frida-java-bridge
frida-java-bridge copied to clipboard
frida
Frida crashes when listing classes on Android
Initially we thought that it was a r2frida bug but it resulted to be a Frida bug: https://github.com/nowsecure/r2frida/issues/106
Backtrace
https://github.com/nowsecure/r2frida/issues/106#issuecomment-480246134
More crashes......
[16:32 edu@lol frida-scripts] > r2 frida://spawn/usb//com.app.target
-- Press 'c' in visual mode to toggle the cursor mode
[0x00000000]> \dc
resumed spawned process.
[0x00000000]> \ic
DetachReason: FRIDA_SESSION_DETACH_REASON_PROCESS_TERMINATED
CrashReport: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'OnePlus/OnePlus3/OnePlus3:7.0/NRD90M/01122125:user/release-keys'
Revision: '0'
ABI: 'arm64'
pid: 1333, tid: 1351, name: Thread-5 >>> com.app.target <<<
signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x7f4da07000
x0 0000007f4da05000 x1 0000007f4da15000 x2 0000000000000080 x3 0000000000000040
x4 0000007f4da07000 x5 0000000000000001 x6 0000000000000000 x7 0000000029d4722d
x8 00000000000000e2 x9 0000000000001000 x10 0000007f4da15000 x11 0000007f6aa6bd20
x12 0000007f78a3fc90 x13 000000005e8cba79 x14 0000000000000000 x15 0000000000000074
x16 0000007f6aadfb78 x17 0000007f833c02a8 x18 0000000000000026 x19 0000000000010000
x20 0000007f4da05000 x21 0000007f69b6d3f8 x22 0000007f5d3fdeb0 x23 0000007f4da05000
x24 0000000000010000 x25 0000007f6ab3b1f2 x26 0000007f69b6dc18 x27 0000007f6ab36db0
x28 0000007f5d3ff4e8 x29 0000007f5d3fde60 x30 0000007f69ac7c88
sp 0000007f5d3fde10 pc 0000007f6a453bfc pstate 0000000080000000
backtrace:
#00 pc 0000000000bb3bfc /data/local/tmp/re.frida.server/frida-agent-64.so (__aarch64_sync_cache_range+64)
#01 pc 0000000000227c84 /data/local/tmp/re.frida.server/frida-agent-64.so (gum_clear_cache+28)
#02 pc 0000000000225150 /data/local/tmp/re.frida.server/frida-agent-64.so (gum_memory_patch_code+132)
#03 pc 00000000002cd3c8 /data/local/tmp/re.frida.server/frida-agent-64.so (_ZN36GumV8Closure_gumjs_memory_patch_code6invokeEv+88)
#04 pc 00000000002cdc5c /data/local/tmp/re.frida.server/frida-agent-64.so (_ZL23gumjs_memory_patch_codeRKN2v820FunctionCallbackInfoINS_5ValueEEE+68)
#05 pc 00000000006ef874 /data/local/tmp/re.frida.server/frida-agent-64.so (_ZN2v88internal25FunctionCallbackArguments4CallEPNS0_15CallHandlerInfoE+572)
#06 pc 00000000006eee94 /data/local/tmp/re.frida.server/frida-agent-64.so (_ZN2v88internal12_GLOBAL__N_119HandleApiCallHelperILb0EEENS0_11MaybeHandleINS0_6ObjectEEEPNS0_7IsolateENS0_6HandleINS0_10HeapObjectEEESA_NS8_INS0_20FunctionTemplateInfoEEENS8_IS4_EENS0_16BuiltinArgumentsE+448)
#07 pc 00000000006ee720 /data/local/tmp/re.frida.server/frida-agent-64.so (_ZN2v88internalL26Builtin_Impl_HandleApiCallENS0_16BuiltinArgumentsEPNS0_7IsolateE+224)
#08 pc 00000000000541e8 <anonymous:0000007f5d904000>
Target process terminated
[0x00000000]>
