首页
社区
课程
招聘
问答 CTF 排行榜 知识库 工具下载 看雪峰会 看雪商城 证书查询
  1. 看雪社区
  2. ¥付费问答
    3. 发新帖
[已解决] [求助]IDA PRO 调试Android so遇到断点就App就崩溃 100.00雪花
2021-1-21 14:40 4916

[已解决] [求助]IDA PRO 调试Android so遇到断点就App就崩溃 100.00雪花

清风X 活跃值
2021-1-21 14:40
4916

安装网上教程调试android so 比如这篇:https://blog.csdn.net/u012195899/article/details/52780062
我每次要触发断点都app都崩溃

 

分别用ida 7.0mac版本和ida7.5windows版本试的都是崩溃,换手机也崩溃,
似乎是只要遇到断点就崩溃,不断点就不崩溃

 

崩溃信息如下,请问有没有大佬知道原因?

 

2021-01-21 13:11:27.363 1436-1601/? A/libc: Fatal signal 5 (SIGTRAP), code 1 (TRAP_BRKPT), fault addr 0x7c7f9d3f78 in tid 1601 (Thread-8), pid 1436 (xposeddetectlib)
2021-01-21 13:11:27.387 1614-1614/? E/crash_dump64: failed to interrupt 1436 to detach: No such process
2021-01-21 13:11:27.434 1614-1614/? A/DEBUG:
2021-01-21 13:11:27.434 1614-1614/? A/DEBUG: Build fingerprint: 'Android/aosp_walleye/walleye:10/QQ3A.200805.001/eng.breeze.20201116.054152:eng/test-keys'
2021-01-21 13:11:27.434 1614-1614/? A/DEBUG: Revision: 'MP1'
2021-01-21 13:11:27.434 1614-1614/? A/DEBUG: ABI: 'arm64'
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: Timestamp: 2021-01-21 13:11:27+0800
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: pid: 1436, tid: 1601, name: Thread-8 >>> ml.w568w.xposeddetectlib <<<
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: uid: 10114
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: signal 5 (SIGTRAP), code 1 (TRAP_BRKPT), fault addr 0x7c7f9d3f78
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: x0 0000007d1c9f0580 x1 0000007c885f9eb4 x2 000000000000059c x3 0000007c9790fe08
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: x4 0000007c885f9f50 x5 0000007c97bcbd0c x6 0000007c885fa0e0 x7 00000000711704a0
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: x8 af6d812b408d2c8d x9 af6d812b408d2c8d x10 0000000000430000 x11 0000007c885f89c8
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: x12 0000007c885f9f00 x13 0000007c9775f4f0 x14 0000007c9775f550 x15 0000000000000000
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: x16 0000007c7f9d3f6c x17 0000000000000000 x18 0000007c3dbcc000 x19 0000007c872ad800
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: x20 0000000000000000 x21 0000007c872ad800 x22 0000007c885fa120 x23 0000007c8c49fe33
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: x24 0000000000000004 x25 0000007c885fc020 x26 0000007c872ad8b0 x27 0000000000000004
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: x28 0000007c885f9eb0 x29 0000007c885f9e80
2021-01-21 13:11:27.435 1614-1614/? A/DEBUG: sp 0000007c885f9e40 lr 0000007c97768354 pc 0000007c7f9d3f78
2021-01-21 13:11:27.550 1614-1614/? A/DEBUG: backtrace:
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #00 pc 0000000000000f78 /data/app/ml.w568w.xposeddetectlib-eqsFQnWwEeblsX4mfSp_qw==/lib/arm64/libxposed_check.so (Java_ml_w568w_checkxposed_util_NativeDetect_detectXposed+12) (BuildId: 097ee14da54f8c750f33526b8dbbc57a778f22a4)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #01 pc 000000000013f350 /apex/com.android.runtime/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #02 pc 00000000001365b8 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_static_stub+568) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #03 pc 00000000001450cc /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread, unsigned int, unsigned int, art::JValue, char const)+276) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #04 pc 00000000002e1f98 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread, art::ArtMethod, art::ShadowFrame, unsigned short, art::JValue)+384) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #05 pc 00000000002dd9e0 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, true>(art::ArtMethod, art::Thread, art::ShadowFrame&, art::Instruction const, unsigned short, art::JValue)+1880) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #06 pc 00000000002fbee8 /apex/com.android.runtime/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<true, false>(art::interpreter::SwitchImplContext)+15928) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #07 pc 0000000000141bd8 /apex/com.android.runtime/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #08 pc 0000000000177b60 /data/app/ml.w568w.xposeddetectlib-eqsFQnWwEeblsX4mfSp_qw==/oat/arm64/base.vdex (ml.w568w.library.XposedDetect.check8)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #09 pc 00000000002b29c8 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.2123148157278992182+496) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #10 pc 0000000000591348 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #11 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #12 pc 0000000000136334 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #13 pc 00000000001450ac /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread, unsigned int, unsigned int, art::JValue, char const)+244) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #14 pc 00000000004b0390 /apex/com.android.runtime/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod, art::(anonymous