AntennaPod crash on Graphene OS due to native code debugging.

[benmordecai]

Checklist

• I have used the search function for OPEN issues to see if someone else has already submitted the same bug report.
• I have also used the search function for CLOSED issues to see if the problem is already solved and just waiting to be released.
• I will describe the problem with as much detail as possible.
• If the bug only to occurs with a certain podcast, I will include the URL of that podcast.

App version

3.2.0

Where did you get the app from

F-Droid

Android version

Graphene OS 2024-03-15

Device model

Pixel 6a

First occurred

a few days ago

Steps to reproduce

1. Play podcast

Expected behaviour

Normal operation

Current behaviour

Playback stops Graphene OS reports "Vandium Web View Tried to Access Native Code Debugging"

Logs

Environment

Android version: 14
OS version: 5.10.209-android13-4-g5944b4cc23fb
AntennaPod version: 3.2.0
Model: Pixel 6a
Device: bluejay
Product: bluejay

Crash info

Time: 02-01-2024 17:11:30
AntennaPod version: 3.2.0

StackTrace

java.lang.RuntimeException: Error receiving broadcast Intent { act=android.media.AUDIO_BECOMING_NOISY flg=0x14000010 } in de.danoeh.antennapod.core.service.playback.PlaybackService$7@48354b4
	at android.app.LoadedApk$ReceiverDispatcher$Args.lambda$getRunnable$0(LoadedApk.java:1810)
	at android.app.LoadedApk$ReceiverDispatcher$Args.$r8$lambda$gDuJqgxY6Zb-ifyeubKeivTLAwk(Unknown Source:0)
	at android.app.LoadedApk$ReceiverDispatcher$Args$$ExternalSyntheticLambda0.run(Unknown Source:2)
	at android.os.Handler.handleCallback(Handler.java:958)
	at android.os.Handler.dispatchMessage(Handler.java:99)
	at android.os.Looper.loopOnce(Looper.java:205)
	at android.os.Looper.loop(Looper.java:294)
	at android.app.ActivityThread.main(ActivityThread.java:8225)
	at java.lang.reflect.Method.invoke(Native Method)
	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:552)
	at com.android.internal.os.ExecInit.main(ExecInit.java:49)
	at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
	at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:359)
Caused by: java.lang.IllegalArgumentException: User 0 is not the current user.
	at android.os.Parcel.createExceptionOrNull(Parcel.java:3070)
	at android.os.Parcel.createException(Parcel.java:3050)
	at android.os.Parcel.readException(Parcel.java:3026)
	at android.os.Parcel.readException(Parcel.java:2968)
	at com.android.internal.statusbar.IStatusBarService$Stub$Proxy.requestTileServiceListeningState(IStatusBarService.java:2409)
	at android.app.StatusBarManager.requestTileServiceListeningState(StatusBarManager.java:949)
	at android.service.quicksettings.TileService.requestListeningState(TileService.java:545)
	at de.danoeh.antennapod.core.service.QuickSettingsTileService$$ExternalSyntheticApiModelOutline0.m(R8$$SyntheticClass:0)
	at de.danoeh.antennapod.core.service.playback.PlaybackService$3.statusChanged(PlaybackService.java:856)
	at de.danoeh.antennapod.playback.base.PlaybackServiceMediaPlayer.setPlayerStatus(PlaybackServiceMediaPlayer.java:319)
	at de.danoeh.antennapod.core.service.playback.LocalPSMP.pause(LocalPSMP.java:253)
	at de.danoeh.antennapod.core.service.playback.PlaybackService.pauseIfPauseOnDisconnect(PlaybackService.java:1502)
	at de.danoeh.antennapod.core.service.playback.PlaybackService.-$$Nest$mpauseIfPauseOnDisconnect(PlaybackService.java:0)
	at de.danoeh.antennapod.core.service.playback.PlaybackService$7.onReceive(PlaybackService.java:1491)
	at android.app.LoadedApk$ReceiverDispatcher$Args.lambda$getRunnable$0(LoadedApk.java:1802)
	... 12 more
Caused by: android.os.RemoteException: Remote stack trace:
	at com.android.server.statusbar.StatusBarManagerService.requestTileServiceListeningState(StatusBarManagerService.java:1983)
	at com.android.internal.statusbar.IStatusBarService$Stub.onTransact(IStatusBarService.java:1262)
	at android.os.Binder.execTransactInternal(Binder.java:1361)
	at android.os.Binder.execTransact(Binder.java:1302)

