GNOME Bugzilla – Bug 672307
Crash while switching applications
Last modified: 2012-08-27 19:31:55 UTC
I was switching apps with Alt+Tab when the shell suddenly crashed. I believe this could also be a bug in Clutter; using Clutter 1.9.14 and Shell 3.3.90 Core was generated by `/usr/bin/gnome-shell'. Program terminated with signal 11, Segmentation fault.
+ Trace 229901
Thread 1 (Thread 0x7fb3beb2a9c0 (LWP 11565))
Punting over to Clutter until they say it's our fault.
something is keeping alive an actor, which gets into the queue in an invalid state.
(In reply to comment #2) > something is keeping alive an actor, which gets into the queue in an invalid > state. By "keeping alive", do you mean that it's a stale pointer?
The trace is duplicate of bug 671173 (which tried to tackle it from a different perspective, but didn't succeed). I'm getting this kind of crash often recently, and at least here it seems to be associated with exiting/entering the overview.
(In reply to comment #3) > (In reply to comment #2) > > something is keeping alive an actor, which gets into the queue in an invalid > > state. > > By "keeping alive", do you mean that it's a stale pointer? it's either a stale pointer inside the redraw queue, or an actor that was destroyed (i.e. without a valid state but with a valid refcount) and it's still around.
If anybody can get a solid reproducer, please let me know and I'll investigate. Otherwise, I haven't seen the crash.
(In reply to comment #5) > (In reply to comment #3) > > (In reply to comment #2) > > > something is keeping alive an actor, which gets into the queue in an invalid > > > state. > > > > By "keeping alive", do you mean that it's a stale pointer? > > it's either a stale pointer inside the redraw queue, or an actor that was > destroyed (i.e. without a valid state but with a valid refcount) and it's still > around. It's neither, actually. The GList node is valid (at least, next and prev are good and the list is not cyclic), but the data pointer is garbage (I've got a 0x3d2f4c1 here, which is not 8 byte aligned).
*** Bug 672778 has been marked as a duplicate of this bug. ***
Punting back over to us.
*** Bug 673382 has been marked as a duplicate of this bug. ***
I can't really figure out exactly how it would cause this corruption, but I'm wondering if this is a duplicate of bug 673512 - if you look at the people's description of what they are doing in https://bugzilla.redhat.com/show_bug.cgi?id=791130, there is a common trend of installing packages and then going to the overview.
This was figured out to be the lack of a dispose in MetaBackgroundActor. I don't know why I didn't attach this patch. http://git.gnome.org/browse/mutter/commit/src/compositor/meta-background-actor.c?id=c844bab2325d0316f3561fd92169a6cb6c67da8e