I've been playing with the -C option for the compiler.
Build fingerprint: 'google/cheetah/cheetah:14/AP2A.240905.003/12231197:user/release-keys'
Abort message: 'Check failed: code != nullptr java.lang.String java.lang.String.fastSubstring(int, int)'
#00 0x000000000005d8e4 /apex/com.android.runtime/lib64/bionic/libc.so (abort+164) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
#01 0x000000000093075c /apex/com.android.art/lib64/libart.so (art::Runtime::Abort(char const*)+344) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#02 0x00000000000160fc /apex/com.android.art/lib64/libbase.so (android::base::SetAborter(std::__1::function<void (char const*)>&&)::$_0::__invoke(char const*)+80) (BuildId: 42d41ca7c77853791d096606e7186547)
#03 0x00000000000156d0 /apex/com.android.art/lib64/libbase.so (android::base::LogMessage::~LogMessage()+516) (BuildId: 42d41ca7c77853791d096606e7186547)
#04 0x0000000000316694 /apex/com.android.art/lib64/libart.so (void art::StackVisitor::WalkStack<(art::StackVisitor::CountTransitions)0>(bool)+6916) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#05 0x000000000039db74 /apex/com.android.art/lib64/libart.so (art::Thread::GetCurrentMethod(unsigned int*, bool, bool) const+396) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#06 0x0000000000500418 /apex/com.android.art/lib64/libart.so (art::Thread::DumpStack(std::__1::basic_ostream<char, std::__1::char_traits<char> >&, unwindstack::AndroidLocalUnwinder&, bool, bool) const+340) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#07 0x0000000000502230 /apex/com.android.art/lib64/libart.so (art::DumpCheckpoint::Run(art::Thread*)+216) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#08 0x00000000005419c4 /apex/com.android.art/lib64/libart.so (art::ThreadList::RunCheckpoint(art::Closure*, art::Closure*, bool)+684) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#09 0x0000000000501b64 /apex/com.android.art/lib64/libart.so (art::ThreadList::Dump(std::__1::basic_ostream<char, std::__1::char_traits<char> >&, bool)+292) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#10 0x00000000009344b4 /apex/com.android.art/lib64/libart.so (art::AbortState::Dump(std::__1::basic_ostream<char, std::__1::char_traits<char> >&) const+204) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#11 0x00000000009308cc /apex/com.android.art/lib64/libart.so (art::Runtime::Abort(char const*)+712) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#12 0x00000000000160fc /apex/com.android.art/lib64/libbase.so (android::base::SetAborter(std::__1::function<void (char const*)>&&)::$_0::__invoke(char const*)+80) (BuildId: 42d41ca7c77853791d096606e7186547)
#13 0x00000000000156d0 /apex/com.android.art/lib64/libbase.so (android::base::LogMessage::~LogMessage()+516) (BuildId: 42d41ca7c77853791d096606e7186547)
#14 0x0000000000316694 /apex/com.android.art/lib64/libart.so (void art::StackVisitor::WalkStack<(art::StackVisitor::CountTransitions)0>(bool)+6916) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#15 0x000000000041dd74 /apex/com.android.art/lib64/libart.so (art::JniDecodeReferenceResult(_jobject*, art::Thread*)+512) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#16 0x00000000022f5d94 /memfd:jit-cache (deleted) (offset 0x2000000) (art_jni_trampoline+148)
#17 0x000000000201b304 /memfd:jit-cache (deleted) (offset 0x2000000) (java.lang.String.substring+292)
#18 0x000000000077fa20 /apex/com.android.art/lib64/libart.so (nterp_helper+4016) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#19 0x000000000027e082 /system/framework/framework.jar (android.provider.Settings$NameValueCache.getStringsForPrefixStripPrefix+22)
#20 0x000000000077f9c4 /apex/com.android.art/lib64/libart.so (nterp_helper+3924) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#21 0x000000000027e050 /system/framework/framework.jar (android.provider.Settings$NameValueCache.-$$Nest$mgetStringsForPrefixStripPrefix+0)
#22 0x000000000036de40 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#23 0x000000000036725c /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2048) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#24 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#25 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#26 0x000000000027c720 /system/framework/framework.jar (android.provider.Settings$Config.getStrings+0)
#27 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#28 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#29 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#30 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#31 0x000000000027c748 /system/framework/framework.jar (android.provider.Settings$Config.getStrings+0)
#32 0x00000000003589dc /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+1932) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#33 0x0000000000384498 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#34 0x000000000077eb08 /apex/com.android.art/lib64/libart.so (nterp_helper+152) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#35 0x00000000000052ac /apex/com.android.configinfrastructure/javalib/framework-configinfrastructure.jar (android.provider.SettingsConfigDataStore.getProperties+12)
