aslody / sandhook Goto Github PK

annotation
annotation api
hooklib
core lib of art hook
nativehook
lib of native hook
xposedcompat
stable implement of xposed api compat for sandhook
xposedcompat_new
annother implement of xposed api compat for sandhook(hook more fast first time)
hookers
hook plugin demo for annotation api

how to use

implementation 'com.swift.sandhook:hooklib:4.2.0'
// need for android 11
implementation 'com.swift.sandhook:nativehook:4.2.0'

Annotation API

hook method must be a static method
first par must be this if method is not static
method description must "same"(can be isAssignableFrom) with origin method
backup method same with above

@HookClass(Activity.class)
//@HookReflectClass("android.app.Activity")
public class ActivityHooker {

    @HookMethodBackup("onCreate")
    @MethodParams(Bundle.class)
    static Method onCreateBackup;

    @HookMethodBackup("onPause")
    static HookWrapper.HookEntity onPauseBackup;

    @HookMethod("onCreate")
    @MethodParams(Bundle.class)
    public static void onCreate(Activity thiz, Bundle bundle) throws Throwable {
        Log.e("ActivityHooker", "hooked onCreate success " + thiz);
        SandHook.callOriginByBackup(onCreateBackup, thiz, bundle);
    }

    @HookMethod("onPause")
    public static void onPause(@ThisObject Activity thiz) throws Throwable {
        Log.e("ActivityHooker", "hooked onPause success " + thiz);
        onPauseBackup.callOrigin(thiz);
    }

}



//or like this:

@HookClass(TestClass.class)
public class NewAnnotationApiHooker {

    @HookMethod("testNewHookApi")
    public static void onTestNewHookApi(@ThisObject TestClass thiz, @Param("com.swift.sandhook.MainActivity") Activity activity, int a) {
        Log.e("TestClassHook", "testNewHookApi been hooked");
        onTestNewHookApiBackup(thiz, activity, a);
    }

    @HookMethodBackup("testNewHookApi")
    public static void onTestNewHookApiBackup(@ThisObject TestClass thiz, @Param("com.swift.sandhook.MainActivity") Activity activity, int a) {
        onTestNewHookApiBackup(thiz, activity, a);
    }

}



//first set debuggable
SandHookConfig.DEBUG = BuildConfig.DEBUG;

and

//add hookers
SandHook.addHookClass(CtrHook.class, LogHooker.class, CustmizeHooker.class, ActivityHooker.class, ObjectHooker.class);

you can also use:
SanHook.public static boolean hook(Member target, Method hook, Method backup) {}

if hookers is in plugin(like xposed):

provided 'com.swift.sandhook:hookannotation:4.2.0'

in your plugin

if OS <= 5.1 backup method can call itself to avoid be inlining

Xposed API

Now you can use Xposed api:

We have two different implements:

//stable
implementation 'com.swift.sandhook:xposedcompat:4.2.0'

//or

//hook fast first time
implementation 'com.swift.sandhook:xposedcompat_new:4.2.0'

//setup for xposed
//for xposed compat only(no need xposed comapt new)
XposedCompat.cacheDir = getCacheDir();

//for load xp module(sandvxp)
XposedCompat.context = this;
XposedCompat.classLoader = getClassLoader();
XposedCompat.isFirstApplication= true;

//do hook
XposedHelpers.findAndHookMethod(Activity.class, "onResume", new XC_MethodHook() {
      @Override
      protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
          super.beforeHookedMethod(param);
          Log.e("XposedCompat", "beforeHookedMethod: " + param.method.getName());
      }

      @Override
      protected void afterHookedMethod(MethodHookParam param) throws Throwable {
          super.afterHookedMethod(param);
          Log.e("XposedCompat", "afterHookedMethod: " + param.method.getName());
      }
});

Notice

Disable Inline

JIT inline

We can do nothing to prevent some methods been inlined before app start, but we can try to disable VM Jit Inline after launch.

if you will hook some method that could be inlined, please call SandHook.disableVMInline()(OS >= 7.0) in Application.OnCreate()

Inline by dex2oat

Background dex2oat

SandHook.tryDisableProfile(getPackageName());

dex2oat by DexClassLoader

SandHook.disableDex2oatInline(fullyDisableDex2oat);

ArtDexOptimizer.dexoatAndDisableInline to dex2oat manuly

Deoptimize(Boot Image)

You can also deoptimize a caller that inlined your hook method by SandHook.deCompile(caller), just implement >= 7.0

Hidden API

SandHook.passApiCheck();

To bypass hidden api on P & Q

Debuggable

You must set debuggble of the target hook process before init when OS >= 8.0.

SandHookConfig.DEBUG =

Native Hook

simple hook(no backup)

#include "includes/sandhook.h"

bool nativeHookNoBackup(void* origin, void* hook);

need backup origin method

#include "sandhook_native.h"

void* SandInlineHook(void* origin, void* replace);

void* SandInlineHookSym(const char* so, const char* symb, void* replace);

return is backup method

break point

you can insert a break point in body of method(not only start of method), so you can read/write registers in break point.

bool SandBreakPoint(void* origin, void (*callback)(REG[]));

bool SandSingleInstBreakPoint(void *origin, BreakCallback(callback));

short method

#include "sandhook_native.h"

void* SandSingleInstHook(void* origin, void* replace);

void* SandSingleInstHookSym(const char* so, const char* symb, void* replace);

use it when your method is <= 16bytes(64bit)/8bytes(32bit)

SandSingleInstHook only need 4bytes length

disassembler (only implement important instructions)
assembler (only implement important instructions)

Demo

SandVXPosed

non-Root Xposed Environment Demo (VirtualApp with SandHook):

https://github.com/ganyao114/SandVXposed

EdXposed(SandHook Brunch)

Unofficial xposed framework >= 8.0

See release above

https://github.com/ElderDrivers/EdXposed

Android Q(10.0)

in MyApp.java

//if you want test Android Q, please set true, because SDK_INT of Android Q is still 28 public final static boolean testAndroidQ = false;

References

Epic:https://github.com/tiann/epic
Yahfa:https://github.com/rk700/YAHFA

sandhook's People

Contributors

Stargazers

Watchers

Forkers

markjian woozoo86 shuixi2013 liumengdeqq dstmath nexthacker zhanglang001 247321453 kong6001 kenkieo praiseqin suge zoutaov sepyeight lifeqiuzhi520 netstu geektan zekn luorui110120 lyh2606179909 o2e aplus123 ondreji st-rnd gtchendong qilvzi 35099644 cuihaoliang zysyyz fhooker fengjixuchui hobbit19 angrykobe fashioncj lfyg csky6688 ababook xi1314 chago exiahan tigerly forbe mayimchen windysha ouyangfengfeng swiftossite eagle518 panhongwei xiaoyaomeng darkside0624 eritpchy fewpiwork pyrock99 rover12421 alexpigs tao2java xintao222 javaeryang lwugang gavinliu julianocristian mycathy0612 dothanthitiendiettiende saliey xtftbwvfp mining8 winziyuan wzh442718973 dsb123 llyuer freemanzyq chayzeng dengjiaming ansty173 sjzyangxu aihacker tmaczhang tmlandroid makulu1987 aosp-mousquetaires dearwayne coderaldrich dandycheung haidragon xuwakao hohjgdhsj asisbai hhcola xiexianyong flywhiter liberatorqjw k3v1n1990s xdcs100 565400154 hetianlong0 yfw123 simpleman1984 igit-cn jiayang627 sheepyang1993

sandhook's Issues

Fragment onResume方法出现不回掉情况

请问代码指令太短，是否会导致hook失效

hook Fragment onResume方法出现不回掉情况

package android.support.v4.app
public class Fragment implements ComponentCallbacks, OnCreateContextMenuListener, LifecycleOwner {
/**
* Called when the fragment is visible to the user and actively running.
* This is generally
* tied to {@link Activity#onResume() Activity.onResume} of the containing
* Activity's lifecycle.
*/
@callsuper
public void onResume() {
mCalled = true;
}
}

XposedHelpers.findAndHookMethod(Fragment.class,
"onResume",
new SingletonXC_MethodHook() {
@OverRide
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
Fragment fragment = (Fragment) param.thisObject;
String fragmentName = fragment.getClass().getName();
Log.i("[Fragment onResume ] == " + fragmentName);
}
});

日志未输出Fragment的onResume调用，也没有错误日志输出，但是demo程序是使用了Fragment的

机型: meizuPro 6s
系统: android7.1.1

x86 Support

Hi, I just quickly looked at your code and there does seem to be native code for x86, do you plan on including the x86 variant in the library as well? We're planning on using this library for a big app and need to support some Intel/Asus devices with x86 as well as debug on the Emulator.

Android Q beta5 has crashed

Hello developer,the current version is still not compatible android Q yet

hook 系统多媒体的 write 接口，返回错误

有BUG！！！

返回类型为boolean和两个浮点类型的方法无法成功hook！！！！

SandVXposed-beta_3.apk在mumu模拟器运行apk异常

java.lang.reflect.InvocationTargetException
at java.lang.reflect.Method.invoke(Native Method)
at com.swift.sandhook.utils.ReflectionUtils.(ReflectionUtils.java:28)
at com.swift.sandhook.utils.ReflectionUtils.passApiCheck(ReflectionUtils.java)
at com.swift.sandhook.SandHook.passApiCheck(SandHook.java:322)
at com.lody.virtual.sandxposed.SandXposed.init(SandXposed.java:28)
at io.virtualapp.VApp.attachBaseContext(VApp.java:39)
at android.app.Application.attach(Application.java:187)
at android.app.Instrumentation.newApplication(Instrumentation.java:997)
at android.app.Instrumentation.newApplication(Instrumentation.java:981)
at android.app.LoadedApk.makeApplication(LoadedApk.java:573)
at android.app.ActivityThread.handleBindApplication(ActivityThread.java:4752)
at android.app.ActivityThread.-wrap1(ActivityThread.java)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1414)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:148)
at android.app.ActivityThread.main(ActivityThread.java:5539)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)
Caused by: java.lang.NoSuchMethodException: setHiddenApiExemptions [class [Ljava.lang.String;]
at java.lang.Class.getMethod(Class.java:624)
at java.lang.Class.getDeclaredMethod(Class.java:586)
at java.lang.reflect.Method.invoke(Native Method)
at com.swift.sandhook.utils.ReflectionUtils.(ReflectionUtils.java:28)
at com.swift.sandhook.utils.ReflectionUtils.passApiCheck(ReflectionUtils.java)
at com.swift.sandhook.SandHook.passApiCheck(SandHook.java:322)
at com.lody.virtual.sandxposed.SandXposed.init(SandXposed.java:28)
at io.virtualapp.VApp.attachBaseContext(VApp.java:39)
at android.app.Application.attach(Application.java:187)
at android.app.Instrumentation.newApplication(Instrumentation.java:997)
at android.app.Instrumentation.newApplication(Instrumentation.java:981)
at android.app.LoadedApk.makeApplication(LoadedApk.java:573)
at android.app.ActivityThread.handleBindApplication(ActivityThread.java:4752)
at android.app.ActivityThread.-wrap1(ActivityThread.java)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1414)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:148)
at android.app.ActivityThread.main(ActivityThread.java:5539)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)

Native Hook能否提供一份简单的样例

SandInlineHookSym
SandInlineHook

这些方法的入参以及返回值，使用方法的样例

感谢

support x86 and x86_64

no the system_x86/lib/libsandhook.edxp.so and lib64/libsandhook.edxp.so

Can't change volume on Mi A2 Android 9

Can't change volume on Mi A2 running on Android 9. It seems like it has been changed, but it isn't.
YAHFA works well for me.

sandhook可以用于商用吗？会不会侵权Virtual App？？

单独使用NativeHook出现崩溃

我只想使用SandHook中的NativeHook库,修改如下:

SHARED 改成了 STATIC

遇到如下问题:

