Crash due to memory tagging

[leoheitmannruiz]

Had Daily You crash just now on a Google Pixel 9a with GrapheneOS 2026060601 and memory tagging enabled:

type: crash
package: com.demizo.daily_you:20240012, targetSdk 36
osVersion: google/tegu/tegu:16/BP4A.260205.001/2026060601:user/release-keys
uid: 10187 (u:r:untrusted_app:s0:c187,c256,c512,c768)
cmdline: com.demizo.daily_you
processUptime: 58s

signal: 11 (SIGSEGV), code 9 (SEGV_MTESERR), faultAddr 500c0445df85ad4
threadName: mali-event-hand
MTE: enabled

backtrace:
    /apex/com.android.runtime/lib64/bionic/libc.so (pthread_mutex_lock+4, pc 92a74)
    /vendor/lib64/egl/libGLES_mali.so (hal::halp::fence_internal::signal_internal()+24, pc 1b446d8)
    /vendor/lib64/egl/libGLES_mali.so (hal::halp::signal_fence_cb(void*, bool)+36, pc 1b4bae4)
    /vendor/lib64/egl/libGLES_mali.so (basep_cpu_queue_process+356, pc 1c5f2b4)
    /vendor/lib64/egl/libGLES_mali.so (basep_process_command_queues+148, pc 1c5d0c4)
    /vendor/lib64/egl/libGLES_mali.so (basep_event_thread+236, pc 1c5b1dc)
    /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*) (.__uniq.67847048707805468364044055584648682506)+180, pc 91244)
    /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+68, pc 81094)

Also have a ~12000 line log with more info, let me know if that could be useful to you.

[Demizo]

Oh no! I also use GrapheneOS, but have not encountered a crash. What were you doing in the app around the time the crash occurred? Are you able to trigger the crash repeatedly? At a glance it looks like a fault in the GPU driver, so likely either the Flutter renderer or the app's image processing.

[leoheitmannruiz]

I'm pretty sure I opened Daily You via the daily notification I get, took a picture and saved it, and swiped back to another app. Then with a slight delay, a second or two, I got the notification saying "Memory tagging detected an error in Daily You". Can't seem to reproduce it.

[Demizo]

I cannot reproduce it either, and nothing jumps out to me as the issue. It may be an upstream problem but I'll keep this open in case it happens again or to others.