Pixel6安卓12注入Crash

2024-07-01 20:59:29.103 12000-12000 Poros_Tag 2024-07-01 20:59:29.128 12000-12028 namic.integrit 2024-07-01 20:59:29.141 12000-12028 libc 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG 2024-07-01 20:59:29.272 12035-12035 DEBUG pid-12000 E DoInjection!! pid-12000 E Attempt to load writable dex file: /data/data/com.dynamic.integrity/xposed_injection/classes.dex pid-12000 A Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0 in tid 12028 (Thread-2), pid 12000 (namic.integrity) crash_dump64 A crash_dump64 A Build fingerprint: 'google/oriole/oriole:12/SP2A.220305.013.A3/8229987:user/release-keys' crash_dump64 A Revision: 'MP1.0' crash_dump64 A ABI: 'arm64' crash_dump64 A Timestamp: 2024-07-01 20:59:29.173425672+0800 crash_dump64 A Process uptime: 0s crash_dump64 A Cmdline: com.dynamic.integrity crash_dump64 A pid: 12000, tid: 12028, name: Thread-2 >>> com.dynamic.integrity <<< crash_dump64 A uid: 10225 crash_dump64 A tagged_addr_ctrl: 0000000000000001 crash_dump64 A signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0 crash_dump64 A Cause: null pointer dereference crash_dump64 A x0 b400007aa21912f0 x1 0000000000000000 x2 0000000000000010 x3 000000796cc06e78 crash_dump64 A x4 0000000000000001 x5 0000000000000004 x6 0000000000000507 x7 6c35737160324d59 crash_dump64 A x8 000000796c705eac x9 0000000000000001 x10 0000000000000002 x11 00000000b21cdc78 crash_dump64 A x12 0000ffff00000eff x13 00000000c0c9ccd9 x14 00000000007718b6 x15 000006dab8a14f14 crash_dump64 A x16 000000796c737bb8 x17 000000796c6ff878 x18 000000796bd22000 x19 0000000000000001 crash_dump64 A x20 0000000000000000 x21 000000796cc06e78 x22 0000000000000000 x23 0000000000000010 crash_dump64 A x24 0000000014000000 x25 0000000036000000 x26 0000000034000000 x27 0000000018000000 crash_dump64 A x28 0000000010000000 x29 000000796cc06dd0 crash_dump64 A lr 000000796c70659c sp 000000796cc06dd0 pc 000000796c705ef4 pst 0000000020001000 crash_dump64 A backtrace: crash_dump64 A #00 pc 000000000005fef4 /data/data/com.dynamic.integrity/xposed_injection/arm64/libsandhook.so (SandHook::Decoder::Arm64Decoder::Disassemble(void, unsigned long, SandHook::Decoder::InstVisitor&, bool)+72) (BuildId: b362d0eab572205a4738ffc63402013571414f60) crash_dump64 A #01 pc 0000000000060598 /data/data/com.dynamic.integrity/xposed_injection/arm64/libsandhook.so (SandHook::Asm::CodeRelocateA64::Relocate(void, unsigned long, void)+112) (BuildId: b362d0eab572205a4738ffc63402013571414f60) crash_dump64 A #02 pc 00000000000611ec /data/data/com.dynamic.integrity/xposed_injection/arm64/libsandhook.so (SandHook::Hook::InlineHookArm64Android::Hook(void, void)+248) (BuildId: b362d0eab572205a4738ffc63402013571414f60) crash_dump64 A #03 pc 00000000000557f0 /data/data/com.dynamic.integrity/xposed_injection/arm64/libsandhook.so (initHideApi+648) (BuildId: b362d0eab572205a4738ffc63402013571414f60) crash_dump64 A #04 pc 0000000000052fe4 /data/data/com.dynamic.integrity/xposed_injection/arm64/libsandhook.so (Java_com_swift_sandhook_SandHook_initNative+56) (BuildId: b362d0eab572205a4738ffc63402013571414f60) crash_dump64 A #05 pc 0000000000351e30 /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #06 pc 00000000005b8b18 /apex/com.android.art/lib64/libart.so (nterp_helper+152) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #07 pc 00000000000a815e /data/data/com.dynamic.integrity/xposed_injection/classes.dex (com.swift.sandhook.SandHook.init+26) crash_dump64 A #08 pc 00000000005b8b18 /apex/com.android.art/lib64/libart.so (nterp_helper+152) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #09 pc 00000000000a861a /data/data/com.dynamic.integrity/xposed_injection/classes.dex (com.swift.sandhook.SandHook.+38) crash_dump64 A #10 pc 000000000033b680 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #11 pc 000000000024dc38 /apex/com.android.art/lib64/libart.so (art::ClassLinker::InitializeClass(art::Thread, art::Handle, bool, bool)+3328) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #12 pc 00000000002e5ed4 /apex/com.android.art/lib64/libart.so (artQuickResolutionTrampoline+2196) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #13 pc 0000000000351cb8 /apex/com.android.art/lib64/libart.so (art_quick_resolution_trampoline+88) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #14 pc 00000000005b8b18 /apex/com.android.art/lib64/libart.so (nterp_helper+152) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #15 pc 00000000000e4320 /data/data/com.dynamic.integrity/xposed_injection/classes.dex (com.wind.xposed.entry.SandHookInitialization.sandHookCompat+0) crash_dump64 A #16 pc 000000000033b680 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #17 pc 00000000005117dc /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall(art::ArtMethod, art::Thread, art::ShadowFrame&, art::Instruction const, unsigned short, bool, art::JValue)+2364) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #18 pc 0000000000491434 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp(art::interpreter::SwitchImplContext)+1892) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #19 pc 00000000003545d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #20 pc 00000000000e42bc /data/data/com.dynamic.integrity/xposed_injection/classes.dex (com.wind.xposed.entry.SandHookInitialization.init+0) crash_dump64 A #21 pc 000000000036e6ec /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.uniq.112435418011751916792819755956732575238.llvm.9545667076320299271)+232) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #22 pc 000000000036dfe4 /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+964) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #23 pc 0000000000351f68 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #24 pc 00000000005b8b18 /apex/com.android.art/lib64/libart.so (nterp_helper+152) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #25 pc 00000000000e4d22 /data/data/com.dynamic.integrity/xposed_injection/classes.dex (com.wind.xposed.entry.XposedModuleEntry.init+30) crash_dump64 A #26 pc 000000000033b680 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #27 pc 000000000037cb18 /apex/com.android.art/lib64/libart.so (_jobject art::InvokeMethod<(art::PointerSize)8>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject, _jobject, _jobject, unsigned long)+1556) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #28 pc 000000000037c4f4 /apex/com.android.art/lib64/libart.so (art::Method_invoke(_JNIEnv, _jobject, _jobject, _jobjectArray) (.uniq.165753521025965369065708152063621506277)+32) (BuildId: ddcc440d4609d2099db9d20895487a78) crash_dump64 A #29 pc 0000000000363f88 /data/misc/apexdata/com.android.art/dalvik-cache/arm64/boot.oat (art_jni_trampoline+120)

WindySha / Poros

Pixel6安卓12注入Crash #3