Hello Felix Rublack,
I do not know if the maintainer are able to reproduce this issue,
but instead or additional to the strace a backtrace of the crash
might help them. The easiest way might be to install systemd-coredump
and look at "journalctl -e" after a crash. More info in [1].
(Even better with debug symbols installed.)
Nevertheless the segfault lines in dmesg lead to
following locations in iris_dri.so:
mpv/vo:
function iris_resource_bo called from function stream_state:
https://sources.debian.org/src/mesa/20.0.2-1/src/gallium/drivers/iris/iris_resource.h/#L290
https://sources.debian.org/src/mesa/20.0.2-1/src/gallium/drivers/iris/iris_blorp.c/#L60
until L63
vlc:
glxgears:
function GEN9_3DSTATE_VERTEX_ELEMENTS_pack called from iris_blorp_exec:
file src/intel/genxml/gen9_pack.h, line 6901. (unfortunately a generated
file?)
maybe related to
https://sources.debian.org/src/mesa/20.0.2-1/src/intel/blorp/blorp_genX_exec.h/#L550
Kind regards,
Bernhard
[1] https://wiki.debian.org/HowToGetABacktrace
From submitter:
[ 37.001269] mpv/vo[1739]: segfault at a0 ip 00007fe5d34a62a8 sp
00007fe5e6092de0 error 4 in iris_dri.so[7fe5d2a8d000+d2e000]
[ 37.001276] Code: 44 24 18 48 c7 44 24 10 00 00 00 00 48 c7 44 24 18 00 00
00 00 50 4c 8d 4c 24 18 e8 e2 a4 b6 ff 48 8b 44 24 18 31 d2 48 89 ef <4c> 8b b0
a0 00 00 00 4c 89 f6 e8 09 94 fd ff 48 8b bd 28 01 00 00
[ 46.419999] vlc[1778]: segfault at 24 ip 00007fcc272a4c06 sp
00007fcbf9e01c50 error 6 in iris_dri.so[7fcc2688b000+d2e000]
[ 46.420006] Code: 7e 30 44 01 ff 81 ff ff ff 00 00 0f 87 ab 17 00 00 49 01
c7 4c 89 7e 38 48 85 c0 0f 84 2c 02 00 00 83 ea 01 81 ca 00 00 09 78 <89> 10 48
8d 50 04 45 85 ed 74 74 41 8d 75 ff 48 8d 74 f0 0c 66 0f
[ 57.343120] glxgears[1785]: segfault at 24 ip 00007f4a1467ec06 sp
00007ffd2389b2f0 error 6 in iris_dri.so[7f4a13c65000+d2e000]
[ 57.343126] Code: 7e 30 44 01 ff 81 ff ff ff 00 00 0f 87 ab 17 00 00 49 01
c7 4c 89 7e 38 48 85 c0 0f 84 2c 02 00 00 83 ea 01 81 ca 00 00 09 78 <89> 10 48
8d 50 04 45 85 ed 74 74 41 8d 75 ff 48 8d 74 f0 0c 66 0f
https://wiki.debian.org/InterpretingKernelOutputAtProcessCrash
"error 4" == 0: no page found, 0: read access, 1: user-mode access
"error 6" == 0: no page found, 1: write access, 1: user-mode access
echo -n "find /b ..., ..., 0x" && \
> echo "44 24 18 48 c7 44 24 10 00 00 00 00 48 c7 44 24 18 00 00 00 00 50 4c 8d
> 4c 24 18 e8 e2 a4 b6 ff 48 8b 44 24 18 31 d2 48 89 ef <4c> 8b b0 a0 00 00 00
> 4c 89 f6 e8 09 94 fd ff 48 8b bd 28 01 00 00" \
> | sed 's/[<>]//g' | sed 's/ /, 0x/g'
find /b ..., ..., 0x44, 0x24, 0x18, 0x48, 0xc7, 0x44, 0x24, 0x10, 0x00, 0x00,
0x00, 0x00, 0x48, 0xc7, 0x44, 0x24, 0x18, 0x00, 0x00, 0x00, 0x00, 0x50, 0x4c,
