Description
bytehook Version
1.1.1
Android OS Version
15.0
Android ABIs
arm64-v8a
Device Manufacturers and Models
Pixel 8a
Describe the Bug
使用matrix-backtrace库获取堆栈,在普通native函数中可以获取到完整的堆栈,但是在proxy函数中只能获取到native堆栈,java部分的堆栈获取不到
在proxy函数中获取的堆栈:
2025-04-18 16:49:33.605 18517-18748 IO_MONITOR com.example.bhookdemo I #00 pc 000000000000aed0 libfdmonitor.so (offset 0x1068000) (print_dwarf_unwind()+128) (BuildId: 6cf9abd30d9295501abd4e19239388f4d4bfa85f)
2025-04-18 16:49:33.605 18517-18748 IO_MONITOR com.example.bhookdemo I #1 pc 000000000000bf64 libfdmonitor.so (offset 0x1068000) (print_open_strace(int)+32) (BuildId: 6cf9abd30d9295501abd4e19239388f4d4bfa85f)
2025-04-18 16:49:33.605 18517-18748 IO_MONITOR com.example.bhookdemo I #2 pc 000000000000c2f8 libfdmonitor.so (offset 0x1068000) (hooked_open(char const*, int, int)+148) (BuildId: 6cf9abd30d9295501abd4e19239388f4d4bfa85f)
2025-04-18 16:49:33.605 18517-18748 IO_MONITOR com.example.bhookdemo I #03 pc 000000000002b08c libjavacore.so (Linux_open(_JNIEnv*, _jobject*, _jstring*, int, int)+84) (BuildId: 8d85311607fdef69ea901998b2a938b1)
2025-04-18 16:49:33.606 18517-18748 IO_MONITOR com.example.bhookdemo I #4 pc 00000000003240c8 [anon_shmem:dalvik-jit-code-cache] (offset 0x2000000)
在普通native函数中获取的堆栈:
2025-04-18 16:49:27.756 18517-18517 IO_MONITOR com.example.bhookdemo I #00 pc 000000000000aed0 libfdmonitor.so (offset 0x1068000) (print_dwarf_unwind()+128) (BuildId: 6cf9abd30d9295501abd4e19239388f4d4bfa85f)
2025-04-18 16:49:27.756 18517-18517 IO_MONITOR com.example.bhookdemo I #1 pc 000000000000c640 libfdmonitor.so (offset 0x1068000) (Java_com_hook_fdmonitor_FdMonitorManager_initMonitor+28) (BuildId: 6cf9abd30d9295501abd4e19239388f4d4bfa85f)
2025-04-18 16:49:27.885 18517-18517 IO_MONITOR com.example.bhookdemo I #2 pc 0000000000378f70 libart.so (art_quick_generic_jni_trampoline+144) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.885 18517-18517 IO_MONITOR com.example.bhookdemo I #03 pc 0000000000362a40 libart.so (art_quick_invoke_static_stub+640) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.885 18517-18517 IO_MONITOR com.example.bhookdemo I #4 pc 000000000035bd94 libart.so (bool art::interpreter::DoCall(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2048) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.886 18517-18517 IO_MONITOR com.example.bhookdemo I #05 pc 000000000076da48 libart.so (void art::interpreter::ExecuteSwitchImplCpp(art::interpreter::SwitchImplContext*)+12208) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.886 18517-18517 IO_MONITOR com.example.bhookdemo I #6 pc 000000000037b5d8 libart.so (ExecuteSwitchImplAsm+8) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.965 18517-18517 IO_MONITOR com.example.bhookdemo I #07 pc 00000000000055f8 anonymous:79ec664000 (com.hook.fdmonitor.FdMonitorManager.init)
2025-04-18 16:49:27.966 18517-18517 IO_MONITOR com.example.bhookdemo I #8 pc 000000000034e21c libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.2845697060370838518)+428) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.966 18517-18517 IO_MONITOR com.example.bhookdemo I #9 pc 000000000035c5b0 libart.so (bool art::interpreter::DoCall(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.966 18517-18517 IO_MONITOR com.example.bhookdemo I #10 pc 000000000076da48 libart.so (void art::interpreter::ExecuteSwitchImplCpp(art::interpreter::SwitchImplContext*)+12208) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.966 18517-18517 IO_MONITOR com.example.bhookdemo I #11 pc 000000000037b5d8 libart.so (ExecuteSwitchImplAsm+8) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.966 18517-18517 IO_MONITOR com.example.bhookdemo I #12 pc 0000000000001fcc anonymous:79ec664000 (com.example.bhookdemo.MyApplication.onCreate)
