Bug 1756553

Summary: gnome-control-c[6995]: segfault at 38 ip 00005593cc8dda7e
Product: [Fedora] Fedora Reporter: TiagoMDRizzo <tiagomdrizzo>
Component: gnome-control-centerAssignee: Pete Walter <walter.pete>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 31CC: awilliam, bberg, gnome-sig, kevin, kparal, lruzicka, mail, mboddu, robatino, walter.pete
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard: AcceptedBlocker
Fixed In Version: gnome-control-center-3.34.1-4.fc31 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-10-13 17:55:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1644939    

Description TiagoMDRizzo 2019-09-28 00:01:58 UTC 
Description of problem:

`gnome-control-center` segfaults when trying to select a display at Settings>Devices>Displays.

`dmesg` displays the following error:

Attempt 2:
~~~
[  460.388340] gnome-control-c[6995]: segfault at 38 ip 00005593cc8dda7e sp 00007ffdb00f9870 error 4 in gnome-control-center[5593cc891000+122000]
[  460.388347] Code: 5d ff e0 66 0f 1f 84 00 00 00 00 00 55 48 89 fd 48 83 ec 10 f2 0f 11 44 24 08 e8 2d fe ff ff 48 89 ef 48 89 c6 e8 22 ce fb ff <48> 8b 40 38 8b 50 08 85 d2 74 37 48 8b 00 83 ea 01 f2 0f 10 44 24
~~~

Attempt 2:
~~~
[  559.157065] gnome-control-c[7667]: segfault at 38 ip 000055c33d098a7e sp 00007ffcacb78be0 error 4 in gnome-control-center[55c33d04c000+122000]
[  559.157073] Code: 5d ff e0 66 0f 1f 84 00 00 00 00 00 55 48 89 fd 48 83 ec 10 f2 0f 11 44 24 08 e8 2d fe ff ff 48 89 ef 48 89 c6 e8 22 ce fb ff <48> 8b 40 38 8b 50 08 85 d2 74 37 48 8b 00 83 ea 01 f2 0f 10 44 24
~~~

Version-Release number of selected component (if applicable):

~~~
Name        : gnome-control-center
Version     : 3.34.0.1
Release     : 1.fc31
Architecture: x86_64
Install Date: sex 27 set 2019 20:05:10 -03
Group       : Unspecified
Size        : 20916415
License     : GPLv2+ and CC-BY-SA
Signature   : RSA/SHA256, seg 09 set 2019 13:22:28 -03, Key ID 50cb390b3c3359c4
Source RPM  : gnome-control-center-3.34.0.1-1.fc31.src.rpm
Build Date  : seg 09 set 2019 13:13:34 -03
Build Host  : buildhw-05.phx2.fedoraproject.org
~~~

How reproducible:

Easy reproducible.

Steps to Reproduce:
1. Access GNOME using Wayland
2. Go to `Settings > Devices > Displays`
3. Select any other available display inside the combo box. 
4. GNOME Control Center crashes immediately.

Actual results:

GNOME Control Center (Settings) crashes and closes.

Expected results:

Be able to select connected displays without crashing GNOME Control Center.

Additional info:

Works as expected when using GNOME Xorg.

Hardware information:
~~~
Manufacturer: LENOVO
Version: ThinkPad T440p
SKU Number: LENOVO_MT_20AW_BU_Think_FM_ThinkPad T440p
Family: ThinkPad T440p

00:02.0 VGA compatible controller: Intel Corporation 4th Gen Core Processor Integrated Graphics Controller (rev 06) (prog-if 00 [VGA controller])
	Subsystem: Lenovo ThinkPad T440p
	Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+
	Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx-
	Latency: 0
	Interrupt: pin A routed to IRQ 32
	Region 0: Memory at e0000000 (64-bit, non-prefetchable) [size=4M]
	Region 2: Memory at c0000000 (64-bit, prefetchable) [size=512M]
	Region 4: I/O ports at 3000 [size=64]
	[virtual] Expansion ROM at 000c0000 [disabled] [size=128K]
	Capabilities: [90] MSI: Enable+ Count=1/1 Maskable- 64bit-
		Address: fee00018  Data: 0000
	Capabilities: [d0] Power Management version 2
		Flags: PMEClk- DSI+ D1- D2- AuxCurrent=0mA PME(D0-,D1-,D2-,D3hot-,D3cold-)
		Status: D0 NoSoftRst- PME-Enable- DSel=0 DScale=0 PME-
	Capabilities: [a4] PCI Advanced Features
		AFCap: TP+ FLR+
		AFCtrl: FLR-
		AFStatus: TP-
	Kernel driver in use: i915
	Kernel modules: i915
~~~
Comment 1 TiagoMDRizzo 2019-10-03 21:31:17 UTC 
Hi,

