Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash in libmsmdmarp.so on fork #170

Open
ZA-SanAmirieh opened this issue Aug 3, 2023 · 1 comment
Open

Crash in libmsmdmarp.so on fork #170

ZA-SanAmirieh opened this issue Aug 3, 2023 · 1 comment
Labels
Bug Under Investigation The issue is currently being investigated by the product team.

Comments

@ZA-SanAmirieh
Copy link

Summary

We integrate Intune SDK with our App, but the app crash statistically while creating new process.
The crash occurs in Intune native library libmsmdmarp.so, inside the vfork hook.
I was able to create a minimal reproduction example that deterministically crashes on Taskr Sample.

Repro Steps

  1. Create Android x86_64 emulator and install Company Portal.
  2. Clone Taskr-Sample-Intune-Android-App (at the time of writing, the commit hash was c11ee86).
  3. Add the following line to android manifest xml on the app section:
<meta-data android:name="com.microsoft.intune.mam.DefaultMAMServiceEnrollment" android:value="true" />
<meta-data android:name="com.microsoft.intune.mam.MAMPolicyRequired" android:value="true" />
  1. Add this code to MainActivity and run the app on the emulator
public MainActivity() {
    Thread t = new Thread(new Runnable() {
        @Override
        public void run() {
            try {
                for (int i = 0; ; i++) {
                    Log.i("XXX", "calling ls");
                    Process p = Runtime.getRuntime().exec("ls");
                    p.waitFor();
                    Thread.sleep(10);
                }
            } catch (IOException | InterruptedException e) {
                e.printStackTrace();
            }
        }
    });
    t.setName("Test thread");
    t.start();
}
  1. Start the app and login
  2. See stack trace

Expectation:
The Stacktrace looks like this:

--------- beginning of crash
08-02 15:18:20.705  9375 11864 F libc    : Fatal signal 11 (SIGSEGV), code 128 (SI_KERNEL), fault addr 0x0 in tid 11864 (Test thread), pid 9375 (e.samples.taskr)