InlineHook::instance is NULL

05-13 12:31:00.004 27279 27279 F DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
05-13 12:31:00.004 27279 27279 F DEBUG : Build fingerprint: 'Xiaomi/jason/jason:8.1.0/OPM1.171019.019/8.12.20:user/release-keys'
05-13 12:31:00.004 27279 27279 F DEBUG : Revision: '0'
05-13 12:31:00.004 27279 27279 F DEBUG : ABI: 'arm64'
05-13 12:31:00.004 27279 27279 F DEBUG : pid: 27268, tid: 27268, name: com.lingdong.t >>> zygote64 <<<
05-13 12:31:00.004 27279 27279 F DEBUG : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
05-13 12:31:00.004 27279 27279 F DEBUG : Cause: null pointer dereference
05-13 12:31:00.004 27279 27279 F DEBUG : x0 000000701ddf4c50 x1 000000701ddf4c50 x2 0000006f801ddb0c x3 0000000000000003
05-13 12:31:00.004 27279 27279 F DEBUG : x4 0000000040100401 x5 40404000a800a800 x6 0000000000000000 x7 7f7f7f7f7f7f7f7f
05-13 12:31:00.004 27279 27279 F DEBUG : x8 0000000000000000 x9 fe40a393c9dd16d7 x10 0000007fd49e81f0 x11 000000000000001e
05-13 12:31:00.004 27279 27279 F DEBUG : x12 000000000000000b x13 ffffffffffffffff x14 ff00000000000000 x15 ffffffffffffffff
05-13 12:31:00.004 27279 27279 F DEBUG : x16 0000006f80349470 x17 0000006f801fbb78 x18 000000004b488bb4 x19 000000701db06dd0
05-13 12:31:00.004 27279 27279 F DEBUG : x20 000000701deb054b x21 0000006f8033df58 x22 0000000000000000 x23 000000701dead654
05-13 12:31:00.004 27279 27279 F DEBUG : x24 000000701deb072b x25 000000701dee3000 x26 000000701dee33d8 x27 000000000000000c
05-13 12:31:00.004 27279 27279 F DEBUG : x28 0000006f801dd88c x29 0000007fd49e8750 x30 0000006f801dd9f4
05-13 12:31:00.005 27279 27279 F DEBUG : sp 0000007fd49e8730 pc 0000006f801fbba0 pstate 0000000060000000
05-13 12:31:00.496 27279 27279 F DEBUG :
05-13 12:31:00.496 27279 27279 F DEBUG : backtrace:
05-13 12:31:00.496 27279 27279 F DEBUG : #00 pc 00000000000aeba0 /data/local/tmp/drogon/app_arm64/libhacku3d.10146.so (SandInlineHook+40)
05-13 12:31:00.496 27279 27279 F DEBUG : #1 pc 00000000000909f0 /data/local/tmp/drogon/app_arm64/libhacku3d.10146.so (my_init()+356)
05-13 12:31:00.496 27279 27279 F DEBUG : #2 pc 0000000000020ad4 /system/bin/linker64 (_dl__ZL10call_arrayIPFviPPcS1_EEvPKcPT_mbS5+276)
05-13 12:31:00.496 27279 27279 F DEBUG : #3 pc 0000000000020d04 /system/bin/linker64 (__dl__ZN6soinfo17call_constructorsEv+396)
05-13 12:31:00.496 27279 27279 F DEBUG : #4 pc 000000000000c34c /system/bin/linker64 (__dl__Z9do_dlopenPKciPK17android_dlextinfoPKv+1788)
05-13 12:31:00.496 27279 27279 F DEBUG : #5 pc 0000000000009040 /system/bin/linker64 (__dl__Z8__dlopenPKciPKv+68)
05-13 12:31:00.496 27279 27279 F DEBUG : #6 pc 000000000000114c /system/lib64/libdl.so (dlopen+12)
05-13 12:31:00.496 27279 27279 F DEBUG : #7 pc 0000000000002be8 /system/lib64/libnativeloader.so (android::OpenNativeLibrary(_JNIEnv*, int, char const*, _jobject*, _jstring*, bool*, std::__1::basic_string<char, std::__1::char_traits, std::__1::allocator>)+204)
05-13 12:31:00.496 27279 27279 F DEBUG : #8 pc 000000000030053c /system/lib64/libart.so (art::JavaVMExt::LoadNativeLibrary(_JNIEnv, std::__1::basic_string<char, std::__1::char_traits, std::__1::allocator> const&, _jobject*, _jstring*, std::__1::basic_string<char, std::__1::char_traits, std::__1::allocator>)+2124)
05-13 12:31:00.496 27279 27279 F DEBUG : #9 pc 0000000000004164 /system/lib64/libopenjdkjvm.so (JVM_NativeLoad+268)
05-13 12:31:00.496 27279 27279 F DEBUG : #10 pc 00000000003b0e64 /system/framework/arm64/boot-core-oj.oat (offset 0x2ec000) (java.lang.Runtime.nativeLoad+228)
05-13 12:31:00.496 27279 27279 F DEBUG : #11 pc 00000000003b067c /system/framework/arm64/boot-core-oj.oat (offset 0x2ec000) (java.lang.Runtime.doLoad+220)
05-13 12:31:00.496 27279 27279 F DEBUG : #12 pc 00000000003b2414 /system/framework/arm64/boot-core-oj.oat (offset 0x2ec000) (java.lang.Runtime.load0+756)
05-13 12:31:00.496 27279 27279 F DEBUG : #13 pc 00000000003d78f0 /system/framework/arm64/boot-core-oj.oat (offset 0x2ec000) (java.lang.System.load+96)
05-13 12:31:00.496 27279 27279 F DEBUG : #14 pc 000000000054984c /system/lib64/libart.so (art_quick_invoke_static_stub+604)
05-13 12:31:00.496 27279 27279 F DEBUG : #15 pc 00000000000dd1b4 /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread, unsigned int*, unsigned int, art::JValue*, char const*)+260)
05-13 12:31:00.496 27279 27279 F DEBUG : #16 pc 000000000046d400 /system/lib64/libart.so (art::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::ArgArray*, art::JValue*, char const*)+100)
05-13 12:31:00.496 27279 27279 F DEBUG : #17 pc 000000000046d02c /system/lib64/libart.so (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+420)
05-13 12:31:00.496 27279 27279 F DEBUG : #18 pc 0000000000373f60 /system/lib64/libart.so (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+620)
05-13 12:31:00.496 27279 27279 F DEBUG : #19 pc 0000000000010c88 /data/local/tmp/libzyghk64.so (deleted)
05-13 12:31:00.496 27279 27279 F DEBUG : #20 pc 0000000000010e38 /data/local/tmp/libzyghk64.so (deleted)
05-13 12:31:00.496 27279 27279 F DEBUG : #21 pc 0000000000007bf4 /data/local/tmp/libzyghk64.so (deleted)
05-13 12:31:00.496 27279 27279 F DEBUG : #22 pc 0000000000007844 /data/local/tmp/libzyghk64.so (deleted)
05-13 12:31:00.496 27279 27279 F DEBUG : #23 pc 0000000000007e44 /data/local/tmp/libzyghk64.so (deleted)
05-13 12:31:00.496 27279 27279 F DEBUG : #24 pc 0000000000524d24 /system/framework/arm64/boot-core-libart.oat (offset 0x17c000) (dalvik.system.ZygoteHooks.nativePostForkChild [DEDUPED]+196)
05-13 12:31:00.496 27279 27279 F DEBUG : #25 pc 0000000000524fb8 /system/framework/arm64/boot-core-libart.oat (offset 0x17c000) (dalvik.system.ZygoteHooks.postForkChild+56)
05-13 12:31:00.496 27279 27279 F DEBUG : #26 pc 000000000227b634 /system/framework/arm64/boot-framework.oat (offset 0x9c9000) (com.android.internal.os.Zygote.callPostForkChildHooks+84)
05-13 12:31:00.496 27279 27279 F DEBUG : #27 pc 000000000054984c /system/lib64/libart.so (art_quick_invoke_static_stub+604)
05-13 12:31:00.496 27279 27279 F DEBUG : #28 pc 00000000000dd1b4 /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+260)
05-13 12:31:00.496 27279 27279 F DEBUG : #29 pc 000000000046d400 /system/lib64/libart.so (art::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::ArgArray*, art::JValue*, char const*)+100)
05-13 12:31:00.497 27279 27279 F DEBUG : #30 pc 000000000046d02c /system/lib64/libart.so (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+420)
05-13 12:31:00.497 27279 27279 F DEBUG : #31 pc 0000000000373f60 /system/lib64/libart.so (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+620)
05-13 12:31:00.497 27279 27279 F DEBUG : #32 pc 00000000000a8b78 /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+120)
05-13 12:31:00.497 27279 27279 F DEBUG : #33 pc 000000000017a028 /system/lib64/libandroid_runtime.so ((anonymous namespace)::ForkAndSpecializeCommon(_JNIEnv*, unsigned int, unsigned int, _jintArray*, int, _jobjectArray*, long, long, int, _jstring*, _jstring*, bool, _jintArray*, _jintArray*, _jstring*, _jstring*)+5264)
05-13 12:31:00.497 27279 27279 F DEBUG : #34 pc 00000000001781fc /system/lib64/libandroid_runtime.so (android::com_android_internal_os_Zygote_nativeForkAndSpecialize(_JNIEnv*, _jclass*, int, int, _jintArray*, int, _jobjectArray*, int, _jstring*, _jstring*, _jintArray*, _jintArray*, _jstring*, _jstring*)+536)
05-13 12:31:00.497 27279 27279 F DEBUG : #35 pc 000000000227bc28 /system/framework/arm64/boot-framework.oat (offset 0x9c9000) (com.android.internal.os.Zygote.nativeForkAndSpecialize+408)
05-13 12:31:00.497 27279 27279 F DEBUG : #36 pc 0000000002278154 /system/framework/arm64/boot-framework.oat (offset 0x9c9000) (com.android.internal.os.ZygoteConnection.processOneCommand+1508)
05-13 12:31:00.497 27279 27279 F DEBUG : #37 pc 00000000022794c8 /system/framework/arm64/boot-framework.oat (offset 0x9c9000) (com.android.internal.os.ZygoteServer.runSelectLoop+968)
05-13 12:31:00.497 27279 27279 F DEBUG : #38 pc 000000000227f980 /system/framework/arm64/boot-framework.oat (offset 0x9c9000) (com.android.internal.os.ZygoteInit.main+2752)
05-13 12:31:00.497 27279 27279 F DEBUG : #39 pc 000000000054984c /system/lib64/libart.so (art_quick_invoke_static_stub+604)
05-13 12:31:00.497 27279 27279 F DEBUG : #40 pc 00000000000dd1b4 /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+260)
05-13 12:31:00.497 27279 27279 F DEBUG : #41 pc 000000000046d400 /system/lib64/libart.so (art::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::ArgArray*, art::JValue*, char const*)+100)
05-13 12:31:00.497 27279 27279 F DEBUG : #42 pc 000000000046d02c /system/lib64/libart.so (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+420)
05-13 12:31:00.497 27279 27279 F DEBUG : #43 pc 0000000000373f60 /system/lib64/libart.so (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+620)
05-13 12:31:00.497 27279 27279 F DEBUG : #44 pc 00000000000a8b78 /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+120)
05-13 12:31:00.497 27279 27279 F DEBUG : #45 pc 00000000000ab424 /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vectorandroid::String8 const&, bool)+920)
05-13 12:31:00.497 27279 27279 F DEBUG : #46 pc 00000000000025b4 /system/bin/app_process64 (main+1516)
05-13 12:31:00.497 27279 27279 F DEBUG : #47 pc 00000000000a1b2c /system/lib64/libc.so (__libc_init+88)
05-13 12:31:00.497 27279 27279 F DEBUG : #48 pc 0000000000001f28 /system/bin/app_process64 (_start_main+80)

关于一台华为8.0设备，在Va中不打开SandHookConfig.DEBUG = true无法正常hook问题

设备：
华为mate 9
8.0系统
virtualApp框架

问题分析：
不运行在VA环境中，正常hook期望函数
运行在va环境中，打开SandHookConfig.DEBUG = true，正常hook期望函数
运行在va环境中，不打开SandHookConfig.DEBUG = true，不能正常hook期望函数
`
public class MainActivity extends AppCompatActivity {

// 该函数为期望函数
private void test(String str) {
    Log.e("hello", str);
}

......
}

排查发现最终由该函数影响
void ArtMethod::disableInterpreterForO() {
if (SDK_INT >= ANDROID_O && SDK_INT < ANDROID_R && DEBUG) {
setNative();
}
}`

想咨询的：
1. 请问这个函数一直打开，会不稳定么，我看代码写的是debug才打开。（是将所有hook方法，全设置为native的问题？）
@ganyao114 大佬想了解下不默认开的原因

JNI DETECTED ERROR IN APPLICATION: use of invalid jobject xxxx

xposedcompat_new 会出现这个异常
方法应该在SetObjectArrayElement
here

和这个错误类似

调用原函数时出现NoSuchMethodError

2020-03-30 11:58:21.487 16795-16795/com.mivik.cymoe W/SandHook-Native: JNI Loaded
2020-03-30 11:58:21.506 16795-16795/com.mivik.cymoe E/SandHook-Native: ErrorCodeException: switch to arm32! not impl!
2020-03-30 11:58:21.506 16795-16795/com.mivik.cymoe D/SandHook: method <protected void android.app.Activity.attachBaseContext(android.content.Context)> hook <replacement> success!

2020-03-30 11:56:49.990 16213-16213/? E/AndroidRuntime: FATAL EXCEPTION: main
    Process: com.mivik.cymoe, PID: 16213
    java.lang.NoSuchMethodError: No static method attachBaseContext_old(Landroid/content/ContextWrapper;Landroid/content/Context;)V in class Lcom/mivik/cymoe/hook/TestHook; or its super classes (declaration of 'com.mivik.cymoe.hook.TestHook' appears in base.apk)
        at com.mivik.cymoe.hook.TestHook.attachBaseContext_new(Hooks.kt:98)
        at com.mivik.cymoe.CymoeApplication.attachBaseContext(CymoeApplication.kt:13)
        at android.app.Application.attach(Application.java:376)
        at android.app.Instrumentation.newApplication(Instrumentation.java:1157)
        at android.app.LoadedApk.makeApplication(LoadedApk.java:1222)
        at android.app.ActivityThread.handleBindApplication(ActivityThread.java:6558)
        at com.elderdrivers.riru.edxp._hooker.yahfa.HandleBindAppHooker.hook(HandleBindAppHooker.java:21)
        at android.app.ActivityThread.access$1400(ActivityThread.java:228)
        at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1893)
        at android.os.Handler.dispatchMessage(Handler.java:107)
        at android.os.Looper.loop(Looper.java:224)
        at android.app.ActivityThread.main(ActivityThread.java:7567)
        at java.lang.reflect.Method.invoke(Native Method)
        at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:539)
        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:950)

由于是需要加载目标应用到自己进程中，而目标应用只提供了arm32的native lib，因此不得不使用arm32

值得一提的是，找不到原函数的NoSuchMethodError只在release架构下出现，debug架构时无问题

JNI DETECTED ERROR IN APPLICATION: use of invalid jobject xxxx

android 6.0 nexus 6p
hook com.android.internal.os.ZygoteInit.handleSystemServerProcess ,
crash log


08-28 00:35:06.421 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410] JNI DETECTED ERROR IN APPLICATION: use of invalid jobject 0x7fafddb180
08-28 00:35:06.421 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]     from void com.android.internal.os.ZygoteInit.handleSystemServerProcess!(com.android.internal.os.ZygoteConnection$Arguments)
08-28 00:35:06.421 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410] "main" prio=5 tid=1 Runnable
08-28 00:35:06.421 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   | group="main" sCount=0 dsCount=0 obj=0x73ea0878 self=0x7fb003ba00
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   | sysTid=4220 nice=0 cgrp=default sched=0/0 handle=0x7fb3584fe8
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   | state=R schedstat=( 35969742 621719 21 ) utm=0 stm=3 core=4 HZ=100
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   | stack=0x7fc70be000-0x7fc70c0000 stackSize=8MB
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   | held mutexes= "mutator lock"(shared held)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #00 pc 000000000023a108  /system/lib64/libart.so (???)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #01 pc 00000000002092c8  /system/lib64/libart.so (???)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #02 pc 00000000000bd730  /system/lib64/libart.so (???)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #03 pc 00000000000be104  /system/lib64/libart.so (???)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #04 pc 00000000002096f0  /system/lib64/libart.so (???)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #05 pc 00000000000f72bc  /system/lib64/libart.so (???)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #06 pc 0000000000059798  /data/local/tmp/libsandhook.so (_ZN7_JNIEnv21SetObjectArrayElementEP13_jobjectArrayiP8_jobject+72)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #07 pc 00000000000573c8  /data/local/tmp/libsandhook.so (_ZN20QuickArgumentBuilder12AppendObjectEP8_jobject+152)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #08 pc 0000000000056a9c  /data/local/tmp/libsandhook.so (_Z16FFIJniDispatcherP10FFIClosurePvPS1_S1_+588)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #09 pc 000000000006da5c  /data/local/tmp/libsandhook.so(_Z13FFIDispatcherP7ffi_cifPvPS1_S1_+120)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #10 pc 000000000007fce0  /data/local/tmp/libsandhook.so (ffi_closure_SYSV_inner+912)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #11 pc 0000000000080730  /data/local/tmp/libsandhook.so (ffi_closure_SYSV+48)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   native: #12 pc 0000000000008e4c  /data/dalvik-cache/arm64/system@[email protected]@classes.dex (Java_com_android_internal_os_ZygoteInit_handleSystemServerProcess__Lcom_android_internal_os_ZygoteConnection_00024Arguments_2+128)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   at com.android.internal.os.ZygoteInit.handleSystemServerProcess!(Native method)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   at com.android.internal.os.ZygoteInit.startSystemServer(ZygoteInit.java:545)
08-28 00:35:06.422 4220-4220/? A/art: art/runtime/java_vm_ext.cc:410]   at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:608)

