Bug#882082: gnome-shell: Frequent segfaults in libgobject (through libgjs)

Thibaut Girka thib at sitedethib.com
Tue Dec 5 08:20:35 UTC 2017


Sorry for the line-wrapping in the previous report.

The crashes are still present and very frequent (5~10 times a day).
I think those crashes only occur when a notification is to be displayed (and I
have just successfuly crashed it using “notify-send test”), but it does not
occur every time (and I am indeed unable to reproduce it anymore with
“notify-send test”).

I have a few gnome-shell extensions enabled: Alternatetab, Application menu,
Removable drive menu, Places status indicator and Pomodoro, all from Debian.

Here is a more recent backtrace, mostly identical, but without line-wrapping:

#0  0x00007f539e5cbcaf in g_type_check_instance_is_fundamentally_a () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#1  0x00007f539e5afebe in g_value_set_object () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#2  0x00007f539e5aec12 in g_object_get_property () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#3  0x00007f539d29a1db in get_prop_from_g_param (priv=0x55b0a7b2cbe0, value_p=..., name=<optimized out>, context=0x55b0a5653400, obj=...) at gi/object.cpp:289
#4  0x00007f539d29a1db in object_instance_get_prop(JSContext*, JS::HandleObject, JS::HandleId, JS::MutableHandleValue) (context=context at entry=0x55b0a5653400, obj=..., id=..., value_p=...)
    at gi/object.cpp:411
#5  0x00007f53943277ea in js::CallJSGetterOp(JSContext*, bool (*)(JSContext*, JS::Handle<JSObject*>, JS::Handle<jsid>, JS::MutableHandle<JS::Value>), JS::Handle<JSObject*>, JS::Handle<jsid>, JS::MutableHandle<JS::Value>) (vp=..., id=..., obj=..., op=<optimized out>, cx=0x55b0a5653400) at ./js/src/jscntxtinlines.h:310
#6  0x00007f53943277ea in GetNonexistentProperty(JSContext*, js::HandleNativeObject, JS::HandleId, IsNameLookup, JS::MutableHandleValue) (cx=cx at entry=0x55b0a5653400, obj=..., 
    obj at entry=..., id=..., id at entry=..., nameLookup=nameLookup at entry=NotNameLookup, vp=vp at entry=..., receiver=...) at ./js/src/vm/NativeObject.cpp:1956
#7  0x00007f539434f94b in NativeGetPropertyInline<(js::AllowGC)1> (vp=..., nameLookup=NotNameLookup, id=..., receiver=..., obj=..., cx=0x55b0a5653400) at ./js/src/vm/NativeObject.cpp:2097
#8  0x00007f539434f94b in js::NativeGetProperty(JSContext*, JS::Handle<js::NativeObject*>, JS::Handle<JS::Value>, JS::Handle<jsid>, JS::MutableHandle<JS::Value>) (cx=cx at entry=0x55b0a5653400, obj=..., obj at entry=..., receiver=..., id=..., vp=..., vp at entry=...) at ./js/src/vm/NativeObject.cpp:2115
#9  0x00007f53943512bf in js::GetProperty(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::Handle<jsid>, JS::MutableHandle<JS::Value>) (vp=..., id=..., receiver=..., obj=..., cx=0x55b0a5653400) at ./js/src/vm/NativeObject.h:1523
#10 0x00007f53943512bf in js::GetProperty(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, js::PropertyName*, JS::MutableHandle<JS::Value>) (vp=..., name=<optimized out>, receiver=..., obj=..., cx=0x55b0a5653400) at ./js/src/jsobj.h:846
#11 0x00007f53943512bf in js::GetProperty(JSContext*, JS::Handle<JS::Value>, JS::Handle<js::PropertyName*>, JS::MutableHandle<JS::Value>) (cx=0x55b0a5653400, v=..., name=..., vp=...)
    at ./js/src/vm/Interpreter.cpp:4263
#12 0x00007f539434278c in GetPropertyOperation (vp=..., lval=..., pc=<optimized out>, script=..., fp=<optimized out>, cx=<optimized out>) at ./js/src/vm/Interpreter.cpp:192
#13 0x00007f539434278c in Interpret(JSContext*, js::RunState&) (cx=0x55b0a5653400, state=...) at ./js/src/vm/Interpreter.cpp:2639
#14 0x00007f539434e846 in js::RunScript(JSContext*, js::RunState&) (cx=cx at entry=0x55b0a5653400, state=...) at ./js/src/vm/Interpreter.cpp:405
#15 0x00007f539434ee1f in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) (cx=cx at entry=0x55b0a5653400, args=..., construct=construct at entry=js::NO_CONSTRUCT)
    at ./js/src/vm/Interpreter.cpp:477
#16 0x00007f539434f099 in InternalCall(JSContext*, js::AnyInvokeArgs const&) (cx=cx at entry=0x55b0a5653400, args=...) at ./js/src/vm/Interpreter.cpp:504
#17 0x00007f539434f0f9 in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>) (cx=cx at entry=0x55b0a5653400, fval=..., 
    fval at entry=..., thisv=..., thisv at entry=..., args=..., rval=rval at entry=...) at ./js/src/vm/Interpreter.cpp:523
#18 0x00007f5394141079 in js::jit::InvokeFunction(JSContext*, JS::Handle<JSObject*>, bool, unsigned int, JS::Value*, JS::MutableHandle<JS::Value>) (cx=0x55b0a5653400, obj=..., constructing=<optimized out>, argc=<optimized out>, argv=0x7ffcc64aa580, rval=...) at ./js/src/jit/VMFunctions.cpp:114
#19 0x0000324d62f413c6 in  ()
#20 0x00007ffcc64aa540 in  ()
#21 0x00007ffcc64aa530 in  ()
#22 0xfff9000000000000 in  ()
#23 0x00007f53954f1040 in js::jit::InvokeFunctionInfo () at /lib/x86_64-linux-gnu/libmozjs-52.so.0
#24 0x00007f53745739a0 in  ()
#25 0x0000324d63083995 in  ()
#26 0x0000000000006820 in  ()
#27 0x00007f532ec07700 in  ()
#28 0x0000000000000000 in  ()


