canyie/pine

hook ConnectivityService的构造函数时,调用原方法崩溃

canyie opened this issue · 1 comments

设备:Google Pixel 3
系统:Android 10

2020-12-19 11:21:09.254 1426-1426/? I/Pine: handleBridge: artMethod=0x9f1f0d90 extras=0x72c9dcb980 sp=0x7fe020bf90
2020-12-19 11:21:09.254 1426-1426/? D/Pine: handleCall for method public com.android.server.ConnectivityService(android.content.Context,android.os.INetworkManagementService,android.net.INetworkStatsService,android.net.INetworkPolicyManager)
2020-12-19 11:21:09.254 1426-1426/? I/Pine: handleBridge: artMethod=0x9f1f0db8 extras=0x72c9dcb9c0 sp=0x7fe020a8f0
2020-12-19 11:21:09.255 1426-1426/? D/Pine: handleCall for method protected com.android.server.ConnectivityService(android.content.Context,android.os.INetworkManagementService,android.net.INetworkStatsService,android.net.INetworkPolicyManager,android.net.IDnsResolver,android.net.metrics.IpConnectivityLog,android.net.INetd)
    
    --------- beginning of crash
2020-12-19 11:21:09.255 1426-1426/? A/libc: Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xe020ac94 in tid 1426 (system_server), pid 1426 (system_server)
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG: Build fingerprint: 'google/blueline/blueline:10/QQ3A.200605.001/6392402:user/release-keys'
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG: Revision: 'MP1.0'
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG: ABI: 'arm64'
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG: Timestamp: 2020-12-19 11:21:09+0800
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG: pid: 1426, tid: 1426, name: system_server  >>> system_server <<<
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG: uid: 1000
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xe020ac94
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG:     x0  000000009ef89100  x1  0000000071578fd0  x2  0000000014991af8  x3  000000723d05fe80
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG:     x4  00000072c9cfcc00  x5  00000000000004bb  x6  00000000149927f0  x7  0000000000000028
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG:     x8  00000000e020ac90  x9  0000000000000001  x10 0000000000000000  x11 00000072448df7c2
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG:     x12 0000007fe0209e9c  x13 0000007fe0209e88  x14 0000000000000002  x15 0000000000000022
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG:     x16 0000007fe0209ec8  x17 000000723d1302b0  x18 00000072caf94000  x19 0000000000000006
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG:     x20 000000723d05fe80  x21 0000001400000000  x22 0000007fe0209bf0  x23 0000000000000007
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG:     x24 0000000000000002  x25 000000009f04dd48  x26 0000000000000541  x27 00000072c9dad000
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG:     x28 0000007fe0209bfc  x29 0000007fe0209b60
2020-12-19 11:21:09.339 2033-2033/? A/DEBUG:     sp  0000007fe0209a50  lr  0000007244cbdb20  pc  0000007244cbfe44
2020-12-19 11:21:09.697 2033-2033/? A/DEBUG: backtrace:
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #00 pc 00000000004ace44  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (art::(anonymous namespace)::ArgArray::BuildArgArrayFromObjectArray(art::ObjPtr<art::mirror::Object>, art::ObjPtr<art::mirror::ObjectArray<art::mirror::Object>>, art::ArtMethod*, art::Thread*)+464) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #01 pc 00000000004aab1c  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1448) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #02 pc 000000000043744c  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #03 pc 00000000000c2c34  /system/framework/arm64/boot.oat (art_jni_trampoline+180) (BuildId: 3ac9ca66a99f96bfe2251d3af092afd975a96ddd)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #04 pc 0000000002003628  /memfd:/jit-cache (deleted) (top.canyie.pine.Pine.callBackupMethod+136)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #05 pc 0000000002006eb8  /memfd:/jit-cache (deleted) (top.canyie.pine.Pine$CallFrame.invokeOriginalMethod+120)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #06 pc 0000000002002da0  /memfd:/jit-cache (deleted) (top.canyie.pine.Pine.handleCall+896)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #07 pc 00000000020026b8  /memfd:/jit-cache (deleted) (top.canyie.pine.entry.Arm64Entry.handleBridge+1640)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #08 pc 00000000001365b8  /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #09 pc 000000000014508c  /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #10 pc 00000000002df0d4  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #11 pc 00000000002db448  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (bool art::interpreter::DoCall<true, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+656) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #12 pc 000000000059d25c  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (MterpInvokeStaticRange+236) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #13 pc 0000000000130c94  /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static_range+20) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #14 pc 000000000004418c  [anon:dalvik-classes.dex extracted in memory from /system/framework/dreamland.jar] (top.canyie.pine.entry.Arm64Entry.voidBridge)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #15 pc 00000000002afd20  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.1271440803783865717+240) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #16 pc 0000000000588e8c  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (artQuickToInterpreterBridge+1012) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #17 pc 000000000013f468  /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #18 pc 0000000000136334  /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #19 pc 000000000014506c  /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+244) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #20 pc 00000000002df0d4  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #21 pc 00000000002db448  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (bool art::interpreter::DoCall<true, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+656) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #22 pc 000000000059cbfc  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (MterpInvokeDirectRange+256) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #23 pc 0000000000130c14  /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_direct_range+20) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #24 pc 00000000001e4116  /system/framework/services.jar (com.android.server.ConnectivityService.