xdl_open crash

[zhangjg0201]

版本：

implementation 'io.hexhacking:xdl:1.0.4'

执行条件：

在APP主进程的主线程中通过jni调用xdl_open，加载libbluetooth.so (/system/lib64/libbluetooth.so)
调用xdl_open之前，该so没有加载到进程的内存空间中，是第一次加载

崩溃日志：

`*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'google/flame/flame:11/RP1A.200720.009/6720564:user/release-keys'
Revision: 'MP1.0'
ABI: 'arm64'
Timestamp: 2021-04-25 17:29:56+0800
pid: 15387, tid: 15387, name: example.bledemo >>> com.example.bledemo <<<
uid: 10030
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
Cause: null pointer dereference
x0 0000000000000006 x1 0000007fc98f3188 x2 0000007fc98f31c0 x3 0000007199bf9080
x4 000000719cafd740 x5 000000719cafd733 x6 2f6d65747379732f x7 696c2f343662696c
x8 000000719dcdd4a8 x9 0000000000000000 x10 000000000000003f x11 0000000000000028
x12 65756c6262696c2f x13 6f732e68746f6f74 x14 00000000afd231bc x15 0000000002bf48c6
x16 000000719dcd9448 x17 000000719dcae4b0 x18 0000000000000000 x19 0000007199bf9080
x20 000000719dbf3058 x21 0000006ef6095390 x22 0000000000000000 x23 000000719dbf6f61
x24 0000000000000066 x25 000000719dcdd4b8 x26 000000719dcdd4b0 x27 0000006ef5b7b86c
x28 000000719dcdd000 x29 0000007fc98eb8b0
lr 000000719dc380f4 sp 0000007fc98eb8b0 pc 0000006ef5b7b86c pst 0000000080000000

backtrace:
#00 pc 000000000017b86c /system/lib64/libbluetooth.so (_GLOBAL__sub_I_bta_ag_act.cc) (BuildId: d07643cbd5d9d34c52b587b199da32f3)
#1 pc 000000000004a0f0 /apex/com.android.runtime/bin/linker64 (_dl__ZL10call_arrayIPFviPPcS1_EEvPKcPT_mbS5+284) (BuildId: 3616c064c2d540887bd8b30030a981de)
#2 pc 000000000004a2f0 /apex/com.android.runtime/bin/linker64 (__dl__ZN6soinfo17call_constructorsEv+380) (BuildId: 3616c064c2d540887bd8b30030a981de)
#3 pc 0000000000035a4c /apex/com.android.runtime/bin/linker64 (__dl__Z9do_dlopenPKciPK17android_dlextinfoPKv+2088) (BuildId: 3616c064c2d540887bd8b30030a981de)
#4 pc 00000000000310e8 /apex/com.android.runtime/bin/linker64 (__dl__ZL10dlopen_extPKciPK17android_dlextinfoPKv+80) (BuildId: 3616c064c2d540887bd8b30030a981de)
#5 pc 000000000000120c /data/app/~~yxqS3Fy6-6fNtXX7A_xKMw==/com.example.bledemo-QfW-KfzEF2wbfbY9Arjt7Q==/base.apk!libxdl.so (offset 0xe000) (xdl_open+128) (BuildId: 154fa0245579a20c11a832dd43fe69784a9c157a)
#6 pc 0000000000000980 /data/app/~~yxqS3Fy6-6fNtXX7A_xKMw==/com.example.bledemo-QfW-KfzEF2wbfbY9Arjt7Q==/base.apk!libble_compat.so (offset 0x7000) (BuildId: 2f66c2f22a2ba64935b061936938d659925aaf79)
#7 pc 00000000000008b8 /data/app/~~yxqS3Fy6-6fNtXX7A_xKMw==/com.example.bledemo-QfW-KfzEF2wbfbY9Arjt7Q==/base.apk!libble_compat.so (offset 0x7000) (Java_com_connect_ble_BLECompat_getBLEAddress+32) (BuildId: 2f66c2f22a2ba64935b061936938d659925aaf79)`

tombstone_pixel_4_android_11.txt
tombstone_pixel_xl_android_10.txt
tombstone_vivo_y15_android_11.txt

[caikelun]

这应该是linker在调用libbluetooth.so的init函数时发生的崩溃，需要具体分析libbluetooth.so中的逻辑了。我这里目前无法重现。感谢反馈。