004cd1c4  /apex/com.android.art/lib64/libart.so (art::JNI<true>::GetMethodID(_JNIEnv*, _jclass*, char const*, char const*)+636) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #03 pc 00000000004490c4  /apex/com.android.art/lib64/libart.so (art::(anonymous namespace)::CheckJNI::GetMethodIDInternal(char const*, _JNIEnv*, _jclass*, char const*, char const*, bool)+680) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #04 pc 000000000012e9e0  /system/lib64/libandroid_runtime.so (android::NativeInputEventReceiver::consumeEvents(_JNIEnv*, bool, long, bool*)+468) (BuildId: 39023390ba25abcc16f4d8ad93112d56)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #05 pc 000000000012e6e4  /system/lib64/libandroid_runtime.so (android::NativeInputEventReceiver::handleEvent(int, int, void*)+268) (BuildId: 39023390ba25abcc16f4d8ad93112d56)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #06 pc 0000000000018024  /system/lib64/libutils.so (android::Looper::pollInner(int)+1064) (BuildId: c6b04c835ef7be0565ae9fb9535f8ad7)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #07 pc 0000000000017b98  /system/lib64/libutils.so (android::Looper::pollOnce(int, int*, int*, void**)+116) (BuildId: c6b04c835ef7be0565ae9fb9535f8ad7)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #08 pc 00000000001655a8  /system/lib64/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce(_JNIEnv*, _jobject*, long, int)+48) (BuildId: 39023390ba25abcc16f4d8ad93112d56)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #09 pc 00000000001d1094  /system/framework/arm64/boot-framework.oat (art_jni_trampoline+116) (BuildId: a20cbdd7b6fcc1874a3f964d32b8043ece204a32)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #10 pc 000000000020a910  /apex/com.android.art/lib64/libart.so (nterp_helper+5648) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #11 pc 00000000001f3b22  /system/framework/framework.jar (android.os.MessageQueue.next+34)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #12 pc 000000000020a254  /apex/com.android.art/lib64/libart.so (nterp_helper+3924) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #13 pc 00000000001f2a04  /system/framework/framework.jar (android.os.Looper.loopOnce+12)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #14 pc 0000000000209334  /apex/com.android.art/lib64/libart.so (nterp_helper+52) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #15 pc 00000000001f32fe  /system/framework/framework.jar (android.os.Looper.loop+190)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #16 pc 0000000000209334  /apex/com.android.art/lib64/libart.so (nterp_helper+52) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #17 pc 00000000001ca72a  /system/framework/framework.jar (android.app.ActivityThread.main+262)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #18 pc 0000000000210c00  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+576) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #19 pc 000000000027b4ac  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+240) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #20 pc 000000000061042c  /apex/com.android.art/lib64/libart.so (_jobject* art::InvokeMethod<(art::PointerSize)8>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1400) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #21 pc 000000000058ff48  /apex/com.android.art/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #22 pc 00000000000a1148  /system/framework/arm64/boot.oat (art_jni_trampoline+120) (BuildId: 64b90e1946c4040a8fdd4e07387e0466a7c65f75)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #23 pc 000000000020a2b0  /apex/com.android.art/lib64/libart.so (nterp_helper+4016) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #24 pc 0000000000417a0e  /system/framework/framework.jar (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+22)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #25 pc 000000000087ede4  /system/framework/arm64/boot-framework.oat (com.android.internal.os.ZygoteInit.main+4212) (BuildId: a20cbdd7b6fcc1874a3f964d32b8043ece204a32)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #26 pc 0000000000210c00  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+576) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #27 pc 000000000027b4ac  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+240) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #28 pc 0000000000610bb4  /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+452) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #29 pc 00000000006110a0  /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+96) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #30 pc 00000000004faaa8  /apex/com.android.art/lib64/libart.so (art::JNI<true>::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+600) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #31 pc 00000000000c0c04  /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+124) (BuildId: 39023390ba25abcc16f4d8ad93112d56)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #32 pc 00000000000cd228  /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+936) (BuildId: 39023390ba25abcc16f4d8ad93112d56)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #33 pc 0000000000002610  /system/bin/app_process64 (main+1464) (BuildId: 8198beb2d5e7f73418c12a4f1374ff9b)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #34 pc 0000000000075c7c  /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+100) (BuildId: 59222d1015276d9a9031ee1ea28c0bcd)