<init>+38)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #25 pc 00000000002afd20  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.1271440803783865717+240) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #26 pc 0000000000588e8c  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (artQuickToInterpreterBridge+1012) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #27 pc 000000000013f468  /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #28 pc 0000000000136334  /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #29 pc 000000000014506c  /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+244) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #30 pc 00000000004a9110  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #31 pc 00000000004aab38  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1476) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #32 pc 000000000043744c  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #33 pc 00000000000c2c34  /system/framework/arm64/boot.oat (art_jni_trampoline+180) (BuildId: 3ac9ca66a99f96bfe2251d3af092afd975a96ddd)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #34 pc 0000000002003628  /memfd:/jit-cache (deleted) (top.canyie.pine.Pine.callBackupMethod+136)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #35 pc 0000000002006eb8  /memfd:/jit-cache (deleted) (top.canyie.pine.Pine$CallFrame.invokeOriginalMethod+120)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #36 pc 0000000002002da0  /memfd:/jit-cache (deleted) (top.canyie.pine.Pine.handleCall+896)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #37 pc 00000000020026b8  /memfd:/jit-cache (deleted) (top.canyie.pine.entry.Arm64Entry.handleBridge+1640)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #38 pc 00000000001365b8  /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #39 pc 000000000014508c  /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #40 pc 00000000002df0d4  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread*, art::ArtMethod*, art::ShadowFrame*, unsigned short, art::JValue*)+384) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #41 pc 00000000002db448  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (bool art::interpreter::DoCall<true, false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, art::JValue*)+656) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #42 pc 000000000059d25c  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (MterpInvokeStaticRange+236) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #43 pc 0000000000130c94  /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_static_range+20) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #44 pc 000000000004418c  [anon:dalvik-classes.dex extracted in memory from /system/framework/dreamland.jar] (top.canyie.pine.entry.Arm64Entry.voidBridge)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #45 pc 00000000002afd20  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.1271440803783865717+240) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #46 pc 0000000000588e8c  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (artQuickToInterpreterBridge+1012) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #47 pc 000000000013f468  /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #48 pc 00000000012c5764  /system/framework/oat/arm64/services.odex (com.android.server.SystemServer.startOtherServices+11812) (BuildId: 12c9f25ee4b5377745dd569037b649d657a4f017)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #49 pc 00000000012bf21c  /system/framework/oat/arm64/services.odex (com.android.server.SystemServer.run+2652) (BuildId: 12c9f25ee4b5377745dd569037b649d657a4f017)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #50 pc 00000000012be334  /system/framework/oat/arm64/services.odex (com.android.server.SystemServer.main+100) (BuildId: 12c9f25ee4b5377745dd569037b649d657a4f017)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #51 pc 00000000001365b8  /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #52 pc 000000000014508c  /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #53 pc 00000000004a9110  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #54 pc 00000000004aab38  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+1476) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #55 pc 000000000043744c  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*)+52) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #56 pc 00000000000c2c34  /system/framework/arm64/boot.oat (art_jni_trampoline+180) (BuildId: 3ac9ca66a99f96bfe2251d3af092afd975a96ddd)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #57 pc 00000000009a9828  /system/framework/arm64/boot-framework.oat (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+136) (BuildId: 8dd360e7ac2513f6c21e6f05c4163646b3e394be)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #58 pc 00000000009b135c  /system/framework/arm64/boot-framework.oat (com.android.internal.os.ZygoteInit.main+1916) (BuildId: 8dd360e7ac2513f6c21e6f05c4163646b3e394be)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #59 pc 00000000001365b8  /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #60 pc 000000000014508c  /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+276) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #61 pc 00000000004a9110  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #62 pc 00000000004a8d7c  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x453000) (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+408) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #63 pc 00000000003b6160  /apex/com.android.runtime/lib64/libart.so!libart.so (offset 0x291000) (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+628) (BuildId: f9ff276075287a1d376fcd141f6042aa)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #64 pc 00000000000be560  /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+116) (BuildId: a4deef8d84f80b74d5707e20f76e8091)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #65 pc 00000000000c1434  /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+780) (BuildId: a4deef8d84f80b74d5707e20f76e8091)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #66 pc 00000000000034e0  /system/bin/app_process64 (main+1168) (BuildId: e7b904a71a1cdf25c7a6206f850cf378)
2020-12-19 11:21:09.698 2033-2033/? A/DEBUG:       #67 pc 000000000007d780  /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108) (BuildId: 8de865099c99977483c8947f9b7937e9)

已确认问题是因为arm64下方法参数解析有问题,只在需要从栈里解析参数的时候发生,正在修复。