0x8d, 0x4c, 0x24, 0x18, 0xe8, 0xe2, 0xa4, 0xb6, 0xff, 0x48, 0x8b, 0x44, 0x24,
0x18, 0x31, 0xd2, 0x48, 0x89, 0xef, 0x4c, 0x8b, 0xb0, 0xa0, 0x00, 0x00, 0x00,
0x4c, 0x89, 0xf6, 0xe8, 0x09, 0x94, 0xfd, 0xff, 0x48, 0x8b, 0xbd, 0x28, 0x01,
0x00, 0x00
$ echo -n "find /b ..., ..., 0x" && \
> echo "7e 30 44 01 ff 81 ff ff ff 00 00 0f 87 ab 17 00 00 49 01 c7 4c 89 7e 38
> 48 85 c0 0f 84 2c 02 00 00 83 ea 01 81 ca 00 00 09 78 <89> 10 48 8d 50 04 45
> 85 ed 74 74 41 8d 75 ff 48 8d 74 f0 0c 66 0f" \
> | sed 's/[<>]//g' | sed 's/ /, 0x/g'
find /b ..., ..., 0x7e, 0x30, 0x44, 0x01, 0xff, 0x81, 0xff, 0xff, 0xff, 0x00,
0x00, 0x0f, 0x87, 0xab, 0x17, 0x00, 0x00, 0x49, 0x01, 0xc7, 0x4c, 0x89, 0x7e,
0x38, 0x48, 0x85, 0xc0, 0x0f, 0x84, 0x2c, 0x02, 0x00, 0x00, 0x83, 0xea, 0x01,
0x81, 0xca, 0x00, 0x00, 0x09, 0x78, 0x89, 0x10, 0x48, 0x8d, 0x50, 0x04, 0x45,
0x85, 0xed, 0x74, 0x74, 0x41, 0x8d, 0x75, 0xff, 0x48, 0x8d, 0x74, 0xf0, 0x0c,
0x66, 0x0f
############
# Unstable amd64 qemu VM 2020-04-04
apt update
apt dist-upgrade
apt install systemd-coredump sddm xserver-xorg openbox xterm gdb mesa-utils
mesa-utils-dbgsym libgl1-mesa-dri-dbgsym
gdb -q
set width 0
set pagination off
file /usr/bin/glxgears
b main
set environment LD_PRELOAD=/usr/lib/x86_64-linux-gnu/dri/iris_dri.so
run
dele 1
info share
find ...
b * (... + 42)
info b
$ gdb -q
(gdb) set width 0
(gdb) set pagination off
(gdb) file /usr/bin/glxgears
Reading symbols from /usr/bin/glxgears...
Reading symbols from
/usr/lib/debug/.build-id/40/dc623a2c150d26c9229676fba7f45a49aed7d7.debug...
(gdb) b main
Breakpoint 1 at 0x2410: file glxgears.c, line 723.
(gdb) set environment LD_PRELOAD=/usr/lib/x86_64-linux-gnu/dri/iris_dri.so
(gdb) run
Starting program: /usr/bin/glxgears
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Breakpoint 1, main (argc=1, argv=0x7fffffffe608) at glxgears.c:723
723 glxgears.c: Datei oder Verzeichnis nicht gefunden.
(gdb) dele 1
(gdb) info share
From To Syms Read Shared Object Library
...
0x00007ffff6a5e010 0x00007ffff7788b1e Yes
/usr/lib/x86_64-linux-gnu/dri/iris_dri.so
...
(*): Shared library is missing debugging information.
(gdb) find /b 0x00007ffff6a5e010, 0x00007ffff7788b1e, 0x44, 0x24, 0x18, 0x48,
0xc7, 0x44, 0x24, 0x10, 0x00, 0x00, 0x00, 0x00, 0x48, 0xc7, 0x44, 0x24, 0x18,
0x00, 0x00, 0x00, 0x00, 0x50, 0x4c, 0x8d, 0x4c, 0x24, 0x18, 0xe8, 0xe2, 0xa4,
0xb6, 0xff, 0x48, 0x8b, 0x44, 0x24, 0x18, 0x31, 0xd2, 0x48, 0x89, 0xef, 0x4c,
0x8b, 0xb0, 0xa0, 0x00, 0x00, 0x00, 0x4c, 0x89, 0xf6, 0xe8, 0x09, 0x94, 0xfd,
0xff, 0x48, 0x8b, 0xbd, 0x28, 0x01, 0x00, 0x00
0x7ffff747427e <stream_state+46>
1 pattern found.
(gdb) b * (0x7ffff747427e + 42)
Breakpoint 2 at 0x7ffff74742a8: file
../src/gallium/drivers/iris/iris_resource.h, line 290.
