Google Play dead after applying

[commonuserlol]

Screenshot of Play Store page of the app you are trying to detach:

Screenshot of the helper CLI showing detached apps (from Option 2):

Logs taken with su -c logcat -s "zygisk-detach" > /sdcard/log.txt: log.txt

Crash log:

10-30 16:43:41.689  4622  4622 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
10-30 16:43:41.689  4622  4622 F DEBUG   : Build fingerprint: 'Redmi/merlin/merlin:11/RP1A.200720.011/V12.5.1.0.RJOMIXM:user/release-keys'
10-30 16:43:41.689  4622  4622 F DEBUG   : Revision: '0'
10-30 16:43:41.689  4622  4622 F DEBUG   : ABI: 'arm64'
10-30 16:43:41.689  4622  4622 F DEBUG   : Timestamp: 2023-10-30 16:43:41.395012391+0200
10-30 16:43:41.689  4622  4622 F DEBUG   : Process uptime: 0s
10-30 16:43:41.689  4622  4622 F DEBUG   : Cmdline: com.android.vending
10-30 16:43:41.689  4622  4622 F DEBUG   : pid: 3556, tid: 4605, name: RenderThread  >>> com.android.vending <<<
10-30 16:43:41.689  4622  4622 F DEBUG   : uid: 10039
10-30 16:43:41.689  4622  4622 F DEBUG   : signal 6 (SIGABRT), code -1 (SI_QUEUE), fault addr --------
10-30 16:43:41.689  4622  4622 F DEBUG   : Abort message: 'Failed to set damage region on surface 0xb4000073cd2798f0, error=EGL_BAD_ACCESS'
10-30 16:43:41.689  4622  4622 F DEBUG   :     x0  0000000000000000  x1  00000000000011fd  x2  0000000000000006  x3  00000072b2b66fc0
10-30 16:43:41.689  4622  4622 F DEBUG   :     x4  000000761f30c000  x5  000000761f30c000  x6  000000761f30c000  x7  000000000000af42
10-30 16:43:41.689  4622  4622 F DEBUG   :     x8  00000000000000f0  x9  0000007615ef40b0  x10 0000000000000000  x11 ffffff80fffffbdf
10-30 16:43:41.689  4622  4622 F DEBUG   :     x12 0000000000000001  x13 00000000653fc11d  x14 0011e1a3069aac80  x15 000073c551d8bb2d
10-30 16:43:41.689  4622  4622 F DEBUG   :     x16 0000007615f91050  x17 0000007615f6ebd0  x18 00000072ad6b0000  x19 0000000000000de4
10-30 16:43:41.689  4622  4622 F DEBUG   :     x20 00000000000011fd  x21 00000000ffffffff  x22 0000007359a9388c  x23 0000000000000000
10-30 16:43:41.689  4622  4622 F DEBUG   :     x24 0000007359ab6456  x25 0000000000000001  x26 0000000000000000  x27 000000735a417000
10-30 16:43:41.689  4622  4622 F DEBUG   :     x28 b40000737d239b40  x29 00000072b2b67040
10-30 16:43:41.689  4622  4622 F DEBUG   :     lr  0000007615f2172c  sp  00000072b2b66fa0  pc  0000007615f2175c  pst 0000000000000000
10-30 16:43:41.689  4622  4622 F DEBUG   : backtrace:
10-30 16:43:41.689  4622  4622 F DEBUG   :       #00 pc 000000000004f75c  /apex/com.android.runtime/lib64/bionic/libc.so (abort+168) (BuildId: f9471102bb6e4ed28f2e46762b2f446d)
10-30 16:43:41.689  4622  4622 F DEBUG   :       #01 pc 000000000061f798  /apex/com.android.art/lib64/libart.so (art::Runtime::Abort(char const*)+692) (BuildId: 2d046a9f5641d702e0da1c6bb4022ce2)