2025-04-18 16:49:27.966 18517-18517 IO_MONITOR com.example.bhookdemo I #13 pc 000000000034e21c libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.2845697060370838518)+428) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.966 18517-18517 IO_MONITOR com.example.bhookdemo I #14 pc 000000000035c5b0 libart.so (bool art::interpreter::DoCall(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.966 18517-18517 IO_MONITOR com.example.bhookdemo I #15 pc 000000000076da48 libart.so (void art::interpreter::ExecuteSwitchImplCpp(art::interpreter::SwitchImplContext*)+12208) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.967 18517-18517 IO_MONITOR com.example.bhookdemo I #16 pc 000000000037b5d8 libart.so (ExecuteSwitchImplAsm+8) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.972 18517-18517 IO_MONITOR com.example.bhookdemo I #17 pc 000000000025553c /system/framework/framework.jar (offset 0xb000) (android.app.Instrumentation.callApplicationOnCreate)
2025-04-18 16:49:27.973 18517-18517 IO_MONITOR com.example.bhookdemo I #18 pc 000000000034e21c libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.2845697060370838518)+428) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.973 18517-18517 IO_MONITOR com.example.bhookdemo I #19 pc 000000000035c5b0 libart.so (bool art::interpreter::DoCall(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.973 18517-18517 IO_MONITOR com.example.bhookdemo I #20 pc 000000000076da48 libart.so (void art::interpreter::ExecuteSwitchImplCpp(art::interpreter::SwitchImplContext*)+12208) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.973 18517-18517 IO_MONITOR com.example.bhookdemo I #21 pc 000000000037b5d8 libart.so (ExecuteSwitchImplAsm+8) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.998 18517-18517 IO_MONITOR com.example.bhookdemo I #22 pc 00000000001d20b0 /system/framework/framework.jar (offset 0xb000) (android.app.ActivityThread.handleBindApplication)
2025-04-18 16:49:27.999 18517-18517 IO_MONITOR com.example.bhookdemo I #23 pc 000000000034e21c libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.2845697060370838518)+428) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.999 18517-18517 IO_MONITOR com.example.bhookdemo I #24 pc 000000000035c5b0 libart.so (bool art::interpreter::DoCall(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.999 18517-18517 IO_MONITOR com.example.bhookdemo I #25 pc 000000000076da48 libart.so (void art::interpreter::ExecuteSwitchImplCpp(art::interpreter::SwitchImplContext*)+12208) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.999 18517-18517 IO_MONITOR com.example.bhookdemo I #26 pc 000000000037b5d8 libart.so (ExecuteSwitchImplAsm+8) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.999 18517-18517 IO_MONITOR com.example.bhookdemo I #27 pc 00000000001cf34c /system/framework/framework.jar (offset 0xb000) (android.app.ActivityThread.-$$Nest$mhandleBindApplication)
2025-04-18 16:49:27.999 18517-18517 IO_MONITOR com.example.bhookdemo I #28 pc 000000000034e21c libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.2845697060370838518)+428) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.999 18517-18517 IO_MONITOR com.example.bhookdemo I #29 pc 000000000035c5b0 libart.so (bool art::interpreter::DoCall(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.999 18517-18517 IO_MONITOR com.example.bhookdemo I #30 pc 000000000076da48 libart.so (void art::interpreter::ExecuteSwitchImplCpp(art::interpreter::SwitchImplContext*)+12208) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
2025-04-18 16:49:27.999 18517-18517 IO_MONITOR com.example.bhookdemo I #31 pc 000000000037b5d8 libart.so (ExecuteSwitchImplAsm+8) (BuildId: dcb9fe2b5c99aa3f1a682a6008427d08)
我写了一个demo:https://github.com/paozhuanyinyu/fdmonitor ; 普通函数是这个:Java_com_hook_fdmonitor_FdMonitorManager_initMonitor;proxy函数是这个:hooked_open;在里面有个函数print_open_strace,打印堆栈的函数是print_dwarf_unwind