2022-12-23 16:00:41.132 27001-27001/com.demo.thook A/libc: Fatal signal 4 (SIGILL), code 1 (ILL_ILLOPC), fault addr 0x717832f024 in tid 27001 (om.demo.thook), pid 27001 (om.demo.thook)
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Process name is com.demo.thook, not key_process
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: keyProcess: 0
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Build fingerprint: 'realme/RMX3300/RE547F:13/SKQ1.220617.001/S.c61e13-1-458dc:user/release-keys'
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Revision: '0'
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: ABI: 'arm64'
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Timestamp: 2022-12-23 16:00:41.188651293+0800
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Process uptime: 43s
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: Cmdline: com.demo.thook
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: pid: 27001, tid: 27001, name: om.demo.thook  >>> com.demo.thook <<<
2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: uid: 10365
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: tagged_addr_ctrl: 0000000000000001 (PR_TAGGED_ADDR_ENABLE)
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: pac_enabled_keys: 000000000000000f (PR_PAC_APIAKEY, PR_PAC_APIBKEY, PR_PAC_APDAKEY, PR_PAC_APDBKEY)
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG: signal 4 (SIGILL), code 1 (ILL_ILLOPC), fault addr 0x000000717832f024
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG:     x0  b400007184430020  x1  0000007fd374e930  x2  0000000000000000  x3  2f4f626a6563743b
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG:     x4  3b7463656a624f2f  x5  2f4f626a6563743b  x6  3b7463656a624f2f  x7  7f7f7f7f7f7f7f7f
        2022-12-23 16:00:41.342 27158-27158/? A/DEBUG:     x8  0000007fd374e930  x9  000000717fecd000  x10 0000000000000000  x11 000000000000000c
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     x12 0000000000000010  x13 0000000000000003  x14 0000007180247844  x15 0000000000000007
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     x16 0000007182ca3360  x17 000000721275dec0  x18 0000007227ee4000  x19 00000000700f2ca8
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     x20 0000007226fef000  x21 00000071806041e8  x22 0000007fd374e900  x23 0000007226fef000
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     x24 0000007180815000  x25 b400007184410800  x26 0000007180816000  x27 0000007226fef000
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     x28 000000005c000000  x29 0000007fd374e940
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:     lr  000000718025e030  sp  0000007fd374e8f0  pc  000000717832f024  pst 0000000060001000
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG: backtrace:
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #00 pc 0000000000000024  <anonymous:717832f000>
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #01 pc 000000000045e02c  /apex/com.android.art/lib64/libart.so (art::jni::JniIdManager::EncodeMethodId(art::ArtMethod*)+108) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #02 pc 00000000004cd1c4  /apex/com.android.art/lib64/libart.so (art::JNI<true>::GetMethodID(_JNIEnv*, _jclass*, char const*, char const*)+636) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #03 pc 00000000004490c4  /apex/com.android.art/lib64/libart.so (art::(anonymous namespace)::CheckJNI::GetMethodIDInternal(char const*, _JNIEnv*, _jclass*, char const*, char const*, bool)+680) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #04 pc 000000000012e9e0  /system/lib64/libandroid_runtime.so (android::NativeInputEventReceiver::consumeEvents(_JNIEnv*, bool, long, bool*)+468) (BuildId: 39023390ba25abcc16f4d8ad93112d56)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #05 pc 000000000012e6e4  /system/lib64/libandroid_runtime.so (android::NativeInputEventReceiver::handleEvent(int, int, void*)+268) (BuildId: 39023390ba25abcc16f4d8ad93112d56)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #06 pc 0000000000018024  /system/lib64/libutils.so (android::Looper::pollInner(int)+1064) (BuildId: c6b04c835ef7be0565ae9fb9535f8ad7)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #07 pc 0000000000017b98  /system/lib64/libutils.so (android::Looper::pollOnce(int, int*, int*, void**)+116) (BuildId: c6b04c835ef7be0565ae9fb9535f8ad7)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #08 pc 00000000001655a8  /system/lib64/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce(_JNIEnv*, _jobject*, long, int)+48) (BuildId: 39023390ba25abcc16f4d8ad93112d56)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #09 pc 00000000001d1094  /system/framework/arm64/boot-framework.oat (art_jni_trampoline+116) (BuildId: a20cbdd7b6fcc1874a3f964d32b8043ece204a32)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #10 pc 000000000020a910  /apex/com.android.art/lib64/libart.so (nterp_helper+5648) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #11 pc 00000000001f3b22  /system/framework/framework.jar (android.os.MessageQueue.next+34)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #12 pc 000000000020a254  /apex/com.android.art/lib64/libart.so (nterp_helper+3924) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #13 pc 00000000001f2a04  /system/framework/framework.jar (android.os.Looper.loopOnce+12)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #14 pc 0000000000209334  /apex/com.android.art/lib64/libart.so (nterp_helper+52) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #15 pc 00000000001f32fe  /system/framework/framework.jar (android.os.Looper.loop+190)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #16 pc 0000000000209334  /apex/com.android.art/lib64/libart.so (nterp_helper+52) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #17 pc 00000000001ca72a  /system/framework/framework.jar (android.app.ActivityThread.main+262)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #18 pc 0000000000210c00  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+576) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #19 pc 000000000027b4ac  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+240) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #20 pc 000000000061042c  /apex/com.android.art/lib64/libart.so (_jobject* art::InvokeMethod<(art::PointerSize)8>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1400) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #21 pc 000000000058ff48  /apex/com.android.art/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #22 pc 00000000000a1148  /system/framework/arm64/boot.oat (art_jni_trampoline+120) (BuildId: 64b90e1946c4040a8fdd4e07387e0466a7c65f75)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #23 pc 000000000020a2b0  /apex/com.android.art/lib64/libart.so (nterp_helper+4016) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #24 pc 0000000000417a0e  /system/framework/framework.jar (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+22)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #25 pc 000000000087ede4  /system/framework/arm64/boot-framework.oat (com.android.internal.os.ZygoteInit.main+4212) (BuildId: a20cbdd7b6fcc1874a3f964d32b8043ece204a32)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #26 pc 0000000000210c00  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+576) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #27 pc 000000000027b4ac  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+240) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #28 pc 0000000000610bb4  /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+452) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #29 pc 00000000006110a0  /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+96) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #30 pc 00000000004faaa8  /apex/com.android.art/lib64/libart.so (art::JNI<true>::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+600) (BuildId: 92658024bf7788a87bc9a27e03d6a499)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #31 pc 00000000000c0c04  /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+124) (BuildId: 39023390ba25abcc16f4d8ad93112d56)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #32 pc 00000000000cd228  /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+936) (BuildId: 39023390ba25abcc16f4d8ad93112d56)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #33 pc 0000000000002610  /system/bin/app_process64 (main+1464) (BuildId: 8198beb2d5e7f73418c12a4f1374ff9b)
        2022-12-23 16:00:41.343 27158-27158/? A/DEBUG:       #34 pc 0000000000075c7c  /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+100) (BuildId: 59222d1015276d9a9031ee1ea28c0bcd)
yujincheng08 commented 1 year ago

You are using the debug version and lsplant thus hooks EncodeMethodId for the debugger. But your native hooker looks broken on hooking EncodeMethodId