Bug 2229403

Summary: [abrt] gjs: _gtk_widget_get_toplevel(): gjs-console killed by SIGSEGV
Product: [Fedora] Fedora Reporter: Sagi Shnaidman <sshnaidm>
Component: gjsAssignee: Colin Walters <walters>
Status: NEW --- QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 38CC: fzatlouk, gnome-sig, otaylor, sshnaidm, walters
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
URL: https://retrace.fedoraproject.org/faf/reports/bthash/e4a18e08f8dc3b28505c261f8cfe4da36b5c7e6
Whiteboard: abrt_hash:62e78797e9e8c8a08f013ec3081ac526ecd2bb50;VARIANT_ID=workstation;
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: proc_pid_status
none
File: maps
none
File: limits
none
File: environ
none
File: open_fds
none
File: mountinfo
none
File: os_info
none
File: cpuinfo
none
File: core_backtrace
none
File: exploitable
none
File: backtrace none

Description Sagi Shnaidman 2023-08-05 18:33:18 UTC 
Version-Release number of selected component:
gjs-1.76.2-1.fc38

Additional info:
reporter:       libreport-2.17.11
type:           CCpp
reason:         gjs-console killed by SIGSEGV
journald_cursor: s=a258e9788d104585843123f44a338886;i=6821e5;b=9d2c5cc70b8c4954945f447094ad0970;m=8ce49aaa84;t=6022c67d507ad;x=cb431cee38f7bf0e
executable:     /usr/bin/gjs-console
cmdline:        /usr/bin/gjs /usr/bin/com.github.johnfactotum.Foliate --library
cgroup:         0::/user.slice/user-1000.slice/user/app.slice/app-gnome-com.github.johnfactotum.Foliate-77578.scope
rootdir:        /
uid:            1000
kernel:         6.4.6-200.fc38.x86_64
package:        gjs-1.76.2-1.fc38
runlevel:       N 5
dso_list:       /usr/bin/gjs-console gjs-1.76.2-1.fc38.x86_64 (Fedora Project) 1687565380
backtrace_rating: 4
crash_function: _gtk_widget_get_toplevel

