search

zhkl0228 / unidbg

Allows you to emulate an Android native library, and an experimental iOS emulation
Apache License 2.0
3.93k stars 972 forks source link

程序调用jni方法时触发java.lang.UnsupportedOperationException,大佬们帮忙看下咋回事! #274

Open juedi998 opened 3 years ago

juedi998 commented 3 years ago

大佬们求助啊,本菜在调用jni函数时看到了一堆的异常,修补完了一个又来一个,然后现在这个异常由于本菜经验尚浅实在看不出是什么情况触发的异常,有知道的大佬麻烦告知下原因以及解决方案,感谢!!! 程序执行结果如下:

JNIEnv->FindClass(java/lang/Boolean) was called from RX@0x4009765d[libmain.so]0x9765d JNIEnv->FindClass(java/lang/Integer) was called from RX@0x40097677[libmain.so]0x97677 JNIEnv->FindClass(java/lang/String) was called from RX@0x40097691[libmain.so]0x97691 JNIEnv->FindClass(com/taobao/wireless/security/adapter/common/HttpUtil) was called from RX@0x4008955f[libmain.so]0x8955f JNIEnv->FindClass(com/taobao/wireless/security/adapter/umid/UmidAdapter) was called from RX@0x40089e9f[libmain.so]0x89e9f JNIEnv->FindClass(android/content/Context) was called from RX@0x40089bad[libmain.so]0x89bad JNIEnv->FindClass(com/taobao/wireless/security/adapter/JNICLibrary) was called from RX@0x4000e2af[libmain.so]0xe2af JNIEnv->FindClass(com/taobao/wireless/security/adapter/common/SPUtility2) was called from RX@0x4008831f[libmain.so]0x8831f JNIEnv->FindClass(com/taobao/wireless/security/adapter/datacollection/DeviceInfoCapturer) was called from RX@0x40014f9b[libmain.so]0x14f9b JNIEnv->FindClass(com/taobao/wireless/security/adapter/datareport/DataReportJniBridge) was called from RX@0x40032ae9[libmain.so]0x32ae9 JNIEnv->FindClass(com/taobao/wireless/security/adapter/datareport/DataReportJniBridge) was called from RX@0x4003aaf3[libmain.so]0x3aaf3 JNIEnv->FindClass(java/util/HashMap) was called from RX@0x4003ac2d[libmain.so]0x3ac2d JNIEnv->FindClass(com/taobao/wireless/security/adapter/datareport/DataReportJniBridge) was called from RX@0x4003c463[libmain.so]0x3c463 JNIEnv->FindClass(android/content/Context) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/content/pm/PackageManager) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/content/pm/PackageInfo) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/content/pm/ApplicationInfo) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/provider/Settings$Secure) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(java/util/List) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/net/wifi/WifiConfiguration) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/net/wifi/WifiManager) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/net/DhcpInfo) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(com/taobao/dp/util/ZipUtils) was called from RX@0x4004db37[libmain.so]0x4db37 JNIEnv->FindClass(com/taobao/dp/util/CallbackHelper) was called from RX@0x4004db7b[libmain.so]0x4db7b JNIEnv->FindClass(android/content/Context) was called from RX@0x4004dc97[libmain.so]0x4dc97 JNIEnv->FindClass(android/content/pm/PackageManager) was called from RX@0x4004dccb[libmain.so]0x4dccb JNIEnv->FindClass(android/content/pm/PackageInfo) was called from RX@0x4004dd01[libmain.so]0x4dd01 JNIEnv->FindClass(android/content/pm/ApplicationInfo) was called from RX@0x4004dd69[libmain.so]0x4dd69 JNIEnv->FindClass(android/os/Environment) was called from RX@0x4004f461[libmain.so]0x4f461 JNIEnv->FindClass(java/io/File) was called from RX@0x4004f4a7[libmain.so]0x4f4a7 JNIEnv->FindClass(android/content/Context) was called from RX@0x4004f4ed[libmain.so]0x4f4ed JNIEnv->FindClass(com/alibaba/wireless/security/open/umid/UMIDComponent) was called from RX@0x4004dfb7[libmain.so]0x4dfb7 JNIEnv->FindClass(com/alibaba/wireless/security/open/edgecomputing/ECMiscInfo) was called from RX@0x400722c5[libmain.so]0x722c5 JNIEnv->FindClass(com/alibaba/wireless/security/framework/utils/UserTrackMethodJniBridge) was called from RX@0x4003f643[libmain.so]0x3f643 JNIEnv->RegisterNatives(com/taobao/wireless/security/adapter/JNICLibrary, unidbg@0xbffff6d8, 1) was called from RX@0x4000e8c5[libmain.so]0xe8c5 RegisterNative(com/taobao/wireless/security/adapter/JNICLibrary, doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object;, RX@0x4000e60d[libmain.so]0xe60d) JNIEnv->FindClass(java/lang/Integer) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/lang/Float) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/lang/String) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass([B) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/util/HashMap) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/util/Set) was called from RX@0x40098e4f[libmain.so]0x98e4f Find native function Java_com_taobao_wireless_security_adapter_JNICLibrary_doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object; => RX@0x4000e60d[libmain.so]0xe60d JNIEnv->GetObjectArrayElement([android.content.Context@6a38e57f, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 0) was called from