Bug#1008750: gnome-shell: SIGSEGV in libgbm1 prevents gdm3 Wayland startup
Marko Mäkelä
marko.makela at iki.fi
Thu Mar 31 20:24:31 BST 2022
Package: gnome-shell
Version: 42.0-2
Severity: important
Dear Maintainer,
For a long time, gdm3 has not let me choose a Wayland session.
I finally decided to debug it, and the reason is that gnome-shell is
crashing with SIGSEGV. So, gdm3 will silently fall back to X.org and not
present any Wayland option.
I installed systemd-coredump and a few debug symbol packages, to get a
stack trace of the crashing thread in gnome-shell:
#0 0x0000000000000000 in ()
#1 0x00007f15938eebf1 in gbm_dri_bo_import (gbm=0x556b52505cd0, type=<optimized out>, buffer=0x7ffc7a15eb80, usage=1) at ../src/gbm/backends/dri/gbm_dri.c:1026
#2 0x00007f15970ef997 in dmabuf_to_gbm_bo (format=<optimized out>, stride=<optimized out>, height=<optimized out>, width=<optimized out>, dmabuf_fd=72, importer=0x556b52505cd0)
at ../src/backends/native/meta-drm-buffer-import.c:132
#3 import_gbm_buffer (error=0x7ffc7a15ed90, importer=0x556b52505cd0, buffer_import=0x7f15840762b0 [MetaDrmBufferImport]) at ../src/backends/native/meta-drm-buffer-import.c:166
#4 meta_drm_buffer_import_new (device_file=device_file at entry=0x556b524bab50, gbm_device=0x556b52505cd0, buffer_gbm=<optimized out>, error=error at entry=0x7ffc7a15ed90)
at ../src/backends/native/meta-drm-buffer-import.c:210
#5 0x00007f159710995a in meta_render_device_gbm_import_dma_buf (render_device=<optimized out>, buffer=0x556b540eec90 [MetaDrmBufferGbm], error=0x7ffc7a15ed90)
at ../src/backends/native/meta-render-device-gbm.c:101
#6 0x00007f15971078ea in import_shared_framebuffer (secondary_gpu_state=0x556b5260daa0, onscreen=0x556b525e42d0 [MetaOnscreenNative]) at ../src/backends/native/meta-onscreen-native.c:588
#7 update_secondary_gpu_state_post_swap_buffers (egl_context_changed=<synthetic pointer>, onscreen=0x556b525e42d0 [MetaOnscreenNative]) at ../src/backends/native/meta-onscreen-native.c:987
#8 meta_onscreen_native_swap_buffers_with_damage (onscreen=<optimized out>, rectangles=0x7ffc7a15ee50, n_rectangles=0, frame_info=0x556b53e2a0d0, user_data=0x7ffc7a15f070)
at ../src/backends/native/meta-onscreen-native.c:1112
#9 0x00007f1596a70ffd in cogl_onscreen_swap_buffers_with_damage
(onscreen=onscreen at entry=0x556b525e42d0 [MetaOnscreenNative], rectangles=rectangles at entry=0x7ffc7a15ee50, n_rectangles=n_rectangles at entry=0, info=info at entry=0x556b53e2a0d0, user_data=user_data at entry=0x7ffc7a15f070) at ../cogl/cogl/cogl-onscreen.c:337
#10 0x00007f1597019c92 in swap_framebuffer
(stage_window=stage_window at entry=0x556b52501290, stage_view=stage_view at entry=0x556b525e7210 [MetaRendererView], swap_region=swap_region at entry=0x556b54704370, swap_with_damage=swap_with_damage at entry=0, frame=frame at entry=0x7ffc7a15f070) at ../src/backends/meta-stage-impl.c:306
#11 0x00007f159701a581 in meta_stage_impl_redraw_view_primary (frame=0x7ffc7a15f070, stage_view=<optimized out>, stage_impl=<optimized out>) at ../src/backends/meta-stage-impl.c:665
#12 meta_stage_impl_redraw_view (stage_window=<optimized out>, stage_view=<optimized out>, frame=0x7ffc7a15f070) at ../src/backends/meta-stage-impl.c:736
#13 0x00007f1597114ef7 in meta_stage_native_redraw_view (stage_window=<optimized out>, view=0x556b525e7210 [MetaRendererView], frame=0x7ffc7a15f070) at ../src/backends/native/meta-stage-native.c:139
#14 0x00007f15972a9283 in handle_frame_clock_frame (frame_clock=0x556b525e8260 [ClutterFrameClock], frame_count=<optimized out>, user_data=0x556b525e7210) at ../clutter/clutter/clutter-stage-view.c:1191
