ExceptionRaised[dynarmic.cpp->ExceptionRaised:231] about unidbg HOT 3 OPEN

public MainActivity(){
    emulator= AndroidEmulatorBuilder.for32Bit().addBackendFactory(new DynarmicFactory(true)).build();
    memory=emulator.getMemory();
    memory.setLibraryResolver(new AndroidResolver(23));

    vm=emulator.createDalvikVM();
    DalvikModule dalvikModule=vm.loadLibrary(new File("unidbg-android/src/test/java/com/hack/lesson5/libnative-lib.so"),true);
    module=dalvikModule.getModule();

    vm.callJNI_OnLoad(emulator,module);
}

public void callAdd(){
    DvmObject object= ProxyDvmObject.createObject(vm,this);
    final int result = object.callJniMethodInt(emulator, "add(II)I", 3,2);
    System.out.println("call the so add function result is ==>"+result);

}

public void hook(){
    //unidbg集成了HookZz框架
    HookZz hook = HookZz.getInstance(emulator);
    //直接hook add函数的地址，比通过符号hook更具有“普适性”
    hook.replace(module.base + 0x3DC + 1, new ReplaceCallback() {
        @Override
        public HookStatus onCall(Emulator<?> emulator, HookContext context, long originFunction) {
            //R2和R3才是参数，R0是env，R1是object
            System.out.println(String.format("R2: %d, R3: %d",context.getIntArg(2),context.getIntArg(3)));
            //把第二个参数R3改成5
            emulator.getBackend().reg_write(Unicorn.UC_ARM_REG_R3,5);
            return super.onCall(emulator, context, originFunction);
        }
        @Override
        public void postCall(Emulator<?> emulator, HookContext context) {
            emulator.getBackend().reg_write(Unicorn.UC_ARM_REG_R0,10);
            //返回值放R0，这里直接修改返回值
            super.postCall(emulator, context);
        }
    }, true);
}
//psvm快速输入
public static void main(String[] args) {
    long start = System.currentTimeMillis();
    MainActivity mainActivity=new MainActivity();
    System.out.println("load the vm "+(System.currentTimeMillis()-start)+"ms");
    mainActivity.hook();
    mainActivity.callAdd();


}