RX@0x4000eb5d[libmain.so]0xeb5d JNIEnv->GetObjectArrayElement([android.content.Context@6a38e57f, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 1) was called from RX@0x40098b55[libmain.so]0x98b55 JNIEnv->CallIntMethod(java/lang/Integer, intValue()I => 0x3) was called from RX@0x4000eb8b[libmain.so]0xeb8b JNIEnv->CallObjectMethod(android/content/Context, getPackageCodePath()Ljava/lang/String; => "unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk") was called from RX@0x4000ebc9[libmain.so]0xebc9 JNIEnv->GetStringUtfChars("unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk") was called from RX@0x400978b9[libmain.so]0x978b9 JNIEnv->ReleaseStringUTFChars("unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk") was called from RX@0x40097903[libmain.so]0x97903 JNIEnv->CallObjectMethod(android/content/Context, getFilesDir()Ljava/io/File; => java.io.File@4ac68d3e) was called from RX@0x4000f61f[libmain.so]0xf61f JNIEnv->CallObjectMethod(java/io/File, getAbsolutePath()Ljava/lang/String; => "E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x4000f6e7[libmain.so]0xf6e7 JNIEnv->GetStringUtfChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x400978b9[libmain.so]0x978b9 JNIEnv->ReleaseStringUTFChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x40097903[libmain.so]0x97903 JNIEnv->CallObjectMethod(android/content/Context, getApplicationInfo()Landroid/content/pm/ApplicationInfo; => android.content.pm.ApplicationInfo@6073f712) was called from RX@0x4000f93f[libmain.so]0xf93f JNIEnv->GetObjectField(android.content.pm.ApplicationInfo@6073f712, nativeLibraryDir Ljava/lang/String; => "E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x4000fa9f[libmain.so]0xfa9f JNIEnv->GetStringUtfChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x400978b9[libmain.so]0x978b9 JNIEnv->ReleaseStringUTFChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x40097903[libmain.so]0x97903 JNIEnv->GetObjectArrayElement([android.content.Context@6a38e57f, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 2) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement([android.content.Context@6a38e57f, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 3) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("E:\data\user\0\com.taobao.taobao\app_SGLib") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("E:\data\user\0\com.taobao.taobao\app_SGLib") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement([android.content.Context@6a38e57f, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 4) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("") was called from RX@0x40097941[libmain.so]0x97941 [10:03:58 122] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x4029bdd0, thread_id=1, fn=RX@0x40038329[libmain.so]0x38329, arg=null, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [10:03:58 176] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1038) - stat64 pathname=unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk, LR=RX@0x4000d831[libmain.so]0xd831 [10:03:58 177] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:936) - access pathname=E:\fengwork\taozhibo\taobao\unidbg\target/storage/com.taobao.maindex, mode=0 [10:03:58 191] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x40399dd0, thread_id=2, fn=RX@0x40032679[libmain.so]0x32679, arg=unidbg@0x805bf38, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [10:03:58 197] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x40497dd0, thread_id=3, fn=RX@0x40032679[libmain.so]0x32679, arg=unidbg@0x805bf38, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [10:03:58 201] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x40595dd0, thread_id=4, fn=RX@0x40032679[libmain.so]0x32679, arg=unidbg@0x805bf38, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [10:03:58 316] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1038) - stat64 pathname=E:/fengwork/taozhibo/taobao/unidbg/target/JX0WDG83P1ZN.txt, LR=RX@0x400a5eb1[libmain.so]0xa5eb1 [10:03:58 318] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 JNIEnv->CallStaticVoidMethod(class com/alibaba/wireless/security/open/edgecomputing/ECMiscInfo, registerAppLifeCyCleCallBack()V) was called from RX@0x40072f0f[libmain.so]0x72f0f registerAppLifeCyCleCallBack [10:03:58 334] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/sec, oflags=0x24000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 [10:03:58 350] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=/data/misc/zoneinfo/tzdata, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 [10:03:58 390] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:936) - access pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/lvmreport, mode=0 JNIEnv->CallStaticIntMethod(class com/alibaba/wireless/security/framework/utils/UserTrackMethodJniBridge, utAvaiable()I) was called from