Old Android version, linux shared library and apk packer controlled by Android Studio

  1. Old Android version (4.4 on my side) didn’t look for shared library by SONAME inside. It only checks file name. For example, in recent Android version (7 or 8), one file named libcrypto.so whose SONAME is libcrypto.so.1.0.0 can be loaded by dependents successfully. But in old versions the system reported “dlopen failed to load libcrypto.so.1.0.0”.
  2. In Linux’s programming conventions, a shared library usually has name like libxxxx.so.x.y.z and a symbolic link named libxxxx.so would also be created pointing to the former. That’s OK in a normal Linux system, but has problems with Android’s app.  The android apk’s zip format didn’t recognize symbolic link, and as I described in 1. it also didn’t load shared library by  SONAME.
  3. Android Studio integrated CMake to build native libraries and it also packs what generated by CMake (app/build/intemediates/cmake/<debug-or-release>/obj/<arch>)/) to libs directory inside the apk. That’s good. But! But it packs only files with .so extension. So, files like libxxxx.so.x.y.z would be packed into the apk, and we don’t have any configurable option on both gradle file and CMakefile.txt to add them manually.

Android studio 3.0, modules and IDE symbol indexing

Long in short, after upgraded to Android Studio 3.0, symbols from aar binary modules cannot be resolved in IDE, although the building/make is successful. Clean or Rebuild project is useless.


Two steps solution:

  1. Change line


    implementation project('the-aar-module-name')
  2. Select ‘Invalidate Caches / Restart‘ from File menu.

Strange behavior in WOW64 DLL loading in Windows 2008 R2

That is, if a 32bit DLL was loaded by CreateRemoteThread(), the DLL would be unloaded silently without DLL_PROCESS_DETACH invocation sent to DLLMain() of the DLL. There are indeed 2 weird issues, one is silent unloading, the other is no DLL_PROCESS_DETACH callback.

This occurs on WOW64 environment of Windows 2008 Server R2 only.  Windows 2012 and 2016 don’t have this issue, while x64 environment of 2008 also doesn’t have the issue.

To fix it, we can make the DLL depend on another DLL. The 2nd DLL can receive all notification callbacks of DLLMain(). This way can fix the callback issue. And by adding an extra LoadLibrary() call of 2nd DLL in 1st DLL’s DLL_PROCESS_ATTACH notification, we can keep the 2nd DLL in memory even if 1st DLL unloaded silently.


MacPorts trick for High Sierra taster

If you happen see a lot of port failed to build and error is about clock_gettime or even u_int, it is because some definition are in platform SDK instead /usr/**/*.h

Here is the trick:

Maybe /opt/local/etc/macports.conf is the right place to config it, but I have not found the key yet.

Selecting a correct order of API call sequences is important

In short, ffmpeg changes its API in recent versions. One of them is marking AVStream.codec as deprecated. On other side, a AVCodecParameters * AVStream.codecpar was added for codec information described in the stream. To decode data read from stream correctly, we must create a AVCodecContext through avcodec_alloc_context3(), copy codec information from AVStream.codecpar to this allocated AVCodecContext, and call avcodec_open2() to assign this AVCodecContext to AVCodec found by avcodec_finder_decoder() call.

Here is the point. We must call avcodec_parameters_to_context() to copy codec information to AVCodecContext before we call avcodec_open2() to assign AVCodecContext to AVCodec. If we incorrectly reversed this order, say, called avcodec_open2() before avcodec_parameters_to_context(), we can still decode many videos correctly, but we will encounter strange behavior when we try to play back .mkv or .mp4 files – Each call to decoding function will fail.