Maybe getting the parameter error
Will crash when calling AppendObject

AppendObject: Append value:0x7fafddb180

SandHook依赖virtualapp吗

Unable to resolve dependency for ':app@debug/compileClasspath': Could not download xposedcompat.aar (com.swift.sandhook:xposedcompat:4.0.0)

仅一个入参的静态方法Hook时发生的错误

Hook静态方法，当目标静态方法签名只有一个参数的时候，会找不到该方法
① 测试代码

public static class Test{
    public static void test(String value){

    }

    public static void test2(String value, String value2){

    }
}

@HookClass(Test.class)
public static class HookTest{

    @HookMethod("test")
    public static void test(@Param String value){

    }

    @HookMethod("test2")
    public static void test2(@Param String value, @Param String value2){

    }
}

②异常内容
com.swift.sandhook.wrapper.HookErrorException: can not find target method: test
W/System.err: at com.swift.sandhook.wrapper.HookWrapper.getHookMethods(HookWrapper.java:116)
W/System.err: at com.swift.sandhook.wrapper.HookWrapper.addHookClass(HookWrapper.java:41)
W/System.err: at com.swift.sandhook.wrapper.HookWrapper.addHookClass(HookWrapper.java:33)
W/System.err: at com.swift.sandhook.wrapper.HookWrapper.addHookClass(HookWrapper.java:28)
W/System.err: at com.swift.sandhook.SandHook.addHookClass(SandHook.java:69)

java.lang.NoSuchMethodException: generateProxy

从 3.6.0 版本开始报错

06-25 17:06:58.003 30430-30469/? W/System.err: java.lang.NoSuchMethodException: generateProxy [class java.lang.String, class [Ljava.lang.Class;, class java.lang.ClassLoader, class [Ljava.lang.reflect.Method;, class [[Ljava.lang.Class;]
06-25 17:06:58.003 30430-30469/? W/System.err:     at java.lang.Class.getMethod(Class.java:664)
06-25 17:06:58.003 30430-30469/? W/System.err:     at java.lang.Class.getDeclaredMethod(Class.java:626)
06-25 17:06:58.003 30430-30469/? W/System.err:     at com.swift.sandhook.wrapper.StubMethodsFactory.<clinit>(StubMethodsFactory.java:15)
06-25 17:06:58.003 30430-30469/? W/System.err:     at com.swift.sandhook.xposedcompat.hookstub.HookStubManager.getStubMethodPair(HookStubManager.java:176)
06-25 17:06:58.003 30430-30469/? W/System.err:     at com.swift.sandhook.xposedcompat.hookstub.HookStubManager.getHookMethodEntity(HookStubManager.java:104)
06-25 17:06:58.003 30430-30469/? W/System.err:     at com.swift.sandhook.xposedcompat.methodgen.DynamicBridge.hookMethod(DynamicBridge.java:63)
06-25 17:06:58.003 30430-30469/? W/System.err:     at de.robv.android.xposed.XposedBridge.hookMethodNative(XposedBridge.java:275)
06-25 17:06:58.003 30430-30469/? W/System.err:     at de.robv.android.xposed.XposedBridge.hookMethod(XposedBridge.java:181)

ps:希望在bintray上传时能加上 VCS Tag，这样方便定位代码版本

有什么好的方案进行全局hook

请教一下如果把SandHook插桩到framwork层的main函数，可以实现全局hook吗

meizu hook with wechat cause anr

----- pid 32577 at 2019-08-14 15:39:52 -----
Cmd line: com.tencent.mm
Build fingerprint: 'Meizu/meizu_M1822_CN/M1822:8.1.0/OPM1.171019.026/1539943691:user/release-keys'
ABI: 'arm'
Build type: optimized
Zygote loaded classes=5104 post zygote classes=5999
Intern table: 52750 strong; 150 weak
JNI: CheckJNI is on; globals=679 (plus 82 weak)
Libraries: /data/app/com.tencent.vm-M0nRWlu92S-nTeVmz5ukeQ==/lib/arm/libsandhook.so /data/app/com.tencent.vm-M0nRWlu92S-nTeVmz5ukeQ==/lib/arm/libva++.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libFFmpeg.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libMMProtocalJni.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libappbrandcommon.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libc++_shared.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libcommonimgdec.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libhardcoder.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libmatrixmrs.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libmmkv.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libstlport_shared.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libtencentloc.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libtxmapengine.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libwcdb.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libwechatCrashForJni.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libwechatcommon.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libwechatmm.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libwechatnormsg.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libwechatpack.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libwechatsight_v7a.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libwechatvoicereco.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libwechatxlog.so /data/user/0/com.tencent.vm/virtual/data/app/com.tencent.mm/lib/libwechatzstd.so /data/user/0/com.tencent.vm/virtual/data/app/skynet.huatu.com.skynet_android/lib/libnative-encode.so /system/lib/libandroid.so /system/lib/libcompiler_rt.so /system/lib/libfilterUtils.so /system/lib/libjavacrypto.so /system/lib/libjnigraphics.so /system/lib/libmedia_jni.so /system/lib/libqti_performance.so /system/lib/libsoundpool.so /system/lib/libwebviewchromium_loader.so libjavacore.so libopenjdk.so (35)
Heap: 65% free, 6MB/17MB; 95719 objects
Dumping cumulative Gc timings
Start Dumping histograms for 3 iterations for concurrent copying
ProcessMarkStack: Sum: 142.928ms 99% C.I. 29.444ms-61.049ms Avg: 47.642ms Max: 61.049ms
ScanImmuneSpaces: Sum: 13.853ms 99% C.I. 3.633ms-5.246ms Avg: 4.617ms Max: 5.246ms
VisitConcurrentRoots: Sum: 11.490ms 99% C.I. 3.091ms-4.928ms Avg: 3.830ms Max: 4.929ms
ClearFromSpace: Sum: 3.518ms 99% C.I. 0.830ms-1.785ms Avg: 1.172ms Max: 1.785ms
SweepSystemWeaks: Sum: 2.079ms 99% C.I. 360us-904us Avg: 693us Max: 904us
FlipOtherThreads: Sum: 1.868ms 99% C.I. 288us-1225us Avg: 622.666us Max: 1225us
SweepLargeObjects: Sum: 1.290ms 99% C.I. 229us-734us Avg: 430us Max: 734us
GrayAllDirtyImmuneObjects: Sum: 1.259ms 99% C.I. 282us-505us Avg: 419.666us Max: 505us
EnqueueFinalizerReferences: Sum: 1.184ms 99% C.I. 158us-850us Avg: 394.666us Max: 850us
ProcessReferences: Sum: 584us 99% C.I. 2us-437us Avg: 97.333us Max: 437us
InitializePhase: Sum: 552us 99% C.I. 130us-261us Avg: 184us Max: 261us
EmptyRBMarkBitStack: Sum: 513us 99% C.I. 31us-361us Avg: 171us Max: 361us
ThreadListFlip: Sum: 492us 99% C.I. 58us-365us Avg: 164us Max: 365us
VisitNonThreadRoots: Sum: 317us 99% C.I. 90us-128us Avg: 105.666us Max: 128us
RecordFree: Sum: 303us 99% C.I. 81us-130us Avg: 101us Max: 130us
ForwardSoftReferences: Sum: 181us 99% C.I. 41us-98us Avg: 60.333us Max: 98us
ReclaimPhase: Sum: 161us 99% C.I. 13us-94us Avg: 53.666us Max: 94us
(Paused)GrayAllNewlyDirtyImmuneObjects: Sum: 145us 99% C.I. 36us-65us Avg: 48.333us Max: 65us
MarkingPhase: Sum: 133us 99% C.I. 33us-53us Avg: 44.333us Max: 53us
MarkZygoteLargeObjects: Sum: 120us 99% C.I. 27us-65us Avg: 40us Max: 65us
MarkStackAsLive: Sum: 115us 99% C.I. 30us-48us Avg: 38.333us Max: 48us
ClearRegionSpaceCards: Sum: 108us 99% C.I. 19us-59us Avg: 36us Max: 59us
SweepAllocSpace: Sum: 100us 99% C.I. 20us-45us Avg: 33.333us Max: 45us
ResumeRunnableThreads: Sum: 76us 99% C.I. 16us-43us Avg: 25.333us Max: 43us
(Paused)SetFromSpace: Sum: 46us 99% C.I. 8us-20us Avg: 15.333us Max: 20us
(Paused)ClearCards: Sum: 38us 99% C.I. 250ns-3000ns Avg: 469ns Max: 3000ns
SwapBitmaps: Sum: 32us 99% C.I. 6us-20us Avg: 10.666us Max: 20us
ResumeOtherThreads: Sum: 17us 99% C.I. 2us-12us Avg: 5.666us Max: 12us
(Paused)FlipCallback: Sum: 15us 99% C.I. 4us-7us Avg: 5us Max: 7us
FlipThreadRoots: Sum: 9us 99% C.I. 2us-5us Avg: 3us Max: 5us
UnBindBitmaps: Sum: 7us 99% C.I. 1us-5us Avg: 2.333us Max: 5us
Done Dumping histograms
concurrent copying paused: Sum: 764us 99% C.I. 123us-484us Avg: 254.666us Max: 484us
concurrent copying total time: 183.550ms mean time: 61.183ms
concurrent copying freed: 485650 objects with total size 35MB
concurrent copying throughput: 2.65383e+06/s / 193MB/s
Cumulative bytes moved 5062184
Cumulative objects moved 95535
Total time spent in GC: 183.550ms
Mean GC size throughput: 178MB/s
Mean GC object throughput: 2.6456e+06 objects/s
Total number of allocations 581319
Total bytes allocated 38MB
Total bytes freed 32MB
Free memory 11MB
Free memory until GC 11MB
Free memory until OOME 249MB
Total memory 17MB
Max memory 256MB
Zygote space size 748KB
Total mutator paused time: 764us
Total time waiting for GC to complete: 46.509us
Total GC count: 3
Total GC time: 183.550ms
Total blocking GC count: 0
Total blocking GC time: 0
Histogram of GC count per 10000 ms: 2:1
Histogram of blocking GC count per 10000 ms: 0:1
Registered native bytes allocated: 8879180
/data/app/com.tencent.vm-M0nRWlu92S-nTeVmz5ukeQ==/oat/arm/base.odex: quicken
/data/data/com.tencent.vm/virtual/data/app/com.tencent.mm/oat/arm/base.odex: quicken
/data/data/com.tencent.vm/virtual/data/app/skynet.huatu.com.skynet_android/oat/arm/base.odex: quicken
/data/data/com.tencent.vm/virtual/data/app/com.tencent.mm/oat/arm/base.odex: quicken
/data/dalvik-cache/arm/system@framework@[email protected]: quicken
/data/dalvik-cache/oat/arm/xposed_XResourcesSuperClass.odex: quicken
/data/dalvik-cache/oat/arm/xposed_XTypedArraySuperClass.odex: quicken
Current JIT code cache size: 243KB
Current JIT data cache size: 176KB
Current JIT capacity: 512KB
Current number of JIT code cache entries: 559
Total number of JIT compilations: 599
Total number of JIT compilations for on stack replacement: 0
Total number of JIT code cache collections: 5
Memory used for stack maps: Avg: 110B Max: 17KB Min: 4B
Memory used for compiled code: Avg: 428B Max: 32KB Min: 2B
Memory used for profiling info: Avg: 156B Max: 5KB Min: 16B
Start Dumping histograms for 616 iterations for JIT timings
Compiling: Sum: 783.776ms 99% C.I. 0.045ms-20.712ms Avg: 1.282ms Max: 76.270ms
TrimMaps: Sum: 18.251ms 99% C.I. 5us-397.250us Avg: 29.870us Max: 641us
Code cache collection: Sum: 3.119ms 99% C.I. 446us-738us Avg: 623.800us Max: 738us
Done Dumping histograms
Memory used for compilation: Avg: 74KB Max: 2MB Min: 15KB
ProfileSaver total_bytes_written=480430
ProfileSaver total_number_of_writes=40
ProfileSaver total_number_of_code_cache_queries=42
ProfileSaver total_number_of_skipped_writes=2
ProfileSaver total_number_of_failed_writes=0
ProfileSaver total_ms_of_sleep=45001
ProfileSaver total_ms_of_work=68
ProfileSaver max_number_profile_entries_cached=0
ProfileSaver total_number_of_hot_spikes=14
ProfileSaver total_number_of_wake_ups=2

suspend all histogram: Sum: 811us 99% C.I. 3us-326.239us Avg: 35.260us Max: 341us
DALVIK THREADS (70):
"Signal Catcher" daemon prio=5 tid=3 Runnable
| group="system" sCount=0 dsCount=0 flags=0 obj=0x1b480100 self=0xf011ec00
| sysTid=32583 nice=0 cgrp=default sched=0/0 handle=0xe7c7e970
| state=R schedstat=( 43837756 410262 5 ) utm=3 stm=1 core=3 HZ=100
| stack=0xe7b84000-0xe7b86000 stackSize=1006KB
| held mutexes= "mutator lock"(shared held)
native: #00 pc 002f2bb7 /system/lib/libart.so (art::DumpNativeStack(std::__1::basic_ostream<char, std::__1::char_traits>&, int, BacktraceMap*, char const*, art::ArtMethod*, void*)+130)
native: #1 pc 0038ac8f /system/lib/libart.so (art::Thread::DumpStack(std::__1::basic_ostream<char, std::__1::char_traits>&, bool, BacktraceMap*, bool) const+206)
native: #2 pc 00387207 /system/lib/libart.so (art::Thread::Dump(std::__1::basic_ostream<char, std::__1::char_traits>&, bool, BacktraceMap*, bool) const+34)
native: #3 pc 0039f43b /system/lib/libart.so (art::DumpCheckpoint::Run(art::Thread*)+718)
native: #4 pc 00398eb9 /system/lib/libart.so (art::ThreadList::RunCheckpoint(art::Closure*, art::Closure*)+320)
native: #5 pc 003989b3 /system/lib/libart.so (art::ThreadList::Dump(std::__1::basic_ostream<char, std::__1::char_traits>&, bool)+546)
native: #6 pc 003986c3 /system/lib/libart.so (art::ThreadList::DumpForSigQuit(std::__1::basic_ostream<char, std::__1::char_traits>&)+642)
native: #7 pc 00374b4f /system/lib/libart.so (art::Runtime::DumpForSigQuit(std::__1::basic_ostream<char, std::__1::char_traits>&)+122)
native: #8 pc 0037cbbf /system/lib/libart.so (art::SignalCatcher::HandleSigQuit()+1286)
native: #9 pc 0037bb43 /system/lib/libart.so (art::SignalCatcher::Run(void*)+242)
native: #10 pc 0002b9ff /system/lib/libc.so (???)
native: #11 pc 000002fd /system/lib/libc.so (???)
(no managed stack frames)
"main" prio=5 tid=1 Native
| group="main" sCount=1 dsCount=0 flags=1 obj=0x72495da8 self=0xf0133000
| sysTid=32577 nice=-10 cgrp=default sched=0/0 handle=0xf3cf44a4
| state=t schedstat=( 2568180206 79865625 806 ) utm=239 stm=17 core=6 HZ=100
| stack=0xff478000-0xff47a000 stackSize=8MB
| held mutexes=
kernel: __switch_to+0x90/0xc4
kernel: ptrace_stop+0x108/0x298
kernel: get_signal+0x2c4/0x568
kernel: do_signal+0x84/0xe90
kernel: do_notify_resume+0x84/0x94
kernel: work_pending+0x8/0x10
native: (backtrace::Unwind failed for thread 32577: Thread has not responded to signal in time)
at dalvik.system.DexFile.openDexFileNative(Native method)
at dalvik.system.DexFile.openDexFile(DexFile.java:353)
at dalvik.system.DexFile.(DexFile.java:100)
at dalvik.system.DexFile.(DexFile.java:74)
at dalvik.system.DexPathList.loadDexFile(DexPathList.java:374)
at dalvik.system.DexPathList.makeDexElements(DexPathList.java:337)
at dalvik.system.DexPathList.(DexPathList.java:157)
at dalvik.system.BaseDexClassLoader.(BaseDexClassLoader.java:65)
at dalvik.system.DexClassLoader.(DexClassLoader.java:54)
at java.lang.reflect.Constructor.newInstance0(Native method)
at java.lang.reflect.Constructor.newInstance(Constructor.java:334)
at com.android.dx.DexMaker.generateClassLoader(DexMaker.java:458)
at com.android.dx.DexMaker.generateAndLoad(DexMaker.java:559)
at com.swift.sandhook.xposedcompat.methodgen.HookerDexMakerNew.doMake(HookerDexMakerNew.java:186)
at com.swift.sandhook.xposedcompat.methodgen.HookerDexMakerNew.start(HookerDexMakerNew.java:163)
at com.swift.sandhook.xposedcompat.methodgen.DynamicBridge.hookMethod(DynamicBridge.java:75)