RX@0x4003f0c9[libmain.so]0x3f0c9 JNIEnv->FindClass(com/uc/crashsdk/JNIBridge) was called from RX@0x4005a233[libmain.so]0x5a233 JNIEnv->NewStringUTF("sgCallBackUniqueKey") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->CallStaticIntMethod(class com/uc/crashsdk/JNIBridge, registerInfoCallback(Ljava/lang/String;IJI)I) was called from RX@0x4005a3c1[libmain.so]0x5a3c1 [10:03:58 403] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/sglog, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 [10:03:58 404] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1038) - stat64 pathname=E:/data/user/0/com.taobao.taobao/app_SGLib/sglog, LR=RX@0x400fd205[libc.so]0x15205 JNIEnv->NewObject(java/lang/Integer, <init>) was called from RX@0x4000edd9[libmain.so]0xedd9 Find native function Java_com_taobao_wireless_security_adapter_JNICLibrary_doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object; => RX@0x4000e60d[libmain.so]0xe60d JNIEnv->GetArrayLength(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"] => 3) was called from RX@0x4000ef0f[libmain.so]0xef0f JNIEnv->GetObjectArrayElement(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"], 0) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("main") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("main") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"], 1) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("6.4.193") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("6.4.193") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"], 2) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->NewObject(java/lang/Integer, <init>) was called from RX@0x4000f35d[libmain.so]0xf35d 尝试输出: 1094834071 Find native function Java_com_taobao_wireless_security_adapter_JNICLibrary_doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object; => RX@0x4000e60d[libmain.so]0xe60d JNIEnv->GetObjectArrayElement([0x4, true, "008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf"], 0) was called from RX@0x40098b55[libmain.so]0x98b55 JNIEnv->CallIntMethod(java/lang/Integer, intValue()I => 0x4) was called from RX@0x40011061[libmain.so]0x11061 JNIEnv->GetObjectArrayElement([0x4, true, "008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf"], 1) was called from RX@0x40098b8d[libmain.so]0x98b8d JNIEnv->CallBooleanMethod(java/lang/Boolean, booleanValue()Z => true) was called from RX@0x40097ddb[libmain.so]0x97ddb JNIEnv->GetObjectArrayElement([0x4, true, "008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf"], 2) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf") was called from RX@0x40097941[libmain.so]0x97941 [10:03:58 446] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/SG_INNER_DATA, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 JNIEnv->NewStringUTF("Soft") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->NewStringUTF("SGSAFETOKEN_IN") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->CallStaticObjectMethod(class com/taobao/wireless/security/adapter/common/SPUtility2, readFromSPUnified(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;) was called from RX@0x40088a53[libmain.so]0x88a53 readFromSPUnified a1="Soft", a2="SGSAFETOKEN_IN", a3=null, sign=com/taobao/wireless/security/adapter/common/SPUtility2->readFromSPUnified(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; [10:03:58 460] WARN [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:446) - handleInterrupt intno=2, NR=4, svcNumber=0x0, PC=RX@0x4010833c[libc.so]0x2033c, syscall=null java.lang.UnsupportedOperationException at com.github.unidbg.linux.file.ByteArrayFileIO.write(ByteArrayFileIO.java:37) at com.github.unidbg.unix.UnixSyscallHandler.write(UnixSyscallHandler.java:503) at com.github.unidbg.linux.ARM32SyscallHandler.write(ARM32SyscallHandler.java:2027) at com.github.unidbg.linux.ARM32SyscallHandler.hook(ARM32SyscallHandler.java:131) at com.github.unidbg.arm.backend.UnicornBackend$6.hook(UnicornBackend.java:299) at unicorn.Unicorn$NewHook.onInterrupt(Unicorn.java:128) at unicorn.Unicorn.emu_start(Native Method) at com.github.unidbg.arm.backend.UnicornBackend.emu_start(UnicornBackend.java:325) at com.github.unidbg.AbstractEmulator.emulate(AbstractEmulator.java:369) at com.github.unidbg.AbstractEmulator.eFunc(AbstractEmulator.java:445) at com.github.unidbg.arm.AbstractARMEmulator.eFunc(AbstractARMEmulator.java:217) at com.github.unidbg.Module.emulateFunction(Module.java:158) at com.github.unidbg.linux.android.dvm.DvmObject.callJniMethod(DvmObject.java:128) at com.github.unidbg.linux.android.dvm.DvmClass.callStaticJniMethod(DvmClass.java:259) at com.sun.jna.TbObj.test(TbObj.java:254) at com.sun.jna.TbObj.main(TbObj.java:233) [10:03:58 462] WARN [com.github.unidbg.AbstractEmulator] (AbstractEmulator:388) - emulate RX@0x4000e60d[libmain.so]0xe60d exception sp=unidbg@0xbffff3a8, msg=null, offset=36ms destroy