namespace)::ArgArray, art::JValue, char const)+104) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #15 pc 00000000004b1dd8 /apex/com.android.runtime/lib64/libart.so (art::InvokeMethod(art::ScopedObjectAccessAlreadyRunnable const&, _jobject, _jobject, _jobject, unsigned long)+1472) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #16 pc 000000000043da68 /apex/com.android.runtime/lib64/libart.so (art::Method_invoke(_JNIEnv, _jobject, _jobject, _jobjectArray)+48) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #17 pc 00000000000c2c34 /system/framework/arm64/boot.oat (art_jni_trampoline+180) (BuildId: 3ac9ca66a99f96bfe2251d3af092afd975a96ddd)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #18 pc 0000000000136334 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #19 pc 00000000001450ac /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread, unsigned int, unsigned int, art::JValue, char const)+244) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #20 pc 00000000002e1f98 /apex/com.android.runtime/lib64/libart.so (art::interpreter::ArtInterpreterToCompiledCodeBridge(art::Thread, art::ArtMethod, art::ShadowFrame, unsigned short, art::JValue)+384) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #21 pc 00000000002dd024 /apex/com.android.runtime/lib64/libart.so (bool art::interpreter::DoCall<false, false>(art::ArtMethod, art::Thread, art::ShadowFrame&, art::Instruction const, unsigned short, art::JValue)+900) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #22 pc 000000000059fe68 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+648) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #23 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.551 1614-1614/? A/DEBUG: #24 pc 0000000000177606 /data/app/ml.w568w.xposeddetectlib-eqsFQnWwEeblsX4mfSp_qw==/oat/arm64/base.vdex (ml.w568w.library.XposedDetect$CheckThread.call+98)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #25 pc 00000000005a0178 /apex/com.android.runtime/lib64/libart.so (MterpInvokeVirtual+1432) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #26 pc 0000000000130814 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_virtual+20) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #27 pc 0000000000177588 /data/app/ml.w568w.xposeddetectlib-eqsFQnWwEeblsX4mfSp_qw==/oat/arm64/base.vdex (ml.w568w.library.XposedDetect$CheckThread.call)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #28 pc 00000000005a1964 /apex/com.android.runtime/lib64/libart.so (MterpInvokeInterface+1740) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #29 pc 0000000000130a14 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #30 pc 00000000001ecf6a /apex/com.android.runtime/javalib/core-oj.jar (java.util.concurrent.FutureTask.run+62)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #31 pc 00000000005a1964 /apex/com.android.runtime/lib64/libart.so (MterpInvokeInterface+1740) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #32 pc 0000000000130a14 /apex/com.android.runtime/lib64/libart.so (mterp_op_invoke_interface+20) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #33 pc 00000000000ea918 /apex/com.android.runtime/javalib/core-oj.jar (java.lang.Thread.run+8)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #34 pc 00000000002b28c8 /apex/com.android.runtime/lib64/libart.so (_ZN3art11interpreterL7ExecuteEPNS_6ThreadERKNS_20CodeItemDataAccessorERNS_11ShadowFrameENS_6JValueEbb.llvm.2123148157278992182+240) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #35 pc 0000000000591348 /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1024) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #36 pc 000000000013f468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #37 pc 0000000000136334 /apex/com.android.runtime/lib64/libart.so (art_quick_invoke_stub+548) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #38 pc 00000000001450ac /apex/com.android.runtime/lib64/libart.so (art::ArtMethod::Invoke(art::Thread, unsigned int, unsigned int, art::JValue, char const)+244) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #39 pc 00000000004b0390 /apex/com.android.runtime/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod, art::(anonymous namespace)::ArgArray, art::JValue, char const)+104) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #40 pc 00000000004b1440 /apex/com.android.runtime/lib64/libart.so (art::InvokeVirtualOrInterfaceWithJValues(art::ScopedObjectAccessAlreadyRunnable const&, _jobject, _jmethodID, jvalue const)+416) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #41 pc 00000000004f1988 /apex/com.android.runtime/lib64/libart.so (art::Thread::CreateCallback(void)+1176) (BuildId: 891dccb6ded931395746aa21a196e905)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #42 pc 00000000000e230c /apex/com.android.runtime/lib64/bionic/libc.so (pthread_start(void*)+36) (BuildId: 99d256d401014e290f38edaacced78da)
2021-01-21 13:11:27.552 1614-1614/? A/DEBUG: #43 pc 0000000000083d98 /apex/com.android.runtime/lib64/bionic/libc.so (start_thread+64) (BuildId: 99d256d401014e290f38edaacced78da)