locked <0x05db3c21> (a java.lang.Class<com.swift.sandhook.xposedcompat.methodgen.DynamicBridge>)
at de.robv.android.xposed.XposedBridge.hookMethodNative(XposedBridge.java:275)
locked <0x0bd59a07> (a java.lang.Class<de.robv.android.xposed.XposedBridge>)
at de.robv.android.xposed.XposedBridge.hookMethod(XposedBridge.java:181)
at de.robv.android.xposed.XposedHelpers.findAndHookMethod(XposedHelpers.java:187)
at de.robv.android.xposed.XposedHelpers.findAndHookMethod(XposedHelpers.java:260)
at com.wechathook.wechat.plugin.ReceiverMessagePlugin.hook(ReceiverMessagePlugin.java:50)
at com.wechathook.wechat.plugin.WechatApplicationPlugin.loadPlugins(WechatApplicationPlugin.java:71)
at com.wechathook.wechat.plugin.WechatApplicationPlugin.access$000(WechatApplicationPlugin.java:37)
at com.wechathook.wechat.plugin.WechatApplicationPlugin$1.lambda$afterHookedMethod$0$WechatApplicationPlugin$1(WechatApplicationPlugin.java:56)
at com.wechathook.wechat.plugin.-$$Lambda$WechatApplicationPlugin$1$v2rIE8Ez1EkCveXq4Vvdp2sz-_8.run(lambda:-1)
at android.os.Handler.handleCallback(Handler.java:790)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loop(Looper.java:164)
at android.app.ActivityThread.main(ActivityThread.java:6758)
at java.lang.reflect.Method.invoke(Native method)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:438)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:886)
at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:108)

另一款魅族手机v8是正常的，这款note8打开插件就anr

compile error

hooklib 的build.gradle文件， externalNativeBuild {
cmake {
path "CMakeLists.txt"
}
} 去掉编译才通过。。。。

要是能把类似VA的沙盒也开源了,那就太棒了

Unable to resolve dependency for ':app@debug/compileClasspath': Could not download xposedcompat.aar (com.swift.sandhook:xposedcompat:4.0.0)

// Top-level build file where you can add configuration options common to all sub-projects/modules.

buildscript {

repositories {
    maven {
        url uri('./repo')
    }
    maven {
        url "https://dl.bintray.com/ganyao114/maven/"
    }
    google()
    jcenter()
}
dependencies {
    classpath 'com.android.tools.build:gradle:3.2.1'

    classpath 'com.flamingo.gradle.mess:mess:1.0.0'

    // NOTE: Do not place your application dependencies here; they belong
    // in the individual module build.gradle files
}

}

ext {
compileSdkVersion = 28
targetSdkVersion = 22
minSdkVersion = 21
supportVersion = '28.0.0'
junitVersion = '4.12'
espressoVersion = '2.2.2'
}

allprojects {
repositories {
maven {
url "https://dl.bintray.com/ganyao114/maven/"
}
google()
jcenter()
}
}

task clean(type: Delete) {
delete rootProject.buildDir
}
还是不行

可以直接用xposed api写xposed框架吗？

只依赖sandhook 的xposed api 可以直接用来写xposed框架导入edxposed运行吗？

我写了个hook本进程的小案例，可是在手机安装 ed xposed以后并不能成功HOOK

android 10.0

android 10.0 支持么？

root手机

java.lang.NoSuchMethodError: No static method hookBridge

[bug]提交一个hook的bug

hook应用: 微信
版本号: 1420
下载来源: weixin.qq.com
bug描述: 只要hook以下方法,方法里不做任何事情都会导致微信闪退
复现步骤: hook 微信1420版本拷贝以下代码, 点击微信的我-->支付必崩

XposedHelpers.findAndHookMethod("com.tencent.mm.plugin.wallet.balance.ui.WalletBalanceFetchUI",
                classLoader,
                "g",
                "com.tencent.mm.plugin.wallet.balance.ui.WalletBalanceFetchUI",
                new XC_MethodHook() {
                    @Override
                    protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
                        try {


                        }catch (Throwable throwable){
                            XposedBridge.log(throwable);
                        }
                    }
                }
);

怎么对构造函数进行hook

没有看到相关的文档或者demo

support armeabi

ganyao 你好：
请问能支持armeabi架构吗？感谢感谢。

有一个关于注入的疑问

在将so注入进目标进程成功后，是在注入的so中加载插件的dex吗？还是直接注入dex或者其他方式？望大佬解决疑问

SandSingleInstHook

SandSingleInstHook replace 这个什么格式呢能拿到寄存器值么

有一定概率打开应用闪退

使用Xpatch（基于sandhook）打包插件入应用之后，有一定概率打开应用会闪退。但是使用基于sandhook的EdXposed没遇到过。Xpatch作者说大概率是sandhook问题WindySha/Xpatch#59。相关日志如下：

07-13 13:56:32.677 F/art     (19940): art/runtime/thread-inl.h:199] Transitioning to runnable with checkpoint flag,  flags=2 state=67