#15 0x00007f1597278a35 in clutter_frame_clock_dispatch (time_us=3057569224, frame_clock=0x556b525e8260 [ClutterFrameClock]) at ../clutter/clutter/clutter-frame-clock.c:701
#16 frame_clock_source_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at ../clutter/clutter/clutter-frame-clock.c:751
#17 0x00007f1597d31f8b in g_main_dispatch (context=0x556b52426920) at ../../../glib/gmain.c:3417
#18 g_main_context_dispatch (context=0x556b52426920) at ../../../glib/gmain.c:4135
#19 0x00007f1597d32238 in g_main_context_iterate (context=0x556b52426920, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at ../../../glib/gmain.c:4211
#20 0x00007f1597d32523 in g_main_loop_run (loop=0x556b53a705e0) at ../../../glib/gmain.c:4411
#21 0x00007f1597060a85 in meta_context_run_main_loop (context=<optimized out>, error=0x7ffc7a15f2e0) at ../src/core/meta-context.c:437
#22 0x0000556b51716931 in ()
#23 0x00007f1596dc87fd in __libc_start_main (main=0x556b51716500, argc=1, argv=0x7ffc7a15f428, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffc7a15f418)
at ../csu/libc-start.c:332
#24 0x0000556b51716bda in ()
The crash probably is nothing new; I have experienced the lack of
Wayland for several months if not a couple of years. Only once when I
used a 5.15 pre-release kernel several months ago, gdm3 allowed me to
use Wayland. Back then, I was normally using a Debian package of a 5.14
kernel. The kernel that I am currently using is one that I built from
the source (tag: v5.17).
The GPU is reported by "dmesg" as follows:
[ 1.740044] [drm] amdgpu kernel modesetting enabled.
[ 1.740198] amdgpu: CRAT table not found
[ 1.740202] amdgpu: Virtual CRAT table created for CPU
[ 1.740223] amdgpu: Topology: Add CPU node
[ 1.740495] checking generic (e0000000 7f0000) vs hw (e0000000 10000000)
[ 1.740504] checking generic (e0000000 7f0000) vs hw (e0000000 10000000)
[ 1.740507] fb0: switching to amdgpu from EFI VGA
[ 1.740655] Console: switching to colour dummy device 80x25
[ 1.740714] amdgpu 0000:81:00.0: vgaarb: deactivate vga console
[ 1.740853] [drm] initializing kernel modesetting (POLARIS11 0x1002:0x67FF 0x1458:0x22FF 0xCF).
[ 1.740873] amdgpu 0000:81:00.0: amdgpu: Trusted Memory Zone (TMZ) feature not supported
[ 1.740894] [drm] register mmio base: 0xFBE00000
[ 1.740896] [drm] register mmio size: 262144
[ 1.740904] [drm] add ip block number 0 <vi_common>
[ 1.740907] [drm] add ip block number 1 <gmc_v8_0>
[ 1.740909] [drm] add ip block number 2 <tonga_ih>
[ 1.740911] [drm] add ip block number 3 <gfx_v8_0>
[ 1.740913] [drm] add ip block number 4 <sdma_v3_0>
[ 1.740915] [drm] add ip block number 5 <powerplay>
[ 1.740917] [drm] add ip block number 6 <dm>
[ 1.740919] [drm] add ip block number 7 <uvd_v6_0>
[ 1.740921] [drm] add ip block number 8 <vce_v3_0>
[ 1.741225] amdgpu 0000:81:00.0: No more image in the PCI ROM
[ 1.741275] amdgpu 0000:81:00.0: amdgpu: Fetched VBIOS from ROM BAR
[ 1.741279] amdgpu: ATOM BIOS: xxx-xxx-xxx
[ 1.741302] [drm] UVD is enabled in VM mode
[ 1.741304] [drm] UVD ENC is enabled in VM mode
[ 1.741307] [drm] VCE enabled in VM mode
[ 1.741359] [drm] vm size is 512 GB, 2 levels, block size is 10-bit, fragment size is 9-bit
[ 1.741450] amdgpu 0000:81:00.0: amdgpu: VRAM: 4096M 0x000000F400000000 - 0x000000F4FFFFFFFF (4096M used)
[ 1.741456] amdgpu 0000:81:00.0: amdgpu: GART: 256M 0x000000FF00000000 - 0x000000FF0FFFFFFF
[ 1.741466] [drm] Detected VRAM RAM=4096M, BAR=256M
[ 1.741469] [drm] RAM width 128bits GDDR5
[ 1.742054] [drm] amdgpu: 4096M of VRAM memory ready
[ 1.742057] [drm] amdgpu: 4096M of GTT memory ready.