#36 0x00000000007807e4 /apex/com.android.art/lib64/libart.so (nterp_helper+7540) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#37 0x000000000000472c /apex/com.android.configinfrastructure/javalib/framework-configinfrastructure.jar (android.provider.DeviceConfig.getPropertiesWithoutOverrides+4)
#38 0x000000000077eb08 /apex/com.android.art/lib64/libart.so (nterp_helper+152) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#39 0x00000000000046fc /apex/com.android.configinfrastructure/javalib/framework-configinfrastructure.jar (android.provider.DeviceConfig.getProperties+0)
#40 0x000000000077eb08 /apex/com.android.art/lib64/libart.so (nterp_helper+152) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#41 0x0000000000004944 /apex/com.android.configinfrastructure/javalib/framework-configinfrastructure.jar (android.provider.DeviceConfig.getProperty+8)
#42 0x000000000077eb08 /apex/com.android.art/lib64/libart.so (nterp_helper+152) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#43 0x0000000000004768 /apex/com.android.configinfrastructure/javalib/framework-configinfrastructure.jar (android.provider.DeviceConfig.getBoolean+0)
#44 0x000000000036de40 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#45 0x000000000036725c /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2048) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#46 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#47 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#48 0x000000000024ee8c /system/framework/framework.jar (android.view.autofill.AutofillFeatureFlags.isFillDialogEnabled+0)
#49 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#50 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#51 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#52 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#53 0x0000000000253300 /system/framework/framework.jar (android.view.autofill.AutofillManager.<init>+0)
#54 0x00000000003589dc /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+1932) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#55 0x0000000000384498 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#56 0x000000000077fa20 /apex/com.android.art/lib64/libart.so (nterp_helper+4016) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#57 0x0000000000281550 /system/framework/framework.jar (android.app.SystemServiceRegistry$96.createService+32)
#58 0x000000000036db74 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#59 0x00000000003671e4 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+1928) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#60 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#61 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#62 0x0000000000281568 /system/framework/framework.jar (android.app.SystemServiceRegistry$96.createService+0)
#63 0x00000000003589dc /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+1932) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#64 0x0000000000384498 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#65 0x00000000020f6424 /memfd:jit-cache (deleted) (offset 0x2000000) (android.app.SystemServiceRegistry$CachedServiceFetcher.getService+708)
#66 0x00000000020f58a0 /memfd:jit-cache (deleted) (offset 0x2000000) (android.app.SystemServiceRegistry.getSystemService+272)
#67 0x00000000020f5540 /memfd:jit-cache (deleted) (offset 0x2000000) (android.app.ContextImpl.getSystemService+688)
#68 0x0000000002143c18 /memfd:jit-cache (deleted) (offset 0x2000000) (android.view.ContextThemeWrapper.getSystemService+184)
#69 0x0000000002143828 /memfd:jit-cache (deleted) (offset 0x2000000) (android.app.Activity.getSystemService+216)
#70 0x00000000020f4c98 /memfd:jit-cache (deleted) (offset 0x2000000) (android.content.Context.getSystemService+152)
#71 0x000000000036db74 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#72 0x00000000003671e4 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+1928) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#73 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#74 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#75 0x00000000001fc1a4 /system/framework/framework.jar (android.view.ViewRootImpl.getAutofillManager+0)
#76 0x00000000003589dc /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+1932) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#77 0x0000000000384498 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#78 0x000000000077fa20 /apex/com.android.art/lib64/libart.so (nterp_helper+4016) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#79 0x00000000001fc188 /system/framework/framework.jar (android.view.ViewRootImpl.-$$Nest$mgetAutofillManager+0)