10-30 16:43:41.689  4622  4622 F DEBUG   :       #02 pc 0000000000015980  /system/lib64/libbase.so (android::base::SetAborter(std::__1::function<void (char const*)>&&)::$_3::__invoke(char const*)+76) (BuildId: d1d2fcf31521b023c2c9fc5cc6629c17)
10-30 16:43:41.689  4622  4622 F DEBUG   :       #03 pc 0000000000006de8  /system/lib64/liblog.so (__android_log_assert+308) (BuildId: b065e0f1752166330802d99f19ac6869)
10-30 16:43:41.689  4622  4622 F DEBUG   :       #04 pc 000000000034a3d4  /system/lib64/libhwui.so (android::uirenderer::renderthread::EglManager::damageFrame(android::uirenderer::renderthread::Frame const&, SkRect const&)+260) (BuildId: dca174568e3f1ca42d98d2234851c008)
10-30 16:43:41.689  4622  4622 F DEBUG   :       #05 pc 0000000000349e84  /system/lib64/libhwui.so (android::uirenderer::skiapipeline::SkiaOpenGLPipeline::draw(android::uirenderer::renderthread::Frame const&, SkRect const&, SkRect const&, android::uirenderer::LightGeometry const&, android::uirenderer::LayerUpdateQueue*, android::uirenderer::Rect const&, bool, android::uirenderer::LightInfo const&, std::__1::vector<android::sp<android::uirenderer::RenderNode>, std::__1::allocator<android::sp<android::uirenderer::RenderNode> > > const&, android::uirenderer::FrameInfoVisualizer*)+96) (BuildId: dca174568e3f1ca42d98d2234851c008)
10-30 16:43:41.689  4622  4622 F DEBUG   :       #06 pc 00000000003bab88  /system/lib64/libhwui.so (android::uirenderer::renderthread::CanvasContext::draw()+1104) (BuildId: dca174568e3f1ca42d98d2234851c008)
10-30 16:43:41.689  4622  4622 F DEBUG   :       #07 pc 00000000003b9678  /system/lib64/libhwui.so (_ZNSt3__110__function6__funcIZN7android10uirenderer12renderthread13DrawFrameTask11postAndWaitEvE3$_0NS_9allocatorIS6_EEFvvEEclEv$c1671e787f244890c877724752face20+784) (BuildId: dca174568e3f1ca42d98d2234851c008)
10-30 16:43:41.689  4622  4622 F DEBUG   :       #08 pc 00000000003ca344  /system/lib64/libhwui.so (android::uirenderer::WorkQueue::process()+156) (BuildId: dca174568e3f1ca42d98d2234851c008)
10-30 16:43:41.689  4622  4622 F DEBUG   :       #09 pc 00000000003ca0b0  /system/lib64/libhwui.so (android::uirenderer::renderthread::RenderThread::threadLoop()+84) (BuildId: dca174568e3f1ca42d98d2234851c008)
10-30 16:43:41.690  4622  4622 F DEBUG   :       #10 pc 0000000000011f98  /system/lib64/libutils.so (android::Thread::_threadLoop(void*)+260) (BuildId: 686c31d894348488b4a8cd7a98a6d303)
10-30 16:43:41.690  4622  4622 F DEBUG   :       #11 pc 0000000000011868  /system/lib64/libutils.so (thread_data_t::trampoline(thread_data_t const*)+404) (BuildId: 686c31d894348488b4a8cd7a98a6d303)
10-30 16:43:41.690  4622  4622 F DEBUG   :       #12 pc 00000000000b1590  /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+204) (BuildId: f9471102bb6e4ed28f2e46762b2f446d)
10-30 16:43:41.690  4622  4622 F DEBUG   :       #13 pc 0000000000050fac  /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: f9471102bb6e4ed28f2e46762b2f446d)