coredumpctl also lists it as the following:

                Stack trace of thread 20845:
                #0  0x00007f539e5cbcaf g_type_check_instance_is_fundamentally_a (libgobject-2.0.so.0)
                #1  0x00007f539e5afebe g_value_set_object (libgobject-2.0.so.0)
                #2  0x00007f539e5aec12 g_object_get_property (libgobject-2.0.so.0)
                #3  0x00007f539d29a1db get_prop_from_g_param (libgjs.so.0)
                #4  0x00007f53943277ea _ZN2js14CallJSGetterOpEP9JSContextPFbS1_N2JS6HandleIP8JSObjectEENS3_I4jsidEENS2_13MutableHandleINS2_5ValueEEEES6_S8_SB_ (libmozjs-52.so.0)
                #5  0x00007f539434f94b NativeGetPropertyInline<(js::AllowGC)1> (libmozjs-52.so.0)
                #6  0x00007f53943512bf _ZN2js11GetPropertyEP9JSContextN2JS6HandleIP8JSObjectEENS3_INS2_5ValueEEENS3_I4jsidEENS2_13MutableHandleIS7_EE (libmozjs-52.so.0)
                #7  0x00007f539434278c GetPropertyOperation (libmozjs-52.so.0)
                #8  0x00007f539434e846 _ZN2js9RunScriptEP9JSContextRNS_8RunStateE (libmozjs-52.so.0)
                #9  0x00007f539434ee1f _ZN2js23InternalCallOrConstructEP9JSContextRKN2JS8CallArgsENS_14MaybeConstructE (libmozjs-52.so.0)
                #10 0x00007f539434f0f9 _ZN2js4CallEP9JSContextN2JS6HandleINS2_5ValueEEES5_RKNS_13AnyInvokeArgsENS2_13MutableHandleIS4_EE (libmozjs-52.so.0)
                #11 0x00007f5394141079 _ZN2js3jit14InvokeFunctionEP9JSContextN2JS6HandleIP8JSObjectEEbjPNS3_5ValueENS3_13MutableHandleIS8_EE (libmozjs-52.so.0)
                #12 0x0000324d62f413c6 n/a (n/a)
                #13 0x00007f5394050fbd EnterIon (libmozjs-52.so.0)
                #14 0x00007f539434e396 Interpret (libmozjs-52.so.0)
                #15 0x00007f539434e846 _ZN2js9RunScriptEP9JSContextRNS_8RunStateE (libmozjs-52.so.0)
                #16 0x00007f539434ee1f _ZN2js23InternalCallOrConstructEP9JSContextRKN2JS8CallArgsENS_14MaybeConstructE (libmozjs-52.so.0)
                #17 0x00007f539434f0f9 _ZN2js4CallEP9JSContextN2JS6HandleINS2_5ValueEEES5_RKNS_13AnyInvokeArgsENS2_13MutableHandleIS4_EE (libmozjs-52.so.0)
                #18 0x00007f5394141079 _ZN2js3jit14InvokeFunctionEP9JSContextN2JS6HandleIP8JSObjectEEbjPNS3_5ValueENS3_13MutableHandleIS8_EE (libmozjs-52.so.0)
                #19 0x0000324d62f413c6 n/a (n/a)



More information about the pkg-gnome-maintainers mailing list