#80 0x000000000036de40 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#81 0x000000000036725c /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2048) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#82 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#83 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#84 0x00000000001f70c4 /system/framework/framework.jar (android.view.ViewRootImpl$EarlyPostImeInputStage.processPointerEvent+0)
#85 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#86 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#87 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#88 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#89 0x00000000001f7064 /system/framework/framework.jar (android.view.ViewRootImpl$EarlyPostImeInputStage.processMotionEvent+0)
#90 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#91 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#92 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#93 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#94 0x00000000001f6fac /system/framework/framework.jar (android.view.ViewRootImpl$EarlyPostImeInputStage.onProcess+0)
#95 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#96 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#97 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#98 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#99 0x00000000001f7770 /system/framework/framework.jar (android.view.ViewRootImpl$InputStage.deliver+0)
#100 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#101 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#102 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#103 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#104 0x0000000000200858 /system/framework/framework.jar (android.view.ViewRootImpl.deliverInputEvent+0)
#105 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#106 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#107 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#108 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#109 0x00000000002017f0 /system/framework/framework.jar (android.view.ViewRootImpl.doProcessInputEvents+0)
#110 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#111 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#112 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#113 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#114 0x00000000002023b0 /system/framework/framework.jar (android.view.ViewRootImpl.enqueueInputEvent+0)
#115 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#116 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#117 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#118 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#119 0x00000000001fae8c /system/framework/framework.jar (android.view.ViewRootImpl$WindowInputEventReceiver.onInputEvent+0)
#120 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#121 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#122 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#123 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#124 0x00000000001b70cc /system/framework/framework.jar (android.view.InputEventReceiver.dispatchInputEvent+0)
#125 0x00000000003589dc /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+1932) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#126 0x0000000000384498 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#127 0x000000000036db74 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#128 0x000000000036c568 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeVirtualOrInterfaceWithVarArgs<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, art::ArtMethod*, std::__va_list)+812) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#129 0x0000000000753658 /apex/com.android.art/lib64/libart.so (art::JNI<true>::CallVoidMethodV(_JNIEnv*, _jobject*, _jmethodID*, std::__va_list)+128) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#130 0x000000000058e5e8 /apex/com.android.art/lib64/libart.so (art::(anonymous namespace)::CheckJNI::CallMethodV(char const*, _JNIEnv*, _jobject*, _jclass*, _jmethodID*, std::__va_list, art::Primitive::Type, art::InvokeType) (.__uniq.99033978352804627313491551960229047428)+424) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#131 0x00000000005911b0 /apex/com.android.art/lib64/libart.so (art::(anonymous namespace)::CheckJNI::CallVoidMethodV(_JNIEnv*, _jobject*, _jmethodID*, std::__va_list) (.__uniq.99033978352804627313491551960229047428.llvm.8847877519183761714)+72) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#132 0x00000000000e0618 /system/lib64/libandroid_runtime.so (_JNIEnv::CallVoidMethod(_jobject*, _jmethodID*, ...)+120) (BuildId: e0fc1ccfe043ab286e745f48696bc0d8)
#133 0x0000000000154f80 /system/lib64/libandroid_runtime.so (android::NativeInputEventReceiver::consumeEvents(_JNIEnv*, bool, long, bool*)+528) (BuildId: e0fc1ccfe043ab286e745f48696bc0d8)
#134 0x0000000000154ca4 /system/lib64/libandroid_runtime.so (android::NativeInputEventReceiver::handleEvent(int, int, void*)+164) (BuildId: e0fc1ccfe043ab286e745f48696bc0d8)
#135 0x000000000000fe30 /system/lib64/libutils.so (android::Looper::pollOnce(int, int*, int*, void**)+704) (BuildId: c07f08c7e5a964a8f8c6bc5c820fb795)
