Crash in ArSession_update when building with ARCore 1.23 or 1.24.

[ptc-aeveritt]

SPECIFIC ISSUE ENCOUNTERED

Crash in ArSession_update when building with ARCore 1.23 or 1.24. App is terminated. Problem not seen when building with ARCore 1.22 or lower, it is also not seen when building with ARCore 1.22 or lower and running on a device with ARCore 1.23 or higher.

Example crash dump:

06-11 15:49:29.851 15917 15917 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
06-11 15:49:29.851 15917 15917 F DEBUG   : Build fingerprint: 'samsung/crownltexx/crownlte:10/QP1A.190711.020/N960FXXU8FUD1:user/release-keys'
06-11 15:49:29.851 15917 15917 F DEBUG   : Revision: '28'
06-11 15:49:29.851 15917 15917 F DEBUG   : ABI: 'arm64'
06-11 15:49:29.852 15917 15917 F DEBUG   : Timestamp: 2021-06-11 15:49:29+0100
06-11 15:49:29.852 15917 15917 F DEBUG   : pid: 14728, tid: 15862, name: Thread-42  >>> com.vuforia.engine.NativeSample <<<
06-11 15:49:29.852 15917 15917 F DEBUG   : uid: 10610
06-11 15:49:29.852 15917 15917 F DEBUG   : signal 6 (SIGABRT), code -1 (SI_QUEUE), fault addr --------
06-11 15:49:29.852 15917 15917 F DEBUG   : Abort message: 'Check failed: new_size > max_entries_ (new_size=1024, max_entries_=1024) '
06-11 15:49:29.852 15917 15917 F DEBUG   :     x0  0000000000000000  x1  0000000000003df6  x2  0000000000000006  x3  0000006ef5c00e20
06-11 15:49:29.852 15917 15917 F DEBUG   :     x4  fefeff6f45696f97  x5  fefeff6f45696f97  x6  fefeff6f45696f97  x7  7f7f7f7f7f7f7fff
06-11 15:49:29.852 15917 15917 F DEBUG   :     x8  00000000000000f0  x9  0000007045c8d5e0  x10 0000000000000000  x11 0000000000000001
06-11 15:49:29.852 15917 15917 F DEBUG   :     x12 000000000fa94420  x13 ffffffffffffffff  x14 0000000000000000  x15 ffffffffffffffff
06-11 15:49:29.852 15917 15917 F DEBUG   :     x16 0000007045d5b8c0  x17 0000007045d38880  x18 0000000000000050  x19 00000000000000ac
06-11 15:49:29.852 15917 15917 F DEBUG   :     x20 0000000000003988  x21 00000000000000b2  x22 0000000000003df6  x23 00000000ffffffff
06-11 15:49:29.852 15917 15917 F DEBUG   :     x24 0000006fc36cc0ba  x25 0000006fc36ce100  x26 0000006fc36adea5  x27 000000704967b258
06-11 15:49:29.852 15917 15917 F DEBUG   :     x28 0000006fc3bf4000  x29 0000006ef5c00ed0
06-11 15:49:29.852 15917 15917 F DEBUG   :     sp  0000006ef5c00e00  lr  0000007045cec330  pc  0000007045cec360
06-11 15:49:29.865 15917 15917 F DEBUG   :
06-11 15:49:29.865 15917 15917 F DEBUG   : backtrace:
06-11 15:49:29.865 15917 15917 F DEBUG   :       #00 pc 0000000000083360  /apex/com.android.runtime/lib64/bionic/libc.so (abort+176) (BuildId: 3f350ca06c3b80560f65755286daf320)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #01 pc 00000000004c3240  /apex/com.android.runtime/lib64/libart.so (art::Runtime::Abort(char const*)+2280) (BuildId: 0680f97b9649cf08862df1e69e76e0f3)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #02 pc 000000000000c650  /system/lib64/libbase.so (android::base::LogMessage::~LogMessage()+608) (BuildId: 74e39b9e4bda61561a36377476803040)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #03 pc 00000000002a9160  /apex/com.android.runtime/lib64/libart.so (art::IndirectReferenceTable::Resize(unsigned long, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>*)+592) (BuildId: 0680f97b9649cf08862df1e69e76e0f3)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #04 pc 00000000002aa5f0  /apex/com.android.runtime/lib64/libart.so (art::IndirectReferenceTable::EnsureFreeCapacity(unsigned long, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>*)+192) (BuildId: 0680f97b9649cf08862df1e69e76e0f3)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #05 pc 00000000003e861c  /apex/com.android.runtime/lib64/libart.so (art::JNI::EnsureLocalCapacityInternal(art::ScopedObjectAccess&, int, char const*)+84) (BuildId: 0680f97b9649cf08862df1e69e76e0f3)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #06 pc 000000000038e7cc  /apex/com.android.runtime/lib64/libart.so (art::JNI::PushLocalFrame(_JNIEnv*, int)+612) (BuildId: 0680f97b9649cf08862df1e69e76e0f3)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #07 pc 000000000035e34c  /apex/com.android.runtime/lib64/libart.so (art::(anonymous namespace)::CheckJNI::PushLocalFrame(_JNIEnv*, int)+700) (BuildId: 0680f97b9649cf08862df1e69e76e0f3)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #08 pc 0000000001e5c160  /data/app/com.google.ar.core-bwXctG17ehvnttkxOmu9Vw==/base.apk!libarcore_c.so (offset 0x6d8000) (BuildId: 150e60a5b75bc1f8e673781ac2e20526)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #09 pc 00000000018d4a54  /data/app/com.google.ar.core-bwXctG17ehvnttkxOmu9Vw==/base.apk!libarcore_c.so (offset 0x6d8000) (BuildId: 150e60a5b75bc1f8e673781ac2e20526)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #10 pc 000000000107645c  /data/app/com.google.ar.core-bwXctG17ehvnttkxOmu9Vw==/base.apk!libarcore_c.so (offset 0x6d8000) (BuildId: 150e60a5b75bc1f8e673781ac2e20526)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #11 pc 0000000000b74384  /data/app/com.google.ar.core-bwXctG17ehvnttkxOmu9Vw==/base.apk!libarcore_c.so (offset 0x6d8000) (BuildId: 150e60a5b75bc1f8e673781ac2e20526)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #12 pc 0000000000b747ec  /data/app/com.google.ar.core-bwXctG17ehvnttkxOmu9Vw==/base.apk!libarcore_c.so (offset 0x6d8000) (BuildId: 150e60a5b75bc1f8e673781ac2e20526)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #13 pc 0000000000b6edd8  /data/app/com.google.ar.core-bwXctG17ehvnttkxOmu9Vw==/base.apk!libarcore_c.so (offset 0x6d8000) (BuildId: 150e60a5b75bc1f8e673781ac2e20526)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #14 pc 0000000000b6f034  /data/app/com.google.ar.core-bwXctG17ehvnttkxOmu9Vw==/base.apk!libarcore_c.so (offset 0x6d8000) (BuildId: 150e60a5b75bc1f8e673781ac2e20526)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #15 pc 000000000193a0e8  /data/app/com.google.ar.core-bwXctG17ehvnttkxOmu9Vw==/base.apk!libarcore_c.so (offset 0x6d8000) (BuildId: 150e60a5b75bc1f8e673781ac2e20526)
06-11 15:49:29.865 15917 15917 F DEBUG   :       #16 pc 000000000193a8dc  /data/app/com.google.ar.core-bwXctG17ehvnttkxOmu9Vw==/base.apk!libarcore_c.so (offset 0x6d8000) (BuildId: 150e60a5b75bc1f8e673781ac2e20526)
06-11 15:49:29.866 15917 15917 F DEBUG   :       #17 pc 0000000001928274  /data/app/com.google.ar.core-bwXctG17ehvnttkxOmu9Vw==/base.apk!libarcore_c.so (offset 0x6d8000) (ArSession_update+152) (BuildId: 150e60a5b75bc1f8e673781ac2e20526)
06-11 15:49:29.866 15917 15917 F DEBUG   :       #18 pc 00000000008bc7d8  /data/app/com.vuforia.engine.NativeSample-YRjahR0MOVt4UHN49OmrVw==/base.apk!libVuforia.so (offset 0x55f000) 
06-11 15:49:29.866 15917 15917 F DEBUG   :       #19 pc 00000000008a7620  /data/app/com.vuforia.engine.NativeSample-YRjahR0MOVt4UHN49OmrVw==/base.apk!libVuforia.so (offset 0x55f000) 
06-11 15:49:29.866 15917 15917 F DEBUG   :       #20 pc 00000000008a9a50  /data/app/com.vuforia.engine.NativeSample-YRjahR0MOVt4UHN49OmrVw==/base.apk!libVuforia.so (offset 0x55f000)
06-11 15:49:29.866 15917 15917 F DEBUG   :       #21 pc 00000000000e3b24  /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+36) (BuildId: 3f350ca06c3b80560f65755286daf320)
06-11 15:49:29.866 15917 15917 F DEBUG   :       #22 pc 0000000000085330  /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: 3f350ca06c3b80560f65755286daf320)

