1726029 - webrender::render_backend::RenderBackend::process_transaction crash in [@ __GI___pthread_mutex_lock]

Status: RESOLVED WORKSFORME

(Core :: Graphics: WebRender, defect)

Description

[Chris Peterson [:cpeterson]]

This crash signature spiked in Nightly 92.0a1, but I don't see any reports from Beta 92.0b or Nightly 93.0a1. Perhaps this crash has already been fixed?

Bug 1688587 looks like a similar crash on macOS that disappeared in early June. I'm tagging this bug as a potential csectype-uaf since bug 1688587 was tagged as csectype-uaf.

Crash report: https://crash-stats.mozilla.org/report/index/c591eb84-3453-4fd7-a0ea-c976f0210816

Reason: SIGSEGV /SEGV_MAPERR

Top 9 frames of crashing thread:

0 libpthread.so.0 __GI___pthread_mutex_lock 
1 firefox-bin free memory/build/malloc_decls.h:54
2 libxul.so webrender::render_backend::RenderBackend::process_transaction gfx/wr/webrender/src/render_backend.rs:1000
3 libxul.so webrender::render_backend::RenderBackend::process_api_msg gfx/wr/webrender/src/render_backend.rs:1193
4 libxul.so std::sys_common::backtrace::__rust_begin_short_backtrace /builds/worker/fetches/rustc/lib/rustlib/src/rust/library/std/src/sys_common/backtrace.rs:125
5 libxul.so core::ops::function::FnOnce::call_once{{vtable.shim}} /builds/worker/fetches/rustc/lib/rustlib/src/rust/library/core/src/ops/function.rs:227
6 libxul.so std::sys::unix::thread::Thread::new::thread_start library/std/src/sys/unix/thread.rs:71
7 libpthread.so.0 start_thread 
8 libc.so.6 __GI___clone 

Comment 1

[Darkspirit]

Unable to reproduce, but dom.webgpu.enabled=true can crash without crash report.

Comment 2

[BugBot [:suhaib / :marco/ :calixte]]

Closing because no crashes reported for 12 weeks.