Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-136630

Segfault in gpu::MemoryTypeTracker::TrackMemoryAllocatedChange with Nvidia

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • P2: Important
    • None
    • 6.9.0
    • WebEngine
    • None

    Description

      According to a qutebrowser user:

      For me, the --use-gl=angle --use-angle=default stopped the reproducible crashes on some websites, but made the browser even more unstable in general. I was experiencing more frequent crashes even when the browser was just idling. Closing tabs also often resulted in a crash.

      Worth noting that this was on my desktop with an nvidia GPU. On my laptop with an AMD iGPU, everything works without any problem. Both systems running Arch Linux with i3@X11.

      and "This one was reproduced by starting a new chat in ChatGPT" with the following stacktrace:

      #0  __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=11, no_tid=no_tid@entry=0) at pthread_kill.c:44
#1  0x00007f0982ca7813 in __pthread_kill_internal (threadid=<optimized out>, signo=11) at pthread_kill.c:89
#2  0x00007f0982c4ddc0 in __GI_raise (sig=11) at ../sysdeps/posix/raise.c:26
#3  <signal handler called>
#4  0x00007f097578d140 in gpu::MemoryTypeTracker::TrackMemoryAllocatedChange () at ../../../../../qtwebengine/src/3rdparty/chromium/gpu/command_buffer/service/memory_tracking.cc:65
#5  0x00007f0975f0bdcf in gpu::SharedImageBacking::AddRef () at ../../../../../qtwebengine/src/3rdparty/chromium/gpu/command_buffer/service/shared_image/shared_image_backing.cc:342
#6  0x00007f0975f155ef in gpu::SharedImageRepresentation::SharedImageRepresentation () at ../../../../../qtwebengine/src/3rdparty/chromium/gpu/command_buffer/service/shared_image/shared_image_representation.cc:43
#7  gpu::SharedImageRepresentationFactoryRef::SharedImageRepresentationFactoryRef () at ../../../../../qtwebengine/src/3rdparty/chromium/gpu/command_buffer/service/shared_image/shared_image_representation.cc:941
#8  0x00007f0975f1280a in std::make_unique<gpu::SharedImageRepresentationFactoryRef, gpu::SharedImageManager*, gpu::SharedImageBacking*, gpu::MemoryTypeTracker*&, bool> () at /usr/include/c++/15.1.1/bits/unique_ptr.h:1085
#9  gpu::SharedImageManager::Register () at ../../../../../qtwebengine/src/3rdparty/chromium/gpu/command_buffer/service/shared_image/shared_image_manager.cc:167
#10 0x00007f0975f0f5d8 in gpu::SharedImageFactory::RegisterBacking () at ../../../../../qtwebengine/src/3rdparty/chromium/gpu/command_buffer/service/shared_image/shared_image_factory.cc:897
#11 0x00007f0975f0fb7e in gpu::SharedImageFactory::CreateSharedImage () at ../../../../../qtwebengine/src/3rdparty/chromium/gpu/command_buffer/service/shared_image/shared_image_factory.cc:614
#12 0x00007f097918feda in gpu::SharedImageInterfaceInProcess::CreateSharedImageWithBufferOnGpuThread () at ../../../../../qtwebengine/src/3rdparty/chromium/gpu/command_buffer/service/shared_image_interface_in_process.cc:582
#13 gpu::SharedImageInterfaceInProcess::CreateSharedImageWithBufferOnGpuThread () at ../../../../../qtwebengine/src/3rdparty/chromium/gpu/command_buffer/service/shared_image_interface_in_process.cc:567
#14 0x00007f097918e98a in base::internal::DecayedFunctorTraits<void (gpu::SharedImageInterfaceInProcess::*)(gpu::Mailbox const&, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken const&), gpu::SharedImageInterfaceInProcess*, gpu::Mailbox&&, gpu::SharedImageInfo&&, gfx::GpuMemoryBufferHandle&&, gpu::SyncToken&&>::Invoke<void (gpu::SharedImageInterfaceInProcess::*)(gpu::Mailbox const&, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle,
gpu::SyncToken const&), gpu::SharedImageInterfaceInProcess*, gpu::Mailbox, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken> ()
    at ../../../../../qtwebengine/src/3rdparty/chromium/base/functional/bind_internal.h:739
#15 base::internal::InvokeHelper<false, base::internal::FunctorTraits<void (gpu::SharedImageInterfaceInProcess::*&&)(gpu::Mailbox const&, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken const&), gpu::SharedImageInterfaceInProcess*, gpu::Mailbox&&, gpu::SharedImageInfo&&, gfx::GpuMemoryBufferHandle&&, gpu::SyncToken&&>, void, 0ul, 1ul, 2ul, 3ul, 4ul>::MakeItSo<void (gpu::SharedImageInterfaceInProcess::*)(gpu::Mailbox const&, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken const&), std::tuple<base::internal::UnretainedWrapper<gpu::SharedImageInterfaceInProcess, base::unretained_traits::MayNotDangle, (partition_alloc::internal::RawPtrTraits)0>, gpu::Mailbox, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken>>(void (gpu::SharedImageInterfaceInProcess::*&&)(gpu::Mailbox const&, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken const&), std::tuple<base::internal::UnretainedWrapper<gpu::SharedImageInterfaceInProcess, base::unretained_traits::MayNotDangle, (partition_alloc::internal::RawPtrTraits)0>, gpu::Mailbox, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken>&&) () at ../../../../../qtwebengine/src/3rdparty/chromium/base/functional/bind_internal.h:931
