Fixed
Status Update
No update yet.
Comments
vi...@google.com
I see same issue and have been debugging it.
NOTE: It DOES NOT happen if not using support package, but use android level 14/15 library. I believe Honeycomb works well too.
My current workaround is to provide my own DialogFragment.show() method, like below:
public int show(FragmentTransaction transaction, String tag) {
return show(transaction, tag, false);
}
public int show(FragmentTransaction transaction, String tag, boolean allowStateLoss) {
transaction.add(this, tag);
mRemoved = false;
mBackStackId = allowStateLoss ? transaction.commitAllowingStateLoss() : transaction.commit();
return mBackStackId;
}
NOTE: It DOES NOT happen if not using support package, but use android level 14/15 library. I believe Honeycomb works well too.
My current workaround is to provide my own DialogFragment.show() method, like below:
public int show(FragmentTransaction transaction, String tag) {
return show(transaction, tag, false);
}
public int show(FragmentTransaction transaction, String tag, boolean allowStateLoss) {
transaction.add(this, tag);
mRemoved = false;
mBackStackId = allowStateLoss ? transaction.commitAllowingStateLoss() : transaction.commit();
return mBackStackId;
}
so...@google.com
[Comment deleted]
so...@google.com
But Google pls fix this issue, as the expected behaviors must be consistent with ICS DialogFragment + FragmentManager and support package DialogFragment + FragmentManager.
It happens with both Support Package v4 r6 and v13 r6.
It happens with both Support Package v4 r6 and v13 r6.
Description
We have noticed an issue with an incorrect optimization when an app is compiled by dex2oat with the "speed" profile on ARM64 devices. The issue does not seem to occur on x86 emulators.
Analysis
The gist of the issue appears to be that the following code
is replaced with
so that when the
ifbranch is takenawill have incorrect value(~b) & cinstead of(~b) | c. This issue does not occur when theelsebranch is removed, or when theelsebranch is modified so that it no longer contains the sequence(~b) & c.I have included an apk (
dex2oat-bug.apk) reproducing this issue, along with its source code (dex2oat-bug-source.zip) and the generated odex file (base.odex) in which this issue can be seen, as well as the output of ghidra's decompiler for this function (broken-odex-ghidra.txt), with some comments highlighting the broken sequence.In the sample, the method producing the issue is
com.example.myapplication.Test.runTest(char[], int).Affected devices
We have observed this issue on several devices. I have included bugreports for the following devices:
Samsung Galaxy Z Fold 2 5G (SM-F916B) with build TP1A.220624.014.F916BXXS5KWK1 (see
bugreport-OnePlus6-TQ3A.230805.001-2024-02-21-17-31-47.zip)OnePlus 6 with build lineage_enchilada-userdebug 13 TQ3A.230805.0013e190d8a53 (see
dumpstate-2024-02-21-17-33-56.zip)We've also have reports of this issue occurring on Samsung S21 devices running Android 13. We were not able to reproduce this issue on the Android Studio x86 and x86_64 emulators.
Reproducing
I have included an apk which reproduces the issue, along with its source code. The apk will log the result of the (mis)calculated value (
ain the example above) to the logcat, and show the messageVALUE BADorVALUE OKdepending on whether the bug was triggered or not. When running on an affected device, we notice that:When running dex2oat with the speed profile through
adb shell pm compile -f -m speed com.example.myapplicationand opening the apk, the value-2is printed and the app shows the messageVALUE BAD.When running dex2oat with the verify profile through
adb shell pm compile -f -m verify com.example.myapplicationand opening the apk, the value32is printed and the app shows the messageVALUE OK.I have tried to make the attached sample as minimal as possible. Unfortunately, the sample still includes some random-seeming arithmetic andlogic operations - the issue no longer seemed to reproduce when I tried to simplify it further, it's as if there needs to be a minimum level of complexity for the issue to trigger.