测试代码附件:https://cloud.189.cn/t/mY3maaiiQz6r 访问码:py7v

zhouxy158 commented 3 years ago

ByteArrayFileIO不支持write操作,使用SimpleFileIO代替

juedi998 commented 3 years ago

ByteArrayFileIO不支持write操作,使用SimpleFileIO代替

感谢回答,确实是这个问题,我调试后看到写write时报错了,然后改成SimpleFileIO后又抛出了另一个错误: Connected to the target VM, address: '127.0.0.1:23149', transport: 'socket' JNIEnv->FindClass(java/lang/Boolean) was called from RX@0x4009765d[libmain.so]0x9765d JNIEnv->FindClass(java/lang/Integer) was called from RX@0x40097677[libmain.so]0x97677 JNIEnv->FindClass(java/lang/String) was called from RX@0x40097691[libmain.so]0x97691 JNIEnv->FindClass(com/taobao/wireless/security/adapter/common/HttpUtil) was called from RX@0x4008955f[libmain.so]0x8955f JNIEnv->FindClass(com/taobao/wireless/security/adapter/umid/UmidAdapter) was called from RX@0x40089e9f[libmain.so]0x89e9f JNIEnv->FindClass(android/content/Context) was called from RX@0x40089bad[libmain.so]0x89bad JNIEnv->FindClass(com/taobao/wireless/security/adapter/JNICLibrary) was called from RX@0x4000e2af[libmain.so]0xe2af JNIEnv->FindClass(com/taobao/wireless/security/adapter/common/SPUtility2) was called from RX@0x4008831f[libmain.so]0x8831f JNIEnv->FindClass(com/taobao/wireless/security/adapter/datacollection/DeviceInfoCapturer) was called from RX@0x40014f9b[libmain.so]0x14f9b JNIEnv->FindClass(com/taobao/wireless/security/adapter/datareport/DataReportJniBridge) was called from RX@0x40032ae9[libmain.so]0x32ae9 JNIEnv->FindClass(com/taobao/wireless/security/adapter/datareport/DataReportJniBridge) was called from RX@0x4003aaf3[libmain.so]0x3aaf3 JNIEnv->FindClass(java/util/HashMap) was called from RX@0x4003ac2d[libmain.so]0x3ac2d JNIEnv->FindClass(com/taobao/wireless/security/adapter/datareport/DataReportJniBridge) was called from RX@0x4003c463[libmain.so]0x3c463 JNIEnv->FindClass(android/content/Context) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/content/pm/PackageManager) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/content/pm/PackageInfo) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/content/pm/ApplicationInfo) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/provider/Settings$Secure) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(java/util/List) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/net/wifi/WifiConfiguration) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/net/wifi/WifiManager) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/net/DhcpInfo) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(com/taobao/dp/util/ZipUtils) was called from RX@0x4004db37[libmain.so]0x4db37 JNIEnv->FindClass(com/taobao/dp/util/CallbackHelper) was called from RX@0x4004db7b[libmain.so]0x4db7b JNIEnv->FindClass(android/content/Context) was called from RX@0x4004dc97[libmain.so]0x4dc97 JNIEnv->FindClass(android/content/pm/PackageManager) was called from RX@0x4004dccb[libmain.so]0x4dccb JNIEnv->FindClass(android/content/pm/PackageInfo) was called from RX@0x4004dd01[libmain.so]0x4dd01 JNIEnv->FindClass(android/content/pm/ApplicationInfo) was called from RX@0x4004dd69[libmain.so]0x4dd69 JNIEnv->FindClass(android/os/Environment) was called from RX@0x4004f461[libmain.so]0x4f461 JNIEnv->FindClass(java/io/File) was called from RX@0x4004f4a7[libmain.so]0x4f4a7 JNIEnv->FindClass(android/content/Context) was called from RX@0x4004f4ed[libmain.so]0x4f4ed JNIEnv->FindClass(com/alibaba/wireless/security/open/umid/UMIDComponent) was called from RX@0x4004dfb7[libmain.so]0x4dfb7 JNIEnv->FindClass(com/alibaba/wireless/security/open/edgecomputing/ECMiscInfo) was called from RX@0x400722c5[libmain.so]0x722c5 JNIEnv->FindClass(com/alibaba/wireless/security/framework/utils/UserTrackMethodJniBridge) was called from RX@0x4003f643[libmain.so]0x3f643 JNIEnv->RegisterNatives(com/taobao/wireless/security/adapter/JNICLibrary, unidbg@0xbffff6d8, 1) was called from RX@0x4000e8c5[libmain.so]0xe8c5 RegisterNative(com/taobao/wireless/security/adapter/JNICLibrary, doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object;, RX@0x4000e60d[libmain.so]0xe60d) JNIEnv->FindClass(java/lang/Integer) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/lang/Float) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/lang/String) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass([B) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/util/HashMap) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/util/Set) was called from RX@0x40098e4f[libmain.so]0x98e4f Find native function Java_com_taobao_wireless_security_adapter_JNICLibrary_doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object; => RX@0x4000e60d[libmain.so]0xe60d JNIEnv->GetObjectArrayElement([android.content.Context@275710fc, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 0) was called from RX@0x4000eb5d[libmain.so]0xeb5d JNIEnv->GetObjectArrayElement([android.content.Context@275710fc, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 1) was called from RX@0x40098b55[libmain.so]0x98b55 JNIEnv->CallIntMethod(java/lang/Integer, intValue()I => 0x3) was called from RX@0x4000eb8b[libmain.so]0xeb8b JNIEnv->CallObjectMethod(android/content/Context, getPackageCodePath()Ljava/lang/String; => "unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk") was called from RX@0x4000ebc9[libmain.so]0xebc9 JNIEnv->GetStringUtfChars("unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk") was called from RX@0x400978b9[libmain.so]0x978b9 JNIEnv->ReleaseStringUTFChars("unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk") was called from RX@0x40097903[libmain.so]0x97903 JNIEnv->CallObjectMethod(android/content/Context, getFilesDir()Ljava/io/File; => java.io.File@589b3632) was called from RX@0x4000f61f[libmain.so]0xf61f JNIEnv->CallObjectMethod(java/io/File, getAbsolutePath()Ljava/lang/String; => "E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x4000f6e7[libmain.so]0xf6e7 JNIEnv->GetStringUtfChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x400978b9[libmain.so]0x978b9 JNIEnv->ReleaseStringUTFChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x40097903[libmain.so]0x97903 JNIEnv->CallObjectMethod(android/content/Context, getApplicationInfo()Landroid/content/pm/ApplicationInfo; => android.content.pm.ApplicationInfo@534df152) was called from RX@0x4000f93f[libmain.so]0xf93f JNIEnv->GetObjectField(android.content.pm.ApplicationInfo@534df152, nativeLibraryDir Ljava/lang/String; => "E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x4000fa9f[libmain.so]0xfa9f JNIEnv->GetStringUtfChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x400978b9[libmain.so]0x978b9 JNIEnv->ReleaseStringUTFChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x40097903[libmain.so]0x97903 JNIEnv->GetObjectArrayElement([android.content.Context@275710fc, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 2) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement([android.content.Context@275710fc, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 3) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("E:\data\user\0\com.taobao.taobao\app_SGLib") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("E:\data\user\0\com.taobao.taobao\app_SGLib") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement([android.content.Context@275710fc, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 4) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("") was called from RX@0x40097941[libmain.so]0x97941 [11:29:06 455] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x4029bdd0, thread_id=1, fn=RX@0x40038329[libmain.so]0x38329, arg=null, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [11:29:06 507] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1038) - stat64 pathname=unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk, LR=RX@0x4000d831[libmain.so]0xd831 [11:29:06 508] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:936) - access pathname=E:\fengwork\taozhibo\taobao\unidbg\target/storage/com.taobao.maindex, mode=0 [11:29:06 525] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x40399dd0, thread_id=2, fn=RX@0x40032679[libmain.so]0x32679, arg=unidbg@0x805bf38, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [11:29:06 533] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x40497dd0, thread_id=3, fn=RX@0x40032679[libmain.so]0x32679, arg=unidbg@0x805bf38, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [11:29:06 541] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x40595dd0, thread_id=4, fn=RX@0x40032679[libmain.so]0x32679, arg=unidbg@0x805bf38, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [11:29:06 611] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1038) - stat64 pathname=E:/fengwork/taozhibo/taobao/unidbg/target/JX0WDG83P1ZN.txt, LR=RX@0x400a5eb1[libmain.so]0xa5eb1 [11:29:06 614] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 JNIEnv->CallStaticVoidMethod(class com/alibaba/wireless/security/open/edgecomputing/ECMiscInfo, registerAppLifeCyCleCallBack()V) was called from RX@0x40072f0f[libmain.so]0x72f0f registerAppLifeCyCleCallBack [11:29:06 632] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/sec, oflags=0x24000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 [11:29:06 649] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=/data/misc/zoneinfo/tzdata, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 [11:29:06 677] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:936) - access pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/lvmreport, mode=0 JNIEnv->CallStaticIntMethod(class com/alibaba/wireless/security/framework/utils/UserTrackMethodJniBridge, utAvaiable()I) was called from RX@0x4003f0c9[libmain.so]0x3f0c9 JNIEnv->FindClass(com/uc/crashsdk/JNIBridge) was called from RX@0x4005a233[libmain.so]0x5a233 JNIEnv->NewStringUTF("sgCallBackUniqueKey") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->CallStaticIntMethod(class com/uc/crashsdk/JNIBridge, registerInfoCallback(Ljava/lang/String;IJI)I) was called from RX@0x4005a3c1[libmain.so]0x5a3c1 [11:29:06 683] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/sglog, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 [11:29:06 683] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1038) - stat64 pathname=E:/data/user/0/com.taobao.taobao/app_SGLib/sglog, LR=RX@0x400fd205[libc.so]0x15205 JNIEnv->NewObject(java/lang/Integer, <init>) was called from RX@0x4000edd9[libmain.so]0xedd9 Find native function Java_com_taobao_wireless_security_adapter_JNICLibrary_doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object; => RX@0x4000e60d[libmain.so]0xe60d JNIEnv->GetArrayLength(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"] => 3) was called from RX@0x4000ef0f[libmain.so]0xef0f JNIEnv->GetObjectArrayElement(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"], 0) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("main") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("main") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"], 1) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("6.4.193") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("6.4.193") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"], 2) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->NewObject(java/lang/Integer, <init>) was called from RX@0x4000f35d[libmain.so]0xf35d 尝试输出: 631659383 Find native function Java_com_taobao_wireless_security_adapter_JNICLibrary_doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object; => RX@0x4000e60d[libmain.so]0xe60d JNIEnv->GetObjectArrayElement([0x4, true, "008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf"], 0) was called from RX@0x40098b55[libmain.so]0x98b55 JNIEnv->CallIntMethod(java/lang/Integer, intValue()I => 0x4) was called from RX@0x40011061[libmain.so]0x11061 JNIEnv->GetObjectArrayElement([0x4, true, "008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf"], 1) was called from RX@0x40098b8d[libmain.so]0x98b8d JNIEnv->CallBooleanMethod(java/lang/Boolean, booleanValue()Z => true) was called from RX@0x40097ddb[libmain.so]0x97ddb JNIEnv->GetObjectArrayElement([0x4, true, "008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf"], 2) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->NewStringUTF("Soft") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->NewStringUTF("SGSAFETOKEN_IN") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->CallStaticObjectMethod(class com/taobao/wireless/security/adapter/common/SPUtility2, readFromSPUnified(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;) was called from RX@0x40088a53[libmain.so]0x88a53 readFromSPUnified a1="Soft", a2="SGSAFETOKEN_IN", a3=null, sign=com/taobao/wireless/security/adapter/common/SPUtility2->readFromSPUnified(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; [11:29:08 209] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/SG_USER_DATA, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 JNIEnv->NewStringUTF("Soft") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->NewStringUTF("SGSAFETOKEN") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->CallStaticObjectMethod(class com/taobao/wireless/security/adapter/common/SPUtility2, readFromSPUnified(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;) was called from RX@0x40088a53[libmain.so]0x88a53 readFromSPUnified a1="Soft", a2="SGSAFETOKEN", a3=null, sign=com/taobao/wireless/security/adapter/common/SPUtility2->readFromSPUnified(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; JNIEnv->NewStringUTF("Soft") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->NewStringUTF("SGTMAGIC") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->CallStaticObjectMethod(class com/taobao/wireless/security/adapter/common/SPUtility2, readFromSPUnified(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;) was called from RX@0x40088a53[libmain.so]0x88a53 readFromSPUnified a1="Soft", a2="SGTMAGIC", a3=null, sign=com/taobao/wireless/security/adapter/common/SPUtility2->readFromSPUnified(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; [11:29:10 973] WARN [com.github.unidbg.arm.AbstractARMEmulator] (AbstractARMEmulator$1:58) - memory failed: address=0x4, size=4, value=0x0, PC=RX@0x400a91ac[libmain.so]0xa91ac, LR=unidbg@0xbffff180 [11:29:10 974] WARN [com.github.unidbg.AbstractEmulator] (AbstractEmulator:388) - emulate RX@0x4000e60d[libmain.so]0xe60d exception sp=unidbg@0xbffff1d8, msg=unicorn.UnicornException: Invalid memory read (UC_ERR_READ_UNMAPPED), offset=4246ms destroy Disconnected from the target VM, address: '127.0.0.1:23149', transport: 'socket'

