Closed Bug 1679430 Opened 4 years ago Closed 4 years ago

Crash in [@ drmDeviceAlloc]

Categories

(Core :: Graphics, defect)

Product:
Core
Component:
Graphics
Type:
defect

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: gsvelto, Unassigned)

References

(Blocks 1 open bug,
URL
)

Details

(Keywords: crash)

Crash Data

Crash report: https://crash-stats.mozilla.org/report/index/a45ed058-db71-40f2-95b9-9f7950201126

Reason: SIGSEGV /SEGV_ACCERR

Top 10 frames of crashing thread:

0 libdrm.so.2 drmDeviceAlloc xf86drm.c:3594
1 libdrm.so.2 process_device xf86drm.c:4012
2 libdrm.so.2 drmGetDevice2 xf86drm.c:4190
3 libgallium_dri.so drm_get_pci_id_for_fd ../src/loader/loader.c:391
4 libgallium_dri.so pipe_loader_drm_probe_fd_nodup ../src/gallium/auxiliary/pipe-loader/pipe_loader_drm.c:187
5 libgallium_dri.so pipe_loader_drm_probe_fd ../src/gallium/auxiliary/pipe-loader/pipe_loader_drm.c:245
6 libgallium_dri.so dri2_init_screen ../src/gallium/state_trackers/dri/dri2.c:2064
7 libgallium_dri.so <name omitted> ../src/mesa/drivers/dri/common/dri_util.c:155
8 libGLX_mesa.so.0 dri3_create_screen ./build/../src/glx/dri3_glx.c:897
9 libGLX_mesa.so.0 __glXInitialize ./build/../src/glx/glxext.c:949

This is a crash in mesa that seems to have started with their 20.1.9.0 release. For some reason the volume seems to be increasing recently, maybe because we've enabled WebRender on more machines? Either way there's a crash with additional information from which I should be able to reach the root cause quickly, so I'll try to report the issue upstream ASAP.

Scratch my previous comment about mesa. The crash is happening in libdrm and crashes seem to have started on 15/11/2020 on Debian and derived distros. Debian released a new version of the libdrm2 package on the 10/11/2020. The crash appears to be a buffer overflow and was detected by PHC. The allocation stack recorded by PHC points to the process_device() function which does not contain malloc() calls in the original unmodified libddrm sources but does have an allocation in Debian's version. The allocation is introduced by the hurd-port.diff patch that Debian applies to the package and that's likely what introduced this bug. Mike, I have never quite figured out how to file bugs with specific Debian packages, can you help me reach out to the package maintainer?

Flags: needinfo?(mh+mozilla)

See https://www.debian.org/Bugs/Reporting

Specifically, see the example email that can be used to open a bug:
https://www.debian.org/Bugs/Reporting#example

Flags: needinfo?(mh+mozilla)

This was promptly fixed in Debian, closing.

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Blocks: PHC
You need to log in before you can comment on or make changes to this bug.