https://bugs.winehq.org/show_bug.cgi?id=51210
Vasily Galkin galkin-vv@ya.ru changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |galkin-vv@ya.ru
--- Comment #11 from Vasily Galkin galkin-vv@ya.ru --- Created attachment 71120 --> https://bugs.winehq.org/attachment.cgi?id=71120 Minimal crash repoducer
TLDR: if wrong vulkan ICD is loaded pvkGetRandROutputDisplayEXT may crash.
I ran into the same problem in a multiseat system with one seat on NVidia gpu and the other seat on AMD gpu (both sessions X11).
Trying to run wine or even winedbg on the X11 DISPLAY on the amd gots this error.
thread log with a part near the crash:
172488.042:0078:007c:trace:vulkan:X11DRV_vkCreateInstance create_info 0x6ace50, allocator (nil), instance 0x6ace40 172488.042:0078:007c:trace:heap:RtlAllocateHeap (0000000000020000,7000006a,00000030): returning 0000000000070BF0 172488.097:0078:007c:trace:heap:RtlFreeHeap (0000000000020000,70000062,0000000000070BF0): returning TRUE 172488.097:0078:007c:trace:vulkan:X11DRV_vkGetInstanceProcAddr 0x7e61ed10, "vkEnumeratePhysicalDevices" 172488.097:0078:007c:trace:vulkan:X11DRV_vkGetInstanceProcAddr 0x7e61ed10, "vkGetPhysicalDeviceProperties2KHR" 172488.097:0078:007c:trace:vulkan:X11DRV_vkGetInstanceProcAddr 0x7e61ed10, "vkGetRandROutputDisplayEXT" 172488.099:0078:007c:trace:heap:RtlAllocateHeap (0000000000020000,7000006a,00000018): returning 0000000000070C40 172488.115:0078:007c:trace:seh:dispatch_exception code=c0000005 flags=0 addr=0000000000000000 ip=0000000000000000 tid=007c 172488.115:0078:007c:trace:unwind:dispatch_exception info[0]=0000000000000008 172488.115:0078:007c:trace:unwind:dispatch_exception info[1]=0000000000000000 172488.115:0078:007c:warn:seh:dispatch_exception EXCEPTION_ACCESS_VIOLATION exception (code=c0000005) raised 172488.115:0078:007c:trace:seh:dispatch_exception rax=00007f24aff77340 rbx=00000000006ace48 rcx=00000000006acd60 rdx=00000000006acd2c 172488.115:0078:007c:trace:seh:dispatch_exception rsi=0000000000000055 rdi=000000007e5ebb40 rbp=000000007e8b4420 rsp=00000000006acd18 172488.115:0078:007c:trace:seh:dispatch_exception r8=00000000006ace48 r9=0000000000000004 r10=00007ffdd5f46080 r11=0000000000000246 172488.115:0078:007c:trace:seh:dispatch_exception r12=0000000000000055 r13=000000007e5ebb40 r14=00000000006ace48 r15=00007f24bb1a3870 172488.115:0078:007c:trace:unwind:dwarf_virtual_unwind function 7f24ae851ca0 base 0x7f24ae851c70 cie 0x7f24af0744f8 len 14 id 0 version 3 aug 'zR' code_align 1 data_align -8 retaddr %rip
I investigated it further and found the reason: for DISPLAY containing all AMD-related the NVidia vulkan ICD is loaded, and pvkGetRandROutputDisplayEXT calls into libnvidia-glcore.so.470.86 that crashes for that AMD display.
Attached file is a minimal C source that reproduces the problem.
It runs fine with nvidia DISPLAY=:0 and segfaults with amd DISPLAY=:1
% DISPLAY=:0 ./wine-vk-randr-crash 0x7fadf49c4870 0x7fadf49e3750 0x7fadf49e4210 device_count 3 pvkGetRandROutputDisplayEXT 0x55ce42baf750 pvkGetRandROutputDisplayEXT 0x55ce42baad20 pvkGetRandROutputDisplayEXT 0x55ce42baf5b0 % DISPLAY=:1 ./wine-vk-randr-crash 0x7fb9ee250870 0x7fb9ee26f750 0x7fb9ee270210 device_count 3 pvkGetRandROutputDisplayEXT 0x564206a0bd00 zsh: segmentation fault
Dircet specifying VK_ICD_FILENAMES helps
% VK_ICD_FILENAMES=/usr/share/vulkan/icd.d/radeon_icd.x86_64.json DISPLAY=:1 > ./wine-vk-randr-crash 0x7fc07c50c870 0x7fc07c52b750 0x7fc07c52c210 device_count 1 pvkGetRandROutputDisplayEXT 0x556edbb1c320 %
So this minimal representer has behaviour identical to wine.
running DISPLAY=:1 ./wine-vk-randr-crash under gdb gives the stacktrace into libnvidia-glcore.so.470.86 ending with NULL instruction pointer:
pvkGetRandROutputDisplayEXT 0x557c6aba4cf0
Thread 1 "wine-vk-randr-c" received signal SIGSEGV, Segmentation fault. 0x0000000000000000 in ?? () (gdb) bt #0 0x0000000000000000 in ?? () #1 0x00007f86799ddca0 in ?? () from /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.470.86 #2 0x00007f86799d8afd in ?? () from /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.470.86 #3 0x0000557c68a124d8 in main () at wine-vk-randr-crash.c:83
If anyone know how vkCreateInstance can be called in a way that returns ICD that is compatible with specific X11 disaply, this maybe can be used to fix the issue.