zhouxy158 commented 3 years ago

这个坑得自己过

juedi998 commented 3 years ago

这个坑得自己过

好吧,感谢大佬,我自己研究下

wan1y commented 2 years ago

大佬们求助啊,本菜在调用jni函数时看到了一堆的异常,修补完了一个又来一个,然后现在这个异常由于本菜经验尚浅实在看不出是什么情况触发的异常,有知道的大佬麻烦告知下原因以及解决方案,感谢!!! 程序执行结果如下:

JNIEnv->FindClass(java/lang/Boolean) was called from RX@0x4009765d[libmain.so]0x9765d JNIEnv->FindClass(java/lang/Integer) was called from RX@0x40097677[libmain.so]0x97677 JNIEnv->FindClass(java/lang/String) was called from RX@0x40097691[libmain.so]0x97691 JNIEnv->FindClass(com/taobao/wireless/security/adapter/common/HttpUtil) was called from RX@0x4008955f[libmain.so]0x8955f JNIEnv->FindClass(com/taobao/wireless/security/adapter/umid/UmidAdapter) was called from RX@0x40089e9f[libmain.so]0x89e9f JNIEnv->FindClass(android/content/Context) was called from RX@0x40089bad[libmain.so]0x89bad JNIEnv->FindClass(com/taobao/wireless/security/adapter/JNICLibrary) was called from RX@0x4000e2af[libmain.so]0xe2af JNIEnv->FindClass(com/taobao/wireless/security/adapter/common/SPUtility2) was called from RX@0x4008831f[libmain.so]0x8831f JNIEnv->FindClass(com/taobao/wireless/security/adapter/datacollection/DeviceInfoCapturer) was called from RX@0x40014f9b[libmain.so]0x14f9b JNIEnv->FindClass(com/taobao/wireless/security/adapter/datareport/DataReportJniBridge) was called from RX@0x40032ae9[libmain.so]0x32ae9 JNIEnv->FindClass(com/taobao/wireless/security/adapter/datareport/DataReportJniBridge) was called from RX@0x4003aaf3[libmain.so]0x3aaf3 JNIEnv->FindClass(java/util/HashMap) was called from RX@0x4003ac2d[libmain.so]0x3ac2d JNIEnv->FindClass(com/taobao/wireless/security/adapter/datareport/DataReportJniBridge) was called from RX@0x4003c463[libmain.so]0x3c463 JNIEnv->FindClass(android/content/Context) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/content/pm/PackageManager) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/content/pm/PackageInfo) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/content/pm/ApplicationInfo) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/provider/Settings$Secure) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(java/util/List) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/net/wifi/WifiConfiguration) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/net/wifi/WifiManager) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(android/net/DhcpInfo) was called from RX@0x4009f99b[libmain.so]0x9f99b JNIEnv->FindClass(com/taobao/dp/util/ZipUtils) was called from RX@0x4004db37[libmain.so]0x4db37 JNIEnv->FindClass(com/taobao/dp/util/CallbackHelper) was called from RX@0x4004db7b[libmain.so]0x4db7b JNIEnv->FindClass(android/content/Context) was called from RX@0x4004dc97[libmain.so]0x4dc97 JNIEnv->FindClass(android/content/pm/PackageManager) was called from RX@0x4004dccb[libmain.so]0x4dccb JNIEnv->FindClass(android/content/pm/PackageInfo) was called from RX@0x4004dd01[libmain.so]0x4dd01 JNIEnv->FindClass(android/content/pm/ApplicationInfo) was called from RX@0x4004dd69[libmain.so]0x4dd69 JNIEnv->FindClass(android/os/Environment) was called from RX@0x4004f461[libmain.so]0x4f461 JNIEnv->FindClass(java/io/File) was called from RX@0x4004f4a7[libmain.so]0x4f4a7 JNIEnv->FindClass(android/content/Context) was called from RX@0x4004f4ed[libmain.so]0x4f4ed JNIEnv->FindClass(com/alibaba/wireless/security/open/umid/UMIDComponent) was called from RX@0x4004dfb7[libmain.so]0x4dfb7 JNIEnv->FindClass(com/alibaba/wireless/security/open/edgecomputing/ECMiscInfo) was called from RX@0x400722c5[libmain.so]0x722c5 JNIEnv->FindClass(com/alibaba/wireless/security/framework/utils/UserTrackMethodJniBridge) was called from RX@0x4003f643[libmain.so]0x3f643 JNIEnv->RegisterNatives(com/taobao/wireless/security/adapter/JNICLibrary, unidbg@0xbffff6d8, 1) was called from RX@0x4000e8c5[libmain.so]0xe8c5 RegisterNative(com/taobao/wireless/security/adapter/JNICLibrary, doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object;, RX@0x4000e60d[libmain.so]0xe60d) JNIEnv->FindClass(java/lang/Integer) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/lang/Float) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/lang/String) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass([B) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/util/HashMap) was called from RX@0x40098e4f[libmain.so]0x98e4f JNIEnv->FindClass(java/util/Set) was called from RX@0x40098e4f[libmain.so]0x98e4f Find native function Java_com_taobao_wireless_security_adapter_JNICLibrary_doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object; => RX@0x4000e60d[libmain.so]0xe60d JNIEnv->GetObjectArrayElement([android.content.Context@6a38e57f, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 0) was called from RX@0x4000eb5d[libmain.so]0xeb5d JNIEnv->GetObjectArrayElement([android.content.Context@6a38e57f, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 1) was called from RX@0x40098b55[libmain.so]0x98b55 JNIEnv->CallIntMethod(java/lang/Integer, intValue()I => 0x3) was called from RX@0x4000eb8b[libmain.so]0xeb8b