miui运行例子，直接闪退 崩溃日志

[gitQqqHs]

---

Build fingerprint: 'Xiaomi/hermes/hermes:5.0.2/LRX22G/7.6.8:user/release-keys' Revision: '0' ABI: 'arm' pid: 20575, tid: 20575, name: com.legend.demo >>> com.legend.demo <<< signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x587889cb r0 fffffa9c r1 8a819b54 r2 587889cb r3 f54d4a68 r4 5878896f r5 f7786dd4 r6 ffe39d78 r7 f7786dd4 r8 ab4a4d28 r9 f54d6ff4 sl 6ff60148 fp 6ff6cc70 ip 6f897894 sp ffe39d38 lr f53c42c1 pc f53c2564 cpsr 60070030

backtrace: #00 pc 001e3564 /system/lib/libart.so

(_ZN3art6mirror5Class13GetDescriptorEPNSt3__112basic_stringIcNS2_11char_traitsIcEENS2_9allocatorIcEEEE+23) #01 pc 001e52bd /system/lib/libart.so

(_ZN3art6mirror5Class18GetArrayDescriptorEPNSt3__112basic_stringIcNS2_11char_traitsIcEENS2_9allocatorIcEEEE+32) #02 pc 001e3571 /system/lib/libart.so

(_ZN3art6mirror5Class13GetDescriptorEPNSt3__112basic_stringIcNS2_11char_traitsIcEENS2_9allocatorIcEEEE+36) #03 pc 00241a2d /system/lib/libart.so

(_ZN3art16PrettyDescriptorEPNS_6mirror5ClassE+32) #04 pc 0006a097 /system/lib/libart.so

(ZN3art24ThrowArrayStoreExceptionEPNS_6mirror5ClassES2+26) #05 pc 000c0e45 /system/lib/libart.so

(ZN3art6mirror11ObjectArrayINS0_9ArtMethodEE15CheckAssignableILNS_17VerifyObjectFlagsE0EEEbPS2+56) #06 pc 0024e287 /system/lib/libart.so

(_ZN3art8verifier14MethodVerifier27ResolveMethodAndCheckAccessEjNS0_10MethodTypeE+970) #07 pc 0024e421 /system/lib/libart.so

(_ZN3art8verifier14MethodVerifier20VerifyInvocationArgsEPKNS_11InstructionENS0_10MethodTypeEbb+36) #08 pc 0024f5b5 /system/lib/libart.so

(_ZN3art8verifier14MethodVerifier25CodeFlowVerifyInstructionEPj+3224) #09 pc 00251789 /system/lib/libart.so

(_ZN3art8verifier14MethodVerifier20CodeFlowVerifyMethodEv+120) #10 pc 00251bdf /system/lib/libart.so

(_ZN3art8verifier14MethodVerifier14VerifyCodeFlowEv+582) #11 pc 00251d47 /system/lib/libart.so

(_ZN3art8verifier14MethodVerifier6VerifyEv+130) #12 pc 002523d3 /system/lib/libart.so

(_ZN3art8verifier14MethodVerifier12VerifyMethodEjPKNS_7DexFileENS_6HandleINS_6mirror8DexCacheEEENS5_INS6_11ClassLoaderEEEPKNS2_8ClassDefEPKNS2_8CodeItemEPNS6_9ArtMethodEjbb+106) #13 pc 00252a1f /system/lib/libart.so

(_ZN3art8verifier14MethodVerifier11VerifyClassEPKNS_7DexFileENS_6HandleINS_6mirror8DexCacheEEENS5_INS6_11ClassLoaderEEEPKNS2_8ClassDefEbPNSt3__112basic_stringIcNSE_11char_traitsIcEENSE_9allocatorIcEEEE+702) #14 pc 00253061 /system/lib/libart.so

(_ZN3art8verifier14MethodVerifier11VerifyClassEPNS_6mirror5ClassEbPNSt3__112basic_stringIcNS5_11char_traitsIcEENS5_9allocatorIcEEEE+516) #15 pc 000d55f1 /system/lib/libart.so

(_ZN3art11ClassLinker11VerifyClassENS_6HandleINS_6mirror5ClassEEE+576) #16 pc 000d6c0f /system/lib/libart.so

(_ZN3art11ClassLinker15InitializeClassENS_6HandleINS_6mirror5ClassEEEbb+230) #17 pc 000d77e7 /system/lib/libart.so

(_ZN3art11ClassLinker17EnsureInitializedENS_6HandleINS_6mirror5ClassEEEbb+54) #18 pc 001fed3f /system/lib/libart.so

(_ZN3artL23Constructor_newInstanceEP7_JNIEnvP8_jobjectP13_jobjectArrayh+106) #19 pc 0001ad33 /data/dalvik-cache/arm/system@[email protected]

[gitQqqHs]

应该是权限问题，miui8，android5.0，hook oncreate直接崩溃， hook其他函数不起作用

[Rprop]

看样子是GetDescriptor崩溃了, 可能MIUI自定义了字段, 方便打印ArtMethod结构看看?

[CharlesCT]

老哥 们 我hook TextView 怎么hook 不到啊 @Hook("android.widget.TextView::[email protected]#android.widget.TextView.BufferType") public static void TextView_setText(TextView view, CharSequence text , TextView.BufferType type) {

    Log.v(TAG,"this is text" );

    HookManager.getDefault().callSuper(view,text,type);
}

[BigBangbrother]

我也是MIUI不能用，有什么办法吗？作者还在更新吗？