Issue tracker for GrapheneOS Android Open Source Project hardening work. Standalone projects like Auditor, AttestationServer and hardened_malloc have their own dedicated trackers.
Some weeks ago I opened an issue regarding system crashes: #3668 . The issue had seemed resolved by reinstalling google play services. However, intermittently I still have periods of time where I get a lot of system crashes in a short amount of time. In these phases the phone seems to additionally start overheating. Often also the phone screen goes black for a moment or goes to the lockscreen without there being a system error. Today I got the following four system errors, within a couple minutes from eachother.
System Error 1:
type: crash
osVersion: google/bluejay/bluejay:14/AP2A.240705.004/2024070201:user/release-keys
uid: 1000 (u:r:system_server:s0)
cmdline: system_server
processUptime: 176s
signal: 4 (SIGILL), code 1 (ILL_ILLOPC), faultAddr c10bc69e018c
threadName: InputReader
backtrace:
/apex/com.android.art/lib64/libart.so (art::Thread::SetException(art::ObjPtr<art::mirror::Throwable>)+44, pc 54418c)
/apex/com.android.art/lib64/libart.so (art::JNI<false>::Throw(_JNIEnv*, _jthrowable*)+160, pc 66e3f0)
/apex/com.android.art/lib64/libjavacore.so (android::jnihelp::ThrowException(_JNIEnv*, char const*, char const*, ...)+376, pc 32e08)
/apex/com.android.art/lib64/libjavacore.so (Linux_open(_JNIEnv*, _jobject*, _jstring*, int, int)+416, pc 2bcb0)
/system/framework/arm64/boot-core-libart.oat (art_jni_trampoline+124, pc 1317c)
/system/framework/arm64/boot-core-libart.oat (libcore.io.BlockGuardOs.open+392, pc 47948)
/system/framework/arm64/boot-core-libart.oat (libcore.io.IoBridge.open+104, pc 26dc8)
/system/framework/arm64/boot.oat (java.io.FileInputStream.<init>+428, pc 239bfc)
/system/framework/oat/arm64/services.odex (com.android.server.input.InputManagerService.getExcludedDeviceNames+376, pc 8a68c8)
/apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640, pc 3a4640)
/apex/com.android.art/lib64/libart.so (art::JNI<false>::CallStaticObjectMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+1004, pc 471acc)
/system/lib64/libandroid_servers.so (_JNIEnv::CallStaticObjectMethod(_jclass*, _jmethodID*, ...)+120, pc 55908)
/system/lib64/libandroid_servers.so (android::NativeInputManager::getReaderConfiguration(android::InputReaderConfiguration*)+204, pc 76bec)
/system/lib64/libinputreader.so (android::InputReader::refreshConfigurationLocked(android::ftl::Flags<android::InputReaderConfiguration::Change>)+72, pc 94458)
/system/lib64/libinputreader.so (android::InputReader::loopOnce()+108, pc 94d1c)
/system/lib64/libinputflinger_base.so (android::(anonymous namespace)::InputThreadImpl::threadLoop()+24, pc b338)
/system/lib64/libutils.so (android::Thread::_threadLoop(void*)+244, pc 115d4)
/system/lib64/libandroid_runtime.so (android::AndroidRuntime::javaThreadShell(void*)+140, pc ed45c)
/apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+204, pc 7679c)
/apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64, pc 67d50)
System Error 2:
type: crash
osVersion: google/bluejay/bluejay:14/AP2A.240705.004/2024070201:user/release-keys
uid: 1000 (u:r:system_server:s0)
cmdline: system_server
processUptime: 144s
signal: 4 (SIGILL), code 1 (ILL_ILLOPC), faultAddr d26d2906c18c
threadName: NetworkStats
backtrace:
/apex/com.android.art/lib64/libart.so (art::Thread::SetException(art::ObjPtr<art::mirror::Throwable>)+44, pc 54418c)
/apex/com.android.art/lib64/libart.so (art::JNI<false>::Throw(_JNIEnv*, _jthrowable*)+160, pc 66e3f0)
/apex/com.android.art/lib64/libjavacore.so (android::jnihelp::ThrowException(_JNIEnv*, char const*, char const*, ...)+376, pc 32e08)
/apex/com.android.art/lib64/libjavacore.so (Linux_readBytes(_JNIEnv*, _jobject*, _jobject*, _jobject*, int, int)+304, pc 2cd90)
/system/framework/arm64/boot-core-libart.oat (art_jni_trampoline+140, pc 12bbc)
/system/framework/arm64/boot-core-libart.oat (libcore.io.Linux.read+48, pc 43c80)
/system/framework/arm64/boot-core-libart.oat (libcore.io.BlockGuardOs.read+216, pc 47d68)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.PacketReader.readPacket+84, pc 2be014)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.PacketReader.readPacket+72, pc 2bdf98)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.FdEventsReader.handleInput+164, pc fdb64)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.FdEventsReader$$ExternalSyntheticLambda0.onFileDescriptorEvents+112, pc fd520)
/system/framework/arm64/boot-framework.oat (android.os.MessageQueue.dispatchEvents+284, pc 4f7b0c)
/apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612, pc 3a4374)
/apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+812, pc 3a2c8c)
/apex/com.android.art/lib64/libart.so (art::JNI<false>::CallIntMethodV(_JNIEnv*, _jobject*, _jmethodID*, std::__va_list)+188, pc 67670c)
/system/lib64/libandroid_runtime.so (_JNIEnv::CallIntMethod(_jobject*, _jmethodID*, ...)+120, pc 18b458)
/system/lib64/libandroid_runtime.so (non-virtual thunk to android::NativeMessageQueue::handleEvent(int, int, void*)+68, pc 18b4c4)
/system/lib64/libandroid_runtime.so (android::NativeMessageQueue::WeakLooperCallback::handleEvent(int, int, void*)+112, pc 18b850)
/system/lib64/libutils.so (android::Looper::pollOnce(int, int*, int*, void**)+704, pc fe30)
/system/lib64/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce(_JNIEnv*, _jobject*, long, int)+44, pc 18bc2c)
/system/framework/arm64/boot-framework.oat (art_jni_trampoline+112, pc 1dae80)
/system/framework/arm64/boot-framework.oat (android.os.MessageQueue.next+232, pc 4f8d38)
/system/framework/arm64/boot-framework.oat (android.os.Looper.loopOnce+88, pc 4f65b8)
/system/framework/arm64/boot-framework.oat (android.os.Looper.loop+244, pc 4f64e4)
/system/framework/arm64/boot-framework.oat (android.os.HandlerThread.run+548, pc 4f5914)
/apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612, pc 3a4374)
/apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+144, pc 3415f0)
/apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1720, pc 49ce78)
/apex/com.android.art/lib64/libart.so (art::Thread::CreateCallbackWithUffdGc(void*)+8, pc 49c7a8)
/apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+204, pc 7679c)
/apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64, pc 67d50)
System Error 3:
type: crash
osVersion: google/bluejay/bluejay:14/AP2A.240705.004/2024070201:user/release-keys
uid: 1000 (u:r:system_server:s0)
cmdline: system_server
processUptime: 144s
signal: 4 (SIGILL), code 1 (ILL_ILLOPC), faultAddr d26d2906c18c
threadName: NetworkStats
backtrace:
/apex/com.android.art/lib64/libart.so (art::Thread::SetException(art::ObjPtr<art::mirror::Throwable>)+44, pc 54418c)
/apex/com.android.art/lib64/libart.so (art::JNI<false>::Throw(_JNIEnv*, _jthrowable*)+160, pc 66e3f0)
/apex/com.android.art/lib64/libjavacore.so (android::jnihelp::ThrowException(_JNIEnv*, char const*, char const*, ...)+376, pc 32e08)
/apex/com.android.art/lib64/libjavacore.so (Linux_readBytes(_JNIEnv*, _jobject*, _jobject*, _jobject*, int, int)+304, pc 2cd90)
/system/framework/arm64/boot-core-libart.oat (art_jni_trampoline+140, pc 12bbc)
/system/framework/arm64/boot-core-libart.oat (libcore.io.Linux.read+48, pc 43c80)
/system/framework/arm64/boot-core-libart.oat (libcore.io.BlockGuardOs.read+216, pc 47d68)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.PacketReader.readPacket+84, pc 2be014)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.PacketReader.readPacket+72, pc 2bdf98)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.FdEventsReader.handleInput+164, pc fdb64)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.FdEventsReader$$ExternalSyntheticLambda0.onFileDescriptorEvents+112, pc fd520)
/system/framework/arm64/boot-framework.oat (android.os.MessageQueue.dispatchEvents+284, pc 4f7b0c)
/apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612, pc 3a4374)
/apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+812, pc 3a2c8c)
/apex/com.android.art/lib64/libart.so (art::JNI<false>::CallIntMethodV(_JNIEnv*, _jobject*, _jmethodID*, std::__va_list)+188, pc 67670c)
/system/lib64/libandroid_runtime.so (_JNIEnv::CallIntMethod(_jobject*, _jmethodID*, ...)+120, pc 18b458)
/system/lib64/libandroid_runtime.so (non-virtual thunk to android::NativeMessageQueue::handleEvent(int, int, void*)+68, pc 18b4c4)
/system/lib64/libandroid_runtime.so (android::NativeMessageQueue::WeakLooperCallback::handleEvent(int, int, void*)+112, pc 18b850)
/system/lib64/libutils.so (android::Looper::pollOnce(int, int*, int*, void**)+704, pc fe30)
/system/lib64/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce(_JNIEnv*, _jobject*, long, int)+44, pc 18bc2c)
/system/framework/arm64/boot-framework.oat (art_jni_trampoline+112, pc 1dae80)
/system/framework/arm64/boot-framework.oat (android.os.MessageQueue.next+232, pc 4f8d38)
/system/framework/arm64/boot-framework.oat (android.os.Looper.loopOnce+88, pc 4f65b8)
/system/framework/arm64/boot-framework.oat (android.os.Looper.loop+244, pc 4f64e4)
/system/framework/arm64/boot-framework.oat (android.os.HandlerThread.run+548, pc 4f5914)
/apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612, pc 3a4374)
/apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+144, pc 3415f0)
/apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1720, pc 49ce78)
/apex/com.android.art/lib64/libart.so (art::Thread::CreateCallbackWithUffdGc(void*)+8, pc 49c7a8)
/apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+204, pc 7679c)
/apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64, pc 67d50)
System Error 4:
type: crash
osVersion: google/bluejay/bluejay:14/AP2A.240705.004/2024070201:user/release-keys
uid: 1000 (u:r:system_server:s0)
cmdline: system_server
processUptime: 144s
signal: 4 (SIGILL), code 1 (ILL_ILLOPC), faultAddr d26d2906c18c
threadName: NetworkStats
backtrace:
/apex/com.android.art/lib64/libart.so (art::Thread::SetException(art::ObjPtr<art::mirror::Throwable>)+44, pc 54418c)
/apex/com.android.art/lib64/libart.so (art::JNI<false>::Throw(_JNIEnv*, _jthrowable*)+160, pc 66e3f0)
/apex/com.android.art/lib64/libjavacore.so (android::jnihelp::ThrowException(_JNIEnv*, char const*, char const*, ...)+376, pc 32e08)
/apex/com.android.art/lib64/libjavacore.so (Linux_readBytes(_JNIEnv*, _jobject*, _jobject*, _jobject*, int, int)+304, pc 2cd90)
/system/framework/arm64/boot-core-libart.oat (art_jni_trampoline+140, pc 12bbc)
/system/framework/arm64/boot-core-libart.oat (libcore.io.Linux.read+48, pc 43c80)
/system/framework/arm64/boot-core-libart.oat (libcore.io.BlockGuardOs.read+216, pc 47d68)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.PacketReader.readPacket+84, pc 2be014)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.PacketReader.readPacket+72, pc 2bdf98)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.FdEventsReader.handleInput+164, pc fdb64)
/system/framework/oat/arm64/apex@com.android.tethering@javalib@service-connectivity.jar@classes.odex (android.net.connectivity.com.android.net.module.util.FdEventsReader$$ExternalSyntheticLambda0.onFileDescriptorEvents+112, pc fd520)
/system/framework/arm64/boot-framework.oat (android.os.MessageQueue.dispatchEvents+284, pc 4f7b0c)
/apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612, pc 3a4374)
/apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+812, pc 3a2c8c)
/apex/com.android.art/lib64/libart.so (art::JNI<false>::CallIntMethodV(_JNIEnv*, _jobject*, _jmethodID*, std::__va_list)+188, pc 67670c)
/system/lib64/libandroid_runtime.so (_JNIEnv::CallIntMethod(_jobject*, _jmethodID*, ...)+120, pc 18b458)
/system/lib64/libandroid_runtime.so (non-virtual thunk to android::NativeMessageQueue::handleEvent(int, int, void*)+68, pc 18b4c4)
/system/lib64/libandroid_runtime.so (android::NativeMessageQueue::WeakLooperCallback::handleEvent(int, int, void*)+112, pc 18b850)
/system/lib64/libutils.so (android::Looper::pollOnce(int, int*, int*, void**)+704, pc fe30)
/system/lib64/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce(_JNIEnv*, _jobject*, long, int)+44, pc 18bc2c)
/system/framework/arm64/boot-framework.oat (art_jni_trampoline+112, pc 1dae80)
/system/framework/arm64/boot-framework.oat (android.os.MessageQueue.next+232, pc 4f8d38)
/system/framework/arm64/boot-framework.oat (android.os.Looper.loopOnce+88, pc 4f65b8)
/system/framework/arm64/boot-framework.oat (android.os.Looper.loop+244, pc 4f64e4)
/system/framework/arm64/boot-framework.oat (android.os.HandlerThread.run+548, pc 4f5914)
/apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612, pc 3a4374)
/apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+144, pc 3415f0)
/apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1720, pc 49ce78)
/apex/com.android.art/lib64/libart.so (art::Thread::CreateCallbackWithUffdGc(void*)+8, pc 49c7a8)
/apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+204, pc 7679c)
/apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64, pc 67d50)
Do you have any intuitions of what I can do? Is the phone broken? Do I need to wipe the phone and reinstall GOS. Is my phone compromised by a malicous actor? Thank you for your help.
pylon690
commented
1 month ago
Some weeks ago I opened an issue regarding system crashes: #3668 . The issue had seemed resolved by reinstalling google play services. However, intermittently I still have periods of time where I get a lot of system crashes in a short amount of time. In these phases the phone seems to additionally start overheating. Often also the phone screen goes black for a moment or goes to the lockscreen without there being a system error. Today I got the following four system errors, within a couple minutes from eachother.
System Error 1:
System Error 2:
System Error 3:
System Error 4:
Do you have any intuitions of what I can do? Is the phone broken? Do I need to wipe the phone and reinstall GOS. Is my phone compromised by a malicous actor? Thank you for your help.