[ByteHamster]

Do you get the same message if you open the description of a non-playing item? This sounds like something is wrong with Vandium WebView, not with AntennaPod. AntennaPod just displays the description using a WebView, so if that then makes the app crash, it is something outside the control of AntennaPod

[benmordecai]

Graphene just pushed an update. I am going to play some episodes and see if the problem returns. It only ever happens during playback and often with the screen locked for > 5 mins

[maaaat]

Just for the sake of adding a data point, I use AntennaPod (from F-Droid) on GrapheneOS, also a Pixel 6a with up to date software and native code debugging blocked, and I can't reproduce this bug. I usually have the screen locked for long times during bike commute, like 30 minutes, and no issue. Maybe something else in your setup? I use AntennaPod in my main profile, if that can have an impact.

[benmordecai]

This is definitely still an issue for me as it is still crashing several times per day. I have native code debugging allowed which is the default setting but it still generates a notification that says "Vandium System WebView tried to use native code debugging" every time that it crashes. It is possible that this message is merely a symptom of the crash and is actually irrelevant. @maaaat and I have the same hardware, OS, and AntennaPod source.

I only use AntennaPod on my main profile which does not have Google Play services installed

[ByteHamster]

When this happens, does the time stamp on the "report bug" screen change and still has the same stack trace? If so, this is probably unrelated to Vanadium System WebView and simply the same as #7001

[benmordecai]

The latest stack trace shows 02-01-2024 which is not the same time as the latest crash.

[ByteHamster]

You say this started occurring a few days ago but the last AntennaPod update was a few months ago. Maybe Vanadium was updated then? Maybe you could try uninstalling the Vanadium updates? I'm still convinced that this is not actually an AntennaPod problem but a Vanadium problem.

[benmordecai]

This is my current Vandium version: https://github.com/GrapheneOS/Vanadium/releases/tag/123.0.6312.40.0

As far as I know Graphene is rolling release with atomic updates and there is no way to rollback updates but I am not certain about this. Looking more closely at the 2-01-2024 date, I think this would predate the first occurrence of the crash and maybe this is a dummy stack trace unrelated to the crashes I am experiencing now.

[github-actions]

This issue will be closed when we don't get a reply within 7 days.

[benmordecai]

This problem is not solved. I have had several Graphene updates since then. Is there another place to look for crash information?

[ByteHamster]

Here Graphene users have the same problem with other apps: https://discuss.grapheneos.org/d/9676-vanadium-tried-to-use-native-code-debugging

Your best chance is to settle this with the Graphene community, as it is not AntennaPod specific and we can't support system components misbehaving

[benmordecai]

@ByteHamster it appears these people are interested in why they are getting the notification, but in the case of AntennaPod it results in a crash, and this occurs when I allow native code debugging. Essentially, I don't know how I can know that this is a system component, as it may simply be a symptom of an AntennaPod crash. For example, if the timeline is like this:

1. Anomalous situation reached in AntennaPod
2. AntennaPod attempts to log or debug the issue automatically by using a system component assumed in Android
3. Graphene detects AntennaPod's attempt and warns the user in case the user wants to know the app is attempting debugging.

In this situation (which is my suspicion is the real situation) the native debugging notification is not causing the crash.

[thestinger]

@ByteHamster Vanadium trying to use ptrace after the app using the WebView crashes definitely isn't the cause of the crash. We do probably need to figure out how to disable that but it's not the source of the problem.

[thestinger]

Based on the crash log in the initial report, this is triggered due to the quick tile doing something that it's not allowed to do. It has no connection to Vanadium beyond the annoyance we're aware of where it will try to use ptrace when not allowed to use it after an app crashes.

[ByteHamster]

The stack trace in the initial report is unrelated. Its time stamp does not get updated on further crashes, as @benmordecai confirmed above. (that other crash is reported and fixed in another issue)

Given that this started without any AntennaPod update (but probably with a Graphene update), I'm still convinced that this is not caused by AntennaPod. In the past, we had faulty WebView updates occasionally which had a similar effect: Android kills processes that used the crashed WebView.

@benmordecai An adb logcat directly after the crash could maybe help.

