337.25 - Ubuntu 14.04 - XCloseDisplay segfaults in libGL if ran in another thread.

Hi,

I hope this is the appropriate place to report this issue. I am developing a game engine[1] and ran into this issue with my GeForce GTX 560Ti card using the 337.25 (latest) driver on Ubuntu 14.04. I can also confirm the issue occurs with older driver versions as well.

The issue only occurs if libGL.so is in the picture – not otherwise. I have written a C program[2] which can reproduce the issue at least on my system, hopefully on yours. I have also attached a compiled x86_64 binary for your convenience[3]. You can compile the simple C program yourself with:

gcc xclosedisplay_bug.c -o xclosedisplay_bug -lX11 -lGL -lpthread

I have also attached the output of the ‘nvidia-smi’ command[4] as well as the requested nvidia-bug-report.log.gz file[5].

The program itself is very simple, it calls XOpenDisplay, then glXQueryVersion, and spawns a new pthread which calls XCloseDisplay. The fact that XCloseDisplay occurs in another thread is what causes the segmentation fault. If XCloseDisplay is in the same thread – no fault occurs.

The program calls XInitThreads first and uses XLockDisplay/XUnlockDisplay correctly (at least to the best of my knowledge).

I do not think it is a synchronization issue within the program because you can even:

XFlush(disp);
XSync(disp, True);

...before...
XCloseDisplay(disp);

to no avail.

valgrind output[6] appears to give some useful insight into the problem showing:

==4007== Thread 2:
==4007== Invalid read of size 8
==4007==    at 0x51F8436: ??? (in /usr/lib/libGL.so.337.25)
==4007==    by 0xA1874FF: ???
==4007==    by 0xA1874FF: ???
==4007==    by 0xA197F5F: ???
==4007==    by 0x7F: ???
==4007==  Address 0x68 is not stack'd, malloc'd or (recently) free'd

But I don’t know how useful that is for you to debug this problem (is there a libGL binary I can download that has debug symbols compiled in perhaps? that way I can provide more detailed information?). I’ve also linked to a gdb backtrace[7] for each thread but it also lacks debug symbols.

If there is anything more I can do to help debug this issue please let me know.

Thank you,
Stephen

[1] Azul3D - A 3D game engine written in Go!
[2] xclosedisplay_bug.c (C source code)
[3] xclosedisplay_bug (x86_64 binary)
[4] nvidia_smi_out
[5] nvidia-bug-report.log.gz
[6] xclosedisplay_valgrind_out
[7] xclosedisplay_gdb_out

EDIT: oops