* thread #42, name = 'vo', stop reason = signal SIGSEGV: address not mapped to object (fault address: 0x7ffec043ab10)
* frame #0: 0x00007ffec043ab10
frame #1: 0x00007ffff3269801 libc.so.6`__GI___nptl_deallocate_tsd [inlined] __GI___nptl_deallocate_tsd at nptl_deallocate_tsd.c:73:29
frame #2: 0x00007ffff3269786 libc.so.6`__GI___nptl_deallocate_tsd at nptl_deallocate_tsd.c:22:1
frame #3: 0x00007ffff326c52f libc.so.6`start_thread(arg=<unavailable>) at pthread_create.c:455:3
frame #4: 0x00007ffff32e72b8 libc.so.6`__clone3 at clone3.S:78
After comparing the memory map before closing, the address we are trying to call 0x00007ffec043ab10 is inside /usr/lib/wsl/lib/libd3d12core.so. However, by the time libc tries to clean it up, libd3d12core.so has already been unloaded. As expected, adding a dummy dlopen("/usr/lib/wsl/lib/libd3d12core.so", RTLD_LAZY | RTLD_GLOBAL) to prevent it from being unloaded works around the crash.
I didn't look into exactly how libd3d12core.so is loaded/unloaded. It is likely handled somewhere in the OpenGL driver. However, it's clear that the pthread_key_delete() call is missing before it gets unloaded. And when libc tries to clean outstanding keys it's already too late.
Diagnostic Logs
To make bot happy after #12125. I can send actual crash dumps if needed, but they are too big for GitHub attachment. Generally the issue is trivially reproducible, so not much more digging into my logs is needed.
WslLogs-2024-10-15_20-20-11.zip
github-actions[bot]
commented
1 month ago
Windows Version
Microsoft Windows [Version 10.0.26100.2033]
WSL Version
2.3.24.0
Are you using WSL 1 or WSL 2?
Kernel Version
5.15.153.1-microsoft-standard-WSL2
Distro Version
2024.3
Other Software
OpenGL / mpv
Repro Steps
mpv --no-config <video>qkeyExpected Behavior
Doesn't crash on exit.
Actual Behavior
After comparing the memory map before closing, the address we are trying to call
0x00007ffec043ab10is inside/usr/lib/wsl/lib/libd3d12core.so. However, by the time libc tries to clean it up,libd3d12core.sohas already been unloaded. As expected, adding a dummydlopen("/usr/lib/wsl/lib/libd3d12core.so", RTLD_LAZY | RTLD_GLOBAL)to prevent it from being unloaded works around the crash.I didn't look into exactly how
libd3d12core.sois loaded/unloaded. It is likely handled somewhere in the OpenGL driver. However, it's clear that thepthread_key_delete()call is missing before it gets unloaded. And when libc tries to clean outstanding keys it's already too late.Diagnostic Logs
To make bot happy after #12125. I can send actual crash dumps if needed, but they are too big for GitHub attachment. Generally the issue is trivially reproducible, so not much more digging into my logs is needed. WslLogs-2024-10-15_20-20-11.zip