Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

null pointer deref in callBackupMethod fault addr 0xc #23

Open
Vendicated opened this issue Jan 5, 2022 · 1 comment
Open

null pointer deref in callBackupMethod fault addr 0xc #23

Vendicated opened this issue Jan 5, 2022 · 1 comment
Labels
bug Something isn't working help wanted I'm powerless to fix this, extra help is needed

Comments

@Vendicated
Copy link
Contributor

Please let me know if you need anything else, since I don't know how to debug native crash

[ 2022-01-05T05:55:35.535        0:   807:   814 I/Magisk          ] proc_monitor: [com.google.android.gms.unstable] PID=[17450] UID=[10147]
[ 2022-01-05T05:57:40.910    10356: 10647: 10647 F/libc            ] Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xc in tid 10647 (com.aliucord), pid 10647 (com.aliucord)
[ 2022-01-05T05:57:41.085    10356: 17980: 17980 F/DEBUG           ] *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
[ 2022-01-05T05:57:41.085    10356: 17980: 17980 F/DEBUG           ] Build fingerprint: 'OnePlus/OnePlus8T_EEA/OnePlus8T:11/RP1A.201005.001/2110091916:user/release-keys'
[ 2022-01-05T05:57:41.085    10356: 17980: 17980 F/DEBUG           ] Revision: '0'
[ 2022-01-05T05:57:41.085    10356: 17980: 17980 F/DEBUG           ] ABI: 'arm64'
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ] Timestamp: 2022-01-05 05:57:41+0100
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ] pid: 10647, tid: 10647, name: com.aliucord  >>> com.aliucord <<<
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ] uid: 10356
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ] signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xc
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ] Cause: null pointer dereference
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x0  000000001b34d320  x1  0000000000000000  x2  0000007fcae81f88  x3  0000007fcae81f8c
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x4  0000000000000001  x5  0000000000000008  x6  0000000012c00100  x7  0000000000000028
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x8  0000000000080011  x9  000000001b34d320  x10 0000007fcae81f84  x11 0000006eed2fc000
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x12 0000000000000001  x13 0000000000000000  x14 000000006f3a7970  x15 0000000000000007
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x16 0000006eed128368  x17 0000006e80143238  x18 00000071e47a6000  x19 0000007fcae81f30
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x20 0000006f1d512610  x21 000000001b34d320  x22 0000000013c63568  x23 0000000000000001
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x24 0000007fcae81f8c  x25 0000000013c63568  x26 0000000000000001  x27 0000000000000001
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x28 00000071e3665000  x29 0000007fcae81ed0
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     lr  0000006eed1a8824  sp  0000007fcae81c20  pc  0000006eed1a8878  pst 0000000040001000
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ] backtrace:
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #00 pc 0000000000555878  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+276) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #01 pc 00000000004d539c  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #02 pc 000000000008a6f4  /apex/com.android.art/javalib/arm64/boot.oat (art_jni_trampoline+180) (BuildId: aece9284df80b1815bdaf34e52f290399c49da97)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #03 pc 000000000202d938  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine.callBackupMethod+152)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #04 pc 00000000020312a8  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine$CallFrame.invokeOriginalMethod+120)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #05 pc 000000000202ee44  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine.handleCall+932)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #06 pc 000000000202d5a0  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.entry.Arm64Entry.handleBridge+2128)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #07 pc 00000000020d76e0  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.entry.Arm64Entry.voidBridge+32)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #08 pc 00000000001337e8  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #09 pc 00000000001a8a94  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #10 pc 0000000000318460  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #11 pc 0000000000305e48  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.11595045141414065483)+460) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #12 pc 000000000066b838  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (artQuickToInterpreterBridge+780) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #13 pc 000000000013cff8  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #14 pc 0000000000133564  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #15 pc 00000000001a8a78  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #16 pc 0000000000318460  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #17 pc 000000000030f17c  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, true>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+1800) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #18 pc 0000000000174fb8  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<true, false>(art::interpreter::SwitchImplContext*)+45680) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #19 pc 000000000013f7d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #20 pc 0000000000d7ea14  /data/app/~~2rlePhbx0W1zIsuO-YGxSA==/com.aliucord-xCAXUFJ0AtykTZiiZIIeLA==/oat/arm64/base.vdex (com.discord.widgets.chat.input.WidgetChatInput.configureUI)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #21 pc 0000000000305e90  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.11595045141414065483)+532) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #22 pc 000000000066b838  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (artQuickToInterpreterBridge+780) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #23 pc 000000000013cff8  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #24 pc 0000000000133564  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #25 pc 00000000001a8a78  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #26 pc 0000000000555cb8  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1364) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #27 pc 00000000004d539c  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #28 pc 000000000008a6f4  /apex/com.android.art/javalib/arm64/boot.oat (art_jni_trampoline+180) (BuildId: aece9284df80b1815bdaf34e52f290399c49da97)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #29 pc 000000000202d938  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine.callBackupMethod+152)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #30 pc 00000000020312a8  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine$CallFrame.invokeOriginalMethod+120)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #31 pc 000000000202ee44  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine.handleCall+932)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #32 pc 000000000202d5a0  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.entry.Arm64Entry.handleBridge+2128)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #33 pc 00000000020d76e0  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.entry.Arm64Entry.voidBridge+32)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #34 pc 00000000001337e8  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #35 pc 00000000001a8a94  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #36 pc 0000000000318460  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #37 pc 0000000000305e48  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.11595045141414065483)+460) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #38 pc 000000000066b838  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (artQuickToInterpreterBridge+780) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #39 pc 000000000013cff8  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #40 pc 00000000021d13f0  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.WidgetChatInput.access$configureUI+48)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #41 pc 00000000021d12b4  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.WidgetChatInput$onViewBoundOrOnResume$1.invoke+132)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #42 pc 00000000021d6808  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.WidgetChatInput$onViewBoundOrOnResume$1.invoke+88)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #43 pc 00000000020fd718  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.utilities.rx.ObservableExtensionsKt$sam$rx_functions_Action1$0.call+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #44 pc 00000000020c0868  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.e.b.