Details
-
Bug
-
Resolution: Incomplete
-
P1: Critical
-
None
-
5.7.1, 5.8.0, 5.9.0
-
Qt 5.7.1 (Nov 22 snapshot)
Android 5/6
Description
Working: SM-T705 (Exynos 5420/Mali-T628) and SM-T715 (Exynos 5433/Mali-T760) w/ Android 5.
Crashes: SM-T705 and SM-T715 w/ Android 6.
I have tried making a small reproducible example for the last hour. I have yet to succeed. But I can tell you that it has something to do with dynamically changing text on buttons. Also before the crash I can sometimes see that the buttons have red distorted graphics on them instead of text.
Crash reports follow:
11-30 09:45:21.070 F/libc ( 5464): Fatal signal 11 (SIGSEGV), code 1, fault addr 0xffeb0b16 in tid 5580 (QtThread)
11-30 09:45:21.130 F/DEBUG ( 2768): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
11-30 09:45:21.130 F/DEBUG ( 2768): Build fingerprint: 'samsung/gts28ltexx/gts28lte:6.0.1/MMB29K/T715XXU2BPG3:user/release-keys'
11-30 09:45:21.130 F/DEBUG ( 2768): Revision: '9'
11-30 09:45:21.130 F/DEBUG ( 2768): ABI: 'arm'
11-30 09:45:21.130 F/DEBUG ( 2768): pid: 5464, tid: 5580, name: QtThread >>> dk.frogne.codrive.activity <<<
11-30 09:45:21.130 F/DEBUG ( 2768): signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xffeb0b16
11-30 09:45:21.160 F/DEBUG ( 2768): r0 97523db0 r1 9ec59acc r2 ffeb0b0a r3 ffeb0b0a
11-30 09:45:21.160 F/DEBUG ( 2768): r4 97523db0 r5 97523db0 r6 b4767080 r7 9737b110
11-30 09:45:21.160 F/DEBUG ( 2768): r8 ffeb0b0a r9 b6cd1ec0 sl 9007f7d4 fp 00000600
11-30 09:45:21.160 F/DEBUG ( 2768): ip 9ec5f3d8 sp 9007f660 lr 9eb4f245 pc 9eb4ebd6 cpsr a00f0030
11-30 09:45:21.160 F/DEBUG ( 2768):
11-30 09:45:21.160 F/DEBUG ( 2768): backtrace:
11-30 09:45:21.160 F/DEBUG ( 2768): #00 pc 000d7bd6 /data/app/dk.frogne.codrive.activity-1/lib/arm/libQt5Quick.so (_ZN15QSGDefaultLayer4grabEv+99)
11-30 09:45:21.160 F/DEBUG ( 2768): #01 pc 000d8241 /data/app/dk.frogne.codrive.activity-1/lib/arm/libQt5Quick.so (_ZN15QSGDefaultLayer13updateTextureEv+40)
11-30 09:48:29.840 F/libc ( 5768): Fatal signal 11 (SIGSEGV), code 1, fault addr 0x8 in tid 5876 (QtThread)
11-30 09:48:29.900 F/DEBUG ( 2768): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
11-30 09:48:29.900 F/DEBUG ( 2768): Build fingerprint: 'samsung/gts28ltexx/gts28lte:6.0.1/MMB29K/T715XXU2BPG3:user/release-keys'
11-30 09:48:29.900 F/DEBUG ( 2768): Revision: '9'
11-30 09:48:29.900 F/DEBUG ( 2768): ABI: 'arm'
11-30 09:48:29.900 F/DEBUG ( 2768): pid: 5768, tid: 5876, name: QtThread >>> dk.frogne.codrive.activity <<<
11-30 09:48:29.900 F/DEBUG ( 2768): signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x8
11-30 09:48:29.930 F/DEBUG ( 2768): r0 8eccbd40 r1 8ecaf300 r2 9f83da50 r3 00000000
11-30 09:48:29.930 F/DEBUG ( 2768): r4 8eccbd40 r5 9f83da50 r6 b4764840 r7 9f83da50
11-30 09:48:29.930 F/DEBUG ( 2768): r8 b6cd1ec0 r9 904ff794 sl 904ff7d4 fp 00000600
11-30 09:48:29.930 F/DEBUG ( 2768): ip 9ec5f4b4 sp 904ff6f8 lr 9eb33f25 pc 9eb33f20 cpsr 800f0030
11-30 09:48:29.935 F/DEBUG ( 2768):
11-30 09:48:29.935 F/DEBUG ( 2768): backtrace:
11-30 09:48:29.935 F/DEBUG ( 2768): #00 pc 000bcf20 /data/app/dk.frogne.codrive.activity-1/lib/arm/libQt5Quick.so (ZNK14QSGNodeUpdater13isNodeBlockedEP7QSGNodeS1+15)