[ 1.742065] [drm] GART: num cpu pages 65536, num gpu pages 65536
[ 1.742980] [drm] PCIE GART of 256M enabled (table at 0x000000F4007E9000).
[ 1.743231] [drm] Chained IB support enabled!
[ 1.745140] amdgpu: hwmgr_sw_init smu backed is polaris10_smu
[ 1.745376] [drm] Found UVD firmware Version: 1.130 Family ID: 16
[ 1.746391] [drm] Found VCE firmware Version: 53.26 Binary ID: 3
[ 1.826490] [drm] Display Core initialized with v3.2.167!
[ 1.888991] [drm] UVD and UVD ENC initialized successfully.
[ 1.988916] [drm] VCE initialized successfully.
[ 2.000976] kfd kfd: amdgpu: Allocated 3969056 bytes on gart
[ 2.001163] amdgpu: Virtual CRAT table created for GPU
[ 2.001238] amdgpu: Topology: Add dGPU node [0x67ff:0x1002]
[ 2.001241] kfd kfd: amdgpu: added device 1002:67ff
[ 2.001251] amdgpu 0000:81:00.0: amdgpu: SE 2, SH per SE 1, CU per SH 8, active_cu_number 16
[ 2.005217] [drm] Initialized amdgpu 3.44.0 20150101 for 0000:81:00.0 on minor 1
[ 2.017488] fbcon: amdgpudrmfb (fb0) is primary device
[ 2.071235] Console: switching to colour frame buffer device 240x67
[ 2.091915] amdgpu 0000:81:00.0: [drm] fb0: amdgpudrmfb frame buffer device
The disassembly of stack frame #1 suggests that an invalid function
pointer is being invoked:
0x00007f15938eebb1 <+785>: lea 0xa6a8(%rip),%rax # 0x7f15938f9260 <gbm_core>
0x00007f15938eebb8 <+792>: call *0x8(%rax)
0x00007f15938eebbb <+795>: sub $0x8,%rsp
0x00007f15938eebbf <+799>: mov 0x8(%rbp),%edx
0x00007f15938eebc2 <+802>: mov 0x4(%rbp),%esi
0x00007f15938eebc5 <+805>: mov 0xe0(%rbx),%rdi
0x00007f15938eebcc <+812>: mov %eax,%ecx
0x00007f15938eebce <+814>: mov 0x130(%rbx),%rax
0x00007f15938eebd5 <+821>: push $0x0
0x00007f15938eebd7 <+823>: mov $0x1,%r9d
0x00007f15938eebdd <+829>: lea 0x14(%rsp),%r8
0x00007f15938eebe2 <+834>: push %r8
0x00007f15938eebe4 <+836>: lea 0x18(%rsp),%r8
0x00007f15938eebe9 <+841>: push %r8
0x00007f15938eebeb <+843>: mov %rbp,%r8
0x00007f15938eebee <+846>: call *0x60(%rax)
=> 0x00007f15938eebf1 <+849>: mov %rax,%r12
These lines should correspond to the following in
mesa-21.3.7/src/gbm/backends/dri/gbm_dri.c:
/* GBM's GBM_FORMAT_* tokens are a strict superset of the DRI FourCC
* tokens accepted by createImageFromFds, except for not supporting
* the sARGB format. */
fourcc = gbm_core.v0.format_canonicalize(fd_data->format);
image = dri->image->createImageFromFds(dri->screen,
fd_data->width,
fd_data->height,
fourcc,
&fd_data->fd, 1,
&stride, &offset,
NULL);
The offset of dri->image is 0x130, and the offset of createImageFromFds
is 0x60. That structure is as follows:
(gdb) p *(struct __DRIimageExtensionRec*)$rax
$1 = {base = {name = 0x7f158d6c3a30 "DRI_IMAGE", version = 19},
createImageFromName = 0x7f158c66a3c0, createImageFromRenderbuffer =
0x7f158c66d390, destroyImage = 0x7f158c66d3d0, createImage =
0x7f158c669010, queryImage = 0x7f158c669030, dupImage = 0x7f158c6697b0,
validateUsage = 0x7f158c667b70, createImageFromNames = 0x7f158c66a2a0,
fromPlanar = 0x7f158c669880, createImageFromTexture = 0x7f158c66d470,
createImageFromFds = 0x0, createImageFromDmaBufs = 0x0, blitImage =
0x7f158c668950, getCapabilities = 0x7f158c667c30, mapImage =
0x7f158c668590, unmapImage = 0x7f158c667c10, createImageWithModifiers =
0x0, createImageFromDmaBufs2 = 0x0, queryDmaBufFormats = 0x0,
queryDmaBufModifiers = 0x0, queryDmaBufFormatModifierAttribs = 0x0,
createImageFromRenderbuffer2 = 0x7f158c66d200, createImageFromDmaBufs3 =
0x0, createImageWithModifiers2 = 0x0}
Above, we can see that createImageFromFds is NULL.
