Bug#932428: gnome-shell: sometimes crashes on lid close in wayland_output_update_for_output()
Simon McVittie
smcv at debian.org
Fri Jul 19 08:39:23 BST 2019
Package: gnome-shell
Version: 3.30.2-9
Severity: important
Since about the time testing opened back up after the Debian 10
release freeze, I'm often getting a GNOME Shell crash when I suspend
and resume. I didn't notice this before the release, so I'm hoping it
doesn't affect stable. However, I haven't upgraded gnome-shell, mutter
or libwayland-server0 since the release.
This is not the same crash as #679418.
Looking at the Journal, the timing suggests that it is happening in
response to lid close or suspend, rather than at resume:
Jul 18 23:18:24 espresso NetworkManager[25317]: <info> [1563488304.2847] device (enp0s31f6.100): state change: unavailable -> unmanaged (reason 'sleeping', sys-iface-state: 'managed')
Jul 18 23:18:24 espresso NetworkManager[25317]: <info> [1563488304.2964] device (p2p-dev-wlp4s0): state change: disconnected -> unmanaged (reason 'sleeping', sys-iface-state: 'managed')
Jul 18 23:18:24 espresso NetworkManager[25317]: <info> [1563488304.3023] device (cdc-wdm0): state change: unavailable -> unmanaged (reason 'sleeping', sys-iface-state: 'managed')
Jul 18 23:18:24 espresso NetworkManager[25317]: <info> [1563488304.3164] manager: NetworkManager state is now ASLEEP
Jul 18 23:18:24 espresso systemd-logind[839]: Lid closed.
Jul 18 23:18:24 espresso kernel: gnome-shell[31200]: segfault at 1020 ip 00007fb79e60fde1 sp 00007fff0d2fa680 error 4 in libwayland-server.so.0.1.0[7fb79e60f000+7000]
#0 0x00007fb79e60fde1 in wl_resource_post_event (resource=0x561624147d20, opcode=opcode at entry=2)
at ../src/wayland-server.c:245
#1 0x00007fb7a123075f in zxdg_output_v1_send_done (resource_=<optimized out>)
at ./xdg-output-unstable-v1-server-protocol.h:236
#2 0x00007fb7a123075f in wayland_output_update_for_output
(logical_monitor=0x56162332fe30 [MetaLogicalMonitor], wayland_output=0x56162207d8f0 [MetaWaylandOutput])
at wayland/meta-wayland-outputs.c:340
#3 0x00007fb7a123075f in meta_wayland_compositor_update_outputs
(compositor=compositor at entry=0x7fb7a12d2a00 <_meta_wayland_compositor>, monitor_manager=<optimized out>)
at wayland/meta-wayland-outputs.c:443
#4 0x00007fb7a123088f in on_monitors_changed
(monitors=<optimized out>, compositor=0x7fb7a12d2a00 <_meta_wayland_compositor>)
at wayland/meta-wayland-outputs.c:459
#8 0x00007fb7a1e01b6f in <emit signal ??? on instance 0x5616220760b0 [MetaMonitorManagerKms]>
(instance=instance at entry=0x5616220760b0, signal_id=<optimized out>, detail=detail at entry=0)
at ../../../gobject/gsignal.c:3447
#5 0x00007fb7a1de4e8d in g_closure_invoke
(closure=0x561622336d80, return_value=0x0, n_param_values=1, param_values=0x7fff0d2faa50, invocation_hint=0x7fff0d2fa9d0) at ../../../gobject/gclosure.c:810
#6 0x00007fb7a1df8555 in signal_emit_unlocked_R
(node=node at entry=0x561622074d80, detail=detail at entry=0, instance=instance at entry=0x5616220760b0, emission_return=emission_return at entry=0x0, instance_and_params=instance_and_params at entry=0x7fff0d2faa50)
at ../../../gobject/gsignal.c:3635
#7 0x00007fb7a1e014ae in g_signal_emit_valist
(instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args at entry=0x7fff0d2fac00) at ../../../gobject/gsignal.c:3391
#9 0x00007fb7a11a331f in meta_monitor_manager_notify_monitors_changed
(manager=manager at entry=0x5616220760b0 [MetaMonitorManagerKms]) at backends/meta-monitor-manager.c:2626