Truncated backtrace:
Thread no. 0 (83 frames)
 #0 _gtk_widget_get_toplevel at ../gtk/gtkwidgetprivate.h:382
 #1 gtk_widget_get_screen_unchecked at ../gtk/gtkwidget.c:10862
 #2 gtk_widget_get_screen at ../gtk/gtkwidget.c:10899
 #3 gtk_widget_get_settings at ../gtk/gtkwidget.c:11749
 #4 gtk_css_widget_node_get_style_provider at ../gtk/gtkcsswidgetnode.c:247
 #5 gtk_css_node_get_style_provider_or_null at ../gtk/gtkcssnode.c:121
 #6 gtk_css_node_invalidate_style_provider at ../gtk/gtkcssnode.c:1320
 #8 signal_emit_unlocked_R.isra.0 at ../gobject/gsignal.c:3812
 #15 _gtk_style_cascade_add_provider at ../gtk/gtkstylecascade.c:380
 #16 ffi_call_unix64 at ../src/x86/unix64.S:104
 #17 ffi_call_int at ../src/x86/ffi64.c:673
 #18 ffi_call at ../src/x86/ffi64.c:710
 #19 Gjs::Function::invoke(JSContext*, JS::CallArgs const&, JS::Handle<JSObject*>, _GIArgument*) at ../gi/function.cpp:1050
 #20 Gjs::Function::call(JSContext*, unsigned int, JS::Value*) at ../gi/function.cpp:1230
 #21 CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:420
 #22 js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:493
 #23 InternalCall at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:574
 #24 js::CallFromStack(JSContext*, JS::CallArgs const&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:578
 #25 Interpret(JSContext*, js::RunState&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:3314
 #26 js::RunScript(JSContext*, js::RunState&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:389
 #27 js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:539
 #28 InternalCall at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:574
 #29 js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:605
 #30 JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/CallAndConstruct.cpp:53
 #31 GjsContextPrivate::call_function(JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) at ../gjs/context.cpp:1692
 #32 ObjectInstance::constructor_impl(JSContext*, JS::Handle<JSObject*>, JS::CallArgs const&) at ../gi/object.cpp:1890
 #33 GIWrapperBase<ObjectBase, ObjectPrototype, ObjectInstance>::constructor(JSContext*, unsigned int, JS::Value*) at ../gi/wrapperutils.h:486
 #34 CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:420
 #35 CallJSNativeConstructor(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), JS::CallArgs const&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:436
 #36 InternalConstruct(JSContext*, js::AnyConstructArgs const&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:633
 #37 js::Construct(JSContext*, JS::Handle<JS::Value>, js::AnyConstructArgs const&, JS::Handle<JS::Value>, JS::MutableHandle<JSObject*>) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:691
 #38 js::SpreadCallOperation(JSContext*, JS::Handle<JSScript*>, unsigned char*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::MutableHandle<JS::Value>) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/dist/include/js/RootingAPI.h:1215
 #39 Interpret(JSContext*, js::RunState&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:3257
 #40 js::RunScript(JSContext*, js::RunState&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:389
 #41 js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:539
 #42 InternalCall at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:574
 #43 js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:605
 #44 JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/CallAndConstruct.cpp:53
 #45 JS::Call at /usr/include/mozjs-102/js/CallAndConstruct.h:92
 #46 Gjs::Closure::invoke(JS::Handle<JSObject*>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) at ../gi/closure.cpp:184
 #47 Gjs::Closure::marshal(_GValue*, unsigned int, _GValue const*, void*, void*) at /usr/include/mozjs-102/js/RootingAPI.h:613
 #49 signal_emit_unlocked_R.isra.0 at ../gobject/gsignal.c:3812
 #52 _gtk_marshal_VOID__INT_DOUBLE_DOUBLEv at gtk/gtkmarshalers.c:4804
 #53 _g_closure_invoke_va at ../gobject/gclosure.c:895
 #56 gtk_gesture_multi_press_end at ../gtk/gtkgesturemultipress.c:287
 #57 g_cclosure_marshal_VOID__BOXEDv at ../gobject/gmarshal.c:1686
 #58 _g_closure_invoke_va at ../gobject/gclosure.c:895
 #61 _gtk_gesture_set_recognized at ../gtk/gtkgesture.c:346
 #62 _gtk_gesture_check_recognized at ../gtk/gtkgesture.c:387
 #63 gtk_gesture_handle_event at ../gtk/gtkgesture.c:784
 #64 gtk_gesture_single_handle_event at ../gtk/gtkgesturesingle.c:222
 #65 gtk_event_controller_handle_event at ../gtk/gtkeventcontroller.c:230
 #66 _gtk_widget_run_controllers at ../gtk/gtkwidget.c:7447
 #67 _gtk_marshal_BOOLEAN__BOXEDv at gtk/gtkmarshalers.c:130
 #68 _g_closure_invoke_va at ../gobject/gclosure.c:895
 #71 gtk_widget_event_internal.part.0.lto_priv.0 at ../gtk/gtkwidget.c:7812
 #72 propagate_event_up at ../gtk/gtkmain.c:2588
 #73 propagate_event at ../gtk/gtkmain.c:2691
 #74 gtk_propagate_event at ../gtk/gtkmain.c:2725
 #75 gtk_main_do_event at ../gtk/gtkmain.c:1921
 #77 _gdk_event_emit at ../gdk/gdkevents.c:73
 #82 g_main_context_iterate.isra.0 at ../glib/gmain.c:4276
 #83 g_main_context_iteration at ../glib/gmain.c:4343
 #84 g_application_run at ../gio/gapplication.c:2573
 #85 ffi_call_unix64 at ../src/x86/unix64.S:104
 #86 ffi_call_int at ../src/x86/ffi64.c:673
 #87 ffi_call at ../src/x86/ffi64.c:710
 #88 Gjs::Function::invoke(JSContext*, JS::CallArgs const&, JS::Handle<JSObject*>, _GIArgument*) at ../gi/function.cpp:1050
 #89 Gjs::Function::call(JSContext*, unsigned int, JS::Value*) at ../gi/function.cpp:1230
 #90 CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:420
 #91 js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:493
 #92 InternalCall at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:574
 #93 js::CallFromStack(JSContext*, JS::CallArgs const&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:578
 #94 Interpret(JSContext*, js::RunState&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:3314
 #95 js::RunScript(JSContext*, js::RunState&) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:389
 #96 js::ExecuteKernel(JSContext*, JS::Handle<JSScript*>, JS::Handle<JSObject*>, js::AbstractFramePtr, JS::MutableHandle<JS::Value>) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/Interpreter.cpp:781
 #97 ExecuteScript at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/dist/include/js/RootingAPI.h:1216
 #98 JS_ExecuteScript(JSContext*, JS::Handle<JS::StackGCVector<JSObject*, js::TempAllocPolicy> >, JS::Handle<JSScript*>, JS::MutableHandle<JS::Value>) at /usr/src/debug/mozjs102-102.12.0-1.fc38.x86_64/vm/CompilationAndEvaluation.cpp:539
 #99 GjsContextPrivate::eval_with_scope(JS::Handle<JSObject*>, char const*, unsigned long, char const*, JS::MutableHandle<JS::Value>) at /usr/include/mozjs-102/js/RootingAPI.h:1216
 #100 GjsContextPrivate::eval(char const*, unsigned long, char const*, int*, _GError**) at /usr/include/mozjs-102/js/RootingAPI.h:613
 #101 gjs_context_eval(GjsContext*, char const*, gssize, char const*, int*, GError**) at ../gjs/context.cpp:1289
 #102 define_argv_and_eval_script(_GjsContext*, int, char* const*, char const*, unsigned long, char const*) at ../gjs/console.cpp:214
 #103 main(int, char**) at ../gjs/console.cpp:398
Comment 1 Sagi Shnaidman 2023-08-05 18:33:21 UTC 
Created attachment 1981841 [details]
File: proc_pid_status
Comment 2 Sagi Shnaidman 2023-08-05 18:33:22 UTC 
Created attachment 1981842 [details]
File: maps
Comment 3 Sagi Shnaidman 2023-08-05 18:33:24 UTC 
Created attachment 1981843 [details]
File: limits
Comment 4 Sagi Shnaidman 2023-08-05 18:33:25 UTC 
Created attachment 1981844 [details]
File: environ
Comment 5 Sagi Shnaidman 2023-08-05 18:33:27 UTC 
Created attachment 1981845 [details]
File: open_fds
Comment 6 Sagi Shnaidman 2023-08-05 18:33:29 UTC 
Created attachment 1981846 [details]
File: mountinfo
Comment 7 Sagi Shnaidman 2023-08-05 18:33:30 UTC 
Created attachment 1981847 [details]
File: os_info
Comment 8 Sagi Shnaidman 2023-08-05 18:33:32 UTC 
Created attachment 1981848 [details]
File: cpuinfo
Comment 9 Sagi Shnaidman 2023-08-05 18:33:34 UTC 
Created attachment 1981849 [details]
File: core_backtrace
Comment 10 Sagi Shnaidman 2023-08-05 18:33:35 UTC 
Created attachment 1981850 [details]
File: exploitable
Comment 11 Sagi Shnaidman 2023-08-05 18:33:37 UTC 
Created attachment 1981851 [details]
File: backtrace