Updated to gnome-control-center-3.34.0.1-2.fc31.x86_64


System logs:
~~~
out 03 18:25:21 localhost audit[4360]: ANOM_ABEND auid=1000 uid=1000 gid=1000 ses=3 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 pid=4360 comm="gnome-control-c" exe="/usr/bin/gnome-control-center" sig=11 res=1
out 03 18:25:21 localhost kernel: gnome-control-c[4360]: segfault at 38 ip 000055784c391abe sp 00007ffc148d59c0 error 4 in gnome-control-center[55784c345000+122000]
out 03 18:25:21 localhost kernel: Code: 5d ff e0 66 0f 1f 84 00 00 00 00 00 55 48 89 fd 48 83 ec 10 f2 0f 11 44 24 08 e8 2d fe ff ff 48 89 ef 48 89 c6 e8 52 14 fc ff <48> 8b 40 38 8b 50 08 85 d2 74 37 48 8b 00 83 ea 01 f2 0f 10 44 24
out 03 18:25:21 localhost systemd[1]: Started Process Core Dump (PID 4429/UID 0).
out 03 18:25:21 localhost audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-coredump@2-4429-0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
out 03 18:25:21 localhost systemd-coredump[4430]: Process 4360 (gnome-control-c) of user 1000 dumped core.
                                                
                                                Stack trace of thread 4360:
                                                #0  0x000055784c391abe cc_display_mode_dbus_is_supported_scale (gnome-control-center)
                                                #1  0x000055784c391c05 is_scaled_mode_allowed (gnome-control-center)
                                                #2  0x000055784c38e6cc cc_display_settings_rebuild_ui (gnome-control-center)
                                                #3  0x000055784c38f1c7 cc_display_settings_set_selected_output (gnome-control-center)
                                                #4  0x000055784c387da0 set_current_output (gnome-control-center)
                                                #5  0x000055784c388c26 on_output_selection_combo_changed_cb (gnome-control-center)
                                                #6  0x00007ff3fca51996 _g_closure_invoke_va (libgobject-2.0.so.0)
                                                #7  0x00007ff3fca6e228 g_signal_emit_valist (libgobject-2.0.so.0)
                                                #8  0x00007ff3fca6e9d3 g_signal_emit (libgobject-2.0.so.0)
                                                #9  0x00007ff3fc319cd1 gtk_combo_box_set_active_internal (libgtk-3.so.0)
                                                #10 0x00007ff3fc31ca5e gtk_combo_box_set_active_iter (libgtk-3.so.0)
                                                #11 0x00007ff3fc31cdf3 gtk_combo_box_menu_activate (libgtk-3.so.0)
                                                #12 0x00007ff3fca5484f g_cclosure_marshal_VOID__STRINGv (libgobject-2.0.so.0)
                                                #13 0x00007ff3fca51996 _g_closure_invoke_va (libgobject-2.0.so.0)
                                                #14 0x00007ff3fca6e228 g_signal_emit_valist (libgobject-2.0.so.0)
                                                #15 0x00007ff3fca6e9d3 g_signal_emit (libgobject-2.0.so.0)
                                                #16 0x00007ff3fc4ffc93 item_activated_cb (libgtk-3.so.0)
                                                #17 0x00007ff3fca51742 g_closure_invoke (libgobject-2.0.so.0)
                                                #18 0x00007ff3fca65604 signal_emit_unlocked_R (libgobject-2.0.so.0)
                                                #19 0x00007ff3fca6e3ae g_signal_emit_valist (libgobject-2.0.so.0)
                                                #20 0x00007ff3fca6e9d3 g_signal_emit (libgobject-2.0.so.0)
                                                #21 0x00007ff3fc53dfb2 gtk_widget_activate (libgtk-3.so.0)
                                                #22 0x00007ff3fc40c3a6 gtk_menu_shell_activate_item (libgtk-3.so.0)
                                                #23 0x00007ff3fc40c633 gtk_menu_shell_button_release (libgtk-3.so.0)
                                                #24 0x00007ff3fc5906bf _gtk_marshal_BOOLEAN__BOXEDv (libgtk-3.so.0)
                                                #25 0x00007ff3fca51996 _g_closure_invoke_va (libgobject-2.0.so.0)
                                                #26 0x00007ff3fca6de6a g_signal_emit_valist (libgobject-2.0.so.0)
                                                #27 0x00007ff3fca6e9d3 g_signal_emit (libgobject-2.0.so.0)
                                                #28 0x00007ff3fc53b153 gtk_widget_event_internal (libgtk-3.so.0)
                                                #29 0x00007ff3fc3f6d08 propagate_event (libgtk-3.so.0)
                                                #30 0x00007ff3fc3f8f1b gtk_main_do_event (libgtk-3.so.0)
                                                #31 0x00007ff3fc0e2f79 _gdk_event_emit (libgdk-3.so.0)
                                                #32 0x00007ff3fc141666 gdk_event_source_dispatch (libgdk-3.so.0)
                                                #33 0x00007ff3fc9674a0 g_main_context_dispatch (libglib-2.0.so.0)
                                                #34 0x00007ff3fc967830 g_main_context_iterate.isra.0 (libglib-2.0.so.0)
                                                #35 0x00007ff3fc9678d3 g_main_context_iteration (libglib-2.0.so.0)