[培训]内核驱动高级班,冲击BAT一流互联网大厂工 作,每周日13:00-18:00直播授课

收藏
点赞0
打赏
分享
最新回复 (4)
猫子
雪    币: 440
活跃值: (858)
能力值: ( LV3,RANK:30 )
在线值:
发帖
回帖
粉丝
私信
猫子 2021-1-21 18:18
(+100.00雪花)
2
1

不知道是不是这个原因:https://bbs.pediy.com/thread-258103.htm
可以试一下:
export IDA_LIBC_PATH=/apex/com.android.runtime/lib/bionic/libc.so
or export IDA_LIBC_PATH=/apex/com.android.runtime/lib64/bionic/libc.so

最后于 2021-1-21 18:19 被猫子编辑 ,原因:
清风X
雪    币: 0
能力值: ( LV1,RANK:0 )
在线值:
发帖
回帖
粉丝
私信
清风X 2021-1-21 18:53
3
0

最后于 2021-1-21 19:27 被清风X编辑 ,原因:
杰孑
雪    币: 11238
活跃值: (1690)
能力值: ( LV3,RANK:30 )
在线值:
发帖
回帖
粉丝
私信
杰孑 2021-1-21 19:19
4
0
打断点之后开始跑的时候就自动退出?根据你描述的问题,那APP应该就是有反调试或者某种检测吧!
或者手机上要是装了xposed的话,可以把框架先关了再试试,不确定,有可能也会有影响!
清风X
雪    币: 0
能力值: ( LV1,RANK:0 )
在线值:
发帖
回帖
粉丝
私信
清风X 2021-1-21 19:27
5
0

-------------------------------------------------------------------------------------------------

不知道是不是这个原因:https://bbs.pediy.com/thread-258103.htm
可以试一下:
export IDA_LIBC_PATH=/apex/com.android.runtime/lib/bionic/libc.so
or export IDA_LIBC_PATH=/apex/com.android.runtime/lib64/bionic/libc.so

-------------------------------------------------------------------------------------------------

哦哦,可以了,确实因为这个原因, Android10 改了libc.so位置导致的,在android里配置下这个环境变量搭配ida7.5就行了,感谢大佬!100块奉上!

最后于 2021-1-22 10:21 被清风X编辑 ,原因:
游客
登录 | 注册 方可回帖
 回帖  表情 雪币赚取及消费
高级回复
返回