07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406] Runtime aborting...
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406] Aborting thread:
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406] "main" prio=5 tid=1 Runnable
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=0 dsCount=0 obj=0x74e910e8 self=0x7d72a95a00
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19940 nice=0 cgrp=default sched=0/0 handle=0x7d76932a98
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   | state=R schedstat=( 632529969 18022455 328 ) utm=49 stm=13 core=6 HZ=100
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7fd9473000-0x7fd9475000 stackSize=8MB
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes= "abort lock" "mutator lock"(shared held)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 0000000000476d74  /system/lib64/libart.so (_ZN3art15DumpNativeStackERNSt3__113basic_ostreamIcNS0_11char_traitsIcEEEEiP12BacktraceMapPKcPNS_9ArtMethodEPv+220)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 0000000000476d70  /system/lib64/libart.so (_ZN3art15DumpNativeStackERNSt3__113basic_ostreamIcNS0_11char_traitsIcEEEEiP12BacktraceMapPKcPNS_9ArtMethodEPv+216)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 000000000044b5bc  /system/lib64/libart.so (_ZNK3art6Thread9DumpStackERNSt3__113basic_ostreamIcNS1_11char_traitsIcEEEEbP12BacktraceMap+472)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 000000000043965c  /system/lib64/libart.so (_ZNK3art10AbortState10DumpThreadERNSt3__113basic_ostreamIcNS1_11char_traitsIcEEEEPNS_6ThreadE+56)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   native: #04 pc 000000000043947c  /system/lib64/libart.so (_ZNK3art10AbortState4DumpERNSt3__113basic_ostreamIcNS1_11char_traitsIcEEEE+576)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   native: #05 pc 000000000042d068  /system/lib64/libart.so (_ZN3art7Runtime5AbortEv+140)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   native: #06 pc 00000000000e5124  /system/lib64/libart.so (_ZN3art10LogMessageD2Ev+1204)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   native: #07 pc 0000000000545060  /system/lib64/libart.so (_ZN3artL12GoToRunnableEPNS_6ThreadE+532)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   native: #08 pc 0000000000544e08  /system/lib64/libart.so (_ZN3art12JniMethodEndEjPNS_6ThreadE+28)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   native: #09 pc 00000000006c775c  /data/app/tv.danmaku.bili-1/oat/arm64/base.odex (Java_com_swift_sandhook_SandHook_hookMethod__Ljava_lang_reflect_Member_2Ljava_lang_reflect_Method_2Ljava_lang_reflect_Method_2I+232)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   at com.swift.sandhook.SandHook.hookMethod(Native method)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   at com.swift.sandhook.SandHook.hook(SandHook.java:114)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   - locked <0x0c5bbff3> (a java.lang.Class<com.swift.sandhook.SandHook>)
07-13 13:56:32.808 F/art     (19940): art/runtime/runtime.cc:406]   at com.swift.sandhook.xposedcompat.methodgen.DynamicBridge.hookMethod(DynamicBridge.java:66)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at de.robv.android.xposed.XposedBridge.hookMethodNative(XposedBridge.java:275)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   - locked <0x007ef4b0> (a java.lang.Class<de.robv.android.xposed.XposedBridge>)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at de.robv.android.xposed.XposedBridge.hookMethod(XposedBridge.java:181)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at de.robv.android.xposed.XposedHelpers.findAndHookMethod(XposedHelpers.java:187)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at de.robv.android.xposed.XposedHelpers.findAndHookMethod(XposedHelpers.java:260)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at a.a.a.a.k.a(:4)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at me.iacn.biliroaming.XposedInit.a(:1)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at me.iacn.biliroaming.XposedInit$b.beforeHookedMethod(:12)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at de.robv.android.xposed.XC_MethodHook.callBeforeHookedMethod(XC_MethodHook.java:51)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at com.swift.sandhook.xposedcompat.hookstub.HookStubManager.hookBridge(HookStubManager.java:276)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at com.swift.sandhook.xposedcompat.hookstub.MethodHookerStubs64.stub_hook_1(MethodHookerStubs64.java:206)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at android.app.ActivityThread.handleBindApplication(ActivityThread.java:5718)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at android.app.ActivityThread.-wrap2(ActivityThread.java:-1)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1714)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at android.os.Handler.dispatchMessage(Handler.java:102)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at android.os.Looper.loop(Looper.java:154)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at android.app.ActivityThread.main(ActivityThread.java:6437)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.reflect.Method.invoke!(Native method)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:983)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406]   at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:873)
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406] Dumping all threads without appropriate locks held: thread list lock
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406] All threads:
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406] DALVIK THREADS (12):
07-13 13:56:32.809 F/art     (19940): art/runtime/runtime.cc:406] "main" prio=5 tid=1 Runnable
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=0 dsCount=0 obj=0x74e910e8 self=0x7d72a95a00
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19940 nice=0 cgrp=default sched=0/0 handle=0x7d76932a98
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   | state=R schedstat=( 650791893 18417186 371 ) utm=50 stm=14 core=6 HZ=100
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7fd9473000-0x7fd9475000 stackSize=8MB
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes= "abort lock" "mutator lock"(shared held)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 0000000000476d74  /system/lib64/libart.so (_ZN3art15DumpNativeStackERNSt3__113basic_ostreamIcNS0_11char_traitsIcEEEEiP12BacktraceMapPKcPNS_9ArtMethodEPv+220)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 0000000000476d70  /system/lib64/libart.so (_ZN3art15DumpNativeStackERNSt3__113basic_ostreamIcNS0_11char_traitsIcEEEEiP12BacktraceMapPKcPNS_9ArtMethodEPv+216)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 000000000044b5bc  /system/lib64/libart.so (_ZNK3art6Thread9DumpStackERNSt3__113basic_ostreamIcNS1_11char_traitsIcEEEEbP12BacktraceMap+472)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 0000000000462cdc  /system/lib64/libart.so (_ZN3art14DumpCheckpoint3RunEPNS_6ThreadE+820)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #04 pc 000000000045afbc  /system/lib64/libart.so (_ZN3art10ThreadList13RunCheckpointEPNS_7ClosureE+456)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #05 pc 000000000045abcc  /system/lib64/libart.so (_ZN3art10ThreadList4DumpERNSt3__113basic_ostreamIcNS1_11char_traitsIcEEEEb+288)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #06 pc 000000000043948c  /system/lib64/libart.so (_ZNK3art10AbortState4DumpERNSt3__113basic_ostreamIcNS1_11char_traitsIcEEEE+592)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #07 pc 000000000042d068  /system/lib64/libart.so (_ZN3art7Runtime5AbortEv+140)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #08 pc 00000000000e5124  /system/lib64/libart.so (_ZN3art10LogMessageD2Ev+1204)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #09 pc 0000000000545060  /system/lib64/libart.so (_ZN3artL12GoToRunnableEPNS_6ThreadE+532)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #10 pc 0000000000544e08  /system/lib64/libart.so (_ZN3art12JniMethodEndEjPNS_6ThreadE+28)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   native: #11 pc 00000000006c775c  /data/app/tv.danmaku.bili-1/oat/arm64/base.odex (Java_com_swift_sandhook_SandHook_hookMethod__Ljava_lang_reflect_Member_2Ljava_lang_reflect_Method_2Ljava_lang_reflect_Method_2I+232)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   at com.swift.sandhook.SandHook.hookMethod(Native method)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   at com.swift.sandhook.SandHook.hook(SandHook.java:114)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   - locked <0x0c5bbff3> (a java.lang.Class<com.swift.sandhook.SandHook>)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   at com.swift.sandhook.xposedcompat.methodgen.DynamicBridge.hookMethod(DynamicBridge.java:66)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   at de.robv.android.xposed.XposedBridge.hookMethodNative(XposedBridge.java:275)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   - locked <0x007ef4b0> (a java.lang.Class<de.robv.android.xposed.XposedBridge>)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   at de.robv.android.xposed.XposedBridge.hookMethod(XposedBridge.java:181)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   at de.robv.android.xposed.XposedHelpers.findAndHookMethod(XposedHelpers.java:187)
07-13 13:56:32.810 F/art     (19940): art/runtime/runtime.cc:406]   at de.robv.android.xposed.XposedHelpers.findAndHookMethod(XposedHelpers.java:260)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at a.a.a.a.k.a(:4)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at me.iacn.biliroaming.XposedInit.a(:1)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at me.iacn.biliroaming.XposedInit$b.beforeHookedMethod(:12)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at de.robv.android.xposed.XC_MethodHook.callBeforeHookedMethod(XC_MethodHook.java:51)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at com.swift.sandhook.xposedcompat.hookstub.HookStubManager.hookBridge(HookStubManager.java:276)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at com.swift.sandhook.xposedcompat.hookstub.MethodHookerStubs64.stub_hook_1(MethodHookerStubs64.java:206)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at android.app.ActivityThread.handleBindApplication(ActivityThread.java:5718)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at android.app.ActivityThread.-wrap2(ActivityThread.java:-1)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1714)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at android.os.Handler.dispatchMessage(Handler.java:102)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at android.os.Looper.loop(Looper.java:154)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at android.app.ActivityThread.main(ActivityThread.java:6437)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.reflect.Method.invoke!(Native method)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:983)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:873)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406] "Jit thread pool worker thread 0" prio=5 tid=2 Native (still starting up)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=1 dsCount=0 obj=0x0 self=0x7d6ae11000
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19945 nice=9 cgrp=default sched=0/0 handle=0x7d72007450
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   | state=S schedstat=( 13381344 7763616 18 ) utm=1 stm=0 core=7 HZ=100
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7d71f09000-0x7d71f0b000 stackSize=1021KB
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes=
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   kernel: (couldn't read /proc/self/task/19945/stack)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 000000000001bcac  /system/lib64/libc.so (syscall+28)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 00000000000e73d8  /system/lib64/libart.so (_ZN3art17ConditionVariable16WaitHoldingLocksEPNS_6ThreadE+160)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 0000000000464a50  /system/lib64/libart.so (_ZN3art10ThreadPool7GetTaskEPNS_6ThreadE+252)
07-13 13:56:32.811 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 0000000000463f0c  /system/lib64/libart.so (_ZN3art16ThreadPoolWorker3RunEv+124)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   native: #04 pc 000000000046383c  /system/lib64/libart.so (_ZN3art16ThreadPoolWorker8CallbackEPv+116)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   native: #05 pc 00000000000680e0  /system/lib64/libc.so (_ZL15__pthread_startPv+196)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   native: #06 pc 000000000001d940  /system/lib64/libc.so (__start_thread+16)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   (no managed stack frames)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406] "Signal Catcher" prio=5 tid=3 WaitingInMainSignalCatcherLoop
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=1 dsCount=0 obj=0x12c57dc0 self=0x7d68512000
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19946 nice=0 cgrp=default sched=0/0 handle=0x7d71f06450
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   | state=S schedstat=( 649577 0 1 ) utm=0 stm=0 core=7 HZ=100
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7d71e0c000-0x7d71e0e000 stackSize=1005KB
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes=
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   kernel: (couldn't read /proc/self/task/19946/stack)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 000000000006a65c  /system/lib64/libc.so (__rt_sigtimedwait+8)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 0000000000024a58  /system/lib64/libc.so (sigwait+64)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 000000000043dd08  /system/lib64/libart.so (_ZN3art9SignalSet4WaitEv+48)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 000000000043d7d8  /system/lib64/libart.so (_ZN3art13SignalCatcher13WaitForSignalEPNS_6ThreadERNS_9SignalSetE+240)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   native: #04 pc 000000000043bc78  /system/lib64/libart.so (_ZN3art13SignalCatcher3RunEPv+420)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   native: #05 pc 00000000000680e0  /system/lib64/libc.so (_ZL15__pthread_startPv+196)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   native: #06 pc 000000000001d940  /system/lib64/libc.so (__start_thread+16)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   (no managed stack frames)
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406] "ReferenceQueueDaemon" prio=5 tid=4 Waiting
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=1 dsCount=0 obj=0x12c57e50 self=0x7d68516600
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19947 nice=0 cgrp=default sched=0/0 handle=0x7d71e09450
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   | state=S schedstat=( 4057041 205153 37 ) utm=0 stm=0 core=4 HZ=100
07-13 13:56:32.812 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7d71d07000-0x7d71d09000 stackSize=1037KB
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes=
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   kernel: (couldn't read /proc/self/task/19947/stack)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 000000000001bcac  /system/lib64/libc.so (syscall+28)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 00000000000e73d8  /system/lib64/libart.so (_ZN3art17ConditionVariable16WaitHoldingLocksEPNS_6ThreadE+160)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 0000000000377f3c  /system/lib64/libart.so (_ZN3art7Monitor4WaitEPNS_6ThreadElibNS_11ThreadStateE+660)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 0000000000000810  /system/framework/arm64/boot.oat (Java_java_lang_Object_wait__+124)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Object.wait!(Native method)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   - waiting on <0x04bbff29> (a java.lang.Class<java.lang.ref.ReferenceQueue>)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Daemons$ReferenceQueueDaemon.run(Daemons.java:166)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   - locked <0x04bbff29> (a java.lang.Class<java.lang.ref.ReferenceQueue>)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Thread.run(Thread.java:761)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406] "FinalizerDaemon" prio=5 tid=5 Waiting
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=1 dsCount=0 obj=0x12c57ee0 self=0x7d72a96400
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19948 nice=0 cgrp=default sched=0/0 handle=0x7d71d04450
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   | state=S schedstat=( 8309498 78385 30 ) utm=0 stm=0 core=7 HZ=100
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7d71c02000-0x7d71c04000 stackSize=1037KB
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes=
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   kernel: (couldn't read /proc/self/task/19948/stack)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 000000000001bcac  /system/lib64/libc.so (syscall+28)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 00000000000e73d8  /system/lib64/libart.so (_ZN3art17ConditionVariable16WaitHoldingLocksEPNS_6ThreadE+160)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 0000000000377f3c  /system/lib64/libart.so (_ZN3art7Monitor4WaitEPNS_6ThreadElibNS_11ThreadStateE+660)
07-13 13:56:32.813 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 0000000000000980  /system/framework/arm64/boot.oat (Java_java_lang_Object_wait__JI+140)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Object.wait!(Native method)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   - waiting on <0x0e8052ae> (a java.lang.Object)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Object.wait(Object.java:407)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:188)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   - locked <0x0e8052ae> (a java.lang.Object)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:209)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Daemons$FinalizerDaemon.run(Daemons.java:220)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Thread.run(Thread.java:761)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406] "FinalizerWatchdogDaemon" prio=5 tid=6 Sleeping
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=1 dsCount=0 obj=0x12c57f70 self=0x7d72a96e00
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19949 nice=0 cgrp=default sched=0/0 handle=0x7d71bff450
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   | state=S schedstat=( 617692 291076 8 ) utm=0 stm=0 core=7 HZ=100
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7d71afd000-0x7d71aff000 stackSize=1037KB
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes=
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   kernel: (couldn't read /proc/self/task/19949/stack)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 000000000001bcb0  /system/lib64/libc.so (syscall+32)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 00000000000e7978  /system/lib64/libart.so (_ZN3art17ConditionVariable9TimedWaitEPNS_6ThreadEli+176)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 0000000000377f4c  /system/lib64/libart.so (_ZN3art7Monitor4WaitEPNS_6ThreadElibNS_11ThreadStateE+676)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 00000000000bc8c8  /system/framework/arm64/boot.oat (Java_java_lang_Thread_sleep__Ljava_lang_Object_2JI+164)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Thread.sleep!(Native method)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   - sleeping on <0x0668684f> (a java.lang.Object)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Thread.sleep(Thread.java:371)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   - locked <0x0668684f> (a java.lang.Object)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Thread.sleep(Thread.java:313)
07-13 13:56:32.814 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Daemons$FinalizerWatchdogDaemon.sleepFor(Daemons.java:330)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Daemons$FinalizerWatchdogDaemon.waitForFinalization(Daemons.java:352)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Daemons$FinalizerWatchdogDaemon.run(Daemons.java:269)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Thread.run(Thread.java:761)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406] "HeapTaskDaemon" prio=5 tid=7 WaitingForCheckPointsToRun
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=1 dsCount=0 obj=0x12c58f70 self=0x7d72a97800
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19950 nice=0 cgrp=default sched=0/0 handle=0x7d71afa450
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   | state=S schedstat=( 121731422 5411270 115 ) utm=10 stm=1 core=4 HZ=100
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7d719f8000-0x7d719fa000 stackSize=1037KB
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes=
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   kernel: (couldn't read /proc/self/task/19950/stack)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 000000000001bcac  /system/lib64/libc.so (syscall+28)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 00000000000e73d8  /system/lib64/libart.so (_ZN3art17ConditionVariable16WaitHoldingLocksEPNS_6ThreadE+160)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 00000000000dfd40  /system/lib64/libart.so (_ZN3art7Barrier9IncrementEPNS_6ThreadEi+84)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 00000000001e8a58  /system/lib64/libart.so (_ZN3art2gc9collector9MarkSweep19MarkRootsCheckpointEPNS_6ThreadEb+712)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #04 pc 00000000001e8654  /system/lib64/libart.so (_ZN3art2gc9collector9MarkSweep13PreCleanCardsEv+232)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #05 pc 00000000001e7f2c  /system/lib64/libart.so (_ZN3art2gc9collector9MarkSweep12MarkingPhaseEv+220)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #06 pc 00000000001e7d34  /system/lib64/libart.so (_ZN3art2gc9collector9MarkSweep9RunPhasesEv+212)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #07 pc 00000000001e048c  /system/lib64/libart.so (_ZN3art2gc9collector16GarbageCollector3RunENS0_7GcCauseEb+332)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #08 pc 00000000002100a0  /system/lib64/libart.so (_ZN3art2gc4Heap22CollectGarbageInternalENS0_9collector6GcTypeENS0_7GcCauseEb+3104)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #09 pc 00000000002175d8  /system/lib64/libart.so (_ZN3art2gc4Heap12ConcurrentGCEPNS_6ThreadEb+124)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #10 pc 000000000021e664  /system/lib64/libart.so (_ZN3art2gc4Heap16ConcurrentGCTask3RunEPNS_6ThreadE+36)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #11 pc 00000000002402c0  /system/lib64/libart.so (_ZN3art2gc13TaskProcessor11RunAllTasksEPNS_6ThreadE+64)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   native: #12 pc 00000000001e5110  /system/framework/arm64/boot-core-libart.oat (Java_dalvik_system_VMRuntime_runHeapTasks__+124)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   at dalvik.system.VMRuntime.runHeapTasks(Native method)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Daemons$HeapTaskDaemon.run(Daemons.java:449)
07-13 13:56:32.815 F/art     (19940): art/runtime/runtime.cc:406]   at java.lang.Thread.run(Thread.java:761)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406] "Binder:19940_1" prio=5 tid=8 Native
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=1 dsCount=0 obj=0x12c58dc0 self=0x7d6ae17400
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19951 nice=0 cgrp=default sched=0/0 handle=0x7d718f7450
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   | state=S schedstat=( 3529961 493077 10 ) utm=0 stm=0 core=4 HZ=100
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7d717fd000-0x7d717ff000 stackSize=1005KB
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes=
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   kernel: (couldn't read /proc/self/task/19951/stack)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 000000000006a568  /system/lib64/libc.so (__ioctl+4)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 000000000001f888  /system/lib64/libc.so (ioctl+144)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 0000000000059890  /system/lib64/libbinder.so (_ZN7android14IPCThreadState14talkWithDriverEb+260)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 00000000000599f0  /system/lib64/libbinder.so (_ZN7android14IPCThreadState20getAndExecuteCommandEv+24)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   native: #04 pc 000000000005a0c8  /system/lib64/libbinder.so (_ZN7android14IPCThreadState14joinThreadPoolEb+60)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   native: #05 pc 00000000000770b4  /system/lib64/libbinder.so (???)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   native: #06 pc 0000000000012560  /system/lib64/libutils.so (_ZN7android6Thread11_threadLoopEPv+272)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   native: #07 pc 000000000009c0a0  /system/lib64/libandroid_runtime.so (_ZN7android14AndroidRuntime15javaThreadShellEPv+116)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   native: #08 pc 00000000000680e0  /system/lib64/libc.so (_ZL15__pthread_startPv+196)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   native: #09 pc 000000000001d940  /system/lib64/libc.so (__start_thread+16)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   (no managed stack frames)
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406] "Binder:19940_2" prio=5 tid=9 Native
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=1 dsCount=0 obj=0x12c58d30 self=0x7d72ac1200
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19952 nice=0 cgrp=default sched=0/0 handle=0x7d717fa450
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   | state=S schedstat=( 2188193 42192 11 ) utm=0 stm=0 core=4 HZ=100
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7d71700000-0x7d71702000 stackSize=1005KB
07-13 13:56:32.816 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes=
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   kernel: (couldn't read /proc/self/task/19952/stack)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 000000000006a568  /system/lib64/libc.so (__ioctl+4)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 000000000001f888  /system/lib64/libc.so (ioctl+144)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 0000000000059890  /system/lib64/libbinder.so (_ZN7android14IPCThreadState14talkWithDriverEb+260)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 00000000000599f0  /system/lib64/libbinder.so (_ZN7android14IPCThreadState20getAndExecuteCommandEv+24)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #04 pc 000000000005a0c8  /system/lib64/libbinder.so (_ZN7android14IPCThreadState14joinThreadPoolEb+60)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #05 pc 00000000000770b4  /system/lib64/libbinder.so (???)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #06 pc 0000000000012560  /system/lib64/libutils.so (_ZN7android6Thread11_threadLoopEPv+272)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #07 pc 000000000009c0a0  /system/lib64/libandroid_runtime.so (_ZN7android14AndroidRuntime15javaThreadShellEPv+116)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #08 pc 00000000000680e0  /system/lib64/libc.so (_ZL15__pthread_startPv+196)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #09 pc 000000000001d940  /system/lib64/libc.so (__start_thread+16)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   (no managed stack frames)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406] "Profile Saver" prio=5 tid=10 Native
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=1 dsCount=0 obj=0x12c58af0 self=0x7d6ae27800
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19967 nice=0 cgrp=default sched=0/0 handle=0x7d716e7450
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   | state=S schedstat=( 312346 0 1 ) utm=0 stm=0 core=5 HZ=100
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7d715ed000-0x7d715ef000 stackSize=1005KB
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes=
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   kernel: (couldn't read /proc/self/task/19967/stack)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 000000000001bcb0  /system/lib64/libc.so (syscall+32)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 00000000000e7978  /system/lib64/libart.so (_ZN3art17ConditionVariable9TimedWaitEPNS_6ThreadEli+176)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 000000000031a408  /system/lib64/libart.so (_ZN3art12ProfileSaver3RunEv+160)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 000000000031bba8  /system/lib64/libart.so (_ZN3art12ProfileSaver21RunProfileSaverThreadEPv+100)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #04 pc 00000000000680e0  /system/lib64/libc.so (_ZL15__pthread_startPv+196)
07-13 13:56:32.817 F/art     (19940): art/runtime/runtime.cc:406]   native: #05 pc 000000000001d940  /system/lib64/libc.so (__start_thread+16)
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   (no managed stack frames)
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406] "crash_crash_cb" prio=5 tid=11 Native
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=1 dsCount=0 obj=0x12c2fe50 self=0x7d68540600
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19978 nice=0 cgrp=default sched=0/0 handle=0x7d4bbff450
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   | state=S schedstat=( 346731 0 1 ) utm=0 stm=0 core=4 HZ=100
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7d4bb05000-0x7d4bb07000 stackSize=1005KB
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes=
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   kernel: (couldn't read /proc/self/task/19978/stack)
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 000000000006af70  /system/lib64/libc.so (read+4)
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 0000000000007508  /data/app/tv.danmaku.bili-1/lib/arm64/libbili_core.so (???)
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 00000000000680e0  /system/lib64/libc.so (_ZL15__pthread_startPv+196)
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 000000000001d940  /system/lib64/libc.so (__start_thread+16)
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   (no managed stack frames)
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406] "thread_back_io" prio=5 tid=12 Native
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   | group="" sCount=1 dsCount=0 obj=0x12d8c8b0 self=0x7d647a6000
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   | sysTid=19979 nice=1 cgrp=default sched=0/0 handle=0x7d4bb02450
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   | state=S schedstat=( 341039 0 2 ) utm=0 stm=0 core=4 HZ=100
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   | stack=0x7d4ba00000-0x7d4ba02000 stackSize=1037KB
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   | held mutexes=
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   kernel: (couldn't read /proc/self/task/19979/stack)
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   native: #00 pc 000000000006a47c  /system/lib64/libc.so (__epoll_pwait+8)
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   native: #01 pc 000000000001e05c  /system/lib64/libc.so (epoll_pwait+64)
07-13 13:56:32.818 F/art     (19940): art/runtime/runtime.cc:406]   native: #02 pc 0000000000018158  /system/lib64/libutils.so (_ZN7android6Looper9pollInnerEi+156)
07-13 13:56:32.819 F/art     (19940): art/runtime/runtime.cc:406]   native: #03 pc 000000000001800c  /system/lib64/libutils.so (_ZN7android6Looper8pollOnceEiPiS1_PPv+60)
07-13 13:56:32.819 F/art     (19940): art/runtime/runtime.cc:406]   native: #04 pc 00000000000eb99c  /system/lib64/libandroid_runtime.so (_ZN7android18NativeMessageQueue8pollOnceEP7_JNIEnvP8_jobjecti+48)
07-13 13:56:32.819 F/art     (19940): art/runtime/runtime.cc:406]   native: #05 pc 0000000000761390  /system/framework/arm64/boot-framework.oat (Java_android_os_MessageQueue_nativePollOnce__JI+140)
07-13 13:56:32.819 F/art     (19940): art/runtime/runtime.cc:406]   at android.os.MessageQueue.nativePollOnce(Native method)
07-13 13:56:32.819 F/art     (19940): art/runtime/runtime.cc:406]   at android.os.MessageQueue.next(MessageQueue.java:323)
07-13 13:56:32.819 F/art     (19940): art/runtime/runtime.cc:406]   at android.os.Looper.loop(Looper.java:136)
07-13 13:56:32.819 F/art     (19940): art/runtime/runtime.cc:406]   at android.os.HandlerThread.run(HandlerThread.java:61)
07-13 13:56:32.819 F/art     (19940): art/runtime/runtime.cc:406] 
07-13 13:56:32.819 F/art     (19940): art/runtime/runtime.cc:406]

