[319.x Regression] seffault in libGL.so.319.17[a19fe000+d2000]

Hi again, I’ve already reported the same for 319.12 here. There’s no change with 319.17, again I get:

[ 170.047483] plugin-containe[3174]: segfault at 700 ip a1a67b20 sp b308d370 error 4 in libGL.so.319.17[a19fe000+d2000]

[ 251.915765] plugin-containe[3251]: segfault at 700 ip a1a67b20 sp b3090370 error 4 in libGL.so.319.17[a19fe000+d2000]

and the GL client (the plugin) crashes with each segfault.

And that’s every game open/close/open. Possibly specific to how Quake Live (http://www.quakelive.com/, free to play, you can reproduce quickly) loads/unloads/loads libGL when you quit one game and want to join another.
nvidia-bug-report.log.gz (89 KB)

Hi Lamieur,

Sorry for the slow response. I haven’t been able to reproduce this problem. Quake Live works fine across open / close / open cycles for me. Is there any chance you could attach a debugger to the plugin-container process and capture a backtrace (“thread apply all backtrace”) and capture the output of “info registers” and “info files” when the crash occurs?

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb3091b70 (LWP 3728)]
0xa1a67b70 in ?? () from /usr/lib/nvidia/libGL.so.1

(gdb) info proc
process 3704
cmdline = ‘/usr/lib/xulrunner-16/plugin-container’
cwd = ‘/home/lam’
exe = ‘/usr/lib/xulrunner-16/plugin-container’

(gdb) info threads

  • 6 Thread 0xb3091b70 (LWP 3728) 0xa1a67b70 in ?? ()
    from /usr/lib/nvidia/libGL.so.1
    3 Thread 0xb4a76b70 (LWP 3705) 0xb77b0424 in __kernel_vsyscall ()
    2 Thread 0xb3d40b70 (LWP 3706) 0xb77b0424 in __kernel_vsyscall ()
    1 Thread 0xb5491870 (LWP 3704) 0xb77b0424 in __kernel_vsyscall ()

(gdb) thread apply all backtrace

Thread 6 (Thread 0xb3091b70 (LWP 3728)):
#0 0xa1a67b70 in ?? () from /usr/lib/nvidia/libGL.so.1
#1 0xa1a638b2 in glXChooseVisual () from /usr/lib/nvidia/libGL.so.1
#2 0xb317d9f7 in ?? ()
from /home/lam/.quakelive/quakelive/home/baseq3/quakelive.i386.so
#3 0xb317e367 in ?? ()
from /home/lam/.quakelive/quakelive/home/baseq3/quakelive.i386.so
#4 0xb317e4bd in ?? ()
from /home/lam/.quakelive/quakelive/home/baseq3/quakelive.i386.so
#5 0xb317e636 in ?? ()
from /home/lam/.quakelive/quakelive/home/baseq3/quakelive.i386.so
#6 0xb30bcc5e in ?? ()
from /home/lam/.quakelive/quakelive/home/baseq3/quakelive.i386.so
#7 0xb30c2fd8 in ?? ()
from /home/lam/.quakelive/quakelive/home/baseq3/quakelive.i386.so
#8 0xb3100668 in ?? ()
from /home/lam/.quakelive/quakelive/home/baseq3/quakelive.i386.so
#9 0xb3103714 in ?? ()
from /home/lam/.quakelive/quakelive/home/baseq3/quakelive.i386.so
#10 0xb311c062 in ?? ()
from /home/lam/.quakelive/quakelive/home/baseq3/quakelive.i386.so
#11 0xb318e999 in ?? ()
from /home/lam/.quakelive/quakelive/home/baseq3/quakelive.i386.so
—Type to continue, or q to quit—
#12 0xb3190e64 in coreMain ()
from /home/lam/.quakelive/quakelive/home/baseq3/quakelive.i386.so
#13 0xb3d6e1dc in ?? ()
from /home/lam/.mozilla/firefox/ki0dw1sr.default/extensions/quakeliveplugin@idsoftware.com/plugins/npquakelive.i386.so
#14 0x4a6bde99 in start_thread () from /lib/libpthread.so.0
#15 0x4a5d7d2e in clone () from /lib/libc.so.6

