Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 1525499 - gnome-shell segfaults in g_type_check_instance_cast() from st_label_set_text()
gnome-shell segfaults in g_type_check_instance_cast() from st_label_set_text()
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: gnome-shell (Show other bugs)
7.5
x86_64 Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Florian Müllner
Desktop QE
abrt_hash:17c2b611b4c771b2d1160cbbc46...
:
Depends On: 1517890
Blocks:
  Show dependency treegraph
 
Reported: 2017-12-13 07:51 EST by Matěj Cepl
Modified: 2018-05-17 10:39 EDT (History)
5 users (show)

See Also:
Fixed In Version: gjs-1.50.4-1.el7 mutter-3.26.2-7.el7
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2018-04-10 09:08:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
File: backtrace (33.73 KB, text/plain)
2017-12-13 07:51 EST, Matěj Cepl
no flags Details
output of journalctl -xb (4.90 MB, text/plain)
2017-12-13 10:17 EST, Matěj Cepl
no flags Details
backtrace (20.35 KB, text/plain)
2017-12-13 11:21 EST, Matěj Cepl
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
GNOME Bugzilla 788931 None None None 2018-01-30 09:38 EST
Red Hat Product Errata RHBA-2018:0770 None None None 2018-04-10 09:09 EDT

  None (edit)
Description Matěj Cepl 2017-12-13 07:51:21 EST
Version-Release number of selected component:
xorg-x11-server-Xwayland-1.19.5-2.el7

Additional info:
reporter:       libreport-2.1.11.1
backtrace_rating: 4
cmdline:        /usr/bin/Xwayland :1 -rootless -terminate -core -listen 4 -listen 5 -displayfd 6
crash_function: xwl_read_events
executable:     /usr/bin/Xwayland
global_pid:     13323
kernel:         3.10.0-801.el7.x86_64
pkg_fingerprint: 199E 2F91 FD43 1D51
pkg_vendor:     Red Hat, Inc.
reproducible:   Not sure how to reproduce the problem
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (6 frames)
 #5 xwl_read_events at xwayland.c:594
 #6 ospoll_wait at ospoll.c:412
 #7 WaitForSomething at WaitFor.c:226
 #8 Dispatch at dispatch.c:422
 #9 dix_main at main.c:287
 #11 _start
Comment 1 Matěj Cepl 2017-12-13 07:51:26 EST
Created attachment 1367329 [details]
File: backtrace
Comment 3 Tomas Pelka 2017-12-13 08:08:17 EST
Most probably dup of bz1516408
Comment 4 Olivier Fourdan 2017-12-13 08:09:02 EST
This is simply Xwayland telling your Wayland compositor (namely gnome-shell/mutter) has died.

Basically, gnome-shell (now) runs Xwayland with “-core” which means that *any* FatalError() in Xwayland will dump a core file.

xwl_read_events() triggers a FatalError() because the Wayland socket is unusable, and it's unusable because the Wayland compositor (the other side of the socket) has died, i.e. crashed most likely.

The Wayland compositor is gnome-shell/mutter, so if you could please look into journalctl and coredumpctl to find a backtrace and/or generate one with coredumpctl and gdb.
Comment 5 Olivier Fourdan 2017-12-13 08:15:26 EST
(In reply to Tomas Pelka from comment #3)
> Most probably dup of bz1516408

Matěj said on irc he's using mutter-3.26.2-6 which contanis the fix for bug 1516408, so it's a different issue.

We'll need the backtrace of gnome-shell for sure.
Comment 6 Matěj Cepl 2017-12-13 10:17 EST
Created attachment 1367436 [details]
output of journalctl -xb
Comment 7 Matěj Cepl 2017-12-13 10:22:38 EST
coredumpctl is completely silent.

Also:

core.13028: ELF 64-bit LSB core file x86-64, version 1 (SYSV), too many program header sections (2128)
core.13323: ELF 64-bit LSB core file x86-64, version 1 (SYSV), SVR4-style, from '/usr/bin/Xwayland :1 -rootless -terminate -core -listen 4 -listen 5 -displayfd', real uid: 1000, effective uid: 1000, real gid: 1000, effective gid: 1000, execfn: '/usr/bin/Xwayland', platform: 'x86_64'

The second coredump is apparently the one we have backtrace from, but the other one is a myster (it has 1.1G, so it is by far not empty).
Comment 8 Olivier Fourdan 2017-12-13 10:31:48 EST
From attachment 1367436 [details] :

Dec 13 13:27:50 mitmanek.ceplovi.cz kernel: traps: gnome-shell[13028] general protection ip:7f1d1f8f8bc0 sp:7fff91fcb1e0 error:0 in libgobject-2.0.so.0.5400.2[7f1d1f8c6000+4f000]
Dec 13 13:27:50 mitmanek.ceplovi.cz abrt-hook-ccpp[19713]: Process 13028 (gnome-shell) of user 1000 killed by SIGSEGV - dumping core
Dec 13 13:27:59 mitmanek.ceplovi.cz abrt-hook-ccpp[19713]: /var/spool/abrt is 5076597800 bytes (more than 1279MiB), deleting 'ccpp-2017-12-13-13:23:24-17860'
Dec 13 13:27:59 mitmanek.ceplovi.cz abrt-server[19742]: Package 'gnome-shell' isn't signed with proper key

Unfortunately, that doesn't tell us much on the root cause of the crash...
Comment 9 Matěj Cepl 2017-12-13 11:21 EST
Created attachment 1367491 [details]
backtrace

Actually, gdb was able to decipher the other coredump and it was truly from gnome-shell.
Comment 10 Olivier Fourdan 2017-12-13 11:33:55 EST
Oh right! This seems to come from the JS part of gnome-shell, moving to gnome-shell then (apparently unrelated to Wayland).
Comment 11 Olivier Fourdan 2018-01-30 09:38:32 EST
Backtrace is similar to https://bugzilla.gnome.org/show_bug.cgi?id=788931
Comment 12 Kalev Lember 2018-02-01 10:17:21 EST
(In reply to Olivier Fourdan from comment #11)
> Backtrace is similar to https://bugzilla.gnome.org/show_bug.cgi?id=788931

gjs 1.50.4 should have fixes to avoid crashing in this case. I'd like to get the update into 7.5; it's a minor bug fix release that should help with several gnome-shell crashes.

lmiksik, could you provide pm_ack and exception+ for this, please?
Comment 13 Kalev Lember 2018-02-02 03:48:52 EST
gjs-1.50.4-1.el7 should fix the crash and turn it into a warning in system logs. We should still try to get the gnome-shell fix in though, if possible.
Comment 20 errata-xmlrpc 2018-04-10 09:08:48 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0770

Note You need to log in before you can comment on or make changes to this bug.