[benmordecai]

I'll try to attempt adb logcat after a crash.

[benmordecai]

Here is a logcat about 10s after a crash

logcat.txt

[ByteHamster]

Unfortunately that log contains just 2 seconds of data, and AntennaPod is not running (nor crashing) in those 2 seconds. Does Graphene not keep a log buffer? Maybe the log buffer is disabled in the developer options?

[matchboxbananasynergy]

If system logs are needed, after reproducing the crash, one can also go to Settings > System > View logs and save them to a .txt file from there.

[benmordecai]

I have no idea. There was just so much text I terminated it. I can try to run logcat before a crash and wait for a crash to happen.

[benmordecai]

System log immediately after crash
System log 8ebb147e5061.txt

[ByteHamster]

Yup, that's a crash in Vanadium, not in AntennaPod... Your best chance is to settle this with the Graphene community, as it is not AntennaPod specific and we can't support system components misbehaving

F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
F DEBUG   : Build fingerprint: 'google/bluejay/bluejay:14/AP1A.240305.019.A1/2024032100:user/release-keys'
F DEBUG   : Revision: 'MP1.0'
F DEBUG   : ABI: 'arm64'
F DEBUG   : Timestamp: 2024-04-01 10:40:09.278801728-0400
F DEBUG   : Process uptime: 4134s
F DEBUG   : Cmdline: de.danoeh.antennapod
F DEBUG   : pid: 23396, tid: 23396, name: noeh.antennapod  >>> de.danoeh.antennapod <<<
F DEBUG   : uid: 10233
F DEBUG   : tagged_addr_ctrl: 0000000000000001 (PR_TAGGED_ADDR_ENABLE)
F DEBUG   : signal 5 (SIGTRAP), code 1 (TRAP_BRKPT), fault addr 0x0000c128857afe48
F DEBUG   : Abort message: '[FATAL:crashpad_client_linux.cc(745)] Render process (23622)'s crash wasn't handled by all associated  webviews, triggering application crash.'
F DEBUG   :     x0  0000000000000000  x1  0000000000000400  x2  0000e6939fc51ac0  x3  0000e6939fc51b08
F DEBUG   :     x4  0000000000000004  x5  2762622d77746d68  x6  2762622d77746d68  x7  7f7f7f7f7f7f7f7f
F DEBUG   :     x8  0000000000000000  x9  0000000000000000  x10 0000000000000002  x11 0000e6939fc516c8
F DEBUG   :     x12 0000e6939fc50410  x13 0000000000000090  x14 0000e6939fc504c0  x15 00000ac0fdbd814b
F DEBUG   :     x16 0000c128893eb258  x17 0000c44ab292cff0  x18 0000c44adaf68000  x19 0000e6939fc51b80
F DEBUG   :     x20 000000000000008f  x21 0000c1288941b000  x22 000000000000008f  x23 0000c44ada379040
F DEBUG   :     x24 000000000000008e  x25 0000c1260006c280  x26 000000000000008f  x27 0000c1287f18302b
F DEBUG   :     x28 0000c1287f1382aa  x29 0000e6939fc51b10
F DEBUG   :     lr  0000c128857afc18  sp  0000e6939fc516b0  pc  0000c128857afe48  pst 0000000060001000
F DEBUG   : 36 total frames
F DEBUG   : backtrace:
F DEBUG   :       #00 pc 0000000006a0be48  /data/app/~~EUxT8K8cGlSBXxY-oGnosA==/app.vanadium.trichromelibrary_631208033-XxVXgvyjpPUpPNArNQBaCA==/base.apk!libmonochrome_64.so (offset 0x8c8000) (BuildId: 3a36c7cb9fe06f933e880eaf9c54e09217791959)
F DEBUG   :       #01 pc 00000000047296ec  /data/app/~~EUxT8K8cGlSBXxY-oGnosA==/app.vanadium.trichromelibrary_631208033-XxVXgvyjpPUpPNArNQBaCA==/base.apk!libmonochrome_64.so (offset 0x8c8000) (BuildId: 3a36c7cb9fe06f933e880eaf9c54e09217791959)
F DEBUG   :       #02 pc 00000000054aaf20  /data/app/~~EUxT8K8cGlSBXxY-oGnosA==/app.vanadium.trichromelibrary_631208033-XxVXgvyjpPUpPNArNQBaCA==/base.apk!libmonochrome_64.so (offset 0x8c8000) (BuildId: 3a36c7cb9fe06f933e880eaf9c54e09217791959)
