backends/opengl3: Always validate texture before uploading data

[prabhatkrmishra]

CHIPSET: QUALCOMM
PLATFORM: ANDROID 15 (Qualcomm Adreno)
COMPILER: NDK Version 28.2.13676358
ISSUE: SIGSEGV crash in Adreno GPU driver during glTexSubImage2D operations

PROBLEM:

11-01 11:02:33.017 16155 17680 F libc    : Fatal signal 11 (SIGSEGV), code -6 (SI_TKILL) in tid 17680 (RenderThread 2), pid 16155 (MainThread-UE4)
11-01 11:02:33.855 18185 18185 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
11-01 11:02:33.855 18185 18185 F DEBUG   : Build fingerprint: 'motorola/fogos_gp/fogos:15/V1UGS35H.75-14-9-2/eac32d-ecdb65:user/release-keys'
11-01 11:02:33.855 18185 18185 F DEBUG   : Revision: 'pvt'
11-01 11:02:33.855 18185 18185 F DEBUG   : ABI: 'arm64'
11-01 11:02:33.855 18185 18185 F DEBUG   : Timestamp: 2025-11-01 11:02:33.402938530+0530
11-01 11:02:33.855 18185 18185 F DEBUG   : Process uptime: 117s
11-01 11:02:33.855 18185 18185 F DEBUG   : Cmdline: com.pubg.imobile
11-01 11:02:33.855 18185 18185 F DEBUG   : pid: 16155, tid: 17680, name: RenderThread 2  >>> com.pubg.imobile <<<
11-01 11:02:33.855 18185 18185 F DEBUG   : uid: 10367
11-01 11:02:33.855 18185 18185 F DEBUG   : signal 11 (SIGSEGV), code -6 (SI_TKILL), fault addr --------
11-01 11:02:33.855 18185 18185 F DEBUG   :     x0  0000000000000270  x1  00000000ffff8000  x2  00000000000000f0  x3  000000ee874aabb0
11-01 11:02:33.855 18185 18185 F DEBUG   :     x4  0000000000000004  x5  0000000000002000  x6  0000000000000008  x7  00000077f3749cb0
11-01 11:02:33.855 18185 18185 F DEBUG   :     x8  00000000000000f0  x9  000000000000003d  x10 00000000000000f0  x11 0000000000000000
11-01 11:02:33.855 18185 18185 F DEBUG   :     x12 0000000000004000  x13 000000000000003d  x14 000000000000000d  x15 00000000000002f0
11-01 11:02:33.855 18185 18185 F DEBUG   :     x16 000000000001e800  x17 00000000000003c0  x18 0000000000000042  x19 0000000000000004
11-01 11:02:33.855 18185 18185 F DEBUG   :     x20 000000000000c004  x21 000000000000001c  x22 00000076ed8a0000  x23 0000000000000042
11-01 11:02:33.855 18185 18185 F DEBUG   :     x24 0000000000000034  x25 000000000000c01c  x26 0000000000000050  x27 0000000000000034
11-01 11:02:33.855 18185 18185 F DEBUG   :     x28 000000ee8749ebac  x29 00000077f3749cc0
11-01 11:02:33.855 18185 18185 F DEBUG   :     lr  00000078637e1738  sp  00000077f3749bf0  pc  00000078637e1754  pst 0000000020001000
11-01 11:02:33.855 18185 18185 F DEBUG   : 25 total frames
11-01 11:02:33.855 18185 18185 F DEBUG   : backtrace:
11-01 11:02:33.855 18185 18185 F DEBUG   :       #00 pc 00000000002e1754  /vendor/lib64/egl/libGLESv2_adreno.so (!!!0000!4d0cdaba868e987aa070f5a6b168e2!923a446bf8!+1508) (BuildId: 721d54f40d3386f8e2b78472894bf3c4)
11-01 11:02:33.855 18185 18185 F DEBUG   :       #01 pc 00000000002dd9ac  /vendor/lib64/egl/libGLESv2_adreno.so (!!!0000!6fd1d11959478379873bee344e3720!923a446bf8!+2772) (BuildId: 721d54f40d3386f8e2b78472894bf3c4)
11-01 11:02:33.855 18185 18185 F DEBUG   :       #02 pc 00000000002ad86c  /vendor/lib64/egl/libGLESv2_adreno.so (!!!0000!e9a0267a4c3f12c4fb16e257d3a26e!923a446bf8!+5260) (BuildId: 721d54f40d3386f8e2b78472894bf3c4)
11-01 11:02:33.855 18185 18185 F DEBUG   :       #03 pc 00000000002b2a3c  /vendor/lib64/egl/libGLESv2_adreno.so (!!!0000!9c0715a0352375a9ec27cf88ce6933!923a446bf8!+468) (BuildId: 721d54f40d3386f8e2b78472894bf3c4)
11-01 11:02:33.855 18185 18185 F DEBUG   :       #04 pc 0000000000121ab8  /vendor/lib64/egl/libGLESv2_adreno.so (!!!0000!27efe93e728a48e12b9279ac49fad7!923a446bf8!+1600) (BuildId: 721d54f40d3386f8e2b78472894bf3c4)
11-01 11:02:33.855 18185 18185 F DEBUG   :       #05 pc 000000000027395c  /vendor/lib64/egl/libGLESv2_adreno.so (!!!0000!e94336f9c3a8e90238c7c8557996da!923a446bf8!+1356) (BuildId: 721d54f40d3386f8e2b78472894bf3c4)
11-01 11:02:33.855 18185 18185 F DEBUG   :       #06 pc 00000000001c6fa0  /vendor/lib64/egl/libGLESv2_adreno.so (!!!0000!0e6b00ab8c4b112f9f6effa6a8b2b5!923a446bf8!+3080) (BuildId: 721d54f40d3386f8e2b78472894bf3c4)
11-01 11:02:33.855 18185 18185 F DEBUG   :       #07 pc 00000000001c3898  /vendor/lib64/egl/libGLESv2_adreno.so (!!!0000!4ecf3032464df959aad423cba1a73c!923a446bf8!+848) (BuildId: 721d54f40d3386f8e2b78472894bf3c4)
11-01 11:02:33.855 18185 18185 F DEBUG   :       #08 pc 00000000001e2474  /vendor/lib64/egl/libGLESv2_adreno.so (!!!0000!141e50cb152287019aff218176d094!923a446bf8!+220) (BuildId: 721d54f40d3386f8e2b78472894bf3c4)
11-01 11:02:33.855 18185 18185 F DEBUG   :       #09 pc 00000000000f8c98  /vendor/lib64/egl/libGLESv2_adreno.so (glTexSubImage2D+144) (BuildId: 721d54f40d3386f8e2b78472894bf3c4)
11-01 11:02:33.855 18185 18185 F DEBUG   :       #10 pc 00000000000cef24  /data/adb/modules/imguiHook/zygisk/imguiHook.so
11-01 11:02:33.855 18185 18185 F DEBUG   :       #23 pc 00000000000a6f0c  /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+196) (BuildId: a8f27e9c92eaa8155ecc6e9c01b1b1d3)
11-01 11:02:33.855 18185 18185 F DEBUG   :       #24 pc 00000000000993b4  /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+68) (BuildId: a8f27e9c92eaa8155ecc6e9c01b1b1d3)

