Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Skeleton3D crash with OpenGL renderer on Android on certain MTK chipset OpenGL driver versions #102413

Open
kisg opened this issue Feb 4, 2025 · 0 comments
Open

Skeleton3D crash with OpenGL renderer on Android on certain MTK chipset OpenGL driver versions #102413

kisg opened this issue Feb 4, 2025 · 0 comments
Labels
bug crash platform:android topic:animation topic:rendering

Comments

@kisg
Copy link
Contributor

kisg commented Feb 4, 2025
edited
Loading

Tested versions

Reproduced in 4.3 stable, 4.3.1rc, 4.4 beta 2.

System information

Moto G54 5G Android 13 Godot 4.3, 4.3.1rc, 4.4beta2, GLES3 backend. MTK 7050 chipset, Android build id: T3TDS33.16-78-2-2

We also saw the same crash in a commercial project on various devices with similar chipsets and Android versions in the wild.

Issue description

The attached project crashes on some MTK chipset phones with fresh (updated Android 13 and 14) MTK OpenGL driver in the MeshStorage::_compute_skeleton() function on the

glDrawArrays(GL_POINTS, 0, p_mi->mesh->surfaces[p_surface]->vertex_count);

call. (Debugged in the 4.3.1rc version). Vulkan (Mobile) backend works.

mtk-crash-test.zip

Crash dump (4.4 beta 2, not symbolicated):