F DEBUG   :       #03 pc 0000000002266eb0  /data/app/~~EUxT8K8cGlSBXxY-oGnosA==/app.vanadium.trichromelibrary_631208033-XxVXgvyjpPUpPNArNQBaCA==/base.apk!libmonochrome_64.so (offset 0x8c8000) (BuildId: 3a36c7cb9fe06f933e880eaf9c54e09217791959)
F DEBUG   :       #04 pc 00000000055994c0  /data/app/~~EUxT8K8cGlSBXxY-oGnosA==/app.vanadium.trichromelibrary_631208033-XxVXgvyjpPUpPNArNQBaCA==/base.apk!libmonochrome_64.so (offset 0x8c8000) (BuildId: 3a36c7cb9fe06f933e880eaf9c54e09217791959)
F DEBUG   :       #05 pc 0000000005598c58  /data/app/~~EUxT8K8cGlSBXxY-oGnosA==/app.vanadium.trichromelibrary_631208033-XxVXgvyjpPUpPNArNQBaCA==/base.apk!libmonochrome_64.so (offset 0x8c8000) (BuildId: 3a36c7cb9fe06f933e880eaf9c54e09217791959)
F DEBUG   :       #06 pc 0000000004785ce0  /data/app/~~EUxT8K8cGlSBXxY-oGnosA==/app.vanadium.trichromelibrary_631208033-XxVXgvyjpPUpPNArNQBaCA==/base.apk!libmonochrome_64.so (offset 0x8c8000) (BuildId: 3a36c7cb9fe06f933e880eaf9c54e09217791959)
F DEBUG   :       #07 pc 00000000047859b8  /data/app/~~EUxT8K8cGlSBXxY-oGnosA==/app.vanadium.trichromelibrary_631208033-XxVXgvyjpPUpPNArNQBaCA==/base.apk!libmonochrome_64.so (offset 0x8c8000) (BuildId: 3a36c7cb9fe06f933e880eaf9c54e09217791959)
F DEBUG   :       #08 pc 000000000000f648  /system/lib64/libutils.so (android::Looper::pollOnce(int, int*, int*, void**)+856) (BuildId: 75de91514ce8b3d8100d1f28757ff5ac)
F DEBUG   :       #09 pc 000000000017de9c  /system/lib64/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce(_JNIEnv*, _jobject*, long, int)+44) (BuildId: f0b54f975e05f839d33bf9b07a3b87c8)
F DEBUG   :       #10 pc 00000000001eef34  /system/framework/arm64/boot-framework.oat (art_jni_trampoline+116) (BuildId: ac458f42bd46727d338cdda0cce81eac8683d65d)
F DEBUG   :       #11 pc 000000000053b1f8  /system/framework/arm64/boot-framework.oat (android.os.MessageQueue.next+280) (BuildId: ac458f42bd46727d338cdda0cce81eac8683d65d)
F DEBUG   :       #12 pc 0000000000538c68  /system/framework/arm64/boot-framework.oat (android.os.Looper.loopOnce+88) (BuildId: ac458f42bd46727d338cdda0cce81eac8683d65d)
F DEBUG   :       #13 pc 0000000000538b94  /system/framework/arm64/boot-framework.oat (android.os.Looper.loop+244) (BuildId: ac458f42bd46727d338cdda0cce81eac8683d65d)
F DEBUG   :       #14 pc 0000000000301c48  /system/framework/arm64/boot-framework.oat (android.app.ActivityThread.main+1560) (BuildId: ac458f42bd46727d338cdda0cce81eac8683d65d)
F DEBUG   :       #15 pc 00000000003e2040  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: e2d4c7ae9fa225f36a825be113720b47)
F DEBUG   :       #16 pc 0000000000413800  /apex/com.android.art/lib64/libart.so (_jobject* art::InvokeMethod<(art::PointerSize)8>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+704) (BuildId: e2d4c7ae9fa225f36a825be113720b47)
F DEBUG   :       #17 pc 0000000000413530  /apex/com.android.art/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*) (.__uniq.165753521025965369065708152063621506277)+32) (BuildId: e2d4c7ae9fa225f36a825be113720b47)
F DEBUG   :       #18 pc 000000000009ad28  /system/framework/arm64/boot.oat (art_jni_trampoline+120) (BuildId: 115665d46c23f11ae2b45208989adc7de47f6b73)
F DEBUG   :       #19 pc 00000000006f9aa4  /system/framework/arm64/boot-framework.oat (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+116) (BuildId: ac458f42bd46727d338cdda0cce81eac8683d65d)
F DEBUG   :       #20 pc 00000000006e7394  /apex/com.android.art/lib64/libart.so (nterp_helper+7636) (BuildId: e2d4c7ae9fa225f36a825be113720b47)