(gdb) info b
Num Type Disp Enb Address What
2 breakpoint keep y 0x00007ffff74742a8 in iris_resource_bo at
../src/gallium/drivers/iris/iris_resource.h:290
(gdb) disassemble /r (0x7ffff747427e + 42) -50, (0x7ffff747427e + 42) +30
Dump of assembler code from 0x7ffff7474276 to 0x7ffff74742c6:
0x00007ffff7474276 <stream_state+38>: 89 44 24 20
mov %eax,0x20(%rsp)
0x00007ffff747427a <stream_state+42>: 31 c0
xor %eax,%eax
0x00007ffff747427c <stream_state+44>: 48 8d 44 24 18
lea 0x18(%rsp),%rax
0x00007ffff7474281 <stream_state+49>: 48 c7 44 24 10 00 00 00 00
movq $0x0,0x10(%rsp)
0x00007ffff747428a <stream_state+58>: 48 c7 44 24 18 00 00 00 00
movq $0x0,0x18(%rsp)
0x00007ffff7474293 <stream_state+67>: 50
push %rax
0x00007ffff7474294 <stream_state+68>: 4c 8d 4c 24 18
lea 0x18(%rsp),%r9
0x00007ffff7474299 <stream_state+73>: e8 e2 a4 b6 ff
callq 0x7ffff6fde780 <u_upload_alloc>
0x00007ffff747429e <stream_state+78>: 48 8b 44 24 18
mov 0x18(%rsp),%rax
0x00007ffff74742a3 <stream_state+83>: 31 d2
xor %edx,%edx
0x00007ffff74742a5 <stream_state+85>: 48 89 ef
mov %rbp,%rdi
>>>0x00007ffff74742a8 <stream_state+88>: 4c 8b b0 a0 00 00 00
>>>mov 0xa0(%rax),%r14
0x00007ffff74742af <stream_state+95>: 4c 89 f6
mov %r14,%rsi
0x00007ffff74742b2 <stream_state+98>: e8 09 94 fd ff
callq 0x7ffff744d6c0 <iris_use_pinned_bo>
0x00007ffff74742b7 <stream_state+103>: 48 8b bd 28 01 00 00
mov 0x128(%rbp),%rdi
0x00007ffff74742be <stream_state+110>: 58
pop %rax
0x00007ffff74742bf <stream_state+111>: 5a
pop %rdx
0x00007ffff74742c0 <stream_state+112>: 48 85 ff
test %rdi,%rdi
0x00007ffff74742c3 <stream_state+115>: 74 0f
je 0x7ffff74742d4 <stream_state+132>
0x00007ffff74742c5 <stream_state+117>: 41 8b 75 00
mov 0x0(%r13),%esi
End of assembler dump.
(gdb) b *0x00007ffff74742a5
Breakpoint 3 at 0x7ffff74742a5: file
../src/gallium/drivers/iris/iris_resource.h, line 290.
(gdb) b *0x00007ffff74742a3
Breakpoint 4 at 0x7ffff74742a3: file
../src/gallium/drivers/iris/iris_resource.h, line 290.
(gdb) b *0x00007ffff747429e
Breakpoint 5 at 0x7ffff747429e: file
../src/gallium/drivers/iris/iris_resource.h, line 290.
(gdb) b *0x00007ffff7474299
Breakpoint 6 at 0x7ffff7474299: file ../src/gallium/drivers/iris/iris_blorp.c,
line 60.
