Status Update
No update yet.
Comments
ch...@google.com
ch...@google.com
ma...@google.com
there are some image for help
he...@crypto.com
hello?
ma...@google.com
Thank you for raising this use case. We will investigate it more generally to ensure we don't impact developers like you.
ma...@google.com
1. The dexprotector tool is for some reason erroneously detecting tampering/modification of the APK - my guess would be a timeout in various read/digest operations - we are still investigating the behavior
2. The dexprotector tool tags the install in some persistent way such that even after the install has completed and all content is on disk the install continues to be marked as tampered - this is why crashes stayed elevated
3. You appear to have released a new version of your app ~12/26, all of those installs were performed without Play as you Download and thus were never erroneously tagged as tampered and I expect the dexprotector tool saw the version change and performed a recalculation of its verdict - this is why your crashes dropped rapidly back to normal
It appears that overall your crash/anr situation is back to ~normal? If you still have specific crashes that you are seeing elevated can you provide more details? Specific stack traces and volumes?
I do not know the mechanism dexprotector might be using for verdict persistence - if you have (or had) a device that repro'ed the crash were you able to mitigate the issue by clearing app data after the install was complete including the background streaming?
he...@crypto.com
Thank you so much for investigation.
Background
Yes. you are right. The package name is "co.mona.android". On 20 Dec, we disabled in the advanced setting after we hear many crash reports from users. After disabling it, the error disappeared on some devices, while others persisted. We waited for almost 1 week to see if there was delay as caches. Most users also reported that after clearing Google Play app's cache and installing my app immediately solve the problem. However, if they waited a while before download my app (I assume that Google Play app will auto update itself), the app will crash.
Nevertheless, the crash rate continues to climb. Therefore, I decided to release a new app version without DexProtector on 26 Dec. This new app has reduced the app crash rate, but I would like to restore DexProtector as soon as possible.
Some findings
- DexProtector expects the full app download without tampering. The app will crash with
java.lang.RuntimeException: DP: 714if it is believed to be tampered. - When "play as you download" is enabled, the app size after download usually is very little. it grows only after the app is opened.
- It seems like even though the setting has disabled it since 20 Dec, I am still able to reproduce the app crash if I install the app version with dexProtector. I tried clearing app data after install was completed, but app crash still happened. I tested with following devices:
- Pixel 7 / Android OS 14 / Google Play version: 38.8.28-29[0][PR] 592366865
- OnePlus 9 5G/ Android OS 12 / Google Play vesion: 38.8.28-29[0][PR] 592366865
The stacktrace on app crash:
Exception java.lang.RuntimeException:
at android.app.ActivityThread.handleBindApplication (ActivityThread.java:7624)
at android.app.ActivityThread.-$$Nest$mhandleBindApplication
at android.app.ActivityThread$H.handleMessage (ActivityThread.java:2400)
at android.os.Handler.dispatchMessage (Handler.java:106)
at android.os.Looper.loopOnce (Looper.java:226)
at android.os.Looper.loop (Looper.java:313)
at android.app.ActivityThread.main (ActivityThread.java:8762)
at java.lang.reflect.Method.invoke
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run (RuntimeInit.java:604)
at com.android.internal.os.ZygoteInit.main (ZygoteInit.java:1067)
Caused by co.mona.android.app.MessageGuardException_RFA6IDcxNCBbMjAyMzEyMDQtMjAyMzEyMjExNDQwIGI3OmFybTY0LXY4YSAzMyBzYW1zdW5nL2ExNHhtY3MvYTE0eG06MTMvVFAxQS4yMjA2MjQuMDE0L0ExNDZXVkxTNUJXSzU6dXNlci9yZWxlYXNlLWtleXMgYmxvY2tlZF0: DP: 714
at co.mona.android.app.ProtectedMonacoApplication.lfk
at co.mona.android.app.ProtectedMonacoApplication.onCreate
at android.app.Instrumentation.callApplicationOnCreate (Instrumentation.java:1266)
at android.app.ActivityThread.handleBindApplication (ActivityThread.java:7619)
Caused by java.lang.RuntimeException: DP: 714
at co.mona.android.app.ProtectedMonacoApplication.qHkwy
at java.lang.reflect.Method.invoke
at co.mona.android.app.ProtectedMonacoApplication$R$array.lwmmzjzt
at co.mona.android.app.ProtectedMonacoApplication$R$array.xI
at co.mona.android.app.ProtectedMonacoApplication.qHkwy
at co.mona.android.app.ProtectedMonacoApplication.onCreate
Questions
- Is it possible that for "Play as you download" setting will take a few weeks to reach to some devices?