墨墨背单词检测sandhook

请问大佬SandHook和Epic稳定性比起来如何

部分 MIUI 12 & Android 10 的小米手机，使用 SandHook 出现报错

RT，以下是部分日志，想请教下是什么原因，有什么办法能解决吗？

2020-11-18 21:02:27.565 3823-3823/? A/DEBUG: backtrace:
2020-11-18 21:02:27.565 3823-3823/? A/DEBUG: #00 pc 0000000000037d38 /system/lib64/libsandhook-native.so (SandHook::Decoder::Arm64Decoder::Disassemble(void*, unsigned long, SandHook::Decoder::InstVisitor&, bool)+72) (BuildId: 7836b240d507a8e1d948d7b8233a6f3f0c1a667f)
2020-11-18 21:02:27.565 3823-3823/? A/DEBUG: #1 pc 00000000000383ac /system/lib64/libsandhook-native.so (SandHook::Asm::CodeRelocateA64::Relocate(void*, unsigned long, void*)+112) (BuildId: 7836b240d507a8e1d948d7b8233a6f3f0c1a667f)
2020-11-18 21:02:27.565 3823-3823/? A/DEBUG: #2 pc 0000000000039048 /system/lib64/libsandhook-native.so (SandHook::Hook::InlineHookArm64Android::Hook(void*, void*)+248) (BuildId: 7836b240d507a8e1d948d7b8233a6f3f0c1a667f)
2020-11-18 21:02:27.565 3823-3823/? A/DEBUG: #3 pc 000000000002060c /system/lib64/libsandhook.so (hookClassInit+96) (BuildId: 3d65fe7ec763668d7cffb20e1b03723f6e315705)
2020-11-18 21:02:27.565 3823-3823/? A/DEBUG: #4 pc 000000000001ce48 /system/lib64/libsandhook.so (Java_com_swift_sandhook_SandHook_initForPendingHook+116) (BuildId: 3d65fe7ec763668d7cffb20e1b03723f6e315705)
2020-11-18 21:02:27.565 3823-3823/? A/DEBUG: #5 pc 0000000000140350 /apex/com.android.runtime/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.565 3823-3823/? A/DEBUG: #6 pc 00000000001375b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #7 pc 000000000014600c /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #8 pc 00000000002e3800 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #9 pc 00000000002dea60 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+892) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #10 pc 00000000005a3aa8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (MterpInvokeStatic+372) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #11 pc 0000000000131994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #12 pc 00000000000969a6 [anon:dalvik-classes.dex extracted in memory from /system/framework/framework-coo.jar] (com.swift.sandhook.PendingHookHandler.+22)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #13 pc 00000000002b4b14 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.7452927453013456699+240) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #14 pc 000000000059253c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (artQuickToInterpreterBridge+1032) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #15 pc 0000000000140468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #16 pc 00000000001375b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #17 pc 000000000014600c /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #18 pc 00000000001723b0 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x157000) (art::ClassLinker::InitializeClass(art::Thread*, art::Handleart::mirror::Class, bool, bool)+2312) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #19 pc 000000000015ced8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x157000) (art::ClassLinker::EnsureInitialized(art::Thread*, art::Handleart::mirror::Class, bool, bool)+92) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #20 pc 00000000002e3894 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+532) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #21 pc 00000000002dea60 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+892) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #22 pc 00000000005a3aa8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (MterpInvokeStatic+372) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #23 pc 0000000000131994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #24 pc 000000000009773a [anon:dalvik-classes.dex extracted in memory from /system/framework/framework-coo.jar] (com.swift.sandhook.SandHook.hook+70)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #25 pc 00000000005a3d44 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (MterpInvokeStatic+1040) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #26 pc 0000000000131994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #27 pc 00000000000a23a2 [anon:dalvik-classes.dex extracted in memory from /system/framework/framework-coo.jar] (com.swift.sandhook.coocompat.methodgen.DynamicBridge.hookMethod+238)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #28 pc 00000000002b4b14 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.7452927453013456699+240) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #29 pc 000000000059253c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (artQuickToInterpreterBridge+1032) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #30 pc 0000000000140468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #31 pc 00000000001375b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #32 pc 000000000014600c /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #33 pc 00000000002e3800 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #34 pc 00000000002dea60 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+892) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #35 pc 00000000005a3aa8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (MterpInvokeStatic+372) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #36 pc 0000000000131994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #37 pc 0000000000092002 [anon:dalvik-classes.dex extracted in memory from /system/framework/framework-coo.jar] (com.android.framework.coo.CooBridge.hookMethodNative+10)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #38 pc 00000000005a3d44 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (MterpInvokeStatic+1040) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #39 pc 0000000000131994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #40 pc 0000000000091d76 [anon:dalvik-classes.dex extracted in memory from /system/framework/framework-coo.jar] (com.android.framework.coo.CooBridge.hookMethod+298)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #41 pc 00000000002b4b14 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.7452927453013456699+240) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.566 3823-3823/? A/DEBUG: #42 pc 000000000059253c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (artQuickToInterpreterBridge+1032) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #43 pc 0000000000140468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #44 pc 00000000001375b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #45 pc 000000000014600c /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #46 pc 00000000002e3800 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #47 pc 00000000002dea60 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+892) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #48 pc 00000000005a3aa8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (MterpInvokeStatic+372) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #49 pc 0000000000131994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #50 pc 00000000000924ce [anon:dalvik-classes.dex extracted in memory from /system/framework/framework-coo.jar] (com.android.framework.coo.Coo.findAndHookMethod+62)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #51 pc 00000000002b4b14 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.7452927453013456699+240) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #52 pc 000000000059253c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (artQuickToInterpreterBridge+1032) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #53 pc 0000000000140468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #54 pc 00000000001375b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #55 pc 000000000014600c /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #56 pc 00000000002e3800 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #57 pc 00000000002dea60 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+892) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #58 pc 00000000005a3aa8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (MterpInvokeStatic+372) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #59 pc 0000000000131994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #60 pc 0000000000095698 [anon:dalvik-classes.dex extracted in memory from /system/framework/framework-coo.jar] (com.android.framework.coo.main.onStart+40)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #61 pc 00000000005a3d44 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (MterpInvokeStatic+1040) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #62 pc 0000000000131994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #63 pc 000000000009571a [anon:dalvik-classes.dex extracted in memory from /system/framework/framework-coo.jar] (com.android.framework.coo.main.onSystemServerStart+62)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #64 pc 00000000002b4b14 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.7452927453013456699+240) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #65 pc 000000000059253c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4bb000) (artQuickToInterpreterBridge+1032) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #66 pc 0000000000140468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #67 pc 00000000001375b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #68 pc 000000000014600c /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #69 pc 00000000004b0f40 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ee000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #70 pc 00000000004b0b30 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ee000) (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+408) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #71 pc 00000000003bb6b4 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+624) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #72 pc 000000000004c4cc /system/lib64/libriru_CooWind.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+116) (BuildId: f4440d6707b978318fe0f356c8e1decb486cba2b)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #73 pc 000000000004c014 /system/lib64/libriru_CooWind.so (Coo::Context::onSystemServerStart(_JNIEnv*)+268) (BuildId: f4440d6707b978318fe0f356c8e1decb486cba2b)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #74 pc 000000000004c5d4 /system/lib64/libriru_CooWind.so (nativeForkSystemServerPost+32) (BuildId: f4440d6707b978318fe0f356c8e1decb486cba2b)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #75 pc 000000000000bbec /system/lib64/libmemtrack.so (BuildId: b057242d5c6d0ff1bc31a9c75ad7318f94273fe0)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #76 pc 00000000022eefec /system/framework/arm64/boot-framework.oat (art_jni_trampoline+252) (BuildId: c5407c051a8976843c5a4f334b50aaf4fa00e01d)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #77 pc 00000000022f5d0c /system/framework/arm64/boot-framework.oat (com.android.internal.os.ZygoteInit.forkSystemServer+1340) (BuildId: c5407c051a8976843c5a4f334b50aaf4fa00e01d)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #78 pc 00000000022f6fe0 /system/framework/arm64/boot-framework.oat (com.android.internal.os.ZygoteInit.main+1952) (BuildId: c5407c051a8976843c5a4f334b50aaf4fa00e01d)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #79 pc 00000000001375b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #80 pc 000000000014600c /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #81 pc 00000000004b0f40 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ee000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #82 pc 00000000004b0b30 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ee000) (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+408) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #83 pc 00000000003bb6b4 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x297000) (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+624) (BuildId: ab384bba78c42c67d77af1934002f275)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #84 pc 00000000000c19ec /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+116) (BuildId: 8220b57e0c265b51b59e6f6ff54cd456)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #85 pc 00000000000c49b0 /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vectorandroid::String8 const&, bool)+944) (BuildId: 8220b57e0c265b51b59e6f6ff54cd456)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #86 pc 00000000000035bc /system/bin/app_process64 (main+1388) (BuildId: 27cd9ba96bffd08740403a49d59f8818)
2020-11-18 21:02:27.567 3823-3823/? A/DEBUG: #87 pc 000000000007e978 /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108) (BuildId: 85ab2bc1ae7f4dbc4ee5d68f94085e8b)

DexMaker.generateClassLoader会卡出

return (ClassLoader) Class.forName("dalvik.system.DexClassLoader")
.getConstructor(String.class, String.class, String.class, ClassLoader.class)
.newInstance(result.getPath(), dexCache.getAbsolutePath(), null,
preferredClassLoader)
这一行会卡住是什么原因呀魅蓝5s flyme5

hook返回值为long类型的方法

Cloned App not starting

Android Q Beta5 测试自己的app和hook QQ都会直接闪退

附上错误日志

Crash at Huawei nova4

2019-07-25 01:30:10.151 18117-18117/? A/MicroMsg_Crash: Process: com.tencent.mm
Crash Thread: 18117(total:166)
Date/Time: 2019-07-25 +8.00 01:30:10.128
Live Time: 360s
Device: VCE-AL00 android-28
Exception info:
Siginfo: errno:0, pid:505771, uid:0, process:UNKNOWN
Memory Info: total:5700M rss:328M
2019-07-25 01:30:10.151 18117-18117/? A/MicroMsg_Crash: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: HUAWEI/VCE-AL00/HWVCE:9/HUAWEIVCE-AL00/182C00:user/release-keys
pid: 18117, tid: 18117(main thread) >>> com.tencent.mm <<<
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0007b7ab
2019-07-25 01:30:10.180 18117-18117/? A/MicroMsg_Crash: #00 pc 0x428cb2 /system/lib/libart.so (???)
#1 pc 0x3409 /dev/ashmem/dalvik-jit-code-cache (deleted) (???)