(gdb) info b
Num Type Disp Enb Address What
2 breakpoint keep y 0x00007ffff74742a8 in iris_resource_bo at
../src/gallium/drivers/iris/iris_resource.h:290
3 breakpoint keep y 0x00007ffff7474c06 in
GEN9_3DSTATE_VERTEX_ELEMENTS_pack at src/intel/genxml/gen9_pack.h:6901
4 breakpoint keep y 0x00007ffff74742a5 in stream_state at
../src/gallium/drivers/iris/iris_resource.h:290
5 breakpoint keep y 0x00007ffff74742a3 in stream_state at
../src/gallium/drivers/iris/iris_resource.h:290
6 breakpoint keep y 0x00007ffff747429e in iris_resource_bo at
../src/gallium/drivers/iris/iris_resource.h:290
-
https://sources.debian.org/src/mesa/20.0.2-1/src/gallium/drivers/iris/iris_blorp.c/#L60
until L63
(gdb) find /b 0x00007ffff6a5e010, 0x00007ffff7788b1e, 0x7e, 0x30, 0x44, 0x01,
0xff, 0x81, 0xff, 0xff, 0xff, 0x00, 0x00, 0x0f, 0x87, 0xab, 0x17, 0x00, 0x00,
0x49, 0x01, 0xc7, 0x4c, 0x89, 0x7e, 0x38, 0x48, 0x85, 0xc0, 0x0f, 0x84, 0x2c,
0x02, 0x00, 0x00, 0x83, 0xea, 0x01, 0x81, 0xca, 0x00, 0x00, 0x09, 0x78, 0x89,
0x10, 0x48, 0x8d, 0x50, 0x04, 0x45, 0x85, 0xed, 0x74, 0x74, 0x41, 0x8d, 0x75,
0xff, 0x48, 0x8d, 0x74, 0xf0, 0x0c, 0x66, 0x0f
0x7ffff7474bdc <iris_blorp_exec+1820>
1 pattern found.
(gdb) b * (0x7ffff7474bdc + 42)
Breakpoint 7 at 0x7ffff7474c06: file src/intel/genxml/gen9_pack.h, line 6901.
(gdb) info b
Num Type Disp Enb Address What
7 breakpoint keep y 0x00007ffff7474c06 in
GEN9_3DSTATE_VERTEX_ELEMENTS_pack at src/intel/genxml/gen9_pack.h:6901
(gdb) disassemble /r (0x7ffff7474bdc + 42) -50, (0x7ffff7474bdc + 42) +30
Dump of assembler code from 0x7ffff7474bd4 to 0x7ffff7474c24:
0x00007ffff7474bd4 <iris_blorp_exec+1812>: 8b 46 38 mov
0x38(%rsi),%eax
0x00007ffff7474bd7 <iris_blorp_exec+1815>: 48 89 c7 mov
%rax,%rdi
0x00007ffff7474bda <iris_blorp_exec+1818>: 48 2b 7e 30 sub
0x30(%rsi),%rdi
0x00007ffff7474bde <iris_blorp_exec+1822>: 44 01 ff add
%r15d,%edi
0x00007ffff7474be1 <iris_blorp_exec+1825>: 81 ff ff ff 00 00 cmp
$0xffff,%edi
0x00007ffff7474be7 <iris_blorp_exec+1831>: 0f 87 ab 17 00 00 ja
0x7ffff7476398 <iris_blorp_exec+7896>
0x00007ffff7474bed <iris_blorp_exec+1837>: 49 01 c7 add
%rax,%r15
0x00007ffff7474bf0 <iris_blorp_exec+1840>: 4c 89 7e 38 mov
%r15,0x38(%rsi)
0x00007ffff7474bf4 <iris_blorp_exec+1844>: 48 85 c0 test
%rax,%rax
0x00007ffff7474bf7 <iris_blorp_exec+1847>: 0f 84 2c 02 00 00 je
0x7ffff7474e29 <iris_blorp_exec+2409>
0x00007ffff7474bfd <iris_blorp_exec+1853>: 83 ea 01 sub
$0x1,%edx
0x00007ffff7474c00 <iris_blorp_exec+1856>: 81 ca 00 00 09 78 or
$0x78090000,%edx
>>>0x00007ffff7474c06 <iris_blorp_exec+1862>: 89 10 mov
>>>%edx,(%rax)
0x00007ffff7474c08 <iris_blorp_exec+1864>: 48 8d 50 04 lea
0x4(%rax),%rdx
0x00007ffff7474c0c <iris_blorp_exec+1868>: 45 85 ed test
%r13d,%r13d
0x00007ffff7474c0f <iris_blorp_exec+1871>: 74 74 je
0x7ffff7474c85 <iris_blorp_exec+1989>
0x00007ffff7474c11 <iris_blorp_exec+1873>: 41 8d 75 ff lea
-0x1(%r13),%esi
0x00007ffff7474c15 <iris_blorp_exec+1877>: 48 8d 74 f0 0c lea
0xc(%rax,%rsi,8),%rsi
0x00007ffff7474c1a <iris_blorp_exec+1882>: 66 0f 1f 44 00 00 nopw
0x0(%rax,%rax,1)
0x00007ffff7474c20 <iris_blorp_exec+1888>: 41 0f b6 46 04 movzbl
0x4(%r14),%eax
End of assembler dump.
