search

PAGalaxyLab / YAHFA

Yet Another Hook Framework for ART
GNU General Public License v3.0
1.56k stars 350 forks source link

API 29 Cause: null pointer dereference #129

Open thelittlefireman opened 4 years ago

thelittlefireman commented 4 years ago

Sometime i got some native error :

*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2020-05-06 13:57:26.955 6561-6561/? A/DEBUG: Build fingerprint: 'Android/sdk_gphone_x86_64/generic_x86_64:8.0.0/OSR1.180418.019/5598391:userdebug/dev-keys'
2020-05-06 13:57:26.955 6561-6561/? A/DEBUG: Revision: '0'
2020-05-06 13:57:26.955 6561-6561/? A/DEBUG: ABI: 'x86_64'
2020-05-06 13:57:26.955 6561-6561/? A/DEBUG: pid: 1660, tid: 2639, name: Binder:1660_B  >>> system_server <<<
2020-05-06 13:57:26.956 6561-6561/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x3b0
2020-05-06 13:57:26.956 6561-6561/? A/DEBUG: Cause: null pointer dereference
2020-05-06 13:57:26.956 6561-6561/? A/DEBUG:     rax 0000000000000001  rbx 0000000012db9330  rcx 0000000000000000  rdx 0000000000000002
2020-05-06 13:57:26.956 6561-6561/? A/DEBUG:     rsi 0000000012db9380  rdi 0000000000000000
2020-05-06 13:57:26.956 6561-6561/? A/DEBUG:     r8  0000000012db9380  r9  0000000000000010  r10 00007c87d65fb8e0  r11 0000000000000029
2020-05-06 13:57:26.956 6561-6561/? A/DEBUG:     r12 000000006ff57c60  r13 0000000012db9380  r14 0000000000000010  r15 00007c87d65fd2c0
2020-05-06 13:57:26.956 6561-6561/? A/DEBUG:     cs  0000000000000033  ss  000000000000002b
2020-05-06 13:57:26.956 6561-6561/? A/DEBUG:     rip 0000000071a65036  rbp 0000000000000001  rsp 00007c87d65fc4e0  eflags 0000000000010246
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG: backtrace:
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #00 pc 00000000005e7036  /system/framework/x86_64/boot-framework.oat (offset 0x5e6000) (android.os.Binder.execTransact+1350)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #01 pc 00000000005c9f56  /system/lib64/libart.so (art_quick_invoke_static_stub+806)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #02 pc 000000000014366d  /system/lib64/libart.so (_ZN3art9ArtMethod6InvokeEPNS_6ThreadEPjjPNS_6JValueEPKc+253)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #03 pc 000000000030c3fa  /system/lib64/libart.so (_ZN3art11interpreter34ArtInterpreterToCompiledCodeBridgeEPNS_6ThreadEPNS_9ArtMethodEPKNS_7DexFile8CodeItemEPNS_11ShadowFrameEPNS_6JValueE+330)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #04 pc 00000000003072b1  /system/lib64/libart.so (_ZN3art11interpreter6DoCallILb1ELb0EEEbPNS_9ArtMethodEPNS_6ThreadERNS_11ShadowFrameEPKNS_11InstructionEtPNS_6JValueE+849)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #05 pc 00000000005b2934  /system/lib64/libart.so (MterpInvokeStaticRange+420)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #06 pc 00000000005ba119  /system/lib64/libart.so (artMterpAsmInstructionStart+15257)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #07 pc 00000000002e477a  /system/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadEPKNS_7DexFile8CodeItemERNS_11ShadowFrameENS_6JValueEb+474)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #08 pc 00000000005a1705  /system/lib64/libart.so (artQuickToInterpreterBridge+1365)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #09 pc 00000000005d421c  /system/lib64/libart.so (art_quick_to_interpreter_bridge+140)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #10 pc 00000000005c9bf4  /system/lib64/libart.so (art_quick_invoke_stub+756)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #11 pc 0000000000143647  /system/lib64/libart.so (_ZN3art9ArtMethod6InvokeEPNS_6ThreadEPjjPNS_6JValueEPKc+215)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #12 pc 00000000004e3a36  /system/lib64/libart.so (_ZN3artL18InvokeWithArgArrayERKNS_33ScopedObjectAccessAlreadyRunnableEPNS_9ArtMethodEPNS_8ArgArrayEPNS_6JValueEPKc+86)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #13 pc 00000000004e5315  /system/lib64/libart.so (_ZN3art35InvokeVirtualOrInterfaceWithVarArgsERKNS_33ScopedObjectAccessAlreadyRunnableEP8_jobjectP10_jmethodIDP13__va_list_tag+453)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #14 pc 00000000003b4ddd  /system/lib64/libart.so (_ZN3art3JNI18CallBooleanMethodVEP7_JNIEnvP8_jobjectP10_jmethodIDP13__va_list_tag+781)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #15 pc 0000000000177400  /system/lib64/libart.so (_ZN3art8CheckJNI11CallMethodVEPKcP7_JNIEnvP8_jobjectP7_jclassP10_jmethodIDP13__va_list_tagNS_9Primitive4TypeENS_10InvokeTypeE+1232)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #16 pc 0000000000165a24  /system/lib64/libart.so (_ZN3art8CheckJNI18CallBooleanMethodVEP7_JNIEnvP8_jobjectP10_jmethodIDP13__va_list_tag+36)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #17 pc 00000000000c978d  /system/lib64/libandroid_runtime.so (_ZN7_JNIEnv17CallBooleanMethodEP8_jobjectP10_jmethodIDz+157)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #18 pc 0000000000128805  /system/lib64/libandroid_runtime.so (_ZN11JavaBBinder10onTransactEjRKN7android6ParcelEPS1_j+149)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #19 pc 00000000000635fe  /system/lib64/libbinder.so (_ZN7android7BBinder8transactEjRKNS_6ParcelEPS1_j+94)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #20 pc 000000000006ffcc  /system/lib64/libbinder.so (_ZN7android14IPCThreadState14executeCommandEi+556)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #21 pc 000000000006fcec  /system/lib64/libbinder.so (_ZN7android14IPCThreadState20getAndExecuteCommandEv+156)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #22 pc 000000000007036f  /system/lib64/libbinder.so (_ZN7android14IPCThreadState14joinThreadPoolEb+63)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #23 pc 0000000000096977  /system/lib64/libbinder.so (_ZN7android10PoolThread10threadLoopEv+23)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #24 pc 0000000000011940  /system/lib64/libutils.so (_ZN7android6Thread11_threadLoopEPv+304)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #25 pc 00000000000c46d3  /system/lib64/libandroid_runtime.so (_ZN7android14AndroidRuntime15javaThreadShellEPv+131)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #26 pc 000000000007706b  /system/lib64/libc.so (_ZL15__pthread_startPv+27)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #27 pc 0000000000028aad  /system/lib64/libc.so (__start_thread+61)
2020-05-06 13:57:27.155 6561-6561/? A/DEBUG:     #28 pc 0000000000027515  /system/lib64/libc.so (__bionic_clone+53)
rk700 commented 4 years ago

Any way to reproduce?