GNOME Bugzilla – Bug 659085
A crash may be related to gdbus
Last modified: 2017-11-15 12:58:55 UTC
I received some crash reports from chrome os. I think it may be a bug in gdbus. I did a some investigation, below is my finding. Crash happened in thread 0 function bus_dbus_impl_connection_filter_cb on line g_assert (G_IS_DBUS_MESSAGE (message)). (The message is passed from GDBusConnection). Thread 3 was using g_dbus_connection_close() to close the connection asynchronously. And g_dbus_connection_close() created a new thread to do the real work in sync way. I looks like the message has been released during g_dbus_connection_close(). ** Thread 0 *CRASHED* ( SIGABRT @ 0x00000000 ) 0x777d9424 [linux-gate.so + 0x00000424] 0x773dc2b4 [libc-2.10.1.so + 0x0002c2b4] 0x775d8953 [libglib-2.0.so.0.2600.1 - gtestutils.c:1358] g_assertion_message 0x775d901c [libglib-2.0.so.0.2600.1 - gtestutils.c:1369] g_assertion_message_expr 0x77801642 [ibus-daemon - dbusimpl.c:1306] bus_dbus_impl_connection_filter_cb 0x7776e13a [libgio-2.0.so.0.2600.1 - gdbusconnection.c:2183] on_worker_message_about_to_be_sent 0x777873b3 [libgio-2.0.so.0.2600.1 - gdbusprivate.c:518] maybe_write_next_message 0x77787611 [libgio-2.0.so.0.2600.1 - gdbusprivate.c:1349] write_message_in_idle_cb 0x775a6c7d [libglib-2.0.so.0.2600.1 - gmain.c:4254] g_idle_dispatch 0x775ac16a [libglib-2.0.so.0.2600.1 - gmain.c:2149] g_main_context_dispatch 0x775ac91f [libglib-2.0.so.0.2600.1 - gmain.c:2780] g_main_context_iterate 0x775ad0fe [libglib-2.0.so.0.2600.1 - gmain.c:2988] g_main_loop_run 0x7778548f [libgio-2.0.so.0.2600.1 - gdbusprivate.c:277] gdbus_shared_thread_func 0x775dc97a [libglib-2.0.so.0.2600.1 - gthread.c:1897] g_thread_create_proxy 0x7750f7fd [libpthread-2.10.1.so + 0x000057fd] 0x7748892d [libc-2.10.1.so + 0x000d892d] ** Thread 1 0x777d9424 [linux-gate.so + 0x00000424] 0x775dc97a [libglib-2.0.so.0.2600.1 - gthread.c:1897] g_thread_create_proxy 0x7750f7fd [libpthread-2.10.1.so + 0x000057fd] 0x7748892d [libc-2.10.1.so + 0x000d892d] ** Thread 2 0x777d9424 [linux-gate.so + 0x00000424] 0x77514583 [libpthread-2.10.1.so + 0x0000a583] 0x7767516a [libgthread-2.0.so.0.2600.1 - gthread-posix.c:242] g_cond_timed_wait_posix_impl 0x7757a1fb [libglib-2.0.so.0.2600.1 - gasyncqueue.c:423] g_async_queue_pop_intern_unlocked 0x775dea12 [libglib-2.0.so.0.2600.1 - gthreadpool.c:274] g_thread_pool_thread_proxy 0x775dc97a [libglib-2.0.so.0.2600.1 - gthread.c:1897] g_thread_create_proxy 0x7750f7fd [libpthread-2.10.1.so + 0x000057fd] 0x7748892d [libc-2.10.1.so + 0x000d892d] ** Thread 3 0x77514793 [libpthread-2.10.1.so + 0x0000a793] 0x7757a7ae [libglib-2.0.so.0.2600.1 - gasyncqueue.c:394] g_async_queue_push_sorted_unlocked 0x775de478 [libglib-2.0.so.0.2600.1 - gthreadpool.c:133] g_thread_pool_push 0x7771b5fb [libgio-2.0.so.0.2600.1 - gioscheduler.c:259] g_io_scheduler_push_job 0x7772afeb [libgio-2.0.so.0.2600.1 - gsimpleasyncresult.c:828] g_simple_async_result_run_in_thread 0x77772907 [libgio-2.0.so.0.2600.1 - gdbusconnection.c:1286] g_dbus_connection_close 0x77816ec2 [ibus-daemon - connection.c:93] bus_connection_destroy 0x7769bf8b [libgobject-2.0.so.0.2600.1 - gmarshal.c:79] g_cclosure_marshal_VOID__VOID 0x77688d8a [libgobject-2.0.so.0.2600.1 - gclosure.c:877] g_type_class_meta_marshal 0x7768a8d7 [libgobject-2.0.so.0.2600.1 - gclosure.c:766] g_closure_invoke 0x776a1130 [libgobject-2.0.so.0.2600.1 - gsignal.c:3290] signal_emit_unlocked_R 0x776a265b [libgobject-2.0.so.0.2600.1 - gsignal.c:2983] g_signal_emit_valist 0x776a281d [libgobject-2.0.so.0.2600.1 - gsignal.c:3040] g_signal_emit 0x7752da71 [libibus-1.0.so.0.0.0 - ibusobject.c:135] ibus_object_dispose 0x7768da66 [libgobject-2.0.so.0.2600.1 - gobject.c:938] g_object_run_dispose 0x7752d6be [libibus-1.0.so.0.0.0 - ibusobject.c:185] ibus_object_destroy 0x778032c6 [ibus-daemon - dbusimpl.c:583] bus_dbus_impl_destroy 0x7769bf8b [libgobject-2.0.so.0.2600.1 - gmarshal.c:79] g_cclosure_marshal_VOID__VOID 0x77688d8a [libgobject-2.0.so.0.2600.1 - gclosure.c:877] g_type_class_meta_marshal 0x7768a9ca [libgobject-2.0.so.0.2600.1 - gclosure.c:766] g_closure_invoke 0x776a1130 [libgobject-2.0.so.0.2600.1 - gsignal.c:3290] signal_emit_unlocked_R 0x776a265b [libgobject-2.0.so.0.2600.1 - gsignal.c:2983] g_signal_emit_valist 0x776a281d [libgobject-2.0.so.0.2600.1 - gsignal.c:3040] g_signal_emit 0x7752da71 [libibus-1.0.so.0.0.0 - ibusobject.c:135] ibus_object_dispose 0x7768da66 [libgobject-2.0.so.0.2600.1 - gobject.c:938] g_object_run_dispose 0x7752d6be [libibus-1.0.so.0.0.0 - ibusobject.c:185] ibus_object_destroy 0x77816171 [ibus-daemon - server.c:142] bus_server_run 0x777feae4 [ibus-daemon - main.c:291] main 0x773c6a95 [libc-2.10.1.so + 0x00016a95] 0x777fe620 [ibus-daemon + 0x00005620] 0x777fe8ff [ibus-daemon + 0x000058ff] 0x777e8fff [ld-2.10.1.so + 0x0000efff]
Hmm, bus_dbus_impl_connection_filter_cb() is a GDBus filter function - please provide a link to its source code. Thanks. It also could be related to bug 651268.
https://github.com/ibus/ibus/blob/master/bus/dbusimpl.c#L1306 Here is the code.
I think this is likely to be Bug #651268. Do you still see this crash with GLib 2.30 or later?
We have updated glib to 2.30, and did not get any similar crash reports till now.
(In reply to Simon McVittie from comment #3) > I think this is likely to be Bug #651268. Do you still see this crash with > GLib 2.30 or later? ⇒ Duplicate of bug #651268 then. *** This bug has been marked as a duplicate of bug 651268 ***