#16 base::internal::Invoker<base::internal::FunctorTraits<void (gpu::SharedImageInterfaceInProcess::*&&)(gpu::Mailbox const&, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken const&), gpu::SharedImageInterfaceInProcess*, gpu::Mailbox&&, gpu::SharedImageInfo&&, gfx::GpuMemoryBufferHandle&&, gpu::SyncToken&&>, base::internal::BindState<true, true, false, void (gpu::SharedImageInterfaceInProcess::*)(gpu::Mailbox const&, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken const&), base::internal::UnretainedWrapper<gpu::SharedImageInterfaceInProcess, base::unretained_traits::MayNotDangle, (partition_alloc::internal::RawPtrTraits)0>, gpu::Mailbox, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken>, void()>::RunImpl<void (gpu::SharedImageInterfaceInProcess::*)(gpu::Mailbox const&, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken const&), std::tuple<base::internal::UnretainedWrapper<gpu::SharedImageInterfaceInProcess, base::unretained_traits::MayNotDangle, (partition_alloc::internal::RawPtrTraits)0>, gpu::Mailbox, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken>, 0ul, 1ul, 2ul, 3ul, 4ul> () at ../../../../../qtwebengine/src/3rdparty/chromium/base/functional/bind_internal.h:1068
#17 base::internal::Invoker<base::internal::FunctorTraits<void (gpu::SharedImageInterfaceInProcess::*&&)(gpu::Mailbox const&, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken const&), gpu::SharedImageInterfaceInProcess*, gpu::Mailbox&&, gpu::SharedImageInfo&&, gfx::GpuMemoryBufferHandle&&, gpu::SyncToken&&>, base::internal::BindState<true, true, false, void (gpu::SharedImageInterfaceInProcess::*)(gpu::Mailbox const&, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken const&), base::internal::UnretainedWrapper<gpu::SharedImageInterfaceInProcess, base::unretained_traits::MayNotDangle, (partition_alloc::internal::RawPtrTraits)0>, gpu::Mailbox, gpu::SharedImageInfo, gfx::GpuMemoryBufferHandle, gpu::SyncToken>, void()>::RunOnce () at ../../../../../qtwebengine/src/3rdparty/chromium/base/functional/bind_internal.h:981
#18 0x00007f09757920fe in base::OnceCallback<void ()>::Run() && () at ../../../../../qtwebengine/src/3rdparty/chromium/base/functional/callback.h:156
#19 gpu::Scheduler::ExecuteSequence () at ../../../../../qtwebengine/src/3rdparty/chromium/gpu/command_buffer/service/scheduler.cc:667
#20 0x00007f097579287d in gpu::Scheduler::RunNextTask () at ../../../../../qtwebengine/src/3rdparty/chromium/gpu/command_buffer/service/scheduler.cc:591
#21 0x00007f0973f1a9fe in base::OnceCallback<void ()>::Run() && () at ../../../../../qtwebengine/src/3rdparty/chromium/base/functional/callback.h:156
#22 base::TaskAnnotator::RunTaskImpl () at ./../../../../../qtwebengine/src/3rdparty/chromium/base/task/common/task_annotator.cc:203
#23 0x00007f0973f42b76 in RunTask<base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(base::LazyNow*)::<lambda(perfetto::EventContext&)> > ()
    at ../../../../../qtwebengine/src/3rdparty/chromium/base/task/common/task_annotator.h:90
#24 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl () at ./../../../../../qtwebengine/src/3rdparty/chromium/base/task/sequence_manager/thread_controller_with_message_pump_impl.cc:470
#25 0x00007f0973f43a47 in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork ()
    at ./../../../../../qtwebengine/src/3rdparty/chromium/base/task/sequence_manager/thread_controller_with_message_pump_impl.cc:332
#26 0x00007f0973ec5bbd in base::MessagePumpDefault::Run () at ./../../../../../qtwebengine/src/3rdparty/chromium/base/message_loop/message_pump_default.cc:40
#27 0x00007f0973f40e35 in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run ()
    at ./../../../../../qtwebengine/src/3rdparty/chromium/base/task/sequence_manager/thread_controller_with_message_pump_impl.cc:640
#28 0x00007f0973ef8d8b in base::RunLoop::Run () at ./../../../../../qtwebengine/src/3rdparty/chromium/base/run_loop.cc:134
#29 base::RunLoop::Run () at ./../../../../../qtwebengine/src/3rdparty/chromium/base/run_loop.cc:106
#30 0x00007f0973f6173d in base::Thread::Run () at ./../../../../../qtwebengine/src/3rdparty/chromium/base/threading/thread.cc:338
#31 base::Thread::ThreadMain () at ./../../../../../qtwebengine/src/3rdparty/chromium/base/threading/thread.cc:410
#32 0x00007f0973f77db5 in ThreadFunc () at ./../../../../../qtwebengine/src/3rdparty/chromium/base/threading/platform_thread_posix.cc:101
#33 0x00007f0982ca57eb in start_thread (arg=<optimized out>) at pthread_create.c:448
#34 0x00007f0982d2918c in __GI___clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

