Infeasible
Status Update
No update yet.
Comments
ra...@google.com
Thank you for reporting this issue. For us to further investigate this issue, please provide the following additional information:
What steps are needed to reproduce this issue? Frequency of occurrence?
What is the expected output?
Which Android build are you using? (e.g. TQ3A.230705.001.A1)
Which device did you use to reproduce this issue?
Can you confirm if this issue is reproducible on a Pixel/Nexus device?
Are you reporting this as Developer or User?
Android bug report (to be captured after reproducing the issue)
For steps to capture a bug report, please refer:https://developer.android.com/studio/debug/bug-report#bugreportdevice
Alternate method
Navigate to “Developer options”, ensure “USB debugging” is enabled, then enable “Bug report shortcut”. Capture bug report by holding the power button and selecting the “Take bug report” option.
Note: Please upload the bug report and screenshot to google drive and share the folder to android-bugreport@google.com, then share the link here.
What steps are needed to reproduce this issue? Frequency of occurrence?
What is the expected output?
Which Android build are you using? (e.g. TQ3A.230705.001.A1)
Which device did you use to reproduce this issue?
Can you confirm if this issue is reproducible on a Pixel/Nexus device?
Are you reporting this as Developer or User?
Android bug report (to be captured after reproducing the issue)
For steps to capture a bug report, please refer:
Alternate method
Navigate to “Developer options”, ensure “USB debugging” is enabled, then enable “Bug report shortcut”. Capture bug report by holding the power button and selecting the “Take bug report” option.
Note: Please upload the bug report and screenshot to google drive and share the folder to android-bugreport@google.com, then share the link here.
xi...@gmail.com
Please provide the requested information to proceed further. Unfortunately the issue will be closed within 7 days if there is no further update.
ra...@google.com
Hi. This issue is for the code change https://android-review.googlesource.com/c/platform/packages/modules/Wifi/+/3217815 .
It is not a bug but more like a feature request, so I don't have a log for it. I'm not familiar with changing the issue type, apologize for the confusion.
It is not a bug but more like a feature request, so I don't have a log for it. I'm not familiar with changing the issue type, apologize for the confusion.
Description
Cmdline: /system/bin/surfaceflinger
pid: 644, tid: 732, name: RenderEngine >>> /system/bin/surfaceflinger <<<
uid: 1000
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x38
Cause: null pointer dereference
x0 b400007630a2aaa0 x1 b4000075609f8840 x2 00000074de6e96f8 x3 0000005a7fccc2b5
x4 0000005a801fa57c x5 0000000000000001 x6 0000000000000000 x7 0000000000000000
x8 0000000000000000 x9 0000000000000000 x10 0000000000000009 x11 000000000000000a
x12 000000000000000a x13 0000005a7ff2dfcc x14 0000000000000000 x15 0000000000000000
x16 0000005a80281a18 x17 00000077738cabe0 x18 00000074de1e0000 x19 00000074de6e96f8
x20 b4000075609f8840 x21 b400007630a2aaa0 x22 b400007630a2a340 x23 b400007680a1cfa8
x24 b400007680a1d038 x25 0000000000000000 x26 0000005a7fcb0a5d x27 00000000000000ff
x28 b400007680a1cf34 x29 00000074de6e95d0
lr 0000005a801fa860 sp 00000074de6e95d0 pc 0000005a801fa81c pst 0000000020001000
backtrace:
#00 pc 000000000058f81c /system/bin/surfaceflinger (GrFragmentProcessor::getGLSLProcessorKey(GrShaderCaps const&, GrProcessorKeyBuilder*) const+32) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#01 pc 000000000058f85c /system/bin/surfaceflinger (GrFragmentProcessor::getGLSLProcessorKey(GrShaderCaps const&, GrProcessorKeyBuilder*) const+96) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#02 pc 000000000058f720 /system/bin/surfaceflinger (gen_fp_key(GrFragmentProcessor const&, GrCaps const&, GrProcessorKeyBuilder*)+268) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#03 pc 000000000058f22c /system/bin/surfaceflinger (gen_key(GrProcessorKeyBuilder*, GrProgramInfo const&, GrCaps const&)+868) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#04 pc 000000000058ee88 /system/bin/surfaceflinger (GrProgramDesc::Build(GrProgramDesc*, GrProgramInfo const&, GrCaps const&)+240) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#05 pc 000000000058fc40 /system/bin/surfaceflinger (GrGLGpu::ProgramCache::findOrCreateProgram(GrDirectContext*, GrProgramInfo