XposedBridge
XposedBridge copied to clipboard
rovo89
MIUI 9 Nougat
You are on the good way to fix the MIUI incompatibility. The log now shows just a few errors! Xposed installer shows "Installed but not active". Info: Xiaomi Mi Note 2 - scorpio MultiRom 7.9.21, 7.0 (deodexed) Xposed v88.1 Tried to disable resources from xposed installer, but the log shows exactly the same errors. Full log here:
xposed_error_20171011_014135.log
xposed_error_20171011_002049.log Same here. Xposed 88.1
Errors during Xposed initialization java.lang.NoSuchFieldError: no "J" field "BOOT_START_TIME" in class "Lde/robv/android/xposed/XposedBridge;" or its superclasses
Xiaomi Mi Max (hydrogen) Android 7.0 arm64 MIUI 9 by xiaomi.eu 7.9.21 xposed v88.1 xposed_error_20171011_080153.log
Any idea where that BOOT_START_TIME field is coming from? I don't have any references to that in my code...
I have no idea. But you can take a look at xposed forked from Xiaomi and modified for MIUI. Maybe you can find the answer here. https://github.com/MiCode/Xposed/commits/master
Ok, i did some research and realised that xiaomi has done some changes to art from MIUI 7.9.14. Your v88.1 is working on MIUI 8 and MIUI 9 < 7.9.14. There's a guide that suggest to copy libandroid_runtime.so (both from lib and lib64) from and older MIUI (like MIUI 7.9.7 or 7.9.14). Tried to do this and now it's working! I think the BOOT_START_TIME comes from here. I will try to decompile this lib and see which are the diffs (or is something else you can do?).
I will try to decompile this lib and see which are the diffs
That would be great! I assume that it's a change somewhere here: https://github.com/aosp-mirror/platform_frameworks_base/blob/nougat-mr2-release/core/jni/AndroidRuntime.cpp#L975 They might look up and set the BOOT_START_TIME field in the same class that holds the main() method. That would be XposedBridge instead of ZygoteInit / RuntimeInit. A smali dump of the latter two classes might also help.
Decompiled with both objdump and elfreader, but can not find nothing relevant here.
Yeah, without a disassembler that shows string references, that's a hard job. I'm not up-to-date regarding which tools to use nowadays. Could you please upload libandroid_runtime.so and the two .smali files anyway?
I have it. Finally i've found a good disassembler. You can find the source here (unfortunately not the fully C source): https://www.onlinedisassembler.com/odaweb/gUrMSV17 You can download the disassembled lib directly from the site. Here the original lib from MIUI 7.9.21:
What .smali do you mean? Libs have not .smali: are written in C, not java
@rovo89 Have you already tried this? It's basically trying to find a class that not exists anymore, so your can try with getField() or getDeclaredField() to get all the existing fields. Another idea it's to use NoSuchFieldError with -s option too see which is the missing class. In case, i am ready to test.
I have it. Finally i've found a good disassembler. You can find the source here (unfortunately not the fully C source): https://www.onlinedisassembler.com/odaweb/gUrMSV17
Unfortunately, that's not really better, it doesn't show any string references either (i.e. annotiations in the code that a certain string is passed to a function). But maybe I'll find out more from the lib itself.
What .smali do you mean?
ZygoteInit / RuntimeInit, where I expect to find that field.
@rovo89 Please read. I have a solution.
I have decompiled the XposedBridge.jar from your official xposed v87 and the XposedBrige.jar from a modded version which works with miui 7.9.21 and the latest miui and found some references to "BOOT_START_TIME" and "J" field (by us3r). Just compared the folders with Meld and found this:
I have also found this differences in typedArray:
I am going to upload both the decompiled XposedBridge.jar and you can diff them yourself: XposedBridge.jar.out (official).zip XposedBridge.jar (modded for miui).zip
He simply addded a pubblic start field. Now you know how to do it :+1:
Thanks, but still, please post the smali of the two classes I mentioned. I can't imagine that MIUI just added the field and doesn't use it. Maybe I need to pass it on to the original classes?