A quick grep suggests that only the i965 and i915 drivers
in MESA assign that function pointer. There do exist
some NULL checks for that function pointer, but apparently not
in this code path.
I hope that this helps someone to fix the bug.
Marko
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.17.0+ (SMP w/40 CPU threads; PREEMPT)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages gnome-shell depends on:
ii dconf-gsettings-backend [gsettings-backend] 0.40.0-3
ii evolution-data-server 3.44.0-3
ii gir1.2-accountsservice-1.0 22.07.5-1
ii gir1.2-adw-1 1.1.0-1
ii gir1.2-atk-1.0 2.38.0-1
ii gir1.2-atspi-2.0 2.44.0-3
ii gir1.2-freedesktop 1.72.0-1+b1
ii gir1.2-gcr-3 3.40.0-4
ii gir1.2-gdesktopenums-3.0 42.0-1
ii gir1.2-gdkpixbuf-2.0 2.42.8+dfsg-1
ii gir1.2-gdm-1.0 42.0-1
ii gir1.2-geoclue-2.0 2.5.7-3
ii gir1.2-glib-2.0 1.72.0-1+b1
ii gir1.2-gnomebluetooth-3.0 42.0-2
ii gir1.2-gnomedesktop-3.0 42.0-1
ii gir1.2-graphene-1.0 1.10.8-1
ii gir1.2-gstreamer-1.0 1.20.1-1
ii gir1.2-gtk-3.0 3.24.33-1
ii gir1.2-gtk-4.0 4.6.2+ds-1
ii gir1.2-gweather-4.0 4.0.0-1
ii gir1.2-ibus-1.0 1.5.26-2
ii gir1.2-mutter-10 42.0-3
ii gir1.2-nm-1.0 1.36.4-1
ii gir1.2-nma-1.0 1.8.36-1
ii gir1.2-pango-1.0 1.50.6+ds-1
ii gir1.2-polkit-1.0 0.105-33
ii gir1.2-rsvg-2.0 2.52.5+dfsg-3+b1
ii gir1.2-soup-2.4 2.74.2-3
ii gir1.2-upowerglib-1.0 0.99.17-1
ii gir1.2-webkit2-4.0 2.36.0-2
ii gnome-backgrounds 42.0-1
ii gnome-settings-daemon 42.1-2
ii gnome-shell-common 42.0-2
ii gsettings-desktop-schemas 42.0-1
ii gstreamer1.0-pipewire 0.3.49-1
ii libatk-bridge2.0-0 2.38.0-4
ii libatk1.0-0 2.38.0-1
ii libc6 2.33-7
ii libcairo2 1.16.0-5
ii libecal-2.0-1 3.44.0-3
ii libedataserver-1.2-26 3.44.0-3
ii libgcr-base-3-1 3.40.0-4
ii libgdk-pixbuf-2.0-0 2.42.8+dfsg-1
ii libgirepository-1.0-1 1.72.0-1+b1
ii libgjs0g 1.72.0-2
ii libgles2 1.4.0-1
ii libglib2.0-0 2.72.0-1
ii libglib2.0-bin 2.72.0-1
ii libgnome-autoar-0-0 0.4.3-1
ii libgnome-desktop-3-19 42.0-1
ii libgraphene-1.0-0 1.10.8-1
ii libgtk-3-0 3.24.33-1
ii libgtk-4-1 4.6.2+ds-1
ii libical3 3.0.14-1
ii libjson-glib-1.0-0 1.6.6-1
ii libmutter-10-0 42.0-3
ii libnm0 1.36.4-1
ii libpango-1.0-0 1.50.6+ds-1
ii libpangocairo-1.0-0 1.50.6+ds-1
ii libpolkit-agent-1-0 0.105-33
ii libpolkit-gobject-1-0 0.105-33
ii libpulse-mainloop-glib0 15.0+dfsg1-4
ii libpulse0 15.0+dfsg1-4
ii libsecret-1-0 0.20.5-2
ii libsystemd0 250.4-1
ii libwayland-server0 1.20.0-1
ii libx11-6 2:1.7.2-2+b1
ii libxfixes3 1:6.0.0-1
ii python3 3.10.4-1
Versions of packages gnome-shell recommends:
ii bolt 0.9.2-1