#136 0x000000000018c53c /system/lib64/libandroid_runtime.so (android::android_os_MessageQueue_nativePollOnce(_JNIEnv*, _jobject*, long, int)+44) (BuildId: e0fc1ccfe043ab286e745f48696bc0d8)
#137 0x0000000000384370 /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#138 0x000000000206701c /memfd:jit-cache (deleted) (offset 0x2000000) (android.os.MessageQueue.next+332)
#139 0x0000000002066164 /memfd:jit-cache (deleted) (offset 0x2000000) (android.os.Looper.loopOnce+164)
#140 0x000000000036de40 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#141 0x000000000036725c /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+2048) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#142 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#143 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#144 0x00000000001fc4c8 /system/framework/framework.jar (android.os.Looper.loop+0)
#145 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#146 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#147 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#148 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#149 0x00000000001d0e90 /system/framework/framework.jar (android.app.ActivityThread.main+0)
#150 0x00000000003589dc /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+1932) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#151 0x0000000000384498 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#152 0x000000000036de40 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#153 0x00000000003698f4 /apex/com.android.art/lib64/libart.so (_jobject* art::InvokeMethod<(art::PointerSize)8>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jobject*, _jobject*, unsigned long)+732) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#154 0x00000000006c6738 /apex/com.android.art/lib64/libart.so (art::Method_invoke(_JNIEnv*, _jobject*, _jobject*, _jobjectArray*) (.__uniq.165753521025965369065708152063621506277)+32) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#155 0x0000000000384370 /apex/com.android.art/lib64/libart.so (art_quick_generic_jni_trampoline+144) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#156 0x000000000036db74 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#157 0x00000000003671e4 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+1928) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#158 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#159 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#160 0x000000000052cd84 /system/framework/framework.jar (com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run+0)
#161 0x00000000003589dc /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+1932) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#162 0x0000000000384498 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#163 0x0000000000aaaa04 /data/misc/apexdata/com.android.art/dalvik-cache/arm64/boot.oat (com.android.internal.os.ZygoteInit.main+3188)
#164 0x000000000036de40 /apex/com.android.art/lib64/libart.so (art_quick_invoke_static_stub+640) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#165 0x000000000035936c /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+204) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#166 0x0000000000357320 /apex/com.android.art/lib64/libart.so (art::JValue art::InvokeWithVarArgs<_jmethodID*>(art::ScopedObjectAccessAlreadyRunnable const&, _jobject*, _jmethodID*, std::__va_list)+512) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#167 0x000000000073b6ac /apex/com.android.art/lib64/libart.so (art::JNI<true>::CallStaticVoidMethodV(_JNIEnv*, _jclass*, _jmethodID*, std::__va_list)+104) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#168 0x00000000000e2028 /system/lib64/libandroid_runtime.so (_JNIEnv::CallStaticVoidMethod(_jclass*, _jmethodID*, ...)+104) (BuildId: e0fc1ccfe043ab286e745f48696bc0d8)
#169 0x00000000000edbcc /system/lib64/libandroid_runtime.so (android::AndroidRuntime::start(char const*, android::Vector<android::String8> const&, bool)+844) (BuildId: e0fc1ccfe043ab286e745f48696bc0d8)
#170 0x00000000000025b8 /system/bin/app_process64 (main+1240) (BuildId: ef4184b9c5506fa60d94dabc30dbf989)
#171 0x0000000000057044 /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+116) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
Werdly enough, I don't get to have any crash log when the app crash with that flag
Build fingerprint: 'google/cheetah/cheetah:14/AP2A.240905.003/12231197:user/release-keys'
Abort message: 'Scudo ERROR: corrupted chunk header at address 0x2000079725a7530'
#00 0x000000000005d8e4 /apex/com.android.runtime/lib64/bionic/libc.so (abort+164) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
#01 0x0000000000048d18 /apex/com.android.runtime/lib64/bionic/libc.so (scudo::die()+8) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
#02 0x00000000000499ec /apex/com.android.runtime/lib64/bionic/libc.so (scudo::reportRawError(char const*)+28) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
