signal 4 (SIGILL), code -6 (SI_TKILL) on moto edge s pro android 13

我自己编译了lsplant (release)，做了一个so库加到手机qq的apk里，测试了test里的例子（如下），从日志可以看到hook是成功的。

Method normalMethod = LSPTest.class.getDeclaredMethod("normalMethod", String.class, int.class, long.class);
Method normalMethodReplacement = Replacement.class.getDeclaredMethod("normalMethodReplacement", Hooker.MethodCallback.class);
String a = "test";
int b = 114514;
long c = 1919810L;
String o = a + b + c;
String r = a + b + c + "replace";
LSPTest test = new LSPTest();
Log.e("TAG", "before hook: " + test.normalMethod(a, b, c));

Hooker hooker = Hooker.hook(normalMethod, normalMethodReplacement, new Replacement());
Log.e("TAG", "after hook: " + test.normalMethod(a, b, c));
hooker.unhook();
Log.e("TAG", "after remove hook: " + test.normalMethod(a, b, c));

但打开手q以后什么也不干，过一会儿手q就崩溃了，堆栈如下。

手机是moto edge s pro，android 13。

大佬能不能帮忙看看什么原因？

2023-10-30 20:25:25.719  1063-1063  Zygote                  pid-1063                             I  Process 24756 exited due to signal 9 (Killed)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A  *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A  Build fingerprint: 'motorola/pstar_cmcc/pstar:13/T1RAA33.39-11-2/ef936f-1008e:user/release-keys'
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A  Revision: 'pvt'
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A  ABI: 'arm64'
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A  Timestamp: 2023-10-30 20:25:25.225754869+0800
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A  Process uptime: 12s
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A  Cmdline: com.tencent.mobileqq
2023-10-30 20:25:25.720  1799-1891  libprocessgroup         pid-1799                             I  Successfully killed process cgroup uid 10326 pid 24756 in 0ms
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A  pid: 26628, tid: 26662, name: QQ_SUB  >>> com.tencent.mobileqq <<<
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A  uid: 10402
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A  signal 4 (SIGILL), code -6 (SI_TKILL), fault addr --------
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A      x0  000000706b0f1ecc  x1  0000000000000004  x2  0000000000000000  x3  000000706b0f1ecc
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A      x4  0000000015552360  x5  000000706b0f1ee8  x6  00000070791b15bc  x7  0000000015672388
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A      x8  000000000004b703  x9  0000007105b92070  x10 0000000000000070  x11 0000000000000001
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A      x12 003d2814531dbc9b  x13 0000000000000001  x14 000000706b0f1d78  x15 000000710a8d8f90
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A      x16 0000000000000001  x17 00000b1916991675  x18 000000706a958000  x19 00000070791b15bc
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A      x20 000000706b0f1ecc  x21 00000071c20745d0  x22 0000000015552360  x23 b4000071f2066980
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A      x24 0000000012dc0d20  x25 000000706b0f3000  x26 0000000000000001  x27 00000071c20745d0
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A      x28 00000070791b15bc  x29 000000706b0f1db0
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A      lr  000000710abce94c  sp  000000706b0f1da0  pc  0000007102d89030  pst 0000000040001000
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A  backtrace:
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #00 pc 0000000000000030  <anonymous:7102d89000>
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #01 pc 00000000003ce948  /apex/com.android.art/lib64/libart.so (art::ClassLinker::SetupClass(art::DexFile const&, art::dex::ClassDef const&, art::Handle<art::mirror::Class>, art::ObjPtr<art::mirror::ClassLoader>)+336) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #02 pc 00000000003cc498  /apex/com.android.art/lib64/libart.so (art::ClassLinker::DefineClass(art::Thread*, char const*, unsigned long, art::Handle<art::mirror::ClassLoader>, art::DexFile const&, art::dex::ClassDef const&)+1200) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #03 pc 00000000003c9b28  /apex/com.android.art/lib64/libart.so (art::ClassLinker::FindClassInBaseDexClassLoader(art::ScopedObjectAccessAlreadyRunnable&, art::Thread*, char const*, unsigned long, art::Handle<art::mirror::ClassLoader>, art::ObjPtr<art::mirror::Class>*)+1124) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #04 pc 00000000003c58d8  /apex/com.android.art/lib64/libart.so (art::ClassLinker::FindClass(art::Thread*, char const*, art::Handle<art::mirror::ClassLoader>)+1052) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #05 pc 00000000003b7144  /apex/com.android.art/lib64/libart.so (art::ClassLinker::DoResolveType(art::dex::TypeIndex, art::Handle<art::mirror::DexCache>, art::Handle<art::mirror::ClassLoader>)+156) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #06 pc 00000000003add18  /apex/com.android.art/lib64/libart.so (NterpGetStaticField+2596) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #07 pc 000000000020f180  /apex/com.android.art/lib64/libart.so (nterp_get_static_field+48) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #08 pc 0000000000208f44  /apex/com.android.art/lib64/libart.so (nterp_op_sget_object_slow_path+20) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #09 pc 0000000003bc1f84  /data/app/~~RUIND5RDG7gSOPq3hxxISg==/com.tencent.mobileqq-Nd3T46ZS_-VsHeNvssD2kg==/oat/arm64/base.vdex (com.tencent.mobileqq.startup.monitor.NtStartupMonitor$onColdEnd$1.run+544)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #10 pc 000000000050bfac  /data/app/~~RUIND5RDG7gSOPq3hxxISg==/com.tencent.mobileqq-Nd3T46ZS_-VsHeNvssD2kg==/oat/arm64/base.odex (mqq.os.MqqHandler.dispatchMessage+172)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #11 pc 00000000004bb4b4  /data/app/~~RUIND5RDG7gSOPq3hxxISg==/com.tencent.mobileqq-Nd3T46ZS_-VsHeNvssD2kg==/oat/arm64/base.odex (mqq.os.MqqHandler$NativeHandler.dispatchMessage+68)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #12 pc 000000000201f2c0  /memfd:jit-cache (deleted) (android.os.Looper.loopOnce+2496)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #13 pc 000000000056ac90  /system/framework/arm64/boot-framework.oat (android.os.Looper.loop+576) (BuildId: a5d6d160516d322e4161117049e2b5ce9118543c)
2023-10-30 20:25:25.720 26922-26922 DEBUG                   pid-26922                            A        #14 pc 0000000000569e14  /system/framework/arm64/boot-framework.oat (android.os.HandlerThread.run+436) (BuildId: a5d6d160516d322e4161117049e2b5ce9118543c)
2023-10-30 20:25:25.721 26922-26922 DEBUG                   pid-26922                            A        #15 pc 0000000000457b6c  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+556) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.721 26922-26922 DEBUG                   pid-26922                            A        #16 pc 0000000000484e54  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+156) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.721 26922-26922 DEBUG                   pid-26922                            A        #17 pc 0000000000484b20  /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithJValues<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, jvalue const*)+400) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.721 26922-26922 DEBUG                   pid-26922                            A        #18 pc 00000000005ce334  /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1684) (BuildId: 289d75599f6112d5757113220599e90b)
2023-10-30 20:25:25.721 26922-26922 DEBUG                   pid-26922                            A        #19 pc 00000000000ba598  /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+208) (BuildId: a6dff06a8692e32fa3d76a20ab123774)
2023-10-30 20:25:25.721 26922-26922 DEBUG                   pid-26922                            A        #20 pc 0000000000053f3c  /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+68) (BuildId: a6dff06a8692e32fa3d76a20ab123774)
2023-10-30 20:25:25.748   916-916   tombstoned              pid-916                              E  Tombstone written to: tombstone_25
2023-10-30 20:25:25.751  1799-26931 DropBoxManagerService   pid-1799                             I  add tag=data_app_native_crash isTagEnabled=true flags=0x2

LSPosed / LSPlant

signal 4 (SIGILL), code -6 (SI_TKILL) on moto edge s pro android 13 #54