ii chrome-gnome-shell 10.1-5
ii gdm3 42.0-1
ii gkbd-capplet 3.26.1-2
pn gnome-control-center <none>
ii gnome-menus 3.36.0-1
ii gnome-user-docs 42.0-1
ii ibus 1.5.26-2
ii iio-sensor-proxy 3.0-2
ii switcheroo-control 2.4-3
ii unzip 6.0-26
Versions of packages gnome-shell suggests:
ii gir1.2-malcontent-0 0.10.4-1
ii gir1.2-telepathyglib-0.12 0.24.1-3
ii gir1.2-telepathylogger-0.2 0.8.2-4
ii gnome-shell-extension-prefs 42.0-2
Versions of packages gnome-session depends on:
ii gnome-session-bin 42.0-1
ii gnome-session-common 42.0-1
ii gnome-settings-daemon 42.1-2
Versions of packages gnome-session suggests:
ii desktop-base 11.0.3
ii gnome-keyring 40.0-3
Versions of packages gnome-settings-daemon depends on:
ii gnome-settings-daemon-common 42.1-2
ii gsettings-desktop-schemas 42.0-1
ii libasound2 1.2.6.1-2+b1
ii libc6 2.33-7
ii libcairo2 1.16.0-5
ii libcanberra-gtk3-0 0.30-8
ii libcanberra0 0.30-8
ii libcolord2 1.4.6-1
ii libcups2 2.4.1op1-2
ii libfontconfig1 2.13.1-4.4
ii libgcr-base-3-1 3.40.0-4
ii libgdk-pixbuf-2.0-0 2.42.8+dfsg-1
ii libgeoclue-2-0 2.5.7-3
ii libgeocode-glib0 3.26.2-2
ii libglib2.0-0 2.72.0-1
ii libgnome-desktop-3-19 42.0-1
ii libgtk-3-0 3.24.33-1
ii libgudev-1.0-0 237-2
ii libgweather-4-0 4.0.0-1
ii liblcms2-2 2.12~rc1-2
ii libmm-glib0 1.18.6-2
ii libnm0 1.36.4-1
ii libnotify4 0.7.9-3
ii libnspr4 2:4.32-3
ii libnss3 2:3.75-1
ii libpam-systemd [logind] 250.4-1
ii libpango-1.0-0 1.50.6+ds-1
ii libpangocairo-1.0-0 1.50.6+ds-1
ii libpolkit-gobject-1-0 0.105-33
ii libpulse-mainloop-glib0 15.0+dfsg1-4
ii libpulse0 15.0+dfsg1-4
ii libupower-glib3 0.99.17-1
ii libwacom9 2.1.0-2
ii libwayland-client0 1.20.0-1
ii libx11-6 2:1.7.2-2+b1
ii libxext6 2:1.3.4-1
ii libxfixes3 1:6.0.0-1
ii libxi6 2:1.8-1
Versions of packages gnome-settings-daemon recommends:
ii iio-sensor-proxy 3.0-2
ii pulseaudio 15.0+dfsg1-4
ii x11-xserver-utils 7.7+9
Versions of packages gnome-settings-daemon suggests:
pn usbguard <none>
Versions of packages libgjs0g depends on:
ii libc6 2.33-7
ii libcairo-gobject2 1.16.0-5
ii libcairo2 1.16.0-5
ii libffi8 3.4.2-4
ii libgcc-s1 12-20220319-1
ii libgirepository-1.0-1 [libgirepository-1.0-1-with-libffi8] 1.72.0-1+b1
ii libglib2.0-0 2.72.0-1
ii libmozjs-91-0 91.7.0-5
ii libreadline8 8.1.2-1
ii libstdc++6 12-20220319-1
ii libx11-6 2:1.7.2-2+b1
Versions of packages gnome-shell is related to:
ii libegl-mesa0 [libegl-vendor] 21.3.7-1
ii libgl1-mesa-dri 21.3.7-1
ii libglx-mesa0 [libglx-vendor] 21.3.7-1
-- no debconf information
More information about the pkg-gnome-maintainers
mailing list