- I am using app size (Storage under App info) as the indicator to determine if it is still under "Play as you download". Is there any other way to check if it is new/old setting?
Once again, thank you so much for answering. :pray
ma...@google.com
That is strange indeed as I do not see the same behavior on either a Pixel device or a OnePlus (I don't have exact matches for your devices). To help me debug further could you please:
1. Run the command "adb dumpsys shell incremental" and provide the full results here. Please do this with and without your app installed so we can identify your app clearly.
2. Take a bugreport and attach it or share it via Google drive to my @
3. Provide a version of your app that does include dexprotector so we can try and repro the issue locally. How far into the app experience do we have to go to repro?
ma...@google.com
he...@crypto.com
Thank you for the info. It is indeed strange.
Run the command "adb dumpsys shell incremental" and provide the full results here
When I run adb dumpsys shell incremental, it is in error. But when i run adb shell dumpsys incremental, it works. I ran on both devices. The results are similar, so i will just upload it for pixel6.
We collect data on old app (version name: 3.176.3, version code: 1003246).
Direct link:
Before installing from Google Play
Incremental is ENABLED
IncFs features: 0x7
Incremental dir: /data/incremental
Mounts (0): {
}
Sorted binds (0): {
}
After installing from Google Play
Behaviour: The app crashed upon launch. On logcat, we could see the java.lang.RuntimeException error.
Incremental is ENABLED
IncFs features: 0x7
Incremental dir: /data/incremental
Mounts (2): {
[14]: {
reference to mountId: 13
}
[13]: {
mountId: 13
root: /data/incremental/MT_data_app_vmdl163
metrics instance name: MT_data_app_vmdl163e95fb3cb-73fc-4891-8dcf-7bce10202b16
nextStorageDirNo: 2
flags: 31
startLoading: 94s
dataLoader: {
currentStatus: 6
currentStatusTs: 93328477mcs
targetStatus: 4
targetStatusTs: 94513700mcs
health: {
path: /data/incremental/MT_data_app_vmdl163/mount
base: -9223366675245519mcs (-1)
blockedTimeoutMs: 2000
unhealthyTimeoutMs: 7000
unhealthyMonitoringMs: 60000
lastPendingReads:
bind: 94s ago (delay: 0s)
}
dataLoaderParams: {
type: INCREMENTAL
packageName: com.android.vending
className: com.google.android.finsky.dataloader.ProductionDataLoaderService
arguments: CAESD2NvLm1vbmEuYW5kcm9pZBj2wqPV46O+y68BIP2t3ODg/Z+xlgE=
}
}
storages (2): {
[14] -> [/data/incremental/MT_data_app_vmdl163/mount/st_14_1] (100 % loaded)(Full)
[13] -> [/data/incremental/MT_data_app_vmdl163/mount/st_13_0] (100 % loaded)(Full)
}
bindPoints (1): {
[/data/app/~~Db7YCyPV4SMo_XXXf83MgA==]->[14]:
savedFilename: .mountpoint.dffaf308-bf9a-4021-9799-50830a9740e0
sourceDir: /data/incremental/MT_data_app_vmdl163/mount/st_14_1
kind: Permanent
}
incfsMetrics: {
readsDelayedMin: 0
readsDelayedMinUs: 0
readsDelayedPending: 0
readsDelayedPendingUs: 0
readsFailedHashVerification: 0
readsFailedOther: 0
readsFailedTimedOut: 0
}
lastReadError: {
No read errors.
