Why NotificationManagerCompat::cancelAll() gets SecurityException?

Question

Using NotificationManagerCompat to cancel all notification.

NotificationManagerCompat manager =  
    NotificationManagerCompat.from(ctx.getApplicationContext());
manager.cancelAll();

It got exception some time (most time works).

on Andoid 6:

java.lang.SecurityException: Permission Denial: getCurrentUser() from pid=22994, uid=10184 requires android.permission.INTERACT_ACROSS_USERS

Fatal Exception: java.lang.SecurityException: Permission Denial: getCurrentUser() from pid=22994, uid=10184 requires android.permission.INTERACT_ACROSS_USERS
   at android.os.Parcel.readException(Parcel.java:1602)
   at android.os.Parcel.readException(Parcel.java:1555)
   at android.app.INotificationManager$Stub$Proxy.cancelAllNotifications(INotificationManager.java:649)
   at android.app.NotificationManager.cancelAll(NotificationManager.java:323)
   at android.support.v4.app.NotificationManagerCompat.cancelAll(NotificationManagerCompat.java:197)

on Android 5.0, 4.4.2:

ava.lang.SecurityException: Permission Denial: getIntentSender() from pid=5460, uid=10135, (need uid=1000) is not allowed to send as package android at android.os.Parcel.readException(Parcel.java:1465)

Fatal Exception: java.lang.SecurityException: Permission Denial: getIntentSender() from pid=3109, uid=10153, (need uid=1000) is not allowed to send as package android
   at android.os.Parcel.readException(Parcel.java:1472)
   at android.os.Parcel.readException(Parcel.java:1426)
   at android.app.INotificationManager$Stub$Proxy.cancelAllNotifications(INotificationManager.java:271)
   at android.app.NotificationManager.cancelAll(NotificationManager.java:220)
   at android.support.v4.app.NotificationManagerCompat.cancelAll(NotificationManagerCompat.java:197)

Questions:

1. What could be the cause?
2. What are those id here? Is it ctx.getApplicationContext().getApplicationInfo().uid or android.os.Process.myUid()?

Answer 1

The answer does not provide a solid solution for the problem, it rather attempts to give an explanation of the cause both for the OP and @66CLSjY, who offered the bounty, with a similar issue.

---

Inspecting the stacktrace

According to the stacktrace SecurityException is thrown in the remote process: your app process' Binder object (e.g. INotificationManager.Stub, ActivityManagerProxy etc.) makes a Binder transaction (mRemote.transact()) * on the remote Binder object and read from the object an exception (_reply.readException()) occurred within the remote call(s). If any, the exception message is analyzed and a corresponding exception is thrown in your process.

Analyzing the exception message

Both the exception messages (one with getIntentSender() and another one with getCurrentUser()) are quite straightforward - your app didn't pass a permission check, or in other words, the code snippets of ActivityManagerService that were supposed to be called under the system_server process' identity (UID=1000) **, but, in fact, were called under your app process' identity.

Possible cause and workaround

It got exception some time (most time works).

Without making an assumption, what you get "some time" is improper Android behavior. Wrapping the problem call with try/catch seems to be a workaround until someone suggests a solid solution (if exists).

---

^{* ActivityManagerProxy.setRequestedOrientation() and IAccessibilityManager$Stub$Proxy.sendAccessibilityEvent()
** android.permission.INTERACT_ACROSS_USERS is of signature | system protection level}