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #45 pc 0000000002067ca4  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.b.onNext+84)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #46 pc 00000000020e2488  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.e.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #47 pc 00000000020debbc  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.l$a.onNext+316)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #48 pc 000000000210904c  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.c.onNext+156)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #49 pc 000000000211f5e8  /memfd:jit-cache (deleted) (offset 0x2000000) (rx.observers.SerializedSubscriber.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #50 pc 0000000002110bf8  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.d2.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #51 pc 00000000020e92d4  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.t0.onNext+500)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #52 pc 00000000020dbe6c  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.f$b.d+556)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #53 pc 00000000020e27cc  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.f$b.c+684)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #54 pc 0000000002104a4c  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.f$a.onNext+108)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #55 pc 0000000002067ca4  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.b.onNext+84)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #56 pc 00000000020fe230  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.e.a+368)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #57 pc 000000000210b640  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.q.c$b.a+304)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #58 pc 0000000002114c48  /memfd:jit-cache (deleted) (offset 0x2000000) (rx.subjects.BehaviorSubject.onNext+280)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #59 pc 0000000002135958  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.app.AppViewModel.updateViewState+120)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #60 pc 0000000002126194  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.ChatInputViewModel.handleStoreState+2996)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #61 pc 00000000021e3c90  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.ChatInputViewModel.access$handleStoreState+48)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #62 pc 00000000021cf8b4  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.ChatInputViewModel$1.invoke+132)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #63 pc 00000000021d66c8  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.ChatInputViewModel$1.invoke+88)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #64 pc 00000000020fd718  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.utilities.rx.ObservableExtensionsKt$sam$rx_functions_Action1$0.call+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #65 pc 00000000020c0868  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.e.b.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #66 pc 0000000002067ca4  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.b.onNext+84)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #67 pc 00000000020e2488  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.e.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #68 pc 000000000210904c  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.c.onNext+156)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #69 pc 000000000211f5e8  /memfd:jit-cache (deleted) (offset 0x2000000) (rx.observers.SerializedSubscriber.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #70 pc 0000000002110bf8  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.d2.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #71 pc 00000000020d7cdc  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.z0$a.call+268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #72 pc 0000000002045848  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.j.b.b$b.run+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #73 pc 000000000064f8ec  /system/framework/arm64/boot-framework.oat (android.os.Handler.dispatchMessage+76) (BuildId: f4e68159793f3c4aa36e9cc9955ea51e8e8b3268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #74 pc 0000000000652eb4  /system/framework/arm64/boot-framework.oat (android.os.Looper.loop+1668) (BuildId: f4e68159793f3c4aa36e9cc9955ea51e8e8b3268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #75 pc 000000000040e300  /system/framework/arm64/boot-framework.oat (android.app.ActivityThread.main+752) (BuildId: f4e68159793f3c4aa36e9cc9955ea51e8e8b3268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #76 pc 00000000001337e8  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #77 pc 00000000001a8a94  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #78 pc 0000000000555cb8  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1364) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #79 pc 00000000004d539c  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #80 pc 000000000008a6f4  /apex/com.android.art/javalib/arm64/boot.oat (art_jni_trampoline+180) (BuildId: aece9284df80b1815bdaf34e52f290399c49da97)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #81 pc 00000000008cf568  /system/framework/arm64/boot-framework.oat (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+136) (BuildId: f4e68159793f3c4aa36e9cc9955ea51e8e8b3268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #82 pc 00000000008d7d2c  /system/framework/arm64/boot-framework.oat (com.android.internal.os.ZygoteInit.main+2444) (BuildId: f4e68159793f3c4aa36e9cc9955ea51e8e8b3268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #83 pc 00000000001337e8  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #84 pc 00000000001a8a94  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #85 pc 00000000005546f4  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::JValue art::InvokeWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+448) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #86 pc 0000000000554ba8  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::JValue art::InvokeWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+92) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #87 pc 0000000000438ccc  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::JNI<true>::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+656) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #88 pc 000000000009a424  /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+124) (BuildId: 3526ac28ff4060c7bd2e3ff5f3574c5d)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #89 pc 00000000000a24e8  /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+836) (BuildId: 3526ac28ff4060c7bd2e3ff5f3574c5d)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #90 pc 0000000000003674  /system/bin/app_process64 (main+1580) (BuildId: a76323e5f4dd557adcc3874fc6b522de)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #91 pc 00000000000499fc  /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108) (BuildId: 3b0dd94de78a8a796f793e81b7adfbd0)
[ 2022-01-05T05:57:42.710        0:   807:   814 I/Magisk          ] proc_monitor: [com.aliucord] PID=[17186] UID=[10356]
@canyie canyie added the bug Something isn't working label Jan 6, 2022
@canyie
Copy link
Owner

canyie commented Jan 8, 2022
edited
Loading

I reproduced a similar crash by adding Runtime.getRuntime().gc() between updateDeclaringClass and Method.invoke. I think it is caused by its declaring class gets moved again after we manually update it.
I have tried to fix it many times but no result. :(

@canyie canyie added the help wanted I'm powerless to fix this, extra help is needed label Jan 8, 2022
@cantalou cantalou mentioned this issue Jun 6, 2022
Open
@zwkaku zwkaku mentioned this issue Oct 12, 2023
Closed
@9c-x 9c-x mentioned this issue Feb 27, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working help wanted I'm powerless to fix this, extra help is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@canyie @Vendicated