11-30 09:48:29.935 F/DEBUG ( 2768): #01 pc 000bcf23 /data/app/dk.frogne.codrive.activity-1/lib/arm/libQt5Quick.so (ZNK14QSGNodeUpdater13isNodeBlockedEP7QSGNodeS1+18)
11-30 09:48:30.445 F/DEBUG ( 2768):
11-30 09:48:30.445 F/DEBUG ( 2768): Tombstone written to: /data/tombstones/tombstone_03
11-30 09:48:30.445 E/DEBUG ( 2768): AM write failed: Broken pipe
Thread 26 (crashed)
0 libQt5Quick.so!QSGNodeUpdater::isNodeBlocked [qsgnodeupdater.cpp : 86 + 0x4]
r0 = 0x8ee12140 r1 = 0x91f75628 r2 = 0x906ede10 r3 = 0x00000000
r4 = 0x8ee12140 r5 = 0x906ede10 r6 = 0x9680bc80 r7 = 0x906ede10
r8 = 0xb6cd1ec0 r9 = 0x906bf794 r10 = 0x906bf7d4 r12 = 0xb3483d38
fp = 0x00000600 sp = 0x906bf6f8 lr = 0xae6d1f25 pc = 0xae6d1f20
Found by: given as instruction pointer in context
1 libQt5Quick.so!QSGRenderer::preprocess [qsgrenderer.cpp : 282 + 0x3]
r3 = 0xae6d1f11 r4 = 0x8ed5e380 r5 = 0x91f75628 r6 = 0x9680bc80
r7 = 0x906ede10 r8 = 0xb6cd1ec0 r9 = 0x906bf794 r10 = 0x906bf7d4
fp = 0x00000600 sp = 0x906bf708 pc = 0xae6d2d21
Found by: call frame info
2 libQt5Quick.so!QSGRenderer::renderScene [qsgrenderer.cpp : 203 + 0x3]
r4 = 0x9680bc80 r5 = 0xae7ff668 r6 = 0xb6cd1ec0 r7 = 0x00000000
r8 = 0x90928aa4 r9 = 0x906bf794 r10 = 0x906bf7d4 fp = 0x00000600
sp = 0x906bf728 pc = 0xae6d2a8d
Found by: call frame info
3 libQt5Quick.so!QSGRenderer::renderScene [qsgrenderer.cpp : 183 + 0x3]
r4 = 0xb6cd1ec0 r5 = 0x9732d800 r6 = 0x9680bc80 r7 = 0x00000000
r8 = 0x90928aa4 r9 = 0x975858a0 r10 = 0x906bf7d4 fp = 0x00000600
sp = 0x906bf790 pc = 0xae6d2c85
Found by: call frame info
4 libQt5Quick.so!QSGRenderContext::renderNextFrame [qsgcontext.cpp : 557 + 0x9]
r4 = 0xb6cd1ec0 r5 = 0x9732d800 r6 = 0x9680bc80 r7 = 0x00000000
r8 = 0x90928aa4 r9 = 0x975858a0 r10 = 0x906bf7d4 fp = 0x00000600
sp = 0x906bf7a8 pc = 0xae6db0c7
Found by: call frame info
5 libQt5Quick.so!QQuickWindowPrivate::renderSceneGraph [qquickwindow.cpp : 464 + 0x3]
r4 = 0x97722600 r5 = 0xb6cd1ec0 r6 = 0x906bf7d8 r7 = 0x00000000
r8 = 0x90928aa4 r9 = 0x975858a0 r10 = 0x906bf7d4 fp = 0x00000600
sp = 0x906bf7d0 pc = 0xae6fe287
Found by: call frame info
6 libQt5Quick.so!QSGRenderThread::syncAndRender [qsgthreadedrenderloop.cpp : 629 + 0x9]
r4 = 0x90928a60 r5 = 0x97722600 r6 = 0xae7ff668 r7 = 0x00000000
r8 = 0x906bf848 r9 = 0xae7fd218 r10 = 0x00000000 fp = 0x00000000
sp = 0x906bf830 pc = 0xae6e8a0f
Found by: call frame info
7 libQt5Quick.so!QSGRenderThread::run [qsgthreadedrenderloop.cpp : 710 + 0x5]
r4 = 0x90928a60 r5 = 0x00000000 r6 = 0xb6cd1ec0 r7 = 0x00000001
r8 = 0xae7af03e r9 = 0xae7af6c5 r10 = 0x905c1000 fp = 0xb31acf49
sp = 0x906bf8a0 pc = 0xae6e93af
Found by: call frame info
8 libQt5Core.so!QThreadPrivate::start [qthread_unix.cpp : 368 + 0x7]
r4 = 0x90928a60 r5 = 0x906bf8e8 r6 = 0x906bf8ec r7 = 0xb6cd1ec0
r8 = 0x906bf8f0 r9 = 0x9d31fbe4 r10 = 0x905c1000 fp = 0xb31acf49
sp = 0x906bf8e0 pc = 0xb31ad037
Found by: call frame info
9 libc.so + 0x3fc63
r4 = 0x906bf930 r5 = 0x906bf970 r6 = 0x906bf930 r7 = 0x00000078
r8 = 0x9d320980 r9 = 0x9d31fbe4 r10 = 0x905c1000 fp = 0xb31acf49
sp = 0x906bf918 pc = 0xb6c96c65
Found by: call frame info