      Driver Information:

      Driver Information
==================
Initialization time             : 718
In-process GPU                  : true
Passthrough Command Decoder     : true
Sandboxed                       : false
GPU0                            : VENDOR= 0x0000 [Google Inc. (NVIDIA Corporation)], DEVICE=0x0000 [ANGLE (NVIDIA Corporation, NVIDIA GeForce RTX 4070 Ti/PCIe/SSE2, OpenGL 4.5.0 NVIDIA 570.144)], DRIVER_VENDOR=NVIDIA, DRIVER_VERSION=570.144 *ACTIVE*
Optimus                         : false
AMD switchable                  : false
Pixel shader version            : 1.00
Vertex shader version           : 1.00
Max. MSAA samples               : 8
Machine model name              : 
Machine model version           : 
GL implementation parts         : (gl=egl-angle,angle=opengl)
Display type                    : ANGLE_OPENGL
GL_VENDOR                       : Google Inc. (NVIDIA Corporation)
GL_RENDERER                     : ANGLE (NVIDIA Corporation, NVIDIA GeForce RTX 4070 Ti/PCIe/SSE2, OpenGL 4.5.0 NVIDIA 570.144)
GL_VERSION                      : OpenGL ES 2.0.0 (ANGLE 2.1 git hash: unknown hash)

      Opening an issue as requested by pvarga in Do not force gl-egl ANGLE backend on Linux (643580) ยท Gerrit Code Review but I can't reproduce this myself.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            pvarga Peter Varga
            the compiler Florian Bruhin
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:

              Gerrit Reviews

                There are no open Gerrit changes