By the way, I think it's sad that you had to spend time decompiling and comparing. One of my intentions of making Xposed open-source is that people can help make it better by contributing their fixes upstream. There might be situations where a fork diverges so much that it can't/shouldn't be integrated into the official version, but why maintain another distribution when there can be one official version that works for all?
@rovo89 Sadly there are always people who see profit first. Btw, I have used Xposed for years and I really appreciate and respect for your work, may I know whether you have any intention to release Xposed for Oreo any sooner? Thankyou :) @PsyMan47 May I know is your post above on the latest MIUI 9? Btw, I have tested the v88.1 version with a Mi 5 running MIUI 8 but its not working and stuck on boot, so I think your conclusion may not work for all MIUI devices.
@FeoniX97 Yes, it's MIUI 9 - 7.9.21. I have modified the original v88.1 to get working on latest MIUI 9, so It should work on 7.10.12 too.
@PsyMan47 Then it would be great, cant wait to test out the new version ! Finally comes the official support for MIUI :)
@PsyMan47 so now should i download 88.1v from the official link or the fixed version for miui did not released yet
and would it work with miui 8 ??
Ehrm.. is anyone still interested in getting compatibility in the official version? If yes, please do post the smali code of ZygoteInit and RuntimeInit.
This is exactly what I complained about above. You could have simply sent me the smali code, I would have checked it, integrated the results into the official version and Xposed would probably work for everyone out of the box, even in older ROMs and when I do more updates. Instead, you decided to post an unofficial version, which only works for Android 7.0 and 7.1, and only for v88.1. When I update, you'll need to update. I also know from the past experience that it takes a long time until all users of an unofficial version have realized that the official version would work for them as well. So please, let's get this fixed in the official version as soon as possible.
@rovo89 Please tell me how to get the smali code of ZygoteInit and RuntimeInit, Thx! The MIUI Rom (odex) still get bootloop with Xposed 88.1. log-mi5-miui7.10.11-nougat-xposed88.1.txt
You could try baksmali directly on boot-framework.oat: https://github.com/JesusFreke/smali/wiki/DeodexInstructions
There's also a tool called oat2dex, maybe that's easier to use.
Finally, you could try "oatdump --oat-file=boot-framework.oat --class-filter=ZygoteInit --no-disassemble --no-dump:vmap" on your device. The other options are better though.
I've got the ZygoteInit and RuntimeInit dumps from boot-framework.oat. It seems BOOT_START_TIME is defined in ZygoteInit without any other references.
RuntimeInit.zip ZygoteInit.zip
However, only adding BOOT_START_TIME field can't resolve the bootloop problem on official MIUI which has been odexed. Just like the log from @j2u , dex2oat doesn't work and reports error:
Could not create image space with image file '/system/framework/boot.art'. Attempting to fall back to imageless running. Error was: Unable to relocate image '/system/framework/boot.art' from '/system/framework/arm64/boot.art' to '/data/dalvik-cache/arm64/system@[email protected]': Only the zygote can create the global boot image.
