root@optimum-quagga:~/diffoscope# gdb --args aapt2 dump resources /tmp/tmpntfkh146/out.apk
GNU gdb (Ubuntu 13.2-1ubuntu1) 13.2
Copyright (C) 2023 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "arm-linux-gnueabihf".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from aapt2...
Reading symbols from /usr/lib/debug/.build-id/08/4ab3c604520da0c8ff77de341641ed94213b9d.debug...
(gdb) r
Starting program: /usr/bin/aapt2 dump resources /tmp/tmpntfkh146/out.apk
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/arm-linux-gnueabihf/libthread_db.so.1".
Program received signal SIGBUS, Bus error.
android::ResTable_config::copyFromDeviceNoSwap (this=0xfffee6b0, o=...) at ./libs/androidfw/ResourceTypes.cpp:1838
1838 ./libs/androidfw/ResourceTypes.cpp: No such file or directory.
(gdb) bt
#0 android::ResTable_config::copyFromDeviceNoSwap (this=0xfffee6b0, o=...) at ./libs/androidfw/ResourceTypes.cpp:1838
#1 android::ResTable_config::copyFromDtoH (this=0xfffee6b0, o=...) at ./libs/androidfw/ResourceTypes.cpp:1911
#2 0x004b4a28 in aapt::BinaryResourceParser::ParseType (this=this@entry=0xfffeed58, package=package@entry=0x5bc8a8, chunk=0xf7fcf709) at ./tools/aapt2/format/binary/BinaryResourceParser.cpp:352
#3 0x004b3928 in aapt::BinaryResourceParser::ParsePackage (this=this@entry=0xfffeed58, chunk=<optimized out>) at ./tools/aapt2/format/binary/BinaryResourceParser.cpp:241
#4 0x004b2ff4 in aapt::BinaryResourceParser::ParseTable (this=this@entry=0xfffeed58, chunk=<optimized out>) at ./tools/aapt2/format/binary/BinaryResourceParser.cpp:156
#5 0x004b2914 in aapt::BinaryResourceParser::Parse (this=0xfffeed58) at ./tools/aapt2/format/binary/BinaryResourceParser.cpp:109
#6 0x00511054 in aapt::LoadedApk::LoadBinaryApkFromFileCollection (source=..., collection=std::unique_ptr<aapt::io::IFileCollection> = {...}, diag=diag@entry=0xfffef338) at ./tools/aapt2/LoadedApk.cpp:168
#7 0x00510844 in aapt::LoadedApk::LoadApkFromPath (path=..., diag=0xfffef338) at ./tools/aapt2/LoadedApk.cpp:87
#8 0x00428b18 in aapt::DumpApkCommand::Action (this=0x5ba290, args=...) at tools/aapt2/cmd/Dump.h:72
#9 0x00413440 in aapt::Command::Execute (this=0x5ba290, args=..., out_error=<optimized out>) at ./tools/aapt2/cmd/Command.cpp:250
#10 0x00413548 in aapt::Command::Execute (this=0x5b7eb8, args=..., out_error=<optimized out>) at ./tools/aapt2/cmd/Command.cpp:200
#11 0x00413548 in aapt::Command::Execute (this=0x5b5a40, args=..., out_error=<optimized out>) at ./tools/aapt2/cmd/Command.cpp:200
#12 0x00552dd0 in MainImpl (argc=<optimized out>, argv=<optimized out>) at ./tools/aapt2/Main.cpp:177
#13 0xf7a5b7da in __libc_start_call_main (main=main@entry=0x552e44 <main(int, char**)>, argc=argc@entry=4, argv=0xfffef534, argv@entry=0xf7b4d000) at ../sysdeps/nptl/libc_start_call_main.h:58
#14 0xf7a5b87e in __libc_start_main_impl (main=0x552e44 <main(int, char**)>, argc=4, argv=0xf7b4d000, init=<optimized out>, fini=0x0, rtld_fini=0xf7fd5539 <_dl_fini>, stack_end=0xfffef534) at libc-start.c:360
