I start urxvtd from the x11-terms/rxvt-unicode-9.06 ebuild as part of my session initialization, and then open multiple terminal windows using urxvtc. Lately, however, closing a single window will crash urxvtd, resulting in all windows getting closed and possible loss of data. I ran urxvtd in gdb and found this backtrace: Program received signal SIGSEGV, Segmentation fault. XQueryExtension (dpy=0x0, name=0x48b4af26 "GLX", major_opcode=0xbfd04570, first_event=0xbfd04574, first_error=0xbfd04578) at QuExt.c:46 46 LockDisplay(dpy); (gdb) bt #0 XQueryExtension (dpy=0x0, name=0x48b4af26 "GLX", major_opcode=0xbfd04570, first_event=0xbfd04574, first_error=0xbfd04578) at QuExt.c:46 #1 0xb7f0a787 in XInitExtension (dpy=0x0, name=0x48b4af26 "GLX") at InitExt.c:49 #2 0xb7e70246 in XextAddDisplay (extinfo=0xa292988, dpy=0x0, ext_name=0x48b4af26 "GLX", hooks=0x48b56a60, nevents=17, data=0x0) at extutil.c:108 #3 0x48b1e33d in ?? () from //usr//lib/opengl/nvidia/lib/libGL.so.1 #4 0x0a292988 in ?? () #5 0x00000000 in ?? () I remerged the involved libraries libXext and libX11 as well as rxvt-unicode itself, without solving the problem. I'm a bit surprised about not seeing any stack frames from the urxvtd binary in that trace. Frame #4 seems to be on the heap, and thus shouldn't be executable at all, except x86 has no nonexecutable pages out of the box, of course. Trying to reproduce the issue with "eselect opengl set xorg-x11" instead of the nvidia implementation I found that it worked all right. There were multiple calls to XextAddDisplay when I opened a terminal window, but none when I closed it. With nvidia OpenGL, there was at least one such invocation when closing the window as well, with dpy=NULL as shown in the backtrace above, leading to the segfault. With the xorg-x11 implementation, the stack trace looked better as well, including several functions from urxvtd, including main. As I assume the reason for this issue lies somewhere within the closed source nvidia libraries, I'll send a copy of this bug report to linux-bugs@nvidia.com and try to keep you here up to date about any replies.
The bug is not in nvidia-drivers, it's in media-libs/libafterimage-1.18. Using ltrace i found destroy_asvisual to be the last function invoked before the SIGSEGV. Stepping through said function with gdb I found two invocations of glXDestroyContext with a global parameter dpy instead of the member asv->dpy used by other statements in that function. The global dpy symbol is declared in the xwrap.h header shipped with libafterimage itself. Upstream already addressed the issue but has not made a release since. Please include this patch in a revision bump media-libs/libafterimage-1.18-r1: http://cvs.aftercode.net/cgi-bin/viewcvs.cgi/afterstep-stable/libAfterImage/asvisual.c?r1=1.111&r2=1.112&makepatch=1&diff_format=u
thanks for the report and patch. *libafterimage-1.18-r1 (17 Jan 2009) 17 Jan 2009; Markus Meier <maekke@gentoo.org> +files/libafterimage-1.18-glx.patch, +libafterimage-1.18-r1.ebuild: fix x11-terms/rxvt-unicode segfault by Martin von Gagern in bug #252651; don't use internal copy of libungif wrt bug #252917
