Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"execute-only (no-read) memory access error" on android 10 #51

Open
baibaomen opened this issue Apr 29, 2020 · 5 comments
Open

"execute-only (no-read) memory access error" on android 10 #51

baibaomen opened this issue Apr 29, 2020 · 5 comments

Comments

@baibaomen
Copy link

I tried to inject sandhook into com.android.systemui. Same code works on Android 9, and Android 8, but fails on my Android 10 device.

Related topic about system binaries/libraries mapped to execute-only memory:
https://developer.android.com/about/versions/10/behavior-changes-all

Log as following:

2020-04-29 09:41:50.293 3856-3856/? E//system/bin/tombstoned: Tombstone written to: /data/tombstones/tombstone_41
2020-04-29 09:41:50.425 4315-4793/system_process E/PowerHintCallback: sceneId: 0 is invalid
2020-04-29 09:41:52.428 28267-28267/com.android.systemui A/libc: Fatal signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x7ddf72e0f0 in tid 28267 (ndroid.systemui), pid 28267 (ndroid.systemui)
2020-04-29 09:41:52.563 28364-28364/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2020-04-29 09:41:52.564 28364-28364/? A/DEBUG: Native Crash TIME: 699171
2020-04-29 09:41:52.564 28364-28364/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2020-04-29 09:41:52.564 28364-28364/? A/DEBUG: Build fingerprint: 'Hisense/HITV101C/HITV101C:10/QP1A.190711.020/L1704.6.01.02:userdebug/release-keys'
2020-04-29 09:41:52.564 28364-28364/? A/DEBUG: Revision: '0'
2020-04-29 09:41:52.564 28364-28364/? A/DEBUG: ABI: 'arm64'
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: Timestamp: 2020-04-29 09:41:52+0800
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: pid: 28267, tid: 28267, name: ndroid.systemui >>> com.android.systemui <<<
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: uid: 10124
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x7ddf72e0f0
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: Cause: execute-only (no-read) memory access error; likely due to data in .text.
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x0 0000007e649fc500 x1 0000007ddf72e0f0 x2 0000000000000010 x3 0000007ffa6e7938
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x4 0000000000000001 x5 0000000000000004 x6 0000007ffa6e774c x7 0000000000000000
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x8 0000007dd5a6b1b8 x9 0000000000000001 x10 0000000000000002 x11 0000007e649f45fc
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x12 0000000000000004 x13 0000000000000020 x14 0000800000000000 x15 000040785b61b01a
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x16 0000007dd5ab13b0 x17 0000007dd5a64f9c x18 0000007e65baa000 x19 0000000000000001
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x20 0000007ddf72e0f0 x21 0000007ffa6e7938 x22 0000007ddf72e0f0 x23 0000007ddf72e100
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x24 0000000014000000 x25 0000000036000000 x26 0000000034000000 x27 0000000018000000
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: x28 0000000010000000 x29 0000007ffa6e78e0
2020-04-29 09:41:52.565 28364-28364/? A/DEBUG: sp 0000007ffa6e7890 lr 0000007dd5a6b87c pc 0000007dd5a6b200
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: backtrace:
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #00 pc 0000000000038200 /system/lib64/libsandhook-native.so (SandHook::Decoder::Arm64Decoder::Disassemble(void*, unsigned long, SandHook::Decoder::InstVisitor&, bool)+72) (BuildId: b5895ae75b6d2c9c0d91e7009e375560b584adf4)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #1 pc 0000000000038878 /system/lib64/libsandhook-native.so (SandHook::Asm::CodeRelocateA64::Relocate(void*, unsigned long, void*)+112) (BuildId: b5895ae75b6d2c9c0d91e7009e375560b584adf4)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #2 pc 000000000003951c /system/lib64/libsandhook-native.so (SandHook::Hook::InlineHookArm64Android::Hook(void*, void*)+248) (BuildId: b5895ae75b6d2c9c0d91e7009e375560b584adf4)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #3 pc 000000000001f5d8 /system/lib64/libsandhook.so (hookClassInit+96) (BuildId: c984836bf8b0da7e47ef63c5dca156a78920d345)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #4 pc 000000000001d01c /system/lib64/libsandhook.so (Java_com_swift_sandhook_SandHook_initForPendingHook+116) (BuildId: c984836bf8b0da7e47ef63c5dca156a78920d345)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #5 pc 000000000013f350 /apex/com.android.runtime/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #6 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #7 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #8 pc 00000000002ddb90 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #9 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #10 pc 0000000000590dbc /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+552) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #11 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #12 pc 00000000002fb87e [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.PendingHookHandler.+14)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #13 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #14 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #15 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #16 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #17 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #18 pc 00000000001705cc /apex/com.android.runtime/lib64/libart.so (art::ClassLinker::InitializeClass(art::Thread*, art::Handleart::mirror::Class, bool, bool)+1912) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #19 pc 000000000015b7c0 /apex/com.android.runtime/lib64/libart.so (art::ClassLinker::EnsureInitialized(art::Thread*, art::Handleart::mirror::Class, bool, bool)+92) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #20 pc 00000000002ddc24 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+532) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #21 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #22 pc 0000000000590dbc /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+552) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #23 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #24 pc 00000000002fc546 [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.SandHook.hook+70)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #25 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #26 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #27 pc 00000000002fe84e [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.wrapper.HookWrapper.addHookClass+66)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #28 