Mali-G78, Google Pixel 6, Vulkan Crash in cmarp_backend_thread

After updating to the March 2024 security patch on Pixel 6, Vulkan applications now run into a SIGSEGV in the cmarp_backend_thread with the tombstone:

#00 pc 00000000017d8518  /vendor/lib64/egl/libGLES_mali.so (hal::halp::execution_complete_callback(cmar_event*, int, void*)+88) (BuildId: 9a91c3c0b3746b5c)

#01 pc 00000000017e9224  /vendor/lib64/egl/libGLES_mali.so (cmarp_event_call_all_deferred_callbacks+244) (BuildId: 9a91c3c0b3746b5c)

#02 pc 00000000017ebf0c  /vendor/lib64/egl/libGLES_mali.so (cmarp_backend_thread+1116) (BuildId: 9a91c3c0b3746b5c)

#03 pc 00000000000ca7cc  /apex/com.android.runtime/lib64/bionic/libc.so (__pthread_start(void*)+204) (BuildId: 33ad5959e2b38fc822cda3c642e16c94)

#04 pc 00000000000607b0  /apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64) (BuildId: 33ad5959e2b38fc822cda3c642e16c94)

This appears only on the Pixel 6 and only in release builds, debug builds execute without major errors oddly enough.

A couple of questions to help resolve this issue.

1. What's the purpose of the cmarp_backend_thread?

2. Are there common reasons why cmarp_backend_thread may attempt to resolve an event callback with some NULL or invalid data that isn't a memory stomp? I find it unlikely that cmar_event* is NULL but the void* in the argument reads like it should be additional user data that can be NULL