02-04 15:17:16.836  8657  8657 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
02-04 15:17:16.836  8657  8657 F DEBUG   : Build fingerprint: 'motorola/cancunf_g_sysen/cancunf:13/T3TDS33.16-78-2-2/8b2d0-ffc032:user/release-keys'
02-04 15:17:16.836  8657  8657 F DEBUG   : Revision: 'PVT'
02-04 15:17:16.836  8657  8657 F DEBUG   : ABI: 'arm64'
02-04 15:17:16.836  8657  8657 F DEBUG   : Timestamp: 2025-02-04 15:17:16.665975841+0100
02-04 15:17:16.836  8657  8657 F DEBUG   : Process uptime: 2s
02-04 15:17:16.836  8657  8657 F DEBUG   : Cmdline: com.example.mtkcrashtest
02-04 15:17:16.836  8657  8657 F DEBUG   : pid: 8584, tid: 8635, name: GLThread 36  >>> com.example.mtkcrashtest <<<
02-04 15:17:16.836  8657  8657 F DEBUG   : uid: 10351
02-04 15:17:16.836  8657  8657 F DEBUG   : tagged_addr_ctrl: 0000000000000001 (PR_TAGGED_ADDR_ENABLE)
02-04 15:17:16.837  8657  8657 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0000000000000010
02-04 15:17:16.837  8657  8657 F DEBUG   : Cause: null pointer dereference
02-04 15:17:16.837  8657  8657 F DEBUG   :     x0  0000000000000000  x1  0000006fbe581750  x2  0000006fbe581718  x3  0000006fbe581718
02-04 15:17:16.837  8657  8657 F DEBUG   :     x4  0000006fbe581508  x5  0000006fbe581150  x6  0000006fbe581470  x7  0000006fbe5814a8
02-04 15:17:16.837  8657  8657 F DEBUG   :     x8  0000006fbe581720  x9  0000006fbe581770  x10 0000000000000009  x11 0000000000004d0e
02-04 15:17:16.837  8657  8657 F DEBUG   :     x12 00000070ddec2f80  x13 000000704f6782c0  x14 fffffffffc000000  x15 00000000fd000000
02-04 15:17:16.837  8657  8657 F DEBUG   :     x16 00000070205b54f8  x17 00000070ddf247a0  x18 0000006fbd5d4000  x19 b400006faadf2918
02-04 15:17:16.837  8657  8657 F DEBUG   :     x20 0000006fbe581800  x21 b400006faaf366e0  x22 b400006faaf366c8  x23 b400006fad2f2c00
02-04 15:17:16.837  8657  8657 F DEBUG   :     x24 0000006fbe5815f0  x25 0000006fbe5815f0  x26 b400006faadf2928  x27 0000006fbe581720
02-04 15:17:16.837  8657  8657 F DEBUG   :     x28 b400006fad2f2c00  x29 0000006fbe5811b0
02-04 15:17:16.837  8657  8657 F DEBUG   :     lr  0000007020537418  sp  0000006fbe5811b0  pc  0000007020559b14  pst 0000000060001000
02-04 15:17:16.837  8657  8657 F DEBUG   : backtrace:
02-04 15:17:16.837  8657  8657 F DEBUG   :       #00 pc 0000000000d2cb14  /vendor/lib64/mt6855/libufwriter.so (BuildId: c8d287ca5fa8793f358d6552b6ae7df7)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #01 pc 0000000000d0a414  /vendor/lib64/mt6855/libufwriter.so (BuildId: c8d287ca5fa8793f358d6552b6ae7df7)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #02 pc 000000000096042c  /vendor/lib64/mt6855/libufwriter.so (BuildId: c8d287ca5fa8793f358d6552b6ae7df7)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #03 pc 0000000000a77764  /vendor/lib64/mt6855/libufwriter.so (BuildId: c8d287ca5fa8793f358d6552b6ae7df7)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #04 pc 000000000095f1ec  /vendor/lib64/mt6855/libufwriter.so (BuildId: c8d287ca5fa8793f358d6552b6ae7df7)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #05 pc 0000000000cf6e54  /vendor/lib64/mt6855/libufwriter.so (BuildId: c8d287ca5fa8793f358d6552b6ae7df7)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #06 pc 0000000000a70674  /vendor/lib64/mt6855/libufwriter.so (BuildId: c8d287ca5fa8793f358d6552b6ae7df7)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #07 pc 0000000000a807dc  /vendor/lib64/mt6855/libufwriter.so (BuildId: c8d287ca5fa8793f358d6552b6ae7df7)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #08 pc 0000000000a32b94  /vendor/lib64/mt6855/libufwriter.so (GLSLCompileToUniflex+15972) (BuildId: c8d287ca5fa8793f358d6552b6ae7df7)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #09 pc 000000000014ac40  /vendor/lib64/egl/mt6855/libGLESv2_mtk.so (BuildId: ae51f27f2ec37430bc2ab1ef9178e703)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #10 pc 000000000014b878  /vendor/lib64/egl/mt6855/libGLESv2_mtk.so (BuildId: ae51f27f2ec37430bc2ab1ef9178e703)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #11 pc 00000000000b22d0  /vendor/lib64/egl/mt6855/libGLESv2_mtk.so (glCompileShader+116) (BuildId: ae51f27f2ec37430bc2ab1ef9178e703)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #12 pc 0000000001f0b734  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #13 pc 0000000001f0ecfc  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #14 pc 0000000001ed491c  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #15 pc 00000000037c0808  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #16 pc 00000000037bb8dc  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #17 pc 000000000378630c  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #18 pc 000000000378680c  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #19 pc 0000000003788c3c  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #20 pc 0000000003736350  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #21 pc 00000000037385d4  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #22 pc 0000000001018d80  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #23 pc 0000000000fbc45c  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so
02-04 15:17:16.837  8657  8657 F DEBUG   :       #24 pc 0000000000fd1788  /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk!libgodot_android.so (Java_org_godotengine_godot_GodotLib_step+316)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #25 pc 0000000000461754  /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+148) (BuildId: 6fc1c03912861b04885c9f2953121b6b)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #26 pc 0000000000209398  /apex/com.android.art/lib64/libart.so (nterp_helper+152) (BuildId: 6fc1c03912861b04885c9f2953121b6b)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #27 pc 0000000000255398  [anon:dalvik-classes.dex extracted in memory from /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk] (org.godotengine.godot.gl.GodotRenderer.onDrawFrame+20)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #28 pc 000000000020b074  /apex/com.android.art/lib64/libart.so (nterp_helper+7540) (BuildId: 6fc1c03912861b04885c9f2953121b6b)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #29 pc 00000000002545fe  [anon:dalvik-classes.dex extracted in memory from /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk] (org.godotengine.godot.gl.GLSurfaceView$GLThread.guardedRun+1034)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #30 pc 000000000020a254  /apex/com.android.art/lib64/libart.so (nterp_helper+3924) (BuildId: 6fc1c03912861b04885c9f2953121b6b)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #31 pc 0000000000254b3c  [anon:dalvik-classes.dex extracted in memory from /data/app/~~6rrItiD5kfRenOL5fy1NcQ==/com.example.mtkcrashtest-qodHYQ2hzLfllG4H7tgTng==/base.apk] (org.godotengine.godot.gl.GLSurfaceView$GLThread.run+52)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #32 pc 0000000000457d6c  /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+556) (BuildId: 6fc1c03912861b04885c9f2953121b6b)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #33 pc 0000000000483be4  /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+156) (BuildId: 6fc1c03912861b04885c9f2953121b6b)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #34 pc 00000000004838b0  /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithJValues<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, jvalue const*)+400) (BuildId: 6fc1c03912861b04885c9f2953121b6b)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #35 pc 00000000005cc300  /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1680) (BuildId: 6fc1c03912861b04885c9f2953121b6b)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #36 pc 00000000000fbcbc  /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+204) (BuildId: 9d480b70c1b085134b71b9c0857e1514)
02-04 15:17:16.837  8657  8657 F DEBUG   :       #37 pc 000000000008e4b0  /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: 9d480b70c1b085134b71b9c0857e1514)

The issue only comes up with certain Android OS / GL driver versions. My Moto G54 test device did not reproduce the crash with the stock drivers, but started reproducing it when the (automatic) update to the latest security update version finished and the phone was rebooted.

Steps to reproduce

Run the project (or any project with a Skeleton3D) using the GLES3 backend.

Minimal reproduction project (MRP)

mtk-crash-test.zip
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug crash platform:android topic:animation topic:rendering
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kisg @akien-mga @AThousandShips