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #29 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #30 pc 00000000002fe8cc [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.wrapper.HookWrapper.addHookClass+12)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #31 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #32 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #33 pc 00000000002fe8ee [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.wrapper.HookWrapper.addHookClass+2)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #34 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.673 28364-28364/? A/DEBUG: #35 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #36 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #37 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #38 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #39 pc 00000000002ddb90 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #40 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #41 pc 0000000000590dbc /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+552) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #42 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #43 pc 00000000002fc4a8 [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.swift.sandhook.SandHook.addHookClass)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #44 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #45 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #46 pc 000000000029de30 [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.hooks.HookHelper.start+404)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #47 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #48 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #49 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #50 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #51 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #52 pc 00000000002ddb90 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #53 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #54 pc 0000000000590dbc /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+552) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #55 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #56 pc 000000000029e13e [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.hooks.androidUiHook.AndroidUiHookMngr.start+26)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #57 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #58 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #59 pc 000000000029b13c [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.appMonitors.AndroidUiMonitor.init+16)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #60 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #61 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #62 pc 0000000000299dae [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.Monitor.lambda$init$0+286)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #63 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #64 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #65 pc 0000000000299460 [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.-$$Lambda$Monitor$YdIBKFMUa8iIUEg19Fa2l-zjVoI.call+8)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #66 pc 000000000058fc5c /apex/com.android.runtime/lib64/libart.so (MterpInvokeInterface+1740) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #67 pc 0000000000130a14 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #68 pc 0000000000299c1a [anon:dalvik-classes.dex extracted in memory from /data/app/com.fundot.p4bu-VEgF03mfNA2m_RImDQGnig==/base.apk] (com.fundot.p4bu.ii.Monitor.init+290)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #69 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #70 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #71 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #72 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #73 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #74 pc 00000000004a15d0 /apex/com.android.runtime/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #75 pc 00000000004a300c /apex/com.android.runtime/lib64/libart.so (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1476) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #76 pc 00000000004314fc /apex/com.android.runtime/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #77 pc 000000000013f350 /apex/com.android.runtime/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #78 pc 0000000000136334 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.674 28364-28364/? A/DEBUG: #79 pc 0000000000145060 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+244) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #80 pc 00000000002ddb90 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #81 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #82 pc 000000000058e214 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+836) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #83 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #84 pc 000000000020738e /system/framework/framework.jar (android.app.Instrumentation.newApplication+122)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #85 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #86 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #87 pc 000000000020c26c /system/framework/framework.jar (android.app.LoadedApk.makeApplication+120)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #88 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #89 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #90 pc 000000000019672a /system/framework/framework.jar (android.app.ActivityThread.handleBindApplication+2126)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #91 pc 00000000005907f8 /apex/com.android.runtime/lib64/libart.so (MterpInvokeDirect+1168) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #92 pc 0000000000130914 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_direct+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #93 pc 0000000000193580 /system/framework/framework.jar (android.app.ActivityThread.access$1300)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #94 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #95 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #96 pc 000000000018faec /system/framework/framework.jar (android.app.ActivityThread$H.handleMessage+1504)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #97 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #98 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #99 pc 000000000030942e /system/framework/framework.jar (android.os.Handler.dispatchMessage+38)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #100 