Bug#852165: gnome-shell: X11 clients requesting wrong window sizes crash gnome-shell as a wayland compositor
Thibaut Girka
thib at sitedethib.com
Sun Jan 22 08:48:29 UTC 2017
Package: gnome-shell
Version: 3.22.2-1
Severity: important
Tags: upstream
When used as a wayland compositor and an X11 client requests an unreasonable
window size, gnome-shell crashes rather than the X11 client.
It frequently happens with the non-free game “Kerbal Space Program” and can
also easily be reproduced with the attached example (requires python3-gi and
gir1.2-gtk-3.0).
The crash is usually triggered by gnome-shell aborting on an X11 error, but
I have also seen it abort while trying to do some memory allocation of
unreasonable size, as displayed in the following backtrace:
#0 0x00007fd27b4c6261 in _g_log_abort (breakpoint=1) at ././glib/gmessages.c:487
#1 0x00007fd27b4c72b7 in g_log_default_handler (log_domain=0x7fd27b508d2e "GLib", log_level=6, message=<optimized out>, unused_data=<optimized out>) at ././glib/gmessages.c:2816
#2 0x00005592f762a84e in default_log_handler (log_domain=log_domain at entry=0x7fd27b508d2e "GLib", log_level=log_level at entry=6, message=message at entry=0x7fd25c136c00 "/build/glib2.0-m2w47E/glib2.0-2.50.2/./glib/gmem.c:130: failed to allocate 18446744072465642272 bytes", data=data at entry=0x7fd25800d9a0) at main.c:313
#3 0x00007fd27b4c75c4 in g_logv (log_domain=0x7fd27b508d2e "GLib", log_level=G_LOG_LEVEL_ERROR, format=<optimized out>, args=args at entry=0x7fff6e415130) at ././glib/gmessages.c:1275
#4 0x00007fd27b4c77cf in g_log (log_domain=log_domain at entry=0x7fd27b508d2e "GLib", log_level=log_level at entry=G_LOG_LEVEL_ERROR, format=format at entry=0x7fd27b512688 "%s: failed to allocate %lu bytes") at ././glib/gmessages.c:1337
#5 0x00007fd27b4c5e94 in g_malloc0 (n_bytes=n_bytes at entry=18446744072465642272) at ././glib/gmem.c:129
#6 0x00007fd27cc5f5be in make_shadow (region=0x5592fbe189d0, shadow=0x7fd2200fd4c0) at compositor/meta-shadow-factory.c:750
#7 0x00007fd27cc5f5be in meta_shadow_factory_get_shadow (factory=factory at entry=0x7fd2580126a0 [MetaShadowFactory], shape=<optimized out>, width=<optimized out>, height=<optimized out>, class_name=class_name at entry=0x7fd27ccd462f "normal", focused=focused at entry=1) at compositor/meta-shadow-factory.c:985
#8 0x00007fd27cc655c6 in check_needs_shadow (self=<optimized out>) at compositor/meta-window-actor.c:1595
#9 0x00007fd27cc655c6 in meta_window_actor_handle_updates (self=<optimized out>) at compositor/meta-window-actor.c:1920
#10 0x00007fd27cc66378 in meta_window_actor_pre_paint (self=0x5592fbdb0fa0 [MetaWindowActor]) at compositor/meta-window-actor.c:1929
#11 0x00007fd27cc57a88 in meta_pre_paint_func (data=0x5592f9112b40) at compositor/compositor.c:1077
#12 0x00007fd27c0140a4 in _clutter_run_repaint_functions (flags=flags at entry=CLUTTER_REPAINT_FLAGS_PRE_PAINT) at clutter-main.c:3433
#13 0x00007fd27c014d57 in master_clock_update_stages (master_clock=0x5592f8d08f00 [ClutterMasterClockDefault], stages=0x5592fcdfa290 = {...}) at clutter-master-clock-default.c:437
#14 0x00007fd27c014d57 in clutter_clock_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at clutter-master-clock-default.c:567
#15 0x00007fd27b4c07f7 in g_main_dispatch (context=0x5592f8ab7730) at ././glib/gmain.c:3203