F DEBUG   :       #21 pc 000000000050edf0  /system/framework/framework.jar (com.android.internal.os.ExecInit.main+88)
F DEBUG   :       #22 pc 00000000003e2040  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: e2d4c7ae9fa225f36a825be113720b47)
F DEBUG   :       #23 pc 00000000006a410c  /apex/com.android.art/lib64/libart.so (art::JNI<false>::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+476) (BuildId: e2d4c7ae9fa225f36a825be113720b47)
F DEBUG   :       #24 pc 00000000000d79b8  /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+104) (BuildId: f0b54f975e05f839d33bf9b07a3b87c8)
F DEBUG   :       #25 pc 00000000000e00a0  /system/lib64/libandroid_runtime.so (android::AndroidRuntime::callMain(android::String8 const&, _jclass*, android::Vector<android::String8> const&)+336) (BuildId: f0b54f975e05f839d33bf9b07a3b87c8)
F DEBUG   :       #26 pc 00000000000029a4  /system/bin/app_process64 (android::AppRuntime::onStarted()+68) (BuildId: b2cbd9513eee473d7fc1bd8a28fbb13c)
F DEBUG   :       #27 pc 00000000001ef27c  /system/framework/arm64/boot-framework.oat (art_jni_trampoline+108) (BuildId: ac458f42bd46727d338cdda0cce81eac8683d65d)
F DEBUG   :       #28 pc 00000000006e5658  /apex/com.android.art/lib64/libart.so (nterp_helper+152) (BuildId: e2d4c7ae9fa225f36a825be113720b47)
F DEBUG   :       #29 pc 000000000051d60c  /system/framework/framework.jar (com.android.internal.os.RuntimeInit.main+48)
F DEBUG   :       #30 pc 00000000003e2040  /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: e2d4c7ae9fa225f36a825be113720b47)
F DEBUG   :       #31 pc 00000000006a410c  /apex/com.android.art/lib64/libart.so (art::JNI<false>::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+476) (BuildId: e2d4c7ae9fa225f36a825be113720b47)
F DEBUG   :       #32 pc 00000000000d79b8  /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+104) (BuildId: f0b54f975e05f839d33bf9b07a3b87c8)
F DEBUG   :       #33 pc 00000000000e3a6c  /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+844) (BuildId: f0b54f975e05f839d33bf9b07a3b87c8)
F DEBUG   :       #34 pc 00000000000025b0  /system/bin/app_process64 (main+1232) (BuildId: b2cbd9513eee473d7fc1bd8a28fbb13c)
F DEBUG   :       #35 pc 000000000005c068  /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+104) (BuildId: a8cd74908de1830f20f574f8d622db82)

I am_crash: [User=1309,PID=0,Process Name=de.danoeh.antennapod,Flags=952876612,Exception=Native crash,Message=Trap,File=unknown,Line=0,Recoverable=0]
W ActivityTaskManager:   Force finishing activity de.danoeh.antennapod/.activity.MainActivity

[benmordecai]

Thank you for looking into this.

[thestinger]

This appears to be an upstream Android / Chromium bug due to https://issues.chromium.org/issues/40824327 not being properly resolved between Chromium and Android. It's an issue on Android 14 QPR2 and Android 15 DP1 in general, not specifically GrapheneOS or Vanadium. You can see them talking about it there. Vanadium's renderer is killed for making a disallowed system call and this would likely also happen with Chrome on the stock OS.

[keunes]

News from GrapheneOS colleagues:

We found the cause but it will take some time to fix. It was an Android 14 QPR2 regression. People should try without secure spawning enabled (disable it and then reboot) and see if it still happens.

[keunes]

More good news in GrapheneOS/Vanadium#480 (comment)