Bug 734171 – gnome-shell-3.12.3 segfaults

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 734171 - gnome-shell-3.12.3 segfaults


Summary:	gnome-shell-3.12.3 segfaults


Status:	RESOLVED DUPLICATE of bug 738686

Product:	gnome-shell
Classification:	Core
Component:	general
Version:	3.15.x
Hardware:	Other Linux

Importance:	Normal critical
Target Milestone:	---
Assigned To:	gnome-shell-maint
QA Contact:	gnome-shell-maint

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2014-08-02 10:40 UTC by Pacho Ramos
Modified:	2014-11-27 13:20 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Pacho Ramos 2014-08-02 10:40:56 UTC

Core was generated by `/usr/bin/gnome-shell'.
Program terminated with signal 11, Segmentation fault.

+ Trace 233913

Thread 1 (Thread 0x7fc27ad36940 (LWP 676))

#0 send_frame_messages_timeout
at compositor/meta-window-actor.c line 798
#1 g_timeout_dispatch
at /var/tmp/portage/dev-libs/glib-2.40.0-r1/work/glib-2.40.0/glib/gmain.c line 4472
#2 g_main_dispatch
at /var/tmp/portage/dev-libs/glib-2.40.0-r1/work/glib-2.40.0/glib/gmain.c line 3064
#3 g_main_context_dispatch
at /var/tmp/portage/dev-libs/glib-2.40.0-r1/work/glib-2.40.0/glib/gmain.c line 3663
#4 g_main_context_iterate
at /var/tmp/portage/dev-libs/glib-2.40.0-r1/work/glib-2.40.0/glib/gmain.c line 3734
#5 g_main_loop_run
at /var/tmp/portage/dev-libs/glib-2.40.0-r1/work/glib-2.40.0/glib/gmain.c line 3928
#6 meta_run
at core/main.c line 566
#7 main
at main.c line 437

Comment 1 Rui Matos 2014-11-25 17:33:01 UTC

Got the same crash while clicking on windows (might have been closing one, not sure):

(gdb) bt

+ Trace 234372

#0 send_frame_messages_timeout
at compositor/meta-window-actor.c line 878
#1 g_timeout_dispatch
at gmain.c line 4545
#2 g_main_dispatch
at gmain.c line 3122
#3 g_main_context_dispatch
at gmain.c line 3737
#4 g_main_context_iterate
at gmain.c line 3808
#5 g_main_loop_run
at gmain.c line 4002
#6 meta_run
at core/main.c line 473
#7 main
at main.c line 463

$1 = (MetaWindowActor *) 0x583de80
(gdb) p *self
$2 = {parent = {parent_instance = {g_type_instance = {g_class = 0x3fa0800}, ref_count = 1, qdata = 0x5216051}, flags = 16, private_flags = 0, priv = 0x583db80}, priv = 0x583daf0}
(gdb) p *self->priv
$3 = {window = 0x0, compositor = 0x2fdf780, surface = 0x0, focused_shadow = 0x0, unfocused_shadow = 0x0, shape_region = 0x0, shadow_clip = 0x0, shadow_shape = 0x0, shadow_class = 0x0, send_frame_messages_timer = 0, frame_drawn_time = 27605971656, repaint_scheduled_id = 0, size_changed_id = 249872, minimize_in_progress = 0, unminimize_in_progress = 0, maximize_in_progress = 0, unmaximize_in_progress = 0, map_in_progress = 0, destroy_in_progress = 0, frames = 0x505b140, freeze_count = 0, visible = 0, disposed = 1, needs_frame_drawn = 1, repaint_scheduled = 0, needs_reshape = 0, recompute_focused_shadow = 0, recompute_unfocused_shadow = 0, needs_destroy = 1, no_shadow = 0, updates_frozen = 0, first_frame_state = 2}

Note how

send_frame_messages_timer = 0,
disposed = 1,
needs_destroy = 1

which, looking at the code, means that the timeout handler shouldn't be getting called at all, right?

Comment 2 Rui Matos 2014-11-27 13:20:10 UTC

I think the 2nd patch in bug 738686 should fix this. Unfortunately it's not easy to reproduce. I think I was ^C a gtk+ 3 CSD window when this happened but can't repro now.

*** This bug has been marked as a duplicate of bug 738686 ***