Android 14 Compatibility Break: IDA Pro Debugger Triggers Null Pointer Crash in ART Runtime

IDA General Bugs
1

The issue occurs on Android 14 (works fine on Android 12 versions)

Issue Description :
When using IDA Pro to debug processes on Android 14 devices, the target process consistently crashes during the boot-framework phase immediately after attachment and continue execution . The crash occurs at the following disassembly point:
boot_framework.oat base → 71FAC000

boot_framework.oat:00000000725DDF10 ; ---------------------------------------------------------------------------
boot_framework.oat:00000000725DDF10 LDR     X21, [X21]
boot_framework.oat:00000000725DDF14 MOV     X22, X1
boot_framework.oat:00000000725DDF18 MOV     X15, X0
boot_framework.oat:00000000725DDF1C ADRP    X30, #off_71354E10@PAGE
boot_framework.oat:00000000725DDF20 LDR     X30, [X30,#off_71354E10@PAGEOFF]
boot_framework.oat:00000000725DDF24 BLR     X30                             ; atrace_get_enabled_tags
boot_framework.oat:00000000725DDF28 AND     X0, X22, X0
boot_framework.oat:00000000725DDF2C CMP     X0, #0
boot_framework.oat:00000000725DDF30 CSET    W0, NE
boot_framework.oat:00000000725DDF34 LDP     X23, X30, [SP,#0x10]
boot_framework.oat:00000000725DDF38 LDP     XZR, X22, [SP],#0x20
boot_framework.oat:00000000725DDF3C RET

Debugger: attached to process /system/bin/app_process64 (pid=17593)
71BFD108: got SIGSEGV signal (Segmentation violation) (exc.code b, tid 17609)

image
image1920×812 188 KB

2

Thank you very much for the report. Does it happen in the emulator, real device (which?), or both? Were you able to track down the crash location to a line in the source code? If you step instead of continue, do you get the crash?