pc 000000000058e468 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #101 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #102 pc 000000000032fc56 /system/framework/framework.jar (android.os.Looper.loop+466)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #103 pc 0000000000591004 /apex/com.android.runtime/lib64/libart.so (MterpInvokeStatic+1136) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #104 pc 0000000000130994 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #105 pc 000000000019a2d2 /system/framework/framework.jar (android.app.ActivityThread.main+430)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #106 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #107 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #108 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #109 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #110 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #111 pc 00000000004a15d0 /apex/com.android.runtime/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #112 pc 00000000004a300c /apex/com.android.runtime/lib64/libart.so (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1476) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #113 pc 00000000004314fc /apex/com.android.runtime/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #114 pc 000000000013f350 /apex/com.android.runtime/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #115 pc 0000000000136334 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.675 28364-28364/? A/DEBUG: #116 pc 0000000000145060 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+244) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #117 pc 00000000002ddb90 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #118 pc 00000000002d88f0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+900) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #119 pc 000000000058e214 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+836) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #120 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #121 pc 000000000036de56 /system/framework/framework.jar (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+22)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #122 pc 000000000058fc5c /apex/com.android.runtime/lib64/libart.so (MterpInvokeInterface+1740) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #123 pc 0000000000130a14 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #124 pc 00000000003723d0 /system/framework/framework.jar (com.android.internal.os.ZygoteInit.main+544)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #125 pc 00000000002ae3b4 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.17415170899301012833+240) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #126 pc 000000000057f954 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #127 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #128 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #129 pc 0000000000145080 /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #130 pc 00000000004a15d0 /apex/com.android.runtime/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #131 pc 00000000004a1234 /apex/com.android.runtime/lib64/libart.so (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+408) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #132 pc 00000000003b24e0 /apex/com.android.runtime/lib64/libart.so (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+764) (BuildId: dc624d4880c5a020715c75873cdb3162)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #133 pc 00000000000bf560 /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+116) (BuildId: ccbaf629716e65229e6045c140cc8de4)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #134 pc 00000000000c23f4 /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vectorandroid::String8 const&, bool)+780) (BuildId: ccbaf629716e65229e6045c140cc8de4)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #135 pc 00000000000034e0 /system/bin/app_process64 (main+1168) (BuildId: 7e61d8aa51b58d718770bc767df8b480)
2020-04-29 09:41:52.676 28364-28364/? A/DEBUG: #136 pc 000000000007d458 /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108) (BuildId: f870d577419d3c0e6b7c369961c66fbd)
2020-04-29 09:41:52.917 3856-3856/? E//system/bin/tombstoned: Tombstone written to: /data/tombstones/tombstone_42
2020-04-29 09:41:53.038 4315-4793/system_process E/PowerHintCallback: sceneId: 0 is invalid
2020-04-29 09:41:53.703 3736-3736/? E/KERNEL_MON: The error is No such file or directory
2020-04-29 09:41:54.288 3860-3860/? E/CRASH_MON: The error is No such file or directory
2020-04-29 09:41:55.035 28371-28371/com.android.systemui A/libc: Fatal signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x7ddf72e0f0 in tid 28371 (ndroid.systemui), pid 28371 (ndroid.systemui)
2020-04-29 09:41:55.172 28406-28406/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2020-04-29 09:41:55.172 28406-28406/? A/DEBUG: Native Crash TIME: 701779
2020-04-29 09:41:55.172 28406-28406/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2020-04-29 09:41:55.173 28406-28406/? A/DEBUG: Build fingerprint: 'Hisense/HITV101C/HITV101C:10/QP1A.190711.020/L1704.6.01.02:userdebug/release-keys'
2020-04-29 09:41:55.173 28406-28406/? A/DEBUG: Revision: '0'
2020-04-29 09:41:55.173 28406-28406/? A/DEBUG: ABI: 'arm64'
2020-04-29 09:41:55.174 28406-28406/? A/DEBUG: Timestamp: 2020-04-29 09:41:55+0800
2020-04-29 09:41:55.174 28406-28406/? A/DEBUG: pid: 28371, tid: 28371, name: ndroid.systemui >>> com.android.systemui <<<
2020-04-29 09:41:55.174 28406-28406/? A/DEBUG: uid: 10124
2020-04-29 09:41:55.174 28406-28406/? A/DEBUG: signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x7ddf72e0f0
2020-04-29 09:41:55.174 28406-28406/? A/DEBUG: Cause: execute-only (no-read) memory access error; likely due to data in .text.
@chachako chachako mentioned this issue Jul 14, 2020
Open
@Jokerman1991 Jokerman1991 mentioned this issue Nov 18, 2020
Closed
@Jokerman1991 Jokerman1991 mentioned this issue Dec 2, 2020
Closed
@shuajinanhai
Copy link

execute-only (no-read) memory access error
我也遇到了

@Wudelin
Copy link

Wudelin commented Jan 4, 2021

解决了吗

@shuajinanhai
Copy link

shuajinanhai commented Jan 5, 2021 via email

@Wudelin
Copy link

Wudelin commented Jan 6, 2021

我这边直接集成还是一样的

@aviraxp
Copy link

aviraxp commented Apr 4, 2021

Should be fixed by 8039b52.

@nnjun nnjun mentioned this issue May 6, 2021
Closed
@15198184721 15198184721 mentioned this issue Apr 25, 2022
Open
@lwugang lwugang mentioned this issue Jul 20, 2022
Open
@JarvisBuop JarvisBuop mentioned this issue May 22, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@baibaomen @aviraxp @Wudelin @shuajinanhai