                                                #36 0x00007ff3fcb79bc5 g_application_run (libgio-2.0.so.0)
                                                #37 0x000055784c360009 main (gnome-control-center)
                                                #38 0x00007ff3faf3e1a3 __libc_start_main (libc.so.6)
                                                #39 0x000055784c36020e _start (gnome-control-center)
                                                
                                                Stack trace of thread 4373:
                                                #0  0x00007ff3fb00da1f __poll (libc.so.6)
                                                #1  0x00007ff3fc96779e g_main_context_iterate.isra.0 (libglib-2.0.so.0)
                                                #2  0x00007ff3fc9678d3 g_main_context_iteration (libglib-2.0.so.0)
                                                #3  0x00007ff3fcc8f93d dconf_gdbus_worker_thread (libdconfsettings.so)
                                                #4  0x00007ff3fc990f52 g_thread_proxy (libglib-2.0.so.0)
                                                #5  0x00007ff3fb49a4e2 start_thread (libpthread.so.0)
                                                #6  0x00007ff3fb018643 __clone (libc.so.6)
                                                
                                                Stack trace of thread 4371:
                                                #0  0x00007ff3fb00da1f __poll (libc.so.6)
                                                #1  0x00007ff3fc96779e g_main_context_iterate.isra.0 (libglib-2.0.so.0)
                                                #2  0x00007ff3fc9678d3 g_main_context_iteration (libglib-2.0.so.0)
                                                #3  0x00007ff3fc967921 glib_worker_main (libglib-2.0.so.0)
                                                #4  0x00007ff3fc990f52 g_thread_proxy (libglib-2.0.so.0)
                                                #5  0x00007ff3fb49a4e2 start_thread (libpthread.so.0)
                                                #6  0x00007ff3fb018643 __clone (libc.so.6)
                                                
                                                Stack trace of thread 4426:
                                                #0  0x00007ff3fb01315d syscall (libc.so.6)
                                                #1  0x00007ff3fc9b3c26 g_cond_wait_until (libglib-2.0.so.0)
                                                #2  0x00007ff3fc938411 g_async_queue_pop_intern_unlocked (libglib-2.0.so.0)
                                                #3  0x00007ff3fc938a36 g_async_queue_timeout_pop (libglib-2.0.so.0)
                                                #4  0x00007ff3fc991739 g_thread_pool_thread_proxy (libglib-2.0.so.0)
                                                #5  0x00007ff3fc990f52 g_thread_proxy (libglib-2.0.so.0)
                                                #6  0x00007ff3fb49a4e2 start_thread (libpthread.so.0)
                                                #7  0x00007ff3fb018643 __clone (libc.so.6)
                                                
                                                Stack trace of thread 4380:
                                                #0  0x00007ff3fb4a0d45 pthread_cond_wait@@GLIBC_2.3.2 (libpthread.so.0)
                                                #1  0x00007ff3e17ad0cb util_queue_thread_func (i965_dri.so)
                                                #2  0x00007ff3e17accdb impl_thrd_routine (i965_dri.so)
                                                #3  0x00007ff3fb49a4e2 start_thread (libpthread.so.0)
                                                #4  0x00007ff3fb018643 __clone (libc.so.6)
                                                
                                                Stack trace of thread 4374:
                                                #0  0x00007ff3fb00da1f __poll (libc.so.6)
                                                #1  0x00007ff3fc96779e g_main_context_iterate.isra.0 (libglib-2.0.so.0)
                                                #2  0x00007ff3fc967b23 g_main_loop_run (libglib-2.0.so.0)
                                                #3  0x00007ff3fcbb564a gdbus_shared_thread_func (libgio-2.0.so.0)
                                                #4  0x00007ff3fc990f52 g_thread_proxy (libglib-2.0.so.0)
                                                #5  0x00007ff3fb49a4e2 start_thread (libpthread.so.0)
                                                #6  0x00007ff3fb018643 __clone (libc.so.6)
out 03 18:25:21 localhost systemd[1]: systemd-coredump: Succeeded.
out 03 18:25:21 localhost audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-coredump@2-4429-0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
out 03 18:25:26 localhost systemd[2474]: dbus-:1.2-org.gnome.clocks: Succeeded.
out 03 18:25:27 localhost systemd[2474]: dbus-:1.2-org.gnome.Contacts.SearchProvider: Succeeded.
out 03 18:25:28 localhost systemd[2474]: dbus-:1.2-org.gnome.Nautilus: Succeeded.
out 03 18:25:29 localhost systemd[2474]: dbus-:1.2-org.gnome.Documents: Succeeded.
out 03 18:25:29 localhost systemd[2474]: dbus-:1.2-org.gnome.Documents: Consumed 1.829s CPU time.
out 03 18:25:46 localhost systemd[2474]: dbus-:1.2-org.gnome.Characters.BackgroundService: Succeeded.
~~~