Thread 3 (Thread 0xb4a76b70 (LWP 3705)):
#0 0xb77b0424 in __kernel_vsyscall ()
#1 0x4a5d3367 in syscall () from /lib/libc.so.6
#2 0xb6a7b1e8 in ?? () from /usr/lib/xulrunner-16/libxul.so
#3 0xb6a7acf9 in ?? () from /usr/lib/xulrunner-16/libxul.so
#4 0xb6a7503e in ?? () from /usr/lib/xulrunner-16/libxul.so
#5 0xb6aa2dec in ?? () from /usr/lib/xulrunner-16/libxul.so
#6 0xb6a8361b in ?? () from /usr/lib/xulrunner-16/libxul.so
#7 0xb6a837b5 in ?? () from /usr/lib/xulrunner-16/libxul.so
#8 0xb6a900e7 in ?? () from /usr/lib/xulrunner-16/libxul.so
#9 0xb6aa3550 in ?? () from /usr/lib/xulrunner-16/libxul.so
#10 0x4a6bde99 in start_thread () from /lib/libpthread.so.0
#11 0x4a5d7d2e in clone () from /lib/libc.so.6

Thread 2 (Thread 0xb3d40b70 (LWP 3706)):
#0 0xb77b0424 in __kernel_vsyscall ()
—Type to continue, or q to quit—
#1 0x4a59c086 in nanosleep () from /lib/libc.so.6
#2 0x4a5d02ec in usleep () from /lib/libc.so.6
#3 0xb3d685f3 in ?? ()
from /home/lam/.mozilla/firefox/ki0dw1sr.default/extensions/quakeliveplugin@idsoftware.com/plugins/npquakelive.i386.so
#4 0xb3d7219a in ?? ()
from /home/lam/.mozilla/firefox/ki0dw1sr.default/extensions/quakeliveplugin@idsoftware.com/plugins/npquakelive.i386.so
#5 0x4a6bde99 in start_thread () from /lib/libpthread.so.0
#6 0x4a5d7d2e in clone () from /lib/libc.so.6

Thread 1 (Thread 0xb5491870 (LWP 3704)):
#0 0xb77b0424 in __kernel_vsyscall ()
#1 0x4a5ccc36 in poll () from /lib/libc.so.6
#2 0x4a78edac in g_poll () from /lib/libglib-2.0.so.0
#3 0x4a77e8b7 in ?? () from /lib/libglib-2.0.so.0
#4 0x4a77ec35 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#5 0xb6aaf736 in ?? () from /usr/lib/xulrunner-16/libxul.so
#6 0xb6aaf524 in ?? () from /usr/lib/xulrunner-16/libxul.so
#7 0xb6a8361b in ?? () from /usr/lib/xulrunner-16/libxul.so
#8 0xb6a837b5 in ?? () from /usr/lib/xulrunner-16/libxul.so
#9 0xb5d932a6 in XRE_InitChildProcess () from /usr/lib/xulrunner-16/libxul.so
#10 0x08049577 in _start ()

(gdb) info registers
eax 0x0 0
ecx 0xb3091b70 -1291248784
edx 0x0 0
ebx 0x0 0
esp 0xb3090370 0xb3090370
ebp 0x0 0x0
esi 0x0 0
edi 0xb2dfe000 -1293950976
eip 0xa1a67b70 0xa1a67b70
eflags 0x210246 [ PF ZF IF RF ID ]
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0x7b 123
fs 0x0 0
gs 0x33 51

info_files.txt (157 KB)

Oh, and the above is from the freshly released 319.23.

The rest of the system (kernel, Xorg, browser, everything) is still identical to reported in nvidia-bug-report in original post.

Thanks for the detailed information, Lamieur. I still wasn’t able to reproduce the problem, but I filed bug 1295970 to track the issue.

Just a quick update: we’ve identified the problem and it should be fixed in a future release. Thanks for the detailed report!

That’s great to hear!

Can’t wait to try a new version :)