}
}
}
Sorted binds (1): {
[/data/app/~~Db7YCyPV4SMo_XXXf83MgA==]->[14]:
savedFilename: .mountpoint.dffaf308-bf9a-4021-9799-50830a9740e0
sourceDir: /data/incremental/MT_data_app_vmdl163/mount/st_14_1
kind: Permanent
}
We do the same version by downloading the universal apk from Google Play console. We install it using adb command.
Before installing from adb command
Incremental is ENABLED
IncFs features: 0x7
Incremental dir: /data/incremental
Mounts (0): {
}
Sorted binds (0): {
}
After installing from adb command
The app is able to launch. We could see the toast message that we set in our app to download app from Google Play to our user. No error detected.
Incremental is ENABLED
IncFs features: 0x7
Incremental dir: /data/incremental
Mounts (0): {
}
Sorted binds (0): {
}
2. Take a bugreport
I run adb bugreport and attached the two bug reports (Pixel 6 and One Plus)
3. Provide a version of your app that does include dexprotector
Please download from Google play. Our app is signed by Google key as well. To reproduce, it is simple, the app will crash upon launch.
Direct link:
Once again, thank you so much for your time and effort. Really appreciate for looking into it.
ma...@google.com
I have a strong hunch now that there is an interaction between the filesystem and dexprotector that we don't understand yet. Is the total size check the only dexprotector check that fails for you?
I am unable to access the link you provided for the 3.176.3 version of your app. We actually have internal controls that prevent me from having access to developer materials directly from the console unless it is explicitly shared to my account. I'm guessing that would require you adding my google account to an internal test track and I'm not sure our internal accounts work for that. Perhaps you could just put the APK on Google drive and share it with me directly (and include link here)? Or just attach it to the bug?
he...@crypto.com
Thank you.
I am not sure about the detailed of security mechanism. However, based on the documentation,
DexProtector systematically secures your package, applying its protection mechanisms at bytecode and native levels to classes, methods, strings, and resources, and integrating its Runtime Application Self-Protection engines automatically
I am not sure if giving APK here will be helpful in troubleshooting. I have downloaded the "Signed, universal APK" from Play store console and install it without any error.
After installing from adb command The app is able to launch. We could see the toast message that we set in our app to download app from Google Play to our user. No error detected.
The problem is with AAB download from Google Play. Whenever we launch the app, we always see app crash with DexProtector error ( java.lang.RuntimeException: DP: 714). I could not see your full email address. Would it possible for you to share the email address (you can email me at
P.S. I will attach apk and aab anyway.
al...@google.com
It does not work when installed normally also. DexProtector is infamous for its compat problems (
Unfortunately the default course of action is to reach out to DexProtector developers and ask to fix the problem. Given it reproes easily via adb install --incremental, it should not be a huge problem.
he...@crypto.com
Thank you for the confirmation. Just want to clarify one more thing.
--incremental: Installs enough of the APK to launch the app while streaming the remaining data in the background.
Is it the same as "Play as you download" feature? If we have disabled in the advanced setting, the installation should not be incremental. Is that right? Does apk file installation work fine? It should show you a toast message to install from Google if it works well (app will not open, because we block it in our code).
Thank you.
ma...@google.com
he...@crypto.com
We are working to temporarily disable those features from your app's installs while we figure out how to address the issue properly.
Thank you so much. Is this already disabled or should I wait for your message? Once again, thank you so much for helping out. :pray
ma...@google.com
I believe the features should be disabled for your installs but I haven't had the opportunity to actually confirm with a production device. You can check yourself quickly with the "adb shell dumpsys incremental" command. If you install from the store and the install does not appear in that list then the disablement is complete.
ma...@google.com
he...@crypto.com
Thank you so much for solving the issue. I have tested in my test devices and it works well too.
ma...@google.com
he...@crypto.com
We will be evaluating and testing with next app release version and I will keep you posted. On second thought, would you like me to add you as internal test user so that you could get the build early? Please email me at "
he...@crypto.com
Hi, I would like to let you that I have re-enabled dexprotector on my app today (app version: 3.181). Thank you so much for your help :pray
Description
Version used: None
Devices/Android versions reproduced on: All android 12+
My app is AAB format and recently, the "Play as you download" under Advanced setting in Google Play console was turned on. Is this feature only applicable for games or all apps as long as it is in AAB format?