A simple shell script integrated to Xcode to generate and copy architecture adaptive dylib in

if [ "$CONFIGURATION" == "Debug" ]; then





for a in $ARCHS; do



lipo "$LIBFFMPEG_DIR/lib/libffmpeg.dylib" $EXTRACT_ARCHS -output "$BUILT_PRODUCTS_DIR/$CONTENTS_FOLDER_PATH/libffmpeg.dylib"

if [ "$CODE_SIGNING_REQUIRED" == "YES" ]; then



install_name_tool -change "libffmpeg.dylib" "@executable_path/libffmpeg.dylib" "$BUILT_PRODUCTS_DIR/$EXECUTABLE_PATH"

Problem again. Assembly generated by clang or written manually, using integrated assembler or not

Simply, clang has an option '--no-integrated-as' so that the compiler invokes apple’s standalone 'as' assembler instead of using clang’s built-in. But, either has its own lost pieces.

  • Without '--no-integrated-as', clang would use its internal assembler. Unfortunately it doesn’t recognize the mnemonic 'ldmltfd'
  • With '--no-integrated-as', apple’s 'as’ assembler reports an error in pesudo instruction '.ios_version_min', which was apparently generated by clang itself.

Therefore I have no choice except for changing 'ldmltfd' to two simple instructions…


Some tricks in passing file descriptors through unix domain socket

Passing file descriptors through unix domain socket is well-known. But there still have some tricks in implementation. I spent one day to deal with it in Mac OS X by digging into xnu source.

  1. How to pass multiple file descriptors in one sendmsg() call?
    Simple. Put all file descriptors one by one after struct cmsghdr.
  2. Can I put multiple struct cmsghdrs with data? I noticed there are CMSG_FIRSTHDR() and CMSG_NXTHDR() defined in <sys/socket.h> 

    No. In xnu sources it checks msghdr.controllen with cmsghdr.cmsg_len. If they are not equal, a -EINVAL returned in sendmsg() call. That means only one cmsghdr can be put into msghdr.

The limitation is in OS X only. I haven’t check Linux and would do it soon or later.

How does __TEXT encode address in __DATA?

Session 406 of WWDC 2016 is great! It explains clearly how the iOS application is settled in memory before running, with ASLR and code-signing. The key point is the indirect pointers in __DATA avoid patching the __TEXT, which is required by ASLR but impossible because of code-signing.

There is this one point confusing me, __TEXT still needs to encode address pointing to __DATA segment, though __DATA page address is randomised now.

The answer is quite simple indeed: the offset between __TEXT and __DATA is not changing between runs, the offset is encoded in __TEXT.

In 64bit Mac OS X, it implements as:

movl 0xae(%rip), %edi

iOS ARMv7 generates:

 0000bf9c f240037c movw r3, #0x7c
 0000bfa0 f2c00300 movt r3, #0x0
 0000bfa4     447b add r3, pc  ;$pc(0xbfa8) + 0x7c -> global_var in __DATA

iOS ARMv8 (64) generates:

 0000000100007f2c adrp x8, 1 ; 0x100007000 + 4k*1
 0000000100007f30 add x8, x8, #64 ; +0x40 -> 0x100008040 
                                  ;-> global_var in __DATA

* adrp xd label  mask out lower 12bits of pc then add label<<12 to generate an address.

curl certificate issue

Mac OS X El Capitan, MacPorts, it goes well for so long. And one day, git complains:

 curl: (77) error setting certificate verify locations:
 CAfile: /opt/local/share/curl/curl-ca-bundle.crt
 CApath: none

Easy, update git config system to use ca-bundle.crt found by searching.

 sslcainfo = /opt/local/share/apps/kssl/ca-bundle.crt

Problem sovled.

But, curl itself still complains:

curl --cacert /opt/local/share/apps/kssl/ca-bundle.crt ...

Problem solved again.

But, it is hard to bear the burden of adding such a long argument!

Why did curl ask for the damn file not existed?

curl-config --ca

OK, it seems that’s the value coded in the source. Fortunately, the command will check CURL_CA_BUNDLE environment variable.
Patch the ~/.profile (or .bashrc for bash, .zshrc for zsh…)


The problem is really resolved.