VERSIONS USED

• Android Studio: 4.1.3
• ARCore SDK for Android: 1.23, 1.24
• Device manufacturer, model, and O/S: Samsung SM-N960F Android 10
• Google Play Services for AR (ARCore): 1.24.210950403
• Output of adb shell getprop ro.build.fingerprint: samsung/crownltexx/crownlte:10/QP1A.190711.020/N960FXXU8FUD1:user/release-keys

STEPS TO REPRODUCE THE ISSUE

1. Start App into non-AR Activity
2. Navigate to AR Activity
3. Create ARCore session and configure in blocking mode
4. Create worker thread to process updates
5. Worker thread loops calling ArSession_update and rendering camera frame and augmentations
6. Stop ARCore session and tear down all ARCore objects
7. Return to parent (non-AR) Activity
8. Repeat steps 2-5, after a few frames observe crash

Note: On some rare occasions the crash happens at step 4 but typically only after the AR Activity has been closed once

WORKAROUNDS (IF ANY)

If only I could fine one!

ADDITIONAL COMMENTS

We have observed this issue on multiple Samsung phones but not on all, in addition to the Note 9 detailed above we are seeing this issue on:

• Samsung GS10 Snapdragon
• Samsung GS20 Ultra 5G Exynos
• Samsung GS Note 20 Snapdradon
• Samsung GS20+ Snapdragon On Pixel devices this crash has never been observed running the same APK.

The abort message doesn't give much information: 'Check failed: new_size > maxentries (new_size=1024, maxentries=1024) ' We assume that some JNI reference count is being exceeded based on the backtrace, however we can't locate any information pointing to what it might be. The values for new_size and maxentries have been observed as 512, 1024 and 2048 in different runs, however they are most commonly 1024.

[ptc-aeveritt]

On further investigation I have found about 6 cases where our library/app was not cleaning up JNI local references. Now these are properly cleaned up I am no longer seeing a crash on the Note9 (testing on other devices is pending). This suggests to me that our library/app + ARCore is very close to the limit.

[ptc-aeveritt]

Could this be related to 1315?