08-02 15:18:21.377 11873 11873 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
08-02 15:18:21.377 11873 11873 F DEBUG   : Build fingerprint: 'google/sdk_gphone64_x86_64/emu64x:13/TE1A.220922.010/9219351:user/release-keys'
08-02 15:18:21.377 11873 11873 F DEBUG   : Revision: '0'
08-02 15:18:21.377 11873 11873 F DEBUG   : ABI: 'x86_64'
08-02 15:18:21.377 11873 11873 F DEBUG   : Timestamp: 2023-08-02 15:18:20.799686853+0300
08-02 15:18:21.377 11873 11873 F DEBUG   : Process uptime: 37s
08-02 15:18:21.377 11873 11873 F DEBUG   : Cmdline: com.microsoft.intune.samples.taskr
08-02 15:18:21.377 11873 11873 F DEBUG   : pid: 9375, tid: 11864, name: Test thread  >>> com.microsoft.intune.samples.taskr <<<
08-02 15:18:21.377 11873 11873 F DEBUG   : uid: 10160
08-02 15:18:21.377 11873 11873 F DEBUG   : signal 11 (SIGSEGV), code 128 (SI_KERNEL), fault addr 0x0000000000000000
08-02 15:18:21.377 11873 11873 F DEBUG   :     rax 71c99c8bf5b3de49  rbx 0000000000000000  rcx 0000000000000000  rdx 0000000000004002
08-02 15:18:21.377 11873 11873 F DEBUG   :     r8  0000000000000000  r9  0000000000000000  r10 0000000070bb1b80  r11 0000000000000246
08-02 15:18:21.377 11873 11873 F DEBUG   :     r12 00007dac944dba68  r13 0000000000000000  r14 0000000000004002  r15 00007dac944dba68
08-02 15:18:21.377 11873 11873 F DEBUG   :     rdi 00007dac944dba68  rsi 0000000000000000
08-02 15:18:21.377 11873 11873 F DEBUG   :     rbp 0000000000000000  rsp 00007dac8b8af2d8  rip 00007dafa9ede3da
08-02 15:18:21.377 11873 11873 F DEBUG   : backtrace:
08-02 15:18:21.377 11873 11873 F DEBUG   :   NOTE: Function names and BuildId information is missing for some frames due
08-02 15:18:21.377 11873 11873 F DEBUG   :   NOTE: to unreadable libraries. For unwinds of apps, only shared libraries
08-02 15:18:21.377 11873 11873 F DEBUG   :   NOTE: found under the lib/ directory are readable.
08-02 15:18:21.377 11873 11873 F DEBUG   :   NOTE: On this device, run setenforce 0 to make the libraries readable.
08-02 15:18:21.377 11873 11873 F DEBUG   :   NOTE: Unreadable libraries:
08-02 15:18:21.377 11873 11873 F DEBUG   :   NOTE:   /data/data/com.microsoft.intune.samples.taskr/mam_libs/x86_64/libmsmdmarp.so
08-02 15:18:21.377 11873 11873 F DEBUG   :       #00 pc 00000000000603da  /apex/com.android.runtime/lib64/bionic/libc.so (__futex_wait_ex(void volatile*, bool, int, bool, timespec const*)+42) (BuildId: 007cb2313464df63debf8020e631c990)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #01 pc 00000000000cdd18  /apex/com.android.runtime/lib64/bionic/libc.so (NonPI::MutexLockWithTimeout(pthread_mutex_internal_t*, bool, timespec const*)+536) (BuildId: 007cb2313464df63debf8020e631c990)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #02 pc 00000000000cd9c4  /apex/com.android.runtime/lib64/bionic/libc.so (pthread_mutex_lock+116) (BuildId: 007cb2313464df63debf8020e631c990)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #03 pc 000000000008c002  /data/data/com.microsoft.intune.samples.taskr/mam_libs/x86_64/libmsmdmarp.so
08-02 15:18:21.377 11873 11873 F DEBUG   :       #04 pc 00000000000420f4  /data/data/com.microsoft.intune.samples.taskr/mam_libs/x86_64/libmsmdmarp.so
08-02 15:18:21.377 11873 11873 F DEBUG   :       #05 pc 000000000002db21  /apex/com.android.art/lib64/libopenjdk.so (startChild+49) (BuildId: 8d84df7e61098537745090e3cc474973)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #06 pc 000000000002d933  /apex/com.android.art/lib64/libopenjdk.so (UNIXProcess_forkAndExec+1475) (BuildId: 8d84df7e61098537745090e3cc474973)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #07 pc 000000000009aa1e  /system/framework/x86_64/boot.oat (art_jni_trampoline+286) (BuildId: f2108335ca6c802e561cdde35cfac810207631cc)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #08 pc 0000000002015763  /memfd:jit-cache (deleted) (java.lang.UNIXProcess.<init>+227)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #09 pc 0000000002016615  /memfd:jit-cache (deleted) (java.lang.ProcessImpl.start+2821)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #10 pc 000000000201397a  /memfd:jit-cache (deleted) (java.lang.ProcessBuilder.start+922)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #11 pc 0000000000369aed  /apex/com.android.art/lib64/libart.so (nterp_helper+3837) (BuildId: 44bc52550248fc712a381bef164b75c7)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #12 pc 00000000000ed806  /apex/com.android.art/javalib/core-oj.jar (java.lang.Runtime.exec+26)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #13 pc 0000000002014c3e  /memfd:jit-cache (deleted) (java.lang.Runtime.exec+462)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #14 pc 0000000000369aed  /apex/com.android.art/lib64/libart.so (nterp_helper+3837) (BuildId: 44bc52550248fc712a381bef164b75c7)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #15 pc 00000000000ed712  /apex/com.android.art/javalib/core-oj.jar (java.lang.Runtime.exec+2)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #16 pc 0000000000369a88  /apex/com.android.art/lib64/libart.so (nterp_helper+3736) (BuildId: 44bc52550248fc712a381bef164b75c7)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #17 pc 00000000004ad93c  [anon:dalvik-classes.dex extracted in memory from /data/app/~~qzb8ohqqbmBhVDEvRH8IQg==/com.microsoft.intune.samples.taskr-UjDUzgp6PHz05Vmwj1akTg==/base.apk] (com.microsoft.intune.samples.taskr.MainActivity$1.run+28)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #18 pc 000000000036a7e5  /apex/com.android.art/lib64/libart.so (nterp_helper+7157) (BuildId: 44bc52550248fc712a381bef164b75c7)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #19 pc 00000000000f6740  /apex/com.android.art/javalib/core-oj.jar (java.lang.Thread.run+8)
08-02 15:18:21.377 11873 11873 F DEBUG   :       #20 pc 00000000003725c4  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+756) (BuildId: 44bc52550248fc712a381bef164b75c7)
08-02 15:18:21.378 11873 11873 F DEBUG   :       #21 pc 00000000003f21a6  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+214) (BuildId: 44bc52550248fc712a381bef164b75c7)
08-02 15:18:21.378 11873 11873 F DEBUG   :       #22 pc 00000000007e617e  /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithJValues<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, jvalue const*)+478) (BuildId: 44bc52550248fc712a381bef164b75c7)
08-02 15:18:21.378 11873 11873 F DEBUG   :       #23 pc 000000000083a91c  /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1404) (BuildId: 44bc52550248fc712a381bef164b75c7)
08-02 15:18:21.378 11873 11873 F DEBUG   :       #24 pc 00000000000ccd2a  /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+58) (BuildId: 007cb2313464df63debf8020e631c990)
08-02 15:18:21.378 11873 11873 F DEBUG   :       #25 pc 0000000000060d37  /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+55) (BuildId: 007cb2313464df63debf8020e631c990)
08-02 15:18:21.378  9375  9449 I XXX     : calling ls %d
08-02 15:18:21.394   290   290 E tombstoned: Tombstone written to: tombstone_00
08-02 15:18:21.395  9375  9449 I XXX     : calling ls %d
08-02 15:18:21.408   581 11912 I DropBoxManagerService: add tag=data_app_native_crash isTagEnabled=true flags=0x2
08-02 15:18:21.414   581   661 I BootReceiver: Copying /data/tombstones/tombstone_00 to DropBox (SYSTEM_TOMBSTONE)
08-02 15:18:21.414   581   661 I DropBoxManagerService: add tag=SYSTEM_TOMBSTONE isTagEnabled=true flags=0x6
08-02 15:18:21.416   388   388 I Zygote  : Process 9375 exited due to signal 11 (Segmentation fault)
08-02 15:18:21.417   581 11910 W ActivityTaskManager:   Force finishing activity com.microsoft.intune.samples.taskr/com.microsoft.intune.mam.client.app.startup.MAMStartupActivity

Expectation:
The app should work without crashing.

Observation:
The stack-trace contains libmsmdmarp.so which is part of the Intune integration libs.
The app didn't crash without Company Portal installed.

Details

  • Intune Android App SDK Version: 9.5.0
  • Company Portal apk Version: 5.0.5926.0
  • Android Device Make and Model: Android emulator: Pixel 4
  • Android Device OS Version: API 33
  • Android Studio Version: 2022.3.1

AndroidX Dependencies

If your app includes any AndroidX libraries, please list them here, along with the version info:

  • Default Taskr deps.

Third-Party Library Dependencies

If your app includes any third-party libraries, please list them here, along with the version info:

  • Default Taskr deps.
@rygo-msft
Copy link
Collaborator

This is a known issue that we are investigating. This issue is being tracked with internal id 10220538

@rygo-msft rygo-msft added Under Investigation The issue is currently being investigated by the product team. Bug Backlog Issue is in the backlog to be worked at an indeterminate future time. and removed Under Investigation The issue is currently being investigated by the product team. Backlog Issue is in the backlog to be worked at an indeterminate future time. labels Aug 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Under Investigation The issue is currently being investigated by the product team.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rygo-msft @ZA-SanAmirieh