pine icon indicating copy to clipboard operation
pine copied to clipboard
verified publisher icon canyie

null pointer deref in callBackupMethod fault addr 0xc

Open Vendicated opened this issue 3 years ago • 1 comments

Please let me know if you need anything else, since I don't know how to debug native crash

[ 2022-01-05T05:55:35.535        0:   807:   814 I/Magisk          ] proc_monitor: [com.google.android.gms.unstable] PID=[17450] UID=[10147]
[ 2022-01-05T05:57:40.910    10356: 10647: 10647 F/libc            ] Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xc in tid 10647 (com.aliucord), pid 10647 (com.aliucord)
[ 2022-01-05T05:57:41.085    10356: 17980: 17980 F/DEBUG           ] *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
[ 2022-01-05T05:57:41.085    10356: 17980: 17980 F/DEBUG           ] Build fingerprint: 'OnePlus/OnePlus8T_EEA/OnePlus8T:11/RP1A.201005.001/2110091916:user/release-keys'
[ 2022-01-05T05:57:41.085    10356: 17980: 17980 F/DEBUG           ] Revision: '0'
[ 2022-01-05T05:57:41.085    10356: 17980: 17980 F/DEBUG           ] ABI: 'arm64'
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ] Timestamp: 2022-01-05 05:57:41+0100
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ] pid: 10647, tid: 10647, name: com.aliucord  >>> com.aliucord <<<
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ] uid: 10356
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ] signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xc
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ] Cause: null pointer dereference
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x0  000000001b34d320  x1  0000000000000000  x2  0000007fcae81f88  x3  0000007fcae81f8c
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x4  0000000000000001  x5  0000000000000008  x6  0000000012c00100  x7  0000000000000028
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x8  0000000000080011  x9  000000001b34d320  x10 0000007fcae81f84  x11 0000006eed2fc000
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x12 0000000000000001  x13 0000000000000000  x14 000000006f3a7970  x15 0000000000000007
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x16 0000006eed128368  x17 0000006e80143238  x18 00000071e47a6000  x19 0000007fcae81f30
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x20 0000006f1d512610  x21 000000001b34d320  x22 0000000013c63568  x23 0000000000000001
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x24 0000007fcae81f8c  x25 0000000013c63568  x26 0000000000000001  x27 0000000000000001
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     x28 00000071e3665000  x29 0000007fcae81ed0
[ 2022-01-05T05:57:41.086    10356: 17980: 17980 F/DEBUG           ]     lr  0000006eed1a8824  sp  0000007fcae81c20  pc  0000006eed1a8878  pst 0000000040001000
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ] backtrace:
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #00 pc 0000000000555878  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+276) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #01 pc 00000000004d539c  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #02 pc 000000000008a6f4  /apex/com.android.art/javalib/arm64/boot.oat (art_jni_trampoline+180) (BuildId: aece9284df80b1815bdaf34e52f290399c49da97)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #03 pc 000000000202d938  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine.callBackupMethod+152)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #04 pc 00000000020312a8  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine$CallFrame.invokeOriginalMethod+120)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #05 pc 000000000202ee44  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine.handleCall+932)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #06 pc 000000000202d5a0  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.entry.Arm64Entry.handleBridge+2128)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #07 pc 00000000020d76e0  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.entry.Arm64Entry.voidBridge+32)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #08 pc 00000000001337e8  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #09 pc 00000000001a8a94  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #10 pc 0000000000318460  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #11 pc 0000000000305e48  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.11595045141414065483)+460) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #12 pc 000000000066b838  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (artQuickToInterpreterBridge+780) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #13 pc 000000000013cff8  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #14 pc 0000000000133564  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #15 pc 00000000001a8a78  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #16 pc 0000000000318460  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #17 pc 000000000030f17c  /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false, true>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+1800) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.276    10356: 17980: 17980 F/DEBUG           ]       #18 pc 0000000000174fb8  /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<true, false>(art::interpreter::SwitchImplContext*)+45680) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #19 pc 000000000013f7d8  /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #20 pc 0000000000d7ea14  /data/app/~~2rlePhbx0W1zIsuO-YGxSA==/com.aliucord-xCAXUFJ0AtykTZiiZIIeLA==/oat/arm64/base.vdex (com.discord.widgets.chat.input.WidgetChatInput.configureUI)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #21 pc 0000000000305e90  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.11595045141414065483)+532) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #22 pc 000000000066b838  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (artQuickToInterpreterBridge+780) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #23 pc 000000000013cff8  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #24 pc 0000000000133564  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #25 pc 00000000001a8a78  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+200) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #26 pc 0000000000555cb8  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1364) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #27 pc 00000000004d539c  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #28 pc 000000000008a6f4  /apex/com.android.art/javalib/arm64/boot.oat (art_jni_trampoline+180) (BuildId: aece9284df80b1815bdaf34e52f290399c49da97)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #29 pc 000000000202d938  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine.callBackupMethod+152)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #30 pc 00000000020312a8  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine$CallFrame.invokeOriginalMethod+120)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #31 pc 000000000202ee44  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.Pine.handleCall+932)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #32 pc 000000000202d5a0  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.entry.Arm64Entry.handleBridge+2128)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #33 pc 00000000020d76e0  /memfd:jit-cache (deleted) (offset 0x2000000) (top.canyie.pine.entry.Arm64Entry.voidBridge+32)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #34 pc 00000000001337e8  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #35 pc 00000000001a8a94  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #36 pc 0000000000318460  /apex/com.android.art/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+376) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #37 pc 0000000000305e48  /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.llvm.11595045141414065483)+460) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #38 pc 000000000066b838  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (artQuickToInterpreterBridge+780) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #39 pc 000000000013cff8  /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #40 pc 00000000021d13f0  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.WidgetChatInput.access$configureUI+48)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #41 pc 00000000021d12b4  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.WidgetChatInput$onViewBoundOrOnResume$1.invoke+132)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #42 pc 00000000021d6808  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.WidgetChatInput$onViewBoundOrOnResume$1.invoke+88)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #43 pc 00000000020fd718  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.utilities.rx.ObservableExtensionsKt$sam$rx_functions_Action1$0.call+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #44 pc 00000000020c0868  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.e.b.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #45 pc 0000000002067ca4  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.b.onNext+84)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #46 pc 00000000020e2488  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.e.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #47 pc 00000000020debbc  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.l$a.onNext+316)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #48 pc 000000000210904c  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.c.onNext+156)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #49 pc 000000000211f5e8  /memfd:jit-cache (deleted) (offset 0x2000000) (rx.observers.SerializedSubscriber.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #50 pc 0000000002110bf8  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.d2.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #51 pc 00000000020e92d4  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.t0.onNext+500)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #52 pc 00000000020dbe6c  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.f$b.d+556)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #53 pc 00000000020e27cc  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.f$b.c+684)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #54 pc 0000000002104a4c  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.f$a.onNext+108)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #55 pc 0000000002067ca4  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.b.onNext+84)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #56 pc 00000000020fe230  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.e.a+368)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #57 pc 000000000210b640  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.q.c$b.a+304)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #58 pc 0000000002114c48  /memfd:jit-cache (deleted) (offset 0x2000000) (rx.subjects.BehaviorSubject.onNext+280)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #59 pc 0000000002135958  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.app.AppViewModel.updateViewState+120)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #60 pc 