const&)+104) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#06 pc 000000000057e11c /system/bin/surfaceflinger (GrGLGpu::flushGLState(GrRenderTarget*, bool, GrProgramInfo const&)+112) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#07 pc 000000000042e610 /system/bin/surfaceflinger (GrOpsRenderPass::bindPipeline(GrProgramInfo const&, SkRect const&)+160) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#08 pc 0000000000433ef4 /system/bin/surfaceflinger (_ZN12_GLOBAL__N_110FillRectOp9onExecuteEP14GrOpFlushStateRK6SkRect$b4e1d033ad46939d81c939563fd90ffd+252) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#09 pc 000000000042bd8c /system/bin/surfaceflinger (GrOpsTask::onExecute(GrOpFlushState*)+988) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#10 pc 000000000042067c /system/bin/surfaceflinger (GrDrawingManager::flush(SkSpan<GrSurfaceProxy*>, SkSurface::BackendSurfaceAccess, GrFlushInfo const&, GrBackendSurfaceMutableState const*)+2872) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#11 pc 00000000004209d8 /system/bin/surfaceflinger (GrDrawingManager::flushSurfaces(SkSpan<GrSurfaceProxy*>, SkSurface::BackendSurfaceAccess, GrFlushInfo const&, GrBackendSurfaceMutableState const*)+164) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#12 pc 000000000041f27c /system/bin/surfaceflinger (GrDirectContextPriv::flushSurfaces(SkSpan<GrSurfaceProxy*>, SkSurface::BackendSurfaceAccess, GrFlushInfo const&, GrBackendSurfaceMutableState const*)+276) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#13 pc 00000000004fb538 /system/bin/surfaceflinger (SkSurface_Gpu::onFlush(SkSurface::BackendSurfaceAccess, GrFlushInfo const&, GrBackendSurfaceMutableState const*)+140) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#14 pc 00000000002ad71c /system/bin/surfaceflinger (android::renderengine::skia::SkiaGLRenderEngine::drawLayers(android::renderengine::DisplaySettings const&, std::__1::vector<android::renderengine::LayerSettings const*, std::__1::allocator<android::renderengine::LayerSettings const*> > const&, std::__1::shared_ptr<android::renderengine::ExternalTexture> const&, bool, android::base::unique_fd_impl<android::base::DefaultCloser>&&, android::base::unique_fd_impl<android::base::DefaultCloser>*)+14932) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#15 pc 00000000002a645c /system/bin/surfaceflinger (_ZNSt3__110__function6__funcIZN7android12renderengine8threaded20RenderEngineThreaded10drawLayersERKNS3_15DisplaySettingsERKNS_6vectorIPKNS3_13LayerSettingsENS_9allocatorISC_EEEERKNS_10shared_ptrINS3_15ExternalTextureEEEbONS2_4base14unique_fd_implINSN_13DefaultCloserEEEPSQ_E4$_11NSD_IST_EEFvRNS3_12RenderEngineEEEclESW_$b36447d8cfdb36b74824238c3b959b6f+80) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#16 pc 00000000002a30e4 /system/bin/surfaceflinger (android::renderengine::threaded::RenderEngineThreaded::threadMain(std::__1::function<std::__1::unique_ptr<android::renderengine::RenderEngine, std::__1::default_delete<android::renderengine::RenderEngine> > ()>)+1112) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#17 pc 00000000002a5304 /system/bin/surfaceflinger (void* std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (android::renderengine::threaded::RenderEngineThreaded::*)(std::__1::function<std::__1::unique_ptr<android::renderengine::RenderEngine, std::__1::default_delete<android::renderengine::RenderEngine> > ()>), android::renderengine::threaded::RenderEngineThreaded*, std::__1::function<std::__1::unique_ptr<android::renderengine::RenderEngine, std::__1::default_delete<android::renderengine::RenderEngine> > ()> > >(void*)+160) (BuildId: 33a0cb0056d42b1bfe153dd1aa5aa7c1)
#18 pc 00000000000b1810 /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+264) (BuildId: 4ea5a3e7e971501a0a64d511b74c6802)
#19 pc 00000000000512f0 /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: 4ea5a3e7e971501a0a64d511b74c6802)
2. analyse
the crash at line 126, in file: GrFragmentProcessor.h
.....
125 void getGLSLProcessorKey(const GrShaderCaps& caps, GrProcessorKeyBuilder* b) const {
126 this->onGetGLSLProcessorKey(caps, b);
127 for (const auto& child : fChildProcessors) {
128 if (child) {
129 child->getGLSLProcessorKey(caps, b);
130 }
131 }
132 }
......
the this pointer is null. but from the call stack, it seem child object is not null. So, why this is null here?
it maybe other thread clear the object. if it need mutex object in this class?