Is there any theory or explanation why this happens?
"Third party apps" is totally vague, what third party app could stop you from dialing an emergency number? And even if such apps exist (or even are common) is it not a huge design flaw by itself, which the manufacturer has to remedy?
Not sure why they don't say it by name but the bug was originally found with MS Teams.
"The issue is the result of an “unintended interaction” between Teams and Android, specifically when the users have the app installed but are not logged in to any account." [0]
Unless Teams is abusing private APIs or acting in other nefarious ways, this is 1000% a problem with Android itself. It shouldn’t be possible to break emergency service call operation through normal usage (or even naive usage) of the public APIs on the system. To blame Teams here is completely backwards.
I believe this is the result of two problems. One is the fact Teams registers phone service providers over and over again, the other is that Android didn't pick the right phone account for a while.
The Teams issue will cause generic connectivity issues because Teams says "I can call this number!" but then can't; the Android issue is an emergency issue because the Teams app shouldn't indicate the ability to call emergency services but Android tries to use Teams regardless. Even if Google fixes the 911 bug, users may still be unable to call if Microsoft hadn't fixed the registration issue.
Both problems should be fixed by now, but it's possible Google and Microsoft haven't updated every single device out there. It's also possible a different bug has shown up.
Allowing one app to register more than one phone service provider smells like an Android API bug. Allowing an unlimited number definitely is a bug. Allowing the corresponding integer to overflow and... well... do we really need to argue this point?
A phone OS should never have to rely on good app behavior to not collapse like a house of cards. Much less one made by a corporation with a 71% worldwide market share.
The OS was bugged. The method that fetches the phone service providers for emergency services returned a sorted list of all service providers. Had the necessary filters been in place, the index issue wouldn't even have become a problem.
The integer overflow issue was part of a very flawed last resort branch of a piece of sorting code. It did underflow, but the underflow happened in a piece of code that basically sorted two objects by their memory addresses at that point. There was no way to recover from that, the problem should've been caught way before instead.
It's awful that code this important is this buggy, but no code is entirely bug free and hard coding behaviour would only hard code the bug further. This is a problem that can only be solved with higher standards, better testing, and better code analysis tools.
I understand this, but there is still an architecture issue here:
It should not be possible for installed applications (even malicious ones) to prevent calling the emergency services using the cellular network
In the worst case it might try some other options first, but whatever is registered or set up the phone should use the SIM information to call on the network. The network operators have a load of regulation to meet (and special prioritisation of emergency call channels etc.) so why do the phone makers not?
Teams is a cause of this problem, but we're talking about it because it's a widely installed app. What other niche VoIP or similar applications are also causing this problem? The whole value we are sold of the restrictive "app" model is it is meant to protect the phone user from things the app might do.
I think we all agree it shouldn't. If I remember correctly, the code had special cases for emergency services just so this wouldn't happen.
That said, if I install a carrier's app on my tablet that enables calling and adds the necessary emergency services support, I don't see why it couldn't be used as the fallback for emergency services. Sometimes I have WiFi but no mobile signal (VoWiFi is finicky as hell) so if I need to reach emergency services, an "internal dialer only" approach would actually prevent me from getting help more than it solves the problem.
The code was buggy and not tested enough. Teams didn't specify that it could handle emergency calls. The method that sorts the apps that are capable of dealing with emergency phone numbers simply forgot to verify that the numbers in the list were all emergency capable: https://medium.com/@mmrahman123/how-a-bug-in-android-and-mic...
If I install a dialer, I expect it to be able to dial 112/999/911. I don't expect it to try to re/activate the vendor dialer I disabled, switch my system settings to give it its call permissions back, and call the number. Hell, with multiple dialers, this behaviour may even cause a loop by itself.
Bugs in the core framework can't be fixed by hardcoding specific dialers, you'll only hardcode the buggy, often barely updated dialers. Even after my phone goes EOL, I can fix problems like these by simply installing a better, fixed dialer, and that's a pretty good feature in my opinion.
That should really not be neccessary and potentially a user might want to use third party applications during an emergency call. (Imagine having saved the medication a relative receives on your device)
The OS has near complete authority over the device. If a user dials an emergency number android has to choose to give it to a third party app and that should never happen.
(I am also not sure that it would be a fix at all. From the description above it seems like android would try to start Teams, even if it was closed.)