0000000002126194  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.ChatInputViewModel.handleStoreState+2996)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #61 pc 00000000021e3c90  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.ChatInputViewModel.access$handleStoreState+48)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #62 pc 00000000021cf8b4  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.ChatInputViewModel$1.invoke+132)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #63 pc 00000000021d66c8  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.widgets.chat.input.ChatInputViewModel$1.invoke+88)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #64 pc 00000000020fd718  /memfd:jit-cache (deleted) (offset 0x2000000) (com.discord.utilities.rx.ObservableExtensionsKt$sam$rx_functions_Action1$0.call+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #65 pc 00000000020c0868  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.e.b.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #66 pc 0000000002067ca4  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.b.onNext+84)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #67 pc 00000000020e2488  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.e.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #68 pc 000000000210904c  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.n.c.onNext+156)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #69 pc 000000000211f5e8  /memfd:jit-cache (deleted) (offset 0x2000000) (rx.observers.SerializedSubscriber.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #70 pc 0000000002110bf8  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.d2.onNext+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #71 pc 00000000020d7cdc  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.l.a.z0$a.call+268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #72 pc 0000000002045848  /memfd:jit-cache (deleted) (offset 0x2000000) (j0.j.b.b$b.run+72)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #73 pc 000000000064f8ec  /system/framework/arm64/boot-framework.oat (android.os.Handler.dispatchMessage+76) (BuildId: f4e68159793f3c4aa36e9cc9955ea51e8e8b3268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #74 pc 0000000000652eb4  /system/framework/arm64/boot-framework.oat (android.os.Looper.loop+1668) (BuildId: f4e68159793f3c4aa36e9cc9955ea51e8e8b3268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #75 pc 000000000040e300  /system/framework/arm64/boot-framework.oat (android.app.ActivityThread.main+752) (BuildId: f4e68159793f3c4aa36e9cc9955ea51e8e8b3268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #76 pc 00000000001337e8  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #77 pc 00000000001a8a94  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #78 pc 0000000000555cb8  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1364) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #79 pc 00000000004d539c  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #80 pc 000000000008a6f4  /apex/com.android.art/javalib/arm64/boot.oat (art_jni_trampoline+180) (BuildId: aece9284df80b1815bdaf34e52f290399c49da97)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #81 pc 00000000008cf568  /system/framework/arm64/boot-framework.oat (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+136) (BuildId: f4e68159793f3c4aa36e9cc9955ea51e8e8b3268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #82 pc 00000000008d7d2c  /system/framework/arm64/boot-framework.oat (com.android.internal.os.ZygoteInit.main+2444) (BuildId: f4e68159793f3c4aa36e9cc9955ea51e8e8b3268)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #83 pc 00000000001337e8  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #84 pc 00000000001a8a94  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+228) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #85 pc 00000000005546f4  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::JValue art::InvokeWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+448) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #86 pc 0000000000554ba8  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::JValue art::InvokeWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+92) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #87 pc 0000000000438ccc  /apex/com.android.art/lib64/libart.so!libart.so (offset 0x357000) (art::JNI<true>::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+656) (BuildId: e841be9816817e37b70ebf4a461a916e)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #88 pc 000000000009a424  /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+124) (BuildId: 3526ac28ff4060c7bd2e3ff5f3574c5d)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #89 pc 00000000000a24e8  /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+836) (BuildId: 3526ac28ff4060c7bd2e3ff5f3574c5d)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #90 pc 0000000000003674  /system/bin/app_process64 (main+1580) (BuildId: a76323e5f4dd557adcc3874fc6b522de)
[ 2022-01-05T05:57:41.277    10356: 17980: 17980 F/DEBUG           ]       #91 pc 00000000000499fc  /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108) (BuildId: 3b0dd94de78a8a796f793e81b7adfbd0)
[ 2022-01-05T05:57:42.710        0:   807:   814 I/Magisk          ] proc_monitor: [com.aliucord] PID=[17186] UID=[10356]

Vendicated avatar Jan 05 '22 17:01 Vendicated

I reproduced a similar crash by adding Runtime.getRuntime().gc() between updateDeclaringClass and Method.invoke. I think it is caused by its declaring class gets moved again after we manually update it. I have tried to fix it many times but no result. :(

canyie avatar Jan 08 '22 07:01 canyie