dmesg:
~~~
[  301.152045] gnome-control-c[4360]: segfault at 38 ip 000055784c391abe sp 00007ffc148d59c0 error 4 in gnome-control-center[55784c345000+122000]
[  301.152053] Code: 5d ff e0 66 0f 1f 84 00 00 00 00 00 55 48 89 fd 48 83 ec 10 f2 0f 11 44 24 08 e8 2d fe ff ff 48 89 ef 48 89 c6 e8 52 14 fc ff <48> 8b 40 38 8b 50 08 85 d2 74 37 48 8b 00 83 ea 01 f2 0f 10 44 24
~~~

Regards,
Comment 2 Adam Williamson 2019-10-09 15:56:49 UTC 
*** Bug 1759981 has been marked as a duplicate of this bug. ***
Comment 3 Adam Williamson 2019-10-09 16:03:10 UTC 
CCing Marco (who wrote the code that crashed here) and bberg (who touched the same bits of code recently).
Comment 4 Adam Williamson 2019-10-09 16:08:19 UTC 
Looks like there's an existing upstream issue for this.
Comment 5 Adam Williamson 2019-10-09 16:41:15 UTC 
There's a request for info in the upstream bug:

https://gitlab.gnome.org/GNOME/gnome-control-center/issues/675#note_621897
Comment 6 TiagoMDRizzo 2019-10-10 00:15:34 UTC 
@awilliam

I just added the requested information to that upstream bug.

I'm following that thread now, so I supposed we can use that reference.
Comment 7 Kamil Páral 2019-10-10 17:00:05 UTC 
We have at least 5 people who already hit this, seems frequent enough to warrant +1 blocker.
Comment 8 Adam Williamson 2019-10-10 17:02:33 UTC 
yeah, looking at the bug and the amount of people who've hit it I think I'm +1 blocker under the "basic functionality" rule applied to this config applet.
Comment 9 Ben Cotton 2019-10-10 17:03:19 UTC 
+1 blocker
Comment 10 Mohan Boddu 2019-10-10 17:19:52 UTC 
+1 Blocker
Comment 11 Kevin Fenzi 2019-10-10 17:24:19 UTC 
+1 blocker
Comment 12 Adam Williamson 2019-10-10 17:31:25 UTC 
That's +5, marking accepted.
Comment 13 Adam Williamson 2019-10-10 18:16:21 UTC 
I've sent a build (3.34.1-4.fc31) with the proposed fix for this - https://gitlab.gnome.org/GNOME/gnome-control-center/merge_requests/588 - backported; I'll submit an update after the GNOME 3.34.1 megaupdate is pushed stable.
Comment 14 Fedora Update System 2019-10-10 18:34:58 UTC 
FEDORA-2019-eaf25b8182 has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2019-eaf25b8182
Comment 15 TiagoMDRizzo 2019-10-10 22:02:03 UTC 
Confirmed package `gnome-control-center-3.34.1-4.fc31.x86_64` works.

Test process:
- Install: rpm -Uvh --nodeps gnome-control-center-3.34.1-4.fc31.x86_64
- Tried to enable displays, worked immediately;
- Rebooted the system to make sure;
- Disabled/enabled displays, worked again.

--
tmrizzo
Comment 16 Adam Williamson 2019-10-10 23:22:02 UTC 
Thanks! If you could leave positive feedback on the update that'd be a big help too.
Comment 17 Kamil Páral 2019-10-11 08:35:34 UTC 
Lukas (from bug 1644939), can you please test as well?
Comment 18 Fedora Update System 2019-10-11 16:53:35 UTC 
gnome-control-center-3.34.1-4.fc31 has been pushed to the Fedora 31 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-eaf25b8182
Comment 19 Fedora Update System 2019-10-13 17:55:55 UTC 
gnome-control-center-3.34.1-4.fc31 has been pushed to the Fedora 31 stable repository. If problems still persist, please make note of it in this bug report.
Comment 20 Lukas Ruzicka 2019-10-14 09:50:13 UTC 
I have just tried. It seems to be working flawlessly.
Comment 21 Lukas Ruzicka 2019-10-14 09:50:26 UTC 
I have just tried. It seems to be working flawlessly.