EMUI 9.0.1.182
Android 9

Native Hook崩溃

设备信息：三星J3109，Android 5.1.1，armeabi-v7a

测试代码：

bool targetFunction() {
    LOGI("target function");
    for(int i = 0;i < 1;++i) {
        LOGI("for loop %d", i);
    }
    return false;
}

bool (*orgi_target)() = nullptr;

bool hook() {
    LOGI("Before hook method");
    bool result = orgi_target();
    LOGI("After hook method: result is %s", result ? "yes" : "no");
    result = !result;
    LOGI("Reset result to %s", result ? "yes" : "no");
    return result;
}

void test() {
    orgi_target = reinterpret_cast<bool (*)()> (SandInlineHook((void *) targetFunction, (void *) hook));
    LOGI("Hooked target function; try call it");
    bool result = targetFunction();
    LOGI("target() returned %s", result ? "yes" : "no");
}

log：

I/DEBUG   (29383): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** 
I/DEBUG   (29383): Build fingerprint: 'samsung/j3ltectc/j3ltectc:5.1.1/LMY47X/J3109KES1AQI1:user/release-keys'
I/DEBUG   (29383): Revision: '6'
I/DEBUG   (29383): ABI: 'arm'
I/DEBUG   (29383): pid: 12928, tid: 12928, name: .nativehooktest  >>> com.canyie.nativehooktest <<<
I/DEBUG   (29383): signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0xb7f3ef78
I/DEBUG   (29383):     r0 b7f63a58  r1 b7f63a58  r2 b7f3ef78  r3 beaea8e8
I/DEBUG   (29383):     r4 00000008  r5 a232d315  r6 b7f63740  r7 beaeabf0
I/DEBUG   (29383):     r8 12c42ef0  r9 b7c46778  sl 00000000  fp 00000000
I/DEBUG   (29383):     ip b6e58128  sp beaeaae8  lr a233c569  pc b7f3ef78  cpsr 200b0010
I/DEBUG   (29383):
I/DEBUG   (29383): backtrace:
I/DEBUG   (29383):     #00 pc 000dff78  [heap]
I/DEBUG   (29383):     #01 pc 0004b567  /data/app/com.canyie.nativehooktest-2/lib/arm/libsandhook-native.so (_ZN8SandHook7Decoder12Arm32Decoder11DisassembleEPvjRNS0_11InstVisitorEb+1510)
I/DEBUG   (29383):     #02 pc 0004d9dd  /data/app/com.canyie.nativehooktest-2/lib/arm/libsandhook-native.so (_ZN8SandHook3Asm15CodeRelocateA328RelocateEPvjS2_+228)
I/DEBUG   (29383):     #03 pc 0004bc2d  /data/app/com.canyie.nativehooktest-2/lib/arm/libsandhook-native.so (_ZN8SandHook4Hook22InlineHookArm32Android4HookEPvS2_+412)
I/DEBUG   (29383):     #04 pc 0003c587  /data/app/com.canyie.nativehooktest-2/lib/arm/libsandhook-native.so (SandInlineHook+42)
I/DEBUG   (29383):     #05 pc 0003c44f  /data/app/com.canyie.nativehooktest-2/lib/arm/libsandhook-native.so (Java_com_swift_sandhook_nativehook_NativeHook_test+30)
I/DEBUG   (29383):     #06 pc 00000305  /data/dalvik-cache/arm/data@[email protected]@[email protected]

内置 sandhook 对qq进行hook会频繁弹出停止运行，但是没有停止运行

贴上错误日志，dex2oat处于禁用状态

Build fingerprint: 'Xiaomi/sagit/sagit:9/PKQ1.190118.001/9.8.1:user/release-keys'
Revision: '0'
ABI: 'arm'
pid: 18614, tid: 18614, name: q:mini_internal >>> com.tencent.mobileqq:mini_internal <<<
signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
Abort message: 'thread-inl.h:267] Transitioning to runnable with checkpoint flag, flags=2 state=67'
r0 00000000 r1 000048b6 r2 00000006 r3 00000008
r4 000048b6 r5 000048b6 r6 ffe8cde4 r7 0000010c
r8 0000000d r9 ffe8cea0 r10 e79bad2c r11 e48ed3d8
ip e639c3cc sp ffe8cdd0 lr e6307789 pc e62fefaa

backtrace:
#00 pc 0001cfaa /system/lib/libc.so (abort+58)
#1 pc 0034fe33 /system/lib/libart.so (offset 0x2b0000) (art::Runtime::Abort(char const*)+910)
#2 pc 0000738f /system/lib/libbase.so (android::base::LogMessage::~LogMessage()+494)
#3 pc 003da5bf /system/lib/libart.so (offset 0x345000) (_ZN3artL12GoToRunnableEPNS_6ThreadE.llvm.829164332+258)
#4 pc 003da495 /system/lib/libart.so (offset 0x345000) (art::JniMethodEnd(unsigned int, art::Thread*)+8)
#5 pc 0013505d /data/app/com.tencent.mobileqq-NOwJYyC_QPj7GQSL5cp3qg==/oat/arm/base.odex (offset 0x134000) (com.tencent.image.NativeGifImage.nativeOpenFile [DEDUPED]+180)
#6 pc 0000d5d5 anonymous:ca9c6000

"execute-only (no-read) memory access error" on android 10

I tried to inject sandhook into com.android.systemui. Same code works on Android 9, and Android 8, but fails on my Android 10 device.

Related topic about system binaries/libraries mapped to execute-only memory:
https://developer.android.com/about/versions/10/behavior-changes-all

Log as following:

2020-04-29 09:41:50.293 3856-3856/? E//system/bin/tombstoned: Tombstone written to: /data/tombstones/tombstone_41
2020-04-29 09:41:50.425 4315-4793/system_process E/PowerHintCallback: sceneId: 0 is invalid
2020-04-29 09:41:52.428 28267-28267/com.android.systemui A/libc: Fatal signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x7ddf72e0f0 in tid 28267 (ndroid.systemui), pid 28267 (ndroid.systemui)
2020-04-29 09:41:52.563 28364-28364/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2020-04-29 09:41:52.564 28364-28364/? A/DEBUG: Native Crash TIME: 699171
2020-04-29 09:41:52.564 28364-28364/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2020-04-29 09:41:52.564 28364-28364/? A/DEBUG: Build fingerprint: 'Hisense/HITV101C/HITV101C:10/QP1A.190711.020/L1704.6.01.02:userdebug/release-keys'
2020-04-29 09:41:52.564 28364-28364/? A/DEBUG: Revision: '0'
2020-04-29 09:41:52.564 28364-28364/? A/DEBUG: ABI: 'arm64'
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: Timestamp: 2020-04-29 09:41:52+0800
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: pid: 28267, tid: 28267, name: ndroid.systemui >>> com.android.systemui <<<
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: uid: 10124
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x7ddf72e0f0
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: Cause: execute-only (no-read) memory access error; likely due to data in .text.
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x0 0000007e649fc500 x1 0000007ddf72e0f0 x2 0000000000000010 x3 0000007ffa6e7938
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x4 0000000000000001 x5 0000000000000004 x6 0000007ffa6e774c x7 0000000000000000
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x8 0000007dd5a6b1b8 x9 0000000000000001 x10 0000000000000002 x11 0000007e649f45fc
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x12 0000000000000004 x13 0000000000000020 x14 0000800000000000 x15 000040785b61b01a
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x16 0000007dd5ab13b0 x17 0000007dd5a64f9c x18 0000007e65baa000 x19 0000000000000001
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x20 0000007ddf72e0f0 x21 0000007ffa6e7938 x22 0000007ddf72e0f0 x23 0000007ddf72e100
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x24 0000000014000000 x25 0000000036000000 x26 0000000034000000 x27 0000000018000000
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x28 0000000010000000 x29 0000007ffa6e78e0
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: sp 0000007ffa6e7890 lr 0000007dd5a6b87c pc 0000007dd5a6b200
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: backtrace:
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #00 pc 0000000000038200 /system/lib64/libsandhook-native.so (SandHook::Decoder::Arm64Decoder::Disassemble(void*, unsigned long, SandHook::Decoder::InstVisitor&, bool)+72) (BuildId: b5895ae75b6d2c9c0d91e7009e375560b584adf4)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #1 pc 0000000000038878 /system/lib64/libsandhook-native.so (SandHook::Asm::CodeRelocateA64::Relocate(void*, unsigned long, void*)+112) (BuildId: b5895ae75b6d2c9c0d91e7009e375560b584adf4)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #2 pc 000000000003951c /system/lib64/libsandhook-native.so (SandHook::Hook::InlineHookArm64Android::Hook(void*, void*)+248) (BuildId: b5895ae75b6d2c9c0d91e7009e375560b584adf4)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #3 pc 000000000001f5d8 /system/lib64/libsandhook.so (hookClassInit+96) (BuildId: c984836bf8b0da7e47ef63c5dca156a78920d345)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #4 pc 000000000001d01c /system/lib64/libsandhook.so (Java_com_swift_sandhook_SandHook_initForPendingHook+116) (BuildId: c984836bf8b0da7e47ef63c5dca156a78920d345)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #5 pc 000000000013f350 /apex/com.android.runtime/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #6 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #7 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #8 pc 00000000002ddb90 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #9 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #10 pc 0000000000590dbc /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+552) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #11 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #12 pc 00000000002fb87e [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.PendingHookHandler.+14)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #13 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #14 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #15 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #16 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #17 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #18 pc 00000000001705cc /apex/com.android.runtime/lib64/libart.so (art::ClassLinker::InitializeClass(art::Thread*, art::Handleart::mirror::Class, bool, bool)+1912) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #19 pc 000000000015b7c0 /apex/com.android.runtime/lib64/libart.so (art::ClassLinker::EnsureInitialized(art::Thread*, art::Handleart::mirror::Class, bool, bool)+92) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #20 pc 00000000002ddc24 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+532) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #21 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #22 pc 0000000000590dbc /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+552) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #23 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #24 pc 00000000002fc546 [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.SandHook.hook+70)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #25 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #26 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #27 pc 00000000002fe84e [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.wrapper.HookWrapper.addHookClass+66)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #28 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #29 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #30 pc 00000000002fe8cc [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.wrapper.HookWrapper.addHookClass+12)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #31 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #32 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #33 pc 00000000002fe8ee [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.wrapper.HookWrapper.addHookClass+2)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #34 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #35 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #36 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #37 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #38 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #39 pc 00000000002ddb90 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #40 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #41 pc 0000000000590dbc /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+552) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #42 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #43 pc 00000000002fc4a8 [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.SandHook.addHookClass)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #44 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #45 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #46 pc 000000000029de30 [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.hooks.HookHelper.start+404)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #47 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #48 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #49 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #50 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #51 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #52 pc 00000000002ddb90 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #53 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #54 pc 0000000000590dbc /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+552) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #55 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #56 pc 000000000029e13e [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.hooks.androidUiHook.AndroidUiHookMngr.start+26)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #57 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #58 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #59 pc 000000000029b13c [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.appMonitors.AndroidUiMonitor.init+16)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #60 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #61 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #62 pc 0000000000299dae [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.Monitor.lambda$init$0+286)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #63 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #64 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #65 pc 0000000000299460 [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.-$$Lambda$Monitor$YdIBKFMUa8iIUEg19Fa2l-zjVoI.call+8)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #66 pc 000000000058fc5c /apex/com.android.runtime/lib64/libart.so (MterpInvokeInterface+1740) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #67 pc 0000000000130a14 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #68 pc 0000000000299c1a [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.Monitor.init+290)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #69 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #70 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #71 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #72 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #73 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #74 pc 00000000004a15d0 /apex/com.android.runtime/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #75 pc 00000000004a300c /apex/com.android.runtime/lib64/libart.so (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1476) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #76 pc 00000000004314fc /apex/com.android.runtime/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #77 pc 000000000013f350 /apex/com.android.runtime/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #78 pc 0000000000136334 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #79 pc 0000000000145060 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+244) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #80 pc 00000000002ddb90 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #81 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #82 pc 000000000058e214 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+836) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #83 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #84 pc 000000000020738e /system/framework/framework.jar (android.app.Instrumentation.newApplication+122)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #85 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #86 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #87 pc 000000000020c26c /system/framework/framework.jar (android.app.LoadedApk.makeApplication+120)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #88 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #89 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #90 pc 000000000019672a /system/framework/framework.jar (android.app.ActivityThread.handleBindApplication+2126)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #91 pc 00000000005907f8 /apex/com.android.runtime/lib64/libart.so (MterpInvokeDirect+1168) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #92 pc 0000000000130914 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_direct+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #93 pc 0000000000193580 /system/framework/framework.jar (android.app.ActivityThread.access$1300)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #94 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #95 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #96 pc 000000000018faec /system/framework/framework.jar (android.app.ActivityThread$H.handleMessage+1504)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #97 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #98 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #99 pc 000000000030942e /system/framework/framework.jar (android.os.Handler.dispatchMessage+38)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #100 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #101 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #102 pc 000000000032fc56 /system/framework/framework.jar (android.os.Looper.loop+466)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #103 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #104 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #105 pc 000000000019a2d2 /system/framework/framework.jar (android.app.ActivityThread.main+430)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #106 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #107 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #108 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #109 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #110 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #111 pc 00000000004a15d0 /apex/com.android.runtime/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #112 pc 00000000004a300c /apex/com.android.runtime/lib64/libart.so (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1476) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #113 pc 00000000004314fc /apex/com.android.runtime/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #114 pc 000000000013f350 /apex/com.android.runtime/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #115 pc 0000000000136334 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #116 pc 0000000000145060 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+244) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #117 pc 00000000002ddb90 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #118 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #119 pc 000000000058e214 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+836) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #120 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #121 pc 000000000036de56 /system/framework/framework.jar (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+22)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #122 pc 000000000058fc5c /apex/com.android.runtime/lib64/libart.so (MterpInvokeInterface+1740) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #123 pc 0000000000130a14 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #124 pc 00000000003723d0 /system/framework/framework.jar (com.android.internal.os.ZygoteInit.main+544)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #125 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #126 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #127 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #128 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #129 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #130 pc 00000000004a15d0 /apex/com.android.runtime/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #131 pc 00000000004a1234 /apex/com.android.runtime/lib64/libart.so (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+408) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #132 pc 00000000003b24e0 /apex/com.android.runtime/lib64/libart.so (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+764) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #133 pc 00000000000bf560 /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+116) (BuildId: ccbaf629716e65229e6045c140cc8de4)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #134 pc 00000000000c23f4 /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vectorandroid::String8 const&, bool)+780) (BuildId: ccbaf629716e65229e6045c140cc8de4)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #135 pc 00000000000034e0 /system/bin/app_process64 (main+1168) (BuildId: 7e61d8aa51b58d718770bc767df8b480)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #136 pc 000000000007d458 /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108) (BuildId: f870d577419d3c0e6b7c369961c66fbd)
2020-04-29 09:41:52.917 3856-3856/? E//system/bin/tombstoned: Tombstone written to: /data/tombstones/tombstone_42
2020-04-29 09:41:53.038 4315-4793/system_process E/PowerHintCallback: sceneId: 0 is invalid
2020-04-29 09:41:53.703 3736-3736/? E/KERNEL_MON: The error is No such file or directory
2020-04-29 09:41:54.288 3860-3860/? E/CRASH_MON: The error is No such file or directory
2020-04-29 09:41:55.035 28371-28371/com.android.systemui A/libc: Fatal signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x7ddf72e0f0 in tid 28371 (ndroid.systemui), pid 28371 (ndroid.systemui)
2020-04-29 09:41:55.172 28406-28406/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2020-04-29 09:41:55.172 28406-28406/? A/DEBUG: Native Crash TIME: 701779
2020-04-29 09:41:55.172 28406-28406/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2020-04-29 09:41:55.173 28406-28406/? A/DEBUG: Build fingerprint: 'Hisense/HITV101C/HITV101C:10/QP1A.190711.020/L1704.6.01.02:userdebug/release-keys'
2020-04-29 09:41:55.173 28406-28406/? A/DEBUG: Revision: '0'
2020-04-29 09:41:55.173 28406-28406/? A/DEBUG: ABI: 'arm64'
2020-04-29 09:41:55.174 28406-28406/? A/DEBUG: Timestamp: 2020-04-29 09:41:55+0800
2020-04-29 09:41:55.174 28406-28406/? A/DEBUG: pid: 28371, tid: 28371, name: ndroid.systemui >>> com.android.systemui <<<
2020-04-29 09:41:55.174 28406-28406/? A/DEBUG: uid: 10124
2020-04-29 09:41:55.174 28406-28406/? A/DEBUG: signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x7ddf72e0f0
2020-04-29 09:41:55.174 28406-28406/? A/DEBUG: Cause: execute-only (no-read) memory access error; likely due to data in .text.