The current ImGui_ImplOpenGL3_UpdateTexture function attempts texture operations without validating if the OpenGL texture handle is still valid, causing crashes in the Adreno driver when processing destroyed or invalid textures.

GLuint gl_tex_id = (GLuint)(intptr_t)tex->TexID;
GL_CALL(glBindTexture(GL_TEXTURE_2D, gl_tex_id));

ROOT CAUSE:

• Texture IDs become invalid after destruction but are still used
• No validation before glBindTexture() and glTexSubImage2D() calls
• Driver-level crash in /vendor/lib64/egl/libGLESv2_adreno.so

SOLUTIONS:

• Add texture validation using glIsTexture() before any texture operations.
• Automatic recovery by marking invalid textures for recreation.
• Also early exit optimization for textures scheduled for destruction.

[ocornut]

Texture IDs become invalid after destruction but are still used

This is a XY Problem. As you pointed this is the root cause so let’s focus on the root cause only, not on a workaround.

This should not happen, if it does please elaborate this and provide a proper repro or proof of any kind of help to figure out the reason.

Next week I’ll add IM_ASSERT(glIsTexture()) calls to see if I can repro this locally, but I see no reason for this happening otherwise other backends would have crashed earlier.

[prabhatkrmishra]

I was using dear imgui till the commit 201899b611c34d35e6e38778abab91d76b0451c0 that is

2025-06-04: OpenGL: Made GLES 3.20 contexts not access GL_CONTEXT_PROFILE_MASK nor GL_PRIMITIVE_RESTART. (#8664)

After merging latest changes that crash was occuring regularly and i noticed there is a commit
dbb91a5.

Using my patch , it made my lib work randomly.

It is a texture-related problem but honestly I dont know what is happening may be its driver issue or god knows.

I have reverted back to 201899b

[ocornut]

Use Style Editor>Scale sliders to scale fonts and trigger textures update if you need to trigger the issue.
Does it repro using one of the default ImGui examples unmodified ?
Can you use git bisect to narrow down the issue ?

[prabhatkrmishra]

I am using imgui inside a hooked eglswapbuffers

Drawing occurs before the surface updates
Picking eglswapbuffers crashes the game having log mentioned above.

[ocornut]

Well please first try to confirm if this happens with unmodified ImGui example + narrow down to precise commit using bisect.

[ocornut]

I added a check in local code and could not detect any issue when resizing:

IM_ASSERT(glIsTexture((GLuint)(intptr_t)pcmd->GetTexID())
GL_CALL(glBindTexture(GL_TEXTURE_2D, (GLuint)(intptr_t)pcmd->GetTexID()));

The issue is on your side and you should investigate why you have a draw call with invalid texture id, it seems like textures may be modified or destroyed?

If you need to run with a hack like the one you made in this PR, you can perfectly preprocess the texture list yourself without making any change to the OpenGL3 backend, and apply the same code on your side. But there's no reason to add it to official backend right now, it seems like a workaround to hide a more important bug.

I am also afraid that moving the if (tex->Status == ImTextureStatus_WantDestroy && tex->UnusedFrames > 0) ImGui_ImplOpenGL3_DestroyTexture(tex); block is also completely unnecessary.

If you want to help:

• Provide all info about your GL context.
• Try in vanilla imgui example.
• Research if your setup may allow arbitrarily destroying textures.
• Use bisect to narrow down to an exact git commit. You can scale fonts using style editor to recreate the crash faster.