SIGSEGV in CDRMDumbBuffer::dmabuf() during shutdown/reboot (AMD Renoir, aquamarine 0.10.0) #245
Description
Hyprland crashes with SIGSEGV during system reboot/shutdown. The crash occurs consistently in Aquamarine::CDRMDumbBuffer::dmabuf() during session teardown, resulting in SDDM reporting "Process crashed" and requiring a hard reboot to recover.
This appears to be the same class of bug as #232 (SIGSEGV in CDRMFB::drop() during session termination), both are null pointer / use-after-free issues in DRM buffer cleanup during destructor chaining.
Crash Details
All crashes show the same pattern, segfault at address 0x10 (null/invalid this pointer) at offset +0x5a106 in libaquamarine:
Hyprland[1625]: segfault at 10 ip 00007ff20ade2106 sp 00007ffd835a78c0 error 4 in libaquamarine.so.0.10.0[80106,7ff20ad88000+bf000]
Disassembly at the crash site confirms it's in CDRMDumbBuffer::dmabuf():
000000000005a100 <Aquamarine::CDRMDumbBuffer::dmabuf()>:
5a100: endbr64
5a104: movdqu 0x100(%rsi),%xmm0 <-- crashes here, rsi is invalidThe crash is a null/stale pointer dereference — %rsi (the object pointer) is invalid when dmabuf() is called during shutdown cleanup.
Frequency
15 crashes in 3 days, every reboot/shutdown. Many were SDDM autologin crash loops (multiple crashes per black screen event). Example timestamps:
feb 12 01:22 - 02:38 (6 crashes in autologin loop)
feb 12 04:20 - 04:25 (2 crashes)
feb 12 06:22, 19:10, 23:48
feb 13 23:44
feb 14 05:25, 05:57, 16:55
All at the exact same offset (+0x5a106), always triggered by SIGTERM -> session teardown.
Journal Sequence
- System reboot initiated ->
systemd-logind: The system will reboot now! - SIGTERM sent to Hyprland session ->
uwsm: Received SIGTERM, stopping wayland-session-envelope@hyprland.desktop.target... - SDDM helper crashes ->
sddm: Auth: sddm-helper ... crashed (exit code 1) - Hyprland segfaults ->
kernel: Hyprland[PID]: segfault at 10 ... in libaquamarine.so.0.10.0 - Coredump fails ->
systemd-coredump: Failed to send coredump datagram: Broken pipe
System Info
- Hyprland: 0.53.3-2
- Aquamarine: 0.10.0-2
- Hyprutils: 0.11.0-1
- Hyprlang: 0.6.8-1
- Mesa: 25.3.4-1
- Kernel: 6.18.7-arch1-1
- GPU: AMD Renoir (Radeon Vega Series) rev d8
- Monitor: Philips FTV via HDMI-A-1 (1920x1080@60Hz, scale 1.5)
- Display manager: SDDM with uwsm + autologin
- No trackpad mouse only, gestures disabled
Related
- aquamarine SIGSEGV in CDRMFB::drop() during session termination via loginctl #232 — Same class of bug (SIGSEGV in DRM framebuffer cleanup during session termination, AMD GPU, aquamarine 0.10.0)
- aquamarine backend: fix use-after-free of logger during teardown #244 — Likely fix merged Feb 12, 2026: "backend: fix use-after-free of logger during teardown"