#15 0x00411ab0 in _start ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
(gdb) disassemble
Dump of assembler code for function _ZN7android15ResTable_config12copyFromDtoHERKS0_:
0xf7eb95c4 <+0>: push {r4, r5, r6, r7, r8, lr}
0xf7eb95c8 <+4>: ldr r5, [r1]
0xf7eb95cc <+8>: mov r8, r0
0xf7eb95d0 <+12>: cmp r5, #64 @ 0x40
0xf7eb95d4 <+16>: bcc 0xf7eb95f4 <_ZN7android15ResTable_config12copyFromDtoHERKS0_+48>
=> 0xf7eb95d8 <+20>: ldm r1!, {r2, r3, r4, r5, r6}
0xf7eb95dc <+24>: stmia r0!, {r2, r3, r4, r5, r6}
0xf7eb95e0 <+28>: ldm r1!, {r2, r3, r4, r5, r6}
0xf7eb95e4 <+32>: stmia r0!, {r2, r3, r4, r5, r6}
0xf7eb95e8 <+36>: ldm r1, {r2, r3, r4, r5, r6, r7}
0xf7eb95ec <+40>: stm r0, {r2, r3, r4, r5, r6, r7}
0xf7eb95f0 <+44>: b 0xf7eb960c <_ZN7android15ResTable_config12copyFromDtoHERKS0_+72>
0xf7eb95f4 <+48>: mov r2, r5
0xf7eb95f8 <+52>: bl 0xf7e990dc <memcpy@plt>
0xf7eb95fc <+56>: add r0, r8, r5
0xf7eb9600 <+60>: rsb r2, r5, #64 @ 0x40
0xf7eb9604 <+64>: mov r1, #0
0xf7eb9608 <+68>: bl 0xf7e98c8c <memset@plt>
0xf7eb960c <+72>: mov r0, #64 @ 0x40
0xf7eb9610 <+76>: str r0, [r8]
0xf7eb9614 <+80>: pop {r4, r5, r6, r7, r8, pc}
End of assembler dump.
(gdb)
eh, there you go, aapt2 is indeed crashing
root@optimum- quagga: ~/diffoscope# gdb --args aapt2 dump resources /tmp/tmpntfkh14 6/out.apk gnu.org/ licenses/ gpl.html> gnueabihf" . /www.gnu. org/software/ gdb/bugs/>. www.gnu. org/software/ gdb/documentati on/>.
GNU gdb (Ubuntu 13.2-1ubuntu1) 13.2
Copyright (C) 2023 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "arm-linux-
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https:/
Find the GDB manual and other documentation resources online at:
<http://
For help, type "help". debug/. build-id/ 08/4ab3c604520d a0c8ff77de34164 1ed94213b9d. debug.. . 6/out.apk linux-gnueabihf /libthread_ db.so.1" .
Type "apropos word" to search for commands related to "word"...
Reading symbols from aapt2...
Reading symbols from /usr/lib/
(gdb) r
Starting program: /usr/bin/aapt2 dump resources /tmp/tmpntfkh14
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/arm-
Program received signal SIGBUS, Bus error. :ResTable_ config: :copyFromDevice NoSwap (this=0xfffee6b0, o=...) at ./libs/ androidfw/ ResourceTypes. cpp:1838 androidfw/ ResourceTypes. cpp: No such file or directory. :ResTable_ config: :copyFromDevice NoSwap (this=0xfffee6b0, o=...) at ./libs/ androidfw/ ResourceTypes. cpp:1838 :ResTable_ config: :copyFromDtoH (this=0xfffee6b0, o=...) at ./libs/ androidfw/ ResourceTypes. cpp:1911 ourceParser: :ParseType (this=this@ entry=0xfffeed5 8, package= package@ entry=0x5bc8a8, chunk=0xf7fcf709) at ./tools/ aapt2/format/ binary/ BinaryResourceP arser.cpp: 352 ourceParser: :ParsePackage (this=this@ entry=0xfffeed5 8, chunk=<optimized out>) at ./tools/ aapt2/format/ binary/ BinaryResourceP arser.cpp: 241 ourceParser: :ParseTable (this=this@ entry=0xfffeed5 8, chunk=<optimized out>) at ./tools/ aapt2/format/ binary/ BinaryResourceP arser.cpp: 156 ourceParser: :Parse (this=0xfffeed58) at ./tools/ aapt2/format/ binary/ BinaryResourceP arser.cpp: 109 ::LoadBinaryApk FromFileCollect ion (source=..., collection= std::unique_ ptr<aapt: :io::IFileColle ction> = {...