#10 0x00007fb7a11a5557 in meta_monitor_manager_rebuild
(manager=0x5616220760b0 [MetaMonitorManagerKms], config=0x56162453ae00 [MetaMonitorsConfig])
at backends/meta-monitor-manager.c:2710
#11 0x00007fb7a1240ac6 in meta_monitor_manager_kms_apply_monitors_config
(manager=0x5616220760b0 [MetaMonitorManagerKms], config=0x56162453ae00 [MetaMonitorsConfig], method=<optimized out>, error=<optimized out>) at backends/native/meta-monitor-manager-kms.c:326
#12 0x00007fb7a11a336c in meta_monitor_manager_apply_monitors_config
(manager=0x5616220760b0 [MetaMonitorManagerKms], config=0x56162453ae00 [MetaMonitorsConfig], method=META_MONITORS_CONFIG_METHOD_PERSISTENT, error=<optimized out>) at backends/meta-monitor-manager.c:442
#13 0x00007fb7a11a4334 in meta_monitor_manager_ensure_configured (manager=0x5616220760b0 [MetaMonitorManagerKms])
at backends/meta-monitor-manager.c:567
#14 0x00007fb7a1de700e in g_cclosure_marshal_VOID__BOOLEANv
(closure=<optimized out>, return_value=<optimized out>, instance=<optimized out>, args=<optimized out>, marshal_data=<optimized out>, n_params=<optimized out>, param_types=0x561622017630) at ../../../gobject/gmarshal.c:272
#15 0x00007fb7a1de50c6 in _g_closure_invoke_va
(closure=0x561622077370, return_value=0x0, instance=0x561622042910, args=0x7fff0d2fb080, n_params=1, param_types=0x561622017630) at ../../../gobject/gclosure.c:873
#16 0x00007fb7a1e0157d in g_signal_emit_valist
(instance=0x561622042910, signal_id=<optimized out>, detail=0, var_args=var_args at entry=0x7fff0d2fb080)
at ../../../gobject/gsignal.c:3300
#17 0x00007fb7a1e01b6f in g_signal_emit
(instance=instance at entry=0x561622042910, signal_id=<optimized out>, detail=detail at entry=0)
at ../../../gobject/gsignal.c:3447
#18 0x00007fb7a11902fd in upower_properties_changed
(proxy=<optimized out>, changed_properties=<optimized out>, invalidated_properties=<optimized out>, user_data=0x561622042910) at backends/meta-backend.c:555
#19 0x00007fb7a00ea8ee in ffi_call_unix64 () at /usr/lib/x86_64-linux-gnu/libffi.so.6
#20 0x00007fb7a00ea2bf in ffi_call () at /usr/lib/x86_64-linux-gnu/libffi.so.6
238 WL_EXPORT void
239 wl_resource_post_event(struct wl_resource *resource, uint32_t opcode, ...)
240 {
241 union wl_argument args[WL_CLOSURE_MAX_ARGS];
242 struct wl_object *object = &resource->object;
243 va_list ap;
244
245 va_start(ap, opcode);
246 wl_argument_from_va_list(object->interface->events[opcode].signature,
247 args, WL_CLOSURE_MAX_ARGS, ap);
248 va_end(ap);
249 wl_resource_post_event_array(resource, opcode, args);
250 }
>From "segfault at 1020" in the kernel message, it looks as though the
segfault might actually be happening at line 246 where resource contains
invalid pointers, and in particular resource->object->interface->events[2]
might be 0x1020:
(gdb) p ap
$4 = {{gp_offset = 16, fp_offset = 48, overflow_arg_area = 0x7fff0d2fa820, reg_save_area = 0x7fff0d2fa750}}
(gdb) p *resource
$3 = {object = {interface = 0x1000, implementation = 0x56162208f110, id = 517}, destroy = 0xfffffffff71d5000,
link = {prev = 0xffffffff, next = 0x1}, deprecated_destroy_signal = {listener_list = {prev = 0x7fb78b521fb4,
next = 0x18}}, client = 0x0, data = 0x0, version = 0, dispatcher = 0x7fb7884ff000, destroy_signal = {
listener_list = {prev = 0x0, next = 0x0}, emit_list = {prev = 0x0, next = 0x0}}}
so presumably this is some code in mutter/gnome-shell accessing a freed or
otherwise invalidated wl_resource?