When I use dex2oat, I get two dex files. I've got the smali code of ZygoteInit and RuntimeInit. @rovo89 ZygoteInit_RuntimeInit-smali.zip
ZygoteInit_RuntimeInit_dump.zip
And it also reports error:
10-14 16:36:50:987 Output raw dex: D:\Program Files\APKDB\apktool\odex\framework.dex 10-14 16:36:51:105 Output raw dex: D:\Program Files\APKDB\apktool\odex\framework-classes2.dex 10-14 16:36:52:150 Art version=79 (boot-framework.oat) 10-14 16:36:52:213 De-optimizing /system/framework/framework.jar 10-14 16:36:52:894 Analysis error in class=Landroid/accessibilityservice/AccessibilityService$1; method=
Method: Landroid/accessibilityservice/AccessibilityService$1;-> (Landroid/accessibilityservice/AccessibilityService;ZLandroid/accessibilityservice/AccessibilityService$GestureResultCallbackInfo;)V Near line: -1 (address 2) Instructions: [0] iput-object-quick regA=1 regB=0 [1] iput-boolean-quick regA=2 regB=0 <----- [2] iput-object-quick regA=3 regB=0 [3] invoke-direct regC=0 10-14 16:36:52:918 org.jf.dexlib2.analysis.AnalysisException: Could not resolve the field in class (UninitThis,Landroid/accessibilityservice/AccessibilityService$1;) at offset 16 in at org.jf.dexlib2.analysis.MethodAnalyzer.analyzeIputIgetQuick(MethodAnalyzer.java:2438) at org.jf.dexlib2.analysis.MethodAnalyzer.analyzeInstruction(MethodAnalyzer.java:1246) at org.jf.dexlib2.analysis.MethodAnalyzer.analyze(MethodAnalyzer.java:259) at org.jf.dexlib2.analysis.MethodAnalyzer. (MethodAnalyzer.java:190) at org.rh.smaliex.DexUtil$ODexRewriterModule$1$1.getInstructions(DexUtil.java:505) ...(Skip 24 traces) at org.rh.smaliex.OatUtil.convertToDex(OatUtil.java:321) at org.rh.smaliex.OatUtil.convertDexFromBootOat(OatUtil.java:244) at org.rh.smaliex.OatUtil.bootOat2Dex(OatUtil.java:128) at org.rh.smaliex.Main.mainImpl(Main.java:101) at org.rh.smaliex.Main.main(Main.java:42) 10-14 16:36:52:922 Failed to re-construct dex java.lang.ClassCastException: org.jf.dexlib2.analysis.UnresolvedOdexInstruction cannot be cast to org.jf.dexlib2.iface.instruction.formats.Instruction22cs 10-14 16:36:52:927 convertToDex: skip /system/framework/framework.jar 10-14 16:36:52:935 De-optimizing /system/framework/framework.jar:classes2.dex 10-14 16:36:53:329 Analysis error in class=Landroid/telecom/ConnectionService$5$2; method= Method: Landroid/telecom/ConnectionService$5$2;-> (Landroid/telecom/ConnectionService$5;)V Near line: 1083 (address 0) Instructions: [0] iput-object-quick regA=1 regB=0 <----- [1] invoke-direct regC=0 [2] return-void 10-14 16:36:53:339 org.jf.dexlib2.analysis.AnalysisException: Could not resolve the field in class (UninitThis,Landroid/telecom/ConnectionService$5$2;) at offset 8 in at org.jf.dexlib2.analysis.MethodAnalyzer.analyzeIputIgetQuick(MethodAnalyzer.java:2438) at org.jf.dexlib2.analysis.MethodAnalyzer.analyzeInstruction(MethodAnalyzer.java:1246) at org.jf.dexlib2.analysis.MethodAnalyzer.analyze(MethodAnalyzer.java:259) at org.jf.dexlib2.analysis.MethodAnalyzer. (MethodAnalyzer.java:190) at org.rh.smaliex.DexUtil$ODexRewriterModule$1$1.getInstructions(DexUtil.java:505) ...(Skip 24 traces) at org.rh.smaliex.OatUtil.convertToDex(OatUtil.java:321) at org.rh.smaliex.OatUtil.convertDexFromBootOat(OatUtil.java:244) at org.rh.smaliex.OatUtil.bootOat2Dex(OatUtil.java:128) at org.rh.smaliex.Main.mainImpl(Main.java:101) at org.rh.smaliex.Main.main(Main.java:42) 10-14 16:36:53:343 Failed to re-construct dex java.lang.ClassCastException: org.jf.dexlib2.analysis.UnresolvedOdexInstruction cannot be cast to org.jf.dexlib2.iface.instruction.formats.Instruction22cs 10-14 16:36:53:352 convertToDex: skip /system/framework/framework.jar:classes2.dex
@rovo89 I have released an unofficial version becouse a lot of people requested to me. If you want we can talk privately and try to find a solution, so i can explain which modifications i have done.
@PsyMan47 why privately? Do you have any reason for not sharing your modifications publicly?
@wanam I mean for talking more rapidly with him, like on telegram etc. Obviously i want to share these modifications. I hate closed source softwares!
@PsyMan47 The device on odexed MIUI9 will get bootloop with your unofficial version xposed.