#16 0x00007fd27b4c07f7 in g_main_context_dispatch (context=context at entry=0x5592f8ab7730) at ././glib/gmain.c:3856
#17 0x00007fd27b4c0a60 in g_main_context_iterate (context=0x5592f8ab7730, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at ././glib/gmain.c:3929
#18 0x00007fd27b4c0d82 in g_main_loop_run (loop=0x5592f8d1d280) at ././glib/gmain.c:4125
#19 0x00007fd27cc7758c in meta_run () at core/main.c:572
#20 0x00005592f762a4b7 in main (argc=<optimized out>, argv=<optimized out>) at main.c:471
-- System Information:
Debian Release: 9.0
APT prefers testing-debug
APT policy: (990, 'testing-debug'), (990, 'testing'), (120, 'unstable-debug'), (120, 'unstable'), (105, 'experimental-debug'), (105, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages gnome-shell depends on:
ii dconf-gsettings-backend [gsettings-backend] 0.26.0-2
ii evolution-data-server 3.22.3-1
ii gir1.2-accountsservice-1.0 0.6.43-1
ii gir1.2-atspi-2.0 2.22.0-5
ii gir1.2-caribou-1.0 0.4.21-1
ii gir1.2-freedesktop 1.50.0-1
ii gir1.2-gcr-3 3.20.0-3
ii gir1.2-gdesktopenums-3.0 3.22.0-1
ii gir1.2-gdm-1.0 3.22.1-1
ii gir1.2-glib-2.0 1.50.0-1
ii gir1.2-gnomebluetooth-1.0 3.20.0-1
ii gir1.2-gnomedesktop-3.0 3.22.2-1
ii gir1.2-gtk-3.0 3.22.6-1
ii gir1.2-gweather-3.0 3.20.4-1
ii gir1.2-ibus-1.0 1.5.14-2
ii gir1.2-mutter-3.0 3.22.2-3
ii gir1.2-networkmanager-1.0 1.4.4-1
ii gir1.2-nmgtk-1.0 1.4.2-1
ii gir1.2-pango-1.0 1.40.3-3
ii gir1.2-polkit-1.0 0.105-17
ii gir1.2-soup-2.4 2.56.0-2
ii gir1.2-telepathyglib-0.12 0.24.1-1.1
ii gir1.2-telepathylogger-0.2 0.8.2-2
ii gir1.2-upowerglib-1.0 0.99.4-4
ii gjs 1.46.0-1+b1
ii gnome-backgrounds 3.22.1-1
ii gnome-settings-daemon 3.22.1-1
ii gnome-shell-common 3.22.2-1
ii gsettings-desktop-schemas 3.22.0-1
ii libatk-bridge2.0-0 2.22.0-1
ii libatk1.0-0 2.22.0-1
ii libc6 2.24-8
ii libcairo2 1.14.8-1
ii libcanberra-gtk3-0 0.30-3
ii libcanberra0 0.30-3
ii libcroco3 0.6.11-2
ii libdbus-glib-1-2 0.108-1
ii libecal-1.2-19 3.22.3-1
ii libedataserver-1.2-22 3.22.3-1
ii libgcr-base-3-1 3.20.0-3
ii libgdk-pixbuf2.0-0 2.36.3-1
ii libgirepository-1.0-1 1.50.0-1
ii libgjs0e [libgjs0-libmozjs-24-0] 1.46.0-1+b1
ii libglib2.0-0 2.50.2-2
ii libglib2.0-bin 2.50.2-2
ii libgstreamer1.0-0 1.10.2-1
ii libgtk-3-0 3.22.6-1
ii libical2 2.0.0-0.5+b1
ii libicu57 57.1-5
ii libjson-glib-1.0-0 1.2.2-1
ii libmozjs-24-0 24.2.0-5.1
ii libmutter0i 3.22.2-3
ii libnm-glib4 1.4.4-1
ii libnm-util2 1.4.4-1
ii libpango-1.0-0 1.40.3-3
ii libpangocairo-1.0-0 1.40.3-3
ii libpolkit-agent-1-0 0.105-17
ii libpolkit-gobject-1-0 0.105-17
ii libpulse-mainloop-glib0 9.0-5
ii libpulse0 9.0-5
ii libsecret-1-0 0.18.5-2
ii libstartup-notification0 0.12-4
ii libsystemd0 232-8
ii libtelepathy-glib0 0.24.1-1.1
ii libwayland-client0 1.12.0-1
ii libx11-6 2:1.6.4-2
ii libxfixes3 1:5.0.3-1
ii mutter 3.22.2-3
ii python3 3.5.1-4
ii telepathy-mission-control-5 1:5.16.3-2
Versions of packages gnome-shell recommends:
ii gdm3 3.22.1-1
ii gkbd-capplet 3.22.0.1-1
ii gnome-contacts 3.22.1-1+b1
ii gnome-control-center 1:3.22.1-1
ii gnome-themes-standard-data 3.22.2-1
ii gnome-user-guide 3.22.0-1
ii iio-sensor-proxy 2.0-1
ii unzip 6.0-21
gnome-shell suggests no packages.
-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: crashtest.py
Type: text/x-python
Size: 487 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20170122/5960a12e/attachment.py>
More information about the pkg-gnome-maintainers
mailing list