#03 0x000000000004995c /apex/com.android.runtime/lib64/bionic/libc.so (scudo::ScopedErrorReport::~ScopedErrorReport()+12) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
#04 0x0000000000049ac0 /apex/com.android.runtime/lib64/bionic/libc.so (scudo::reportHeaderCorruption(void*)+96) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
#05 0x000000000004bab4 /apex/com.android.runtime/lib64/bionic/libc.so (scudo::Allocator<scudo::AndroidNormalConfig, &(scudo_malloc_postinit)>::deallocate(void*, scudo::Chunk::Origin, unsigned long, unsigned long)+276) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
#06 0x00000000000a6358 /system/lib64/libgui.so (android::SurfaceComposerClient::Transaction::~Transaction()+648) (BuildId: 56d12d65b10d783f22d1e62fe5c50cd4)
#07 0x00000000000e44c0 /system/lib64/libgui.so (android::SurfaceComposerClient::Transaction::~Transaction()+16) (BuildId: 56d12d65b10d783f22d1e62fe5c50cd4)
#08 0x0000000002300efc /memfd:jit-cache (deleted) (offset 0x2000000) (art_jni_trampoline+140)
#09 0x00000000022bf85c /memfd:jit-cache (deleted) (offset 0x2000000) (libcore.util.NativeAllocationRegistry$CleanerThunk.run+156)
#10 0x00000000022bf268 /memfd:jit-cache (deleted) (offset 0x2000000) (sun.misc.Cleaner.clean+248)
#11 0x000000000036db74 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#12 0x00000000003671e4 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+1928) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#13 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#14 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#15 0x000000000012b6fc /apex/com.android.art/javalib/core-oj.jar (java.lang.ref.ReferenceQueue.enqueuePending+0)
#16 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#17 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#18 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#19 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#20 0x000000000002c164 /apex/com.android.art/javalib/core-libart.jar (java.lang.Daemons$ReferenceQueueDaemon.runInternal+0)
#21 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#22 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#23 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#24 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#25 0x000000000002b314 /apex/com.android.art/javalib/core-libart.jar (java.lang.Daemons$Daemon.run+0)
#26 0x0000000000359650 /apex/com.android.art/lib64/libart.so (art::interpreter::Execute(art::Thread*, art::CodeItemDataAccessor const&, art::ShadowFrame&, art::JValue, bool, bool) (.__uniq.112435418011751916792819755956732575238.llvm.4560577758463694485)+428) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#27 0x0000000000367a78 /apex/com.android.art/lib64/libart.so (bool art::interpreter::DoCall<false>(art::ArtMethod*, art::Thread*, art::ShadowFrame&, art::Instruction const*, unsigned short, bool, art::JValue*)+4124) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#28 0x000000000076e170 /apex/com.android.art/lib64/libart.so (void art::interpreter::ExecuteSwitchImplCpp<false>(art::interpreter::SwitchImplContext*)+12208) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#29 0x00000000003869d8 /apex/com.android.art/lib64/libart.so (ExecuteSwitchImplAsm+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#30 0x0000000000117a28 /apex/com.android.art/javalib/core-oj.jar (java.lang.Thread.run+0)
#31 0x00000000003589dc /apex/com.android.art/lib64/libart.so (artQuickToInterpreterBridge+1932) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#32 0x0000000000384498 /apex/com.android.art/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#33 0x000000000036db74 /apex/com.android.art/lib64/libart.so (art_quick_invoke_stub+612) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#34 0x0000000000359324 /apex/com.android.art/lib64/libart.so (art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int, art::JValue*, char const*)+132) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#35 0x0000000000944438 /apex/com.android.art/lib64/libart.so (_ZN3art9ArtMethod14InvokeInstanceILc86ETpTncJEEENS_6detail12ShortyTraitsIXT_EE4TypeEPNS_6ThreadENS_6ObjPtrINS_6mirror6ObjectEEEDpNS3_IXT0_EE4TypeE+60) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#36 0x00000000006209f4 /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallback(void*)+1344) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#37 0x00000000006204a4 /apex/com.android.art/lib64/libart.so (art::Thread::CreateCallbackWithUffdGc(void*)+8) (BuildId: 3f7d5a016e08d528f129bdd336d81168)
#38 0x000000000006efbc /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+204) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
#39 0x0000000000060d60 /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: 1d36f8ae6e0af6158793abea7d4f4f2b)
Maybe the long log can be helpful. I don't know...
function dlopen ( Name : PAnsiChar; Flags : longint) : Pointer; cdecl; external 'dl';
by NativeInt. It compiles, it runs, but it still randomly crash.