smcv
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'stable-debug'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages gnome-shell depends on:
ii dconf-gsettings-backend [gsettings-backend] 0.30.1-2
ii evolution-data-server 3.30.5-1
ii gir1.2-accountsservice-1.0 0.6.45-2
ii gir1.2-atspi-2.0 2.30.0-7
ii gir1.2-freedesktop 1.58.3-2
ii gir1.2-gcr-3 3.28.1-1
ii gir1.2-gdesktopenums-3.0 3.28.1-1
ii gir1.2-gdm-1.0 3.30.2-3
ii gir1.2-geoclue-2.0 2.5.3-1
ii gir1.2-glib-2.0 1.58.3-2
ii gir1.2-gnomebluetooth-1.0 3.28.2-3
ii gir1.2-gnomedesktop-3.0 3.30.2.1-2
ii gir1.2-gtk-3.0 3.24.10-1
ii gir1.2-gweather-3.0 3.28.3-1
ii gir1.2-ibus-1.0 1.5.19-4+b1
ii gir1.2-mutter-3 3.30.2-7
ii gir1.2-nm-1.0 1.18.0-3
ii gir1.2-nma-1.0 1.8.22-2
ii gir1.2-pango-1.0 1.42.4-6
ii gir1.2-polkit-1.0 0.105-26
ii gir1.2-rsvg-2.0 2.44.10-2.1
ii gir1.2-soup-2.4 2.64.2-2
ii gir1.2-upowerglib-1.0 0.99.10-1
ii gjs 1.54.3-1
ii gnome-backgrounds 3.30.0-1
ii gnome-settings-daemon 3.30.2-3local1
ii gnome-shell-common 3.30.2-9
ii gsettings-desktop-schemas 3.28.1-1
ii libatk-bridge2.0-0 2.30.0-5
ii libatk1.0-0 2.30.0-2
ii libc6 2.28-10
ii libcairo2 1.16.0-4
ii libcanberra-gtk3-0 0.30-7
ii libcanberra0 0.30-7
ii libcroco3 0.6.12-3
ii libecal-1.2-19 3.30.5-1
ii libedataserver-1.2-23 3.30.5-1
ii libgcr-base-3-1 3.28.1-1
ii libgdk-pixbuf2.0-0 2.38.1+dfsg-1
ii libgirepository-1.0-1 1.58.3-2
ii libgjs0g 1.54.3-1
ii libglib2.0-0 2.60.5-1
ii libglib2.0-bin 2.60.5-1
ii libgstreamer1.0-0 1.16.0-2
ii libgtk-3-0 3.24.10-1
ii libical3 3.0.5-1
ii libjson-glib-1.0-0 1.4.4-2
ii libmutter-3-0 3.30.2-7
ii libnm0 1.18.0-3
ii libpango-1.0-0 1.42.4-6
ii libpangocairo-1.0-0 1.42.4-6
ii libpolkit-agent-1-0 0.105-26
ii libpolkit-gobject-1-0 0.105-26
ii libpulse-mainloop-glib0 12.2-4
ii libpulse0 12.2-4
ii libsecret-1-0 0.18.7-1
ii libstartup-notification0 0.12-6
ii libsystemd0 241-7
ii libx11-6 2:1.6.7-1
ii libxfixes3 1:5.0.3-1
ii mutter 3.30.2-7
ii python3 3.7.3-1
Versions of packages gnome-shell recommends:
ii bolt 0.7-2
ii chrome-gnome-shell 10.1-5
ii gdm3 3.30.2-3
ii gkbd-capplet 3.26.1-1
ii gnome-control-center 1:3.30.3-1
ii gnome-user-docs 3.30.2-1
ii iio-sensor-proxy 2.4-2
pn switcheroo-control <none>
ii unzip 6.0-24
Versions of packages gnome-shell suggests:
ii gir1.2-telepathyglib-0.12 0.24.1-2
ii gir1.2-telepathylogger-0.2 0.8.2-3
-- no debconf information
More information about the pkg-gnome-maintainers
mailing list