}, diag=diag@ entry=0xfffef33 8) at ./tools/ aapt2/LoadedApk .cpp:168 ::LoadApkFromPa th (path=..., diag=0xfffef338) at ./tools/ aapt2/LoadedApk .cpp:87 mmand:: Action (this=0x5ba290, args=...) at tools/aapt2/ cmd/Dump. h:72 :Execute (this=0x5ba290, args=..., out_error= <optimized out>) at ./tools/ aapt2/cmd/ Command. cpp:250 :Execute (this=0x5b7eb8, args=..., out_error= <optimized out>) at ./tools/ aapt2/cmd/ Command. cpp:200 :Execute (this=0x5b5a40, args=..., out_error= <optimized out>) at ./tools/ aapt2/cmd/ Command. cpp:200 aapt2/Main. cpp:177 start_call_ main (main=main@ entry=0x552e44 <main(int, char**)>, argc=argc@entry=4, argv=0xfffef534, argv@entry= 0xf7b4d000) at ../sysdeps/ nptl/libc_ start_call_ main.h: 58 start_main_ impl (main=0x552e44 <main(int, char**)>, argc=4, argv=0xf7b4d000, init=<optimized out>, fini=0x0, rtld_fini= 0xf7fd5539 <_dl_fini>, stack_end= 0xfffef534) at libc-start.c:360 sTable_ config12copyFro mDtoHERKS0_ : esTable_ config12copyFro mDtoHERKS0_ +48> esTable_ config12copyFro mDtoHERKS0_ +72>
android:
1838 ./libs/
(gdb) bt
#0 android:
#1 android:
#2 0x004b4a28 in aapt::BinaryRes
#3 0x004b3928 in aapt::BinaryRes
#4 0x004b2ff4 in aapt::BinaryRes
#5 0x004b2914 in aapt::BinaryRes
#6 0x00511054 in aapt::LoadedApk
#7 0x00510844 in aapt::LoadedApk
#8 0x00428b18 in aapt::DumpApkCo
#9 0x00413440 in aapt::Command:
#10 0x00413548 in aapt::Command:
#11 0x00413548 in aapt::Command:
#12 0x00552dd0 in MainImpl (argc=<optimized out>, argv=<optimized out>) at ./tools/
#13 0xf7a5b7da in __libc_
#14 0xf7a5b87e in __libc_
#15 0x00411ab0 in _start ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
(gdb) disassemble
Dump of assembler code for function _ZN7android15Re
0xf7eb95c4 <+0>: push {r4, r5, r6, r7, r8, lr}
0xf7eb95c8 <+4>: ldr r5, [r1]
0xf7eb95cc <+8>: mov r8, r0
0xf7eb95d0 <+12>: cmp r5, #64 @ 0x40
0xf7eb95d4 <+16>: bcc 0xf7eb95f4 <_ZN7android15R
=> 0xf7eb95d8 <+20>: ldm r1!, {r2, r3, r4, r5, r6}
0xf7eb95dc <+24>: stmia r0!, {r2, r3, r4, r5, r6}
0xf7eb95e0 <+28>: ldm r1!, {r2, r3, r4, r5, r6}
0xf7eb95e4 <+32>: stmia r0!, {r2, r3, r4, r5, r6}
0xf7eb95e8 <+36>: ldm r1, {r2, r3, r4, r5, r6, r7}
0xf7eb95ec <+40>: stm r0, {r2, r3, r4, r5, r6, r7}
0xf7eb95f0 <+44>: b 0xf7eb960c <_ZN7android15R
0xf7eb95f4 <+48>: mov r2, r5
0xf7eb95f8 <+52>: bl 0xf7e990dc <memcpy@plt>
0xf7eb95fc <+56>: add r0, r8, r5
0xf7eb9600 <+60>: rsb r2, r5, #64 @ 0x40
0xf7eb9604 <+64>: mov r1, #0
0xf7eb9608 <+68>: bl 0xf7e98c8c <memset@plt>
0xf7eb960c <+72>: mov r0, #64 @ 0x40
0xf7eb9610 <+76>: str r0, [r8]
0xf7eb9614 <+80>: pop {r4, r5, r6, r7, r8, pc}
End of assembler dump.
(gdb)