XposedBridge没有invokeOriginalMethod方法？

XposedBridge没有invokeOriginalMethod方法？那怎么执行原方法？

Hook构造方法并对代码做了混淆配置,但是仍然不起作用,其他的方法都可以

使用的版本:4.1.7
问题现象:
如何不打包,不混淆直接运行的话,是没有任何问题的.
但是如果打正式包,并做了混淆, 同时我也做了相关的混淆配置,结果发现只有构造方法不能Hook成功.

项目的地址: https://github.com/xuexiangjys/SandHookTest

originMethod NPE

Caused by: java.lang.NullPointerException: Attempt to invoke interface method 'int java.lang.reflect.Member.getModifiers()' on a null object reference at com.swift.sandhook.SandHook.callOriginMethod(SpiderMan.java:175) at com.swift.sandhook.SandHook.callOriginMethod(SpiderMan.java:165) at com.swift.sandhook.xposedcompat.hookstub.HookStubManager.hookBridge(HookStubManager.java:372) at SandHookerNew_7hrlnqe1khj90va5eljsf5sh69.hook(Unknown Source:58)

编辑报错

Task :lib:generateJsonModelDebug FAILED
F:\va\vxposed\lib\src\main\jni\Android.mk:30: F:/va/vxposed/lib/src/main/jni/sk/sk.mk: No such file or directory
make: *** No rule to make target 'F:/va/vxposed/lib/src/main/jni/sk/sk.mk'. Stop.

Execution failed for task ':lib:generateJsonModelDebug'.

Build command failed.
Error while executing process C:\Users\hc\AppData\Local\Android\Sdk\ndk-bundle\ndk-build.cmd with arguments {NDK_PROJECT_PATH=null APP_BUILD_SCRIPT=F:\va\vxposed\lib\src\main\jni\Android.mk NDK_APPLICATION_MK=F:\va\vxposed\lib\src\main\jni\Application.mk APP_ABI=x86 NDK_ALL_ABIS=x86 NDK_DEBUG=1 APP_PLATFORM=android-19 NDK_OUT=F:/va/vxposed/lib/build/intermediates/ndkBuild/debug/obj NDK_LIBS_OUT=F:\va\vxposed\lib\build\intermediates\ndkBuild\debug\lib APP_SHORT_COMMANDS=false LOCAL_SHORT_COMMANDS=false -B -n}
Android NDK: WARNING: Ignoring unknown import directory: :F:/va/vxposed/lib/src/main/jni
Android NDK: WARNING:F:/va/vxposed/lib/src/main/jni/fb/Android.mk:fb: LOCAL_LDLIBS is always ignored for static libraries
Android NDK: WARNING:F:\va\vxposed\lib\src\main\jni\Android.mk:va++: non-system libraries in linker flags: -latomic
Android NDK: This is likely to result in incorrect builds. Try using LOCAL_STATIC_LIBRARIES
Android NDK: or LOCAL_SHARED_LIBRARIES instead to list the library dependencies of the
Android NDK: current module

内置模块后卡顿严重

正确配置后，整个应用都会严重卡顿，不执行hook代码就不会卡，不知道是哪里的问题

XposedCompat_New error

XposedCompat 没问题，只有 new 闪退

2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: Build fingerprint: 'OnePlus/OnePlus7Pro_CH/OnePlus7Pro:10/QKQ1.190716.003/1911010700:user/release-keys'
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: Revision: '0'
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: ABI: 'arm64'
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: Timestamp: 2020-07-15 01:52:00+0800
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: pid: 29197, tid: 29197, name: m.erin.hooking >>> com.erin.hooking <<<
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: uid: 10404
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x729f833adc
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: Cause: execute-only (no-read) memory access error; likely due to data in .text.
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: x0 00000072a0bc61b0 x1 000000729f833adc x2 0000000000000010 x3 0000007ff29b1198
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: x4 0000000000000001 x5 0000000000000004 x6 0000000000000000 x7 0000000000000080
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: x8 000000723593bcac x9 0000000000000002 x10 0000000000000001 x11 0000000000000000
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: x12 000000000000000d x13 0000000000005880 x14 0000000000000020 x15 aaaaaaaaaaaaaaab
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: x16 00000072359703f8 x17 0000007235935aac x18 00000072a09cac50 x19 0000000000000001
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: x20 000000729f833adc x21 0000007ff29b1198 x22 000000729f833adc x23 000000729f833aec
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: x24 0000000014000000 x25 0000000036000000 x26 0000000034000000 x27 0000000018000000
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: x28 0000000010000000 x29 0000007ff29b1140
2020-07-15 01:52:00.444 29236-29236/? A/DEBUG: sp 0000007ff29b10f0 lr 000000723593c370 pc 000000723593bcf4
2020-07-15 01:52:00.457 1523-8601/? D/OpColorGamutManager: notifyBlackListLayer isBlackListLayer = false
2020-07-15 01:52:00.457 1523-1959/? D/OpColorGamutManager: notifyVideoModeChange isVideo = false hasBlackListLayer = false
2020-07-15 01:52:00.588 29236-29236/? A/DEBUG: backtrace:
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #00 pc 0000000000037cf4 /data/app/com.venom.hooking-AH4v8eniiru13oooT83gBA==/lib/arm64/libsandhook-native.so (SandHook::Decoder::Arm64Decoder::Disassemble(void*, unsigned long, SandHook::Decoder::InstVisitor&, bool)+72) (BuildId: decbf1dc29a69b25f8eda3583f78058527511f95)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #1 pc 000000000003836c /data/app/com.venom.hooking-AH4v8eniiru13oooT83gBA==/lib/arm64/libsandhook-native.so (SandHook::Asm::CodeRelocateA64::Relocate(void*, unsigned long, void*)+112) (BuildId: decbf1dc29a69b25f8eda3583f78058527511f95)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #2 pc 0000000000039008 /data/app/com.venom.hooking-AH4v8eniiru13oooT83gBA==/lib/arm64/libsandhook-native.so (SandHook::Hook::InlineHookArm64Android::Hook(void*, void*)+248) (BuildId: decbf1dc29a69b25f8eda3583f78058527511f95)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #3 pc 00000000000317c0 /data/app/com.venom.hooking-AH4v8eniiru13oooT83gBA==/lib/arm64/libsandhook-native.so (SandInlineHookSym+96) (BuildId: decbf1dc29a69b25f8eda3583f78058527511f95)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #4 pc 0000000000005850 /data/app/com.venom.hooking-AH4v8eniiru13oooT83gBA==/lib/arm64/libfast-sandhook.mars.so (Java_com_swift_sandhook_xposedcompat_XposedCompat_init+212) (BuildId: 2db2fa859fae979f4eba3bef7bd1e4c0e2c2cfc5)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #5 pc 000000000013f350 /apex/com.android.runtime/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #6 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #7 pc 000000000014500c /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #8 pc 00000000002e281c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #9 pc 00000000002dda7c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+892) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #10 pc 00000000005a2adc /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeStatic+372) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #11 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #12 pc 000000000025ea60 [anon:dalvik-classes.dex extracted in memory from /data/app/com.erin.hooking-AH4v8eniiru13oooT83gBA==/base.apk] (com.swift.sandhook.xposedcompat.XposedCompat.init+76)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #13 pc 00000000002b3b30 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.3929369822492601747+240) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #14 pc 00000000002b9934 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (art::interpreter::ArtInterpreterToInterpreterBridge(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame*, art::JValue*)+216) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #15 pc 00000000002dda5c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+860) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #16 pc 00000000005a2adc /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeStatic+372) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #17 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #18 pc 000000000025e4e8 [anon:dalvik-classes.dex extracted in memory from /data/app/com.venom.hooking-AH4v8eniiru13oooT83gBA==/base.apk] (com.venom.xposed.sandhook.fast.HookFramework.init)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #19 pc 00000000005a1ae8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeInterface+1788) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #20 pc 0000000000130a14 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #21 pc 000000000025611e [anon:dalvik-classes.dex extracted in memory from /data/app/com.venom.hooking-AH4v8eniiru13oooT83gBA==/base.apk] (com.venom.xposed.bridge.MarsBridge.setup+54)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #22 pc 00000000005a02c8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeVirtual+1352) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #23 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #24 pc 00000000000377ac [anon:dalvik-classes2.dex extracted in memory from /data/app/com.erin.hooking-AH4v8eniiru13oooT83gBA==/base.apk!classes2.dex] (com.erin.hooking.Application.onCreate+48)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #25 pc 00000000005a02c8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeVirtual+1352) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #26 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #27 pc 00000000001f8380 /system/framework/framework.jar (android.app.Instrumentation.callApplicationOnCreate+60)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #28 pc 00000000005a02c8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeVirtual+1352) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #29 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #30 pc 000000000018c40a /system/framework/framework.jar (android.app.ActivityThread.handleBindApplication+2958)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #31 pc 00000000002b3b30 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.3929369822492601747+240) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #32 pc 0000000000591570 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (artQuickToInterpreterBridge+1032) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #33 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #34 pc 0000000000136334 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #35 pc 0000000000144fec /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+244) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #36 pc 00000000004aff10 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ed000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #37 pc 00000000004b1ab4 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ed000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1480) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #38 pc 000000000043cde8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ed000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #39 pc 00000000000c2c34 /system/framework/arm64/boot.oat (art_jni_trampoline+180) (BuildId: 9c5b079029dc900d8e51f890a6592e684a834eb6)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #40 pc 0000000000136334 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #41 pc 0000000000144fec /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+244) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #42 pc 00000000002e281c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #43 pc 00000000002dda7c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+892) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #44 pc 00000000005a0008 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeVirtual+648) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #45 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #46 pc 0000000000014412 [anon:dalvik-classes.dex extracted in memory from /system/framework/edxp.jar] (com.swift.sandhook.SandHook.callOriginMethod+86)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #47 pc 00000000005a2d78 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeStatic+1040) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #48 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #49 pc 00000000000144aa [anon:dalvik-classes.dex extracted in memory from /system/framework/edxp.jar] (com.swift.sandhook.SandHook.callOriginMethod+2)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #50 pc 00000000005a2d78 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeStatic+1040) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #51 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #52 pc 000000000001929e [anon:dalvik-classes.dex extracted in memory from /system/framework/edxp.jar] (com.swift.sandhook.xposedcompat.hookstub.HookStubManager.hookBridge+266)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #53 pc 00000000002b3b30 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.3929369822492601747+240) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #54 pc 0000000000591570 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (artQuickToInterpreterBridge+1032) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #55 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #56 pc 0000000000001244 [anon:dalvik-zygote-jit-code-cache] (com.swift.sandhook.xposedcompat.hookstub.MethodHookerStubs64.stub_hook_0+116)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #57 pc 0000000000136334 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #58 pc 0000000000144fec /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+244) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #59 pc 00000000002e281c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #60 pc 00000000002dda7c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+892) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #61 pc 00000000005a2330 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeDirect+424) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #62 pc 0000000000130914 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_direct+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #63 pc 0000000000188ff8 /system/framework/framework.jar (android.app.ActivityThread.access$1600)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #64 pc 00000000005a2d78 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeStatic+1040) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #65 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #66 pc 000000000018531e /system/framework/framework.jar (android.app.ActivityThread$H.handleMessage+1474)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #67 pc 00000000005a02c8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeVirtual+1352) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #68 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #69 pc 0000000000304cca /system/framework/framework.jar (android.os.Handler.dispatchMessage+38)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #70 pc 00000000005a02c8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeVirtual+1352) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #71 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #72 pc 0000000000329b7a /system/framework/framework.jar (android.os.Looper.loop+466)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #73 pc 00000000005a2d78 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeStatic+1040) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #74 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #75 pc 0000000000190108 /system/framework/framework.jar (android.app.ActivityThread.main+196)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #76 pc 00000000002b3b30 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.3929369822492601747+240) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #77 pc 0000000000591570 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (artQuickToInterpreterBridge+1032) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #78 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #79 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #80 pc 000000000014500c /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #81 pc 00000000004aff10 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ed000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #82 pc 00000000004b1ab4 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ed000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1480) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #83 pc 000000000043cde8 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ed000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #84 pc 00000000000c2c34 /system/framework/arm64/boot.oat (art_jni_trampoline+180) (BuildId: 9c5b079029dc900d8e51f890a6592e684a834eb6)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #85 pc 0000000000136334 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #86 pc 0000000000144fec /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+244) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #87 pc 00000000002e281c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #88 pc 00000000002dda7c /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+892) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #89 pc 00000000005a0008 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (MterpInvokeVirtual+648) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #90 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #91 pc 0000000000365032 /system/framework/framework.jar (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+22)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #92 pc 00000000002b3b30 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.3929369822492601747+240) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #93 pc 0000000000591570 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x4ba000) (artQuickToInterpreterBridge+1032) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #94 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #95 pc 00000000009d2740 /system/framework/arm64/boot-framework.oat (com.android.internal.os.ZygoteInit.main+2256) (BuildId: e8c10894e0a0b7392a00dbce09b67998c1e5d6b5)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #96 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #97 pc 000000000014500c /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #98 pc 00000000004aff10 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ed000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #99 pc 00000000004afb00 /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x3ed000) (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+408) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #100 pc 00000000003ba5ec /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x296000) (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+624) (BuildId: 615724283373fd93e5fb77101fe57dab)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #101 pc 00000000000c099c /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+116) (BuildId: e6bd16703da09cd81ffd2051c35a9b7d)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #102 pc 00000000000c3900 /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vectorandroid::String8 const&, bool)+988) (BuildId: e6bd16703da09cd81ffd2051c35a9b7d)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #103 pc 00000000000035b0 /system/bin/app_process64 (main+1376) (BuildId: d23f7f711e9d93214484f019017fb1a7)
2020-07-15 01:52:00.589 29236-29236/? A/DEBUG: #104 pc 000000000006ebc4 /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108) (BuildId: a2584ee8458a61d422edf24b4cd23b78)