(gdb) b *0x00007ffff7474c00
Breakpoint 8 at 0x7ffff7474c00: file src/intel/genxml/gen9_pack.h, line 6901.
(gdb) b *0x00007ffff7474bfd
Breakpoint 9 at 0x7ffff7474bfd: file src/intel/genxml/gen9_pack.h, line 6901.
(gdb) b *0x00007ffff7474bf7
Breakpoint 10 at 0x7ffff7474bf7: file ../src/intel/blorp/blorp_genX_exec.h,
line 550.
(gdb) b *0x00007ffff7474bf4
Breakpoint 11 at 0x7ffff7474bf4: file ../src/intel/blorp/blorp_genX_exec.h,
line 550.
(gdb) b *0x00007ffff7474bf0
Breakpoint 12 at 0x7ffff7474bf0: file ../src/gallium/drivers/iris/iris_batch.h,
line 193.
(gdb) b *0x00007ffff7474bed
Breakpoint 13 at 0x7ffff7474bed: file ../src/gallium/drivers/iris/iris_batch.h,
line 193.
(gdb) b *0x00007ffff7474be7
Breakpoint 14 at 0x7ffff7474be7: file ../src/gallium/drivers/iris/iris_batch.h,
line 177.
(gdb) b *0x00007ffff7474be1
Breakpoint 15 at 0x7ffff7474be1: file ../src/gallium/drivers/iris/iris_batch.h,
line 177.
(gdb) b *0x00007ffff7474bde
Breakpoint 16 at 0x7ffff7474bde: file ../src/gallium/drivers/iris/iris_batch.h,
line 177.
(gdb) b *0x00007ffff7474bda
Breakpoint 17 at 0x7ffff7474bda: file ../src/gallium/drivers/iris/iris_batch.h,
line 177.
(gdb) b *0x00007ffff7474bd7
Breakpoint 18 at 0x7ffff7474bd7: file ../src/gallium/drivers/iris/iris_batch.h,
line 177.
(gdb) b *0x00007ffff7474bd4
Breakpoint 19 at 0x7ffff7474bd4: file ../src/gallium/drivers/iris/iris_batch.h,
line 191.
(gdb) info b
Num Type Disp Enb Address What
...
8 breakpoint keep y 0x00007ffff7474c00 in
GEN9_3DSTATE_VERTEX_ELEMENTS_pack at src/intel/genxml/gen9_pack.h:6901
9 breakpoint keep y 0x00007ffff7474bfd in
blorp_emit_vertex_elements at src/intel/genxml/gen9_pack.h:6901
10 breakpoint keep y 0x00007ffff7474bf7 in
blorp_emit_vertex_elements at ../src/intel/blorp/blorp_genX_exec.h:550
11 breakpoint keep y 0x00007ffff7474bf4 in
blorp_emit_vertex_elements at ../src/intel/blorp/blorp_genX_exec.h:550
12 breakpoint keep y 0x00007ffff7474bf0 in iris_get_command_space at
../src/gallium/drivers/iris/iris_batch.h:193
13 breakpoint keep y 0x00007ffff7474bed in iris_get_command_space at
../src/gallium/drivers/iris/iris_batch.h:193
14 breakpoint keep y 0x00007ffff7474be7 in
iris_require_command_space at ../src/gallium/drivers/iris/iris_batch.h:177
15 breakpoint keep y 0x00007ffff7474be1 in
iris_require_command_space at ../src/gallium/drivers/iris/iris_batch.h:177
16 breakpoint keep y 0x00007ffff7474bde in
iris_require_command_space at ../src/gallium/drivers/iris/iris_batch.h:177
17 breakpoint keep y 0x00007ffff7474bda in iris_batch_bytes_used at
../src/gallium/drivers/iris/iris_batch.h:177
18 breakpoint keep y 0x00007ffff7474bd7 in iris_batch_bytes_used at
../src/gallium/drivers/iris/iris_batch.h:177
19 breakpoint keep y 0x00007ffff7474bd4 in
iris_require_command_space at ../src/gallium/drivers/iris/iris_batch.h:191
- Maybe somewhere in
https://sources.debian.org/src/mesa/20.0.2-1/src/intel/blorp/blorp_genX_exec.h/#L550