JNIEnv->CallObjectMethod(android/content/Context, getPackageCodePath()Ljava/lang/String; => "unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk") was called from RX@0x4000ebc9[libmain.so]0xebc9 JNIEnv->GetStringUtfChars("unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk") was called from RX@0x400978b9[libmain.so]0x978b9 JNIEnv->ReleaseStringUTFChars("unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk") was called from RX@0x40097903[libmain.so]0x97903 JNIEnv->CallObjectMethod(android/content/Context, getFilesDir()Ljava/io/File; => java.io.File@4ac68d3e) was called from RX@0x4000f61f[libmain.so]0xf61f JNIEnv->CallObjectMethod(java/io/File, getAbsolutePath()Ljava/lang/String; => "E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x4000f6e7[libmain.so]0xf6e7 JNIEnv->GetStringUtfChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x400978b9[libmain.so]0x978b9 JNIEnv->ReleaseStringUTFChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x40097903[libmain.so]0x97903 JNIEnv->CallObjectMethod(android/content/Context, getApplicationInfo()Landroid/content/pm/ApplicationInfo; => android.content.pm.ApplicationInfo@6073f712) was called from RX@0x4000f93f[libmain.so]0xf93f JNIEnv->GetObjectField(android.content.pm.ApplicationInfo@6073f712, nativeLibraryDir Ljava/lang/String; => "E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x4000fa9f[libmain.so]0xfa9f JNIEnv->GetStringUtfChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x400978b9[libmain.so]0x978b9 JNIEnv->ReleaseStringUTFChars("E:\fengwork\taozhibo\taobao\unidbg\target") was called from RX@0x40097903[libmain.so]0x97903 JNIEnv->GetObjectArrayElement([android.content.Context@6a38e57f, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 2) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement([android.content.Context@6a38e57f, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 3) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("E:\data\user\0\com.taobao.taobao\app_SGLib") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("E:\data\user\0\com.taobao.taobao\app_SGLib") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement([android.content.Context@6a38e57f, 0x3, "", "E:\data\user\0\com.taobao.taobao\app_SGLib", ""], 4) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("") was called from RX@0x40097941[libmain.so]0x97941 [10:03:58 122] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x4029bdd0, thread_id=1, fn=RX@0x40038329[libmain.so]0x38329, arg=null, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [10:03:58 176] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1038) - stat64 pathname=unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk, LR=RX@0x4000d831[libmain.so]0xd831 [10:03:58 177] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:936) - access pathname=E:\fengwork\taozhibo\taobao\unidbg\target/storage/com.taobao.maindex, mode=0 [10:03:58 191] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x40399dd0, thread_id=2, fn=RX@0x40032679[libmain.so]0x32679, arg=unidbg@0x805bf38, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [10:03:58 197] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x40497dd0, thread_id=3, fn=RX@0x40032679[libmain.so]0x32679, arg=unidbg@0x805bf38, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [10:03:58 201] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:810) - pthread_clone child_stack=RW@0x40595dd0, thread_id=4, fn=RX@0x40032679[libmain.so]0x32679, arg=unidbg@0x805bf38, flags=[CLONE_VM, CLONE_FS, CLONE_FILES, CLONE_SIGHAND, CLONE_THREAD, CLONE_SYSVSEM] [10:03:58 316] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1038) - stat64 pathname=E:/fengwork/taozhibo/taobao/unidbg/target/JX0WDG83P1ZN.txt, LR=RX@0x400a5eb1[libmain.so]0xa5eb1 [10:03:58 318] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=unidbg-android/src/test/resources/taobao/taobao_9_5_7.apk, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 JNIEnv->CallStaticVoidMethod(class com/alibaba/wireless/security/open/edgecomputing/ECMiscInfo, registerAppLifeCyCleCallBack()V) was called from RX@0x40072f0f[libmain.so]0x72f0f registerAppLifeCyCleCallBack [10:03:58 334] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/sec, oflags=0x24000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 [10:03:58 350] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=/data/misc/zoneinfo/tzdata, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 [10:03:58 390] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:936) - access pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/lvmreport, mode=0 JNIEnv->CallStaticIntMethod(class com/alibaba/wireless/security/framework/utils/UserTrackMethodJniBridge, utAvaiable()I) was called from RX@0x4003f0c9[libmain.so]0x3f0c9 JNIEnv->FindClass(com/uc/crashsdk/JNIBridge) was called from RX@0x4005a233[libmain.so]0x5a233 JNIEnv->NewStringUTF("sgCallBackUniqueKey") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->CallStaticIntMethod(class com/uc/crashsdk/JNIBridge, registerInfoCallback(Ljava/lang/String;IJI)I) was called from RX@0x4005a3c1[libmain.so]0x5a3c1 [10:03:58 403] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/sglog, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 [10:03:58 404] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1038) - stat64 pathname=E:/data/user/0/com.taobao.taobao/app_SGLib/sglog, LR=RX@0x400fd205[libc.so]0x15205 JNIEnv->NewObject(java/lang/Integer, <init>) was called from RX@0x4000edd9[libmain.so]0xedd9 Find native function Java_com_taobao_wireless_security_adapter_JNICLibrary_doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object; => RX@0x4000e60d[libmain.so]0xe60d JNIEnv->GetArrayLength(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"] => 3) was called from RX@0x4000ef0f[libmain.so]0xef0f JNIEnv->GetObjectArrayElement(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"], 0) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("main") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("main") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"], 1) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("6.4.193") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("6.4.193") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->GetObjectArrayElement(["main", "6.4.193", "unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so"], 2) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("unidbg-android/src/test/resources/taobao/libsgmainso-6.4.193.so") was called from RX@0x40097941[libmain.so]0x97941 JNIEnv->NewObject(java/lang/Integer, <init>) was called from RX@0x4000f35d[libmain.so]0xf35d 尝试输出: 1094834071 Find native function Java_com_taobao_wireless_security_adapter_JNICLibrary_doCommandNative(I[Ljava/lang/Object;)Ljava/lang/Object; => RX@0x4000e60d[libmain.so]0xe60d JNIEnv->GetObjectArrayElement([0x4, true, "008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf"], 0) was called from RX@0x40098b55[libmain.so]0x98b55 JNIEnv->CallIntMethod(java/lang/Integer, intValue()I => 0x4) was called from RX@0x40011061[libmain.so]0x11061 JNIEnv->GetObjectArrayElement([0x4, true, "008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf"], 1) was called from RX@0x40098b8d[libmain.so]0x98b8d JNIEnv->CallBooleanMethod(java/lang/Boolean, booleanValue()Z => true) was called from RX@0x40097ddb[libmain.so]0x97ddb JNIEnv->GetObjectArrayElement([0x4, true, "008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf"], 2) was called from RX@0x40098b1d[libmain.so]0x98b1d JNIEnv->GetStringUtfChars("008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf") was called from RX@0x4009792b[libmain.so]0x9792b JNIEnv->ReleaseStringUTFChars("008&2d093acdqvJW9T7/f27VvtElSqmFI+M9bYJzmyX0zgghj0mHioCO8mjaffohn2/zGbxPeCcf") was called from RX@0x40097941[libmain.so]0x97941 [10:03:58 446] INFO [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:1915) - open pathname=E:\data\user\0\com.taobao.taobao\app_SGLib/SG_INNER_DATA, oflags=0x20000, mode=0, from=RX@0x40115aa1[libc.so]0x2daa1 JNIEnv->NewStringUTF("Soft") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->NewStringUTF("SGSAFETOKEN_IN") was called from RX@0x40097a59[libmain.so]0x97a59 JNIEnv->CallStaticObjectMethod(class com/taobao/wireless/security/adapter/common/SPUtility2, readFromSPUnified(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;) was called from RX@0x40088a53[libmain.so]0x88a53 readFromSPUnified a1="Soft", a2="SGSAFETOKEN_IN", a3=null, sign=com/taobao/wireless/security/adapter/common/SPUtility2->readFromSPUnified(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; [10:03:58 460] WARN [com.github.unidbg.linux.ARM32SyscallHandler] (ARM32SyscallHandler:446) - handleInterrupt intno=2, NR=4, svcNumber=0x0, PC=RX@0x4010833c[libc.so]0x2033c, syscall=null java.lang.UnsupportedOperationException at com.github.unidbg.linux.file.ByteArrayFileIO.write(ByteArrayFileIO.java:37) at com.github.unidbg.unix.UnixSyscallHandler.write(UnixSyscallHandler.java:503) at com.github.unidbg.linux.ARM32SyscallHandler.write(ARM32SyscallHandler.java:2027) at com.github.unidbg.linux.ARM32SyscallHandler.hook(ARM32SyscallHandler.java:131) at com.github.unidbg.arm.backend.UnicornBackend$6.hook(UnicornBackend.java:299) at unicorn.Unicorn$NewHook.onInterrupt(Unicorn.java:128) at unicorn.Unicorn.emu_start(Native Method) at com.github.unidbg.arm.backend.UnicornBackend.emu_start(UnicornBackend.java:325) at com.github.unidbg.AbstractEmulator.emulate(AbstractEmulator.java:369) at com.github.unidbg.AbstractEmulator.eFunc(AbstractEmulator.java:445) at com.github.unidbg.arm.AbstractARMEmulator.eFunc(AbstractARMEmulator.java:217) at com.github.unidbg.Module.emulateFunction(Module.java:158) at com.github.unidbg.linux.android.dvm.DvmObject.callJniMethod(DvmObject.java:128) at com.github.unidbg.linux.android.dvm.DvmClass.callStaticJniMethod(DvmClass.java:259) at com.sun.jna.TbObj.test(TbObj.java:254) at com.sun.jna.TbObj.main(TbObj.java:233) [10:03:58 462] WARN [com.github.unidbg.AbstractEmulator] (AbstractEmulator:388) - emulate RX@0x4000e60d[libmain.so]0xe60d exception sp=unidbg@0xbffff3a8, msg=null, offset=36ms destroy

测试代码附件:https://cloud.189.cn/t/mY3maaiiQz6r 访问码:py7v

代码能再看下吗大佬