To cause error no need detach any app, play store will crash with just enabled module. Android 12.1, magisk delta 26.3 (latest), nothing in hidelist

[donnyg]

I have the same problem with Magisk 26.3 and zygisk-detach 1.8/1.7. Using zygisk-detach 1.6 solved my issue.

* * * * * * * * * * * * * * * *
Build fingerprint: 'xiaomi/willow_eea/willow:9/PKQ1.190616.001/V11.0.11.0.PCXEUXM:user/release-keys'
Revision: '0'
ABI: 'arm64'
pid: 10316, tid: 10316, name: main  >>> zygote64 <<<
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x7fb1860e7c
    x0  0000000000000004  x1  0000000000000000  x2  0000000000000029  x3  0000007ffeb2e8e0
    x4  0000007ffeb2e918  x5  0000000000000030  x6  fefeff732c1127f7  x7  7f7f7f7f7f7f7fff
    x8  0000007fb1860e88  x9  b267e2435e3db056  x10 00000074ae5a47c4  x11 0000000000000004
    x12 000000000000000a  x13 ffffffffffffffff  x14 aaaaaaaaaaaaaaab  x15 aaaaaaaaaaaaaaab
    x16 00000074ae627100  x17 00000074ae5349a4  x18 0000000000000010  x19 00000074265e6de0
    x20 000000742d014018  x21 00000074265e3c2a  x22 00000074b2f4c5e0  x23 0000007ffeb2ec48
    x24 65646e696262696c  x25 000000006f732e72  x26 000000742d4c4b98  x27 0000007ffeb2efa8
    x28 0000000000000004  x29 0000007ffeb2ed50
    sp  0000007ffeb2ec20  lr  00000074265e44f8  pc  00000074265e4500

backtrace:
    #00 pc 0000000000001500  /memfd:jit-cache (deleted)
    #01 pc 000000000002b8d8  /system/bin/app_process64
    #02 pc 000000000002cf84  /system/bin/app_process64
    #03 pc 000000000002d938  /system/bin/app_process64
    #04 pc 000000000002d22c  /system/bin/app_process64
    #05 pc 000000000247aec0  /system/framework/arm64/boot-framework.oat (offset 0xa3a000) (com.android.internal.os.Zygote.nativeForkAndSpecialize+416)
    #06 pc 000000000247ab14  /system/framework/arm64/boot-framework.oat (offset 0xa3a000) (com.android.internal.os.Zygote.forkAndSpecialize+228)
    #07 pc 000000000247ed2c  /system/framework/arm64/boot-framework.oat (offset 0xa3a000) (com.android.internal.os.ZygoteConnection.processOneCommand+1580)
    #08 pc 0000000002487000  /system/framework/arm64/boot-framework.oat (offset 0xa3a000) (com.android.internal.os.ZygoteServer.runSelectLoop+928)
    #09 pc 0000000002480f70  /system/framework/arm64/boot-framework.oat (offset 0xa3a000) (com.android.internal.os.ZygoteInit.main+2048)
    #10 pc 000000000055784c  /system/lib64/libart.so (art_quick_invoke_static_stub+604)
    #11 pc 00000000000cfd14  /system/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+232)
    #12 pc 000000000045df70  /system/lib64/libart.so (art::(anonymous namespace)::InvokeWithArgArray(art::ScopedObjectAccessAlreadyRunnable const&, art::ArtMethod*, art::(anonymous namespace)::ArgArray*, art::JValue*, char const*)+104)
    #13 pc 000000000045dbd0  /system/lib64/libart.so (art::InvokeWithVarArgs(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+424)
    #14 pc 0000000000362cf0  /system/lib64/libart.so (art::JNI::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+652)
    #15 pc 00000000000b29ec  /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+116)
    #16 pc 00000000000b5588  /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+924)
    #17 pc 0000000000002528  /system/bin/app_process64

[commonuserlol]

Didn't helped

[j-hc]

try with official magisk first. i cant debug all forks of magisk and cant know what they are doing differently. thanks for the proper bug report btw. its rare to see.

I have the same problem with Magisk 26.3 and zygisk-detach 1.8/1.7. Using zygisk-detach 1.6 solved my issue.

there is no difference in native module between 1.6 and 1.8

[commonuserlol]

official magisk same btw.. latest too (26.3).

thanks for the proper bug report btw. its rare to see.

I also don't like when ppl ignoring my templates so yeah

[commonuserlol]

I forgot to mention, android 13 was ok (lineage 20 official) but I have some reasons to revert 12.1 instead of it

[j-hc]

what other modules you are using? did you try without them?

[commonuserlol]

huh, now it went away on its own, I didn't even do anything lol i will reopen if see it again

what other modules are you using?

ios emoji, magisk frida, vulkan for my gpu, quickswitch for lawnchair, gms doze, viper4android re, revanced extended and lsposed

[j-hc]

frida or any lsposed module that hooks into zygote might be the reason

[commonuserlol]

frida needed for my ummm development and this was caused when i didn't had installed it but lsposed yeah can, ig zygisk uses ptrace aswell

[KrazyDeinos]

I also solved Play Store crashing by using zygisk-detach 1.6 instead of 1.8.