SIGSEGV when exiting gnome-shell
@vanvugt initially reported this on Launchpad but I've since duplicated on Debian and F29 + updates-testing. I think it's new in 1.54 / mozjs60.
To reproduce:
- Log in to a gnome-shell session (here using up to date f29 + updates-testing)
- super-A
- Alt-f2
- Type
debugexit
in there and hit enter
I didn't manage to reproduce on a "normal" exit (log out or reboot), but I can't be certain that won't happen.
gjs-bt-full.txt short bt:
(gdb) bt
#0 0x00007fedff696e4a in GetPropertyOperation (vp=..., lval=..., pc=<optimized out>, script=..., fp=<optimized out>, cx=<optimized out>) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/vm/JSContext.h:161
#1 Interpret (cx=0x55dba9e423d0, state=...) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/vm/Interpreter.cpp:2834
#2 0x00007fedff6a2486 in js::RunScript (cx=0x55dba9e423d0, state=...) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/vm/Interpreter.cpp:418
#3 0x00007fedff6a2a41 in js::InternalCallOrConstruct (cx=0x55dba9e423d0, args=..., construct=<optimized out>) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/vm/Interpreter.cpp:490
#4 0x00007fedff6a2cad in js::Call (cx=cx@entry=0x55dba9e423d0, fval=..., fval@entry=..., thisv=..., thisv@entry=..., args=..., rval=...) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/vm/Interpreter.cpp:536
#5 0x00007fedff9cf869 in JS_CallFunctionValue (cx=cx@entry=0x55dba9e423d0, obj=..., fval=..., args=..., rval=...) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/dist/include/js/RootingAPI.h:1128
#6 0x00007fee022118b4 in gjs_call_function_value (context=context@entry=0x55dba9e423d0, obj=obj@entry=..., fval=fval@entry=..., args=..., rval=rval@entry=...) at gjs/jsapi-util.cpp:633
#7 0x00007fee021e393d in gjs_closure_invoke (closure=closure@entry=0x55dbaa3e5f60, this_obj=this_obj@entry=..., args=..., retval=retval@entry=..., return_exception=return_exception@entry=false) at /usr/include/mozjs-60/js/RootingAPI.h:1128
#8 0x00007fee0220565f in closure_marshal (closure=<optimized out>, return_value=<optimized out>, n_param_values=<optimized out>, param_values=<optimized out>, invocation_hint=<optimized out>, marshal_data=<optimized out>) at /usr/include/mozjs-60/js/RootingAPI.h:493
#9 0x00007fee02b66c9d in g_closure_invoke (closure=0x55dbaa3e5f60, return_value=0x0, n_param_values=1, param_values=0x7fffa9102dd0, invocation_hint=0x7fffa9102d50) at gclosure.c:810
#10 0x00007fee02b7a203 in signal_emit_unlocked_R (node=node@entry=0x55dba9ca37b0, detail=detail@entry=0, instance=instance@entry=0x55dbac25a4a0, emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7fffa9102dd0) at gsignal.c:3635
#11 0x00007fee02b8332a in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fffa9102f90) at gsignal.c:3391
#12 0x00007fee02b83923 in g_signal_emit (instance=instance@entry=0x55dbac25a4a0, signal_id=<optimized out>, detail=detail@entry=0) at gsignal.c:3447
#13 0x00007fee02095fe0 in clutter_actor_dispose (object=0x55dbac25a4a0) at clutter-actor.c:5931
#14 0x00007fee02b6d9b4 in g_object_run_dispose (object=0x55dbac25a4a0) at gobject.c:1108
#15 0x00007fee020899de in clutter_actor_destroy (self=0x55dbac25a4a0) at clutter-actor.c:8614
#16 0x00007fee02090bd4 in clutter_actor_iter_destroy (iter=iter@entry=0x7fffa91030c0) at clutter-actor.c:18959
#17 0x00007fee02090c80 in clutter_actor_real_destroy (actor=0x55dbaa5f5040) at clutter-actor.c:6263
#18 0x00007fee02b66c9d in g_closure_invoke (closure=0x55dba9ca7ab0, return_value=0x0, n_param_values=1, param_values=0x7fffa91032d0, invocation_hint=0x7fffa9103250) at gclosure.c:810
#19 0x00007fee02b7a55a in signal_emit_unlocked_R (node=node@entry=0x55dba9ca37b0, detail=detail@entry=0, instance=instance@entry=0x55dbaa5f5040, emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7fffa91032d0) at gsignal.c:3549
#20 0x00007fee02b8332a in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fffa9103490) at gsignal.c:3391
#21 0x00007fee02b83923 in g_signal_emit (instance=instance@entry=0x55dbaa5f5040, signal_id=<optimized out>, detail=detail@entry=0) at gsignal.c:3447
#22 0x00007fee02095fe0 in clutter_actor_dispose (object=0x55dbaa5f5040) at clutter-actor.c:5931
#23 0x00007fee02b6d9b4 in g_object_run_dispose (object=0x55dbaa5f5040) at gobject.c:1108
#24 0x00007fee020899de in clutter_actor_destroy (self=0x55dbaa5f5040) at clutter-actor.c:8614
#25 0x00007fee01bf88b4 in st_bin_dispose (gobject=0x55dbac255ec0) at ../src/st/st-bin.c:185
#26 0x00007fee02b6c148 in g_object_unref (_object=0x55dbac255ec0) at gobject.c:3309
#27 0x00007fee021f07ae in ObjectInstance::release_native_object (this=0x55dbabe27760) at gi/object.cpp:1274
#28 0x00007fee021f7fde in ObjectInstance::disassociate_js_gobject() () at gi/object.cpp:1474
#29 0x00007fee021f3a5c in ObjectInstance::remove_wrapped_gobjects_if(std::function<bool (ObjectInstance*)>, std::function<void (ObjectInstance*)>) () at /usr/include/c++/8/bits/std_function.h:682
#30 0x00007fee021f3b38 in ?? () at /usr/include/c++/8/new:169 from /lib64/libgjs.so.0
#31 0x00007fedffcb5e7a in js::gc::GCRuntime::callWeakPointerCompartmentCallbacks (comp=0x55dba9db2c00, this=0x55dba9f75318) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/dist/include/mozilla/ThreadLocal.h:223
#32 js::gc::GCRuntime::beginSweepingSweepGroup (this=0x55dba9f75318, fop=<optimized out>, budget=...) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/gc/GC.cpp:5651
#33 0x00007fedffc8d404 in sweepaction::SweepActionSequence<js::gc::GCRuntime*, js::FreeOp*, js::SliceBudget&>::run (this=0x55dba9ddf000, args#0=0x55dba9f75318, args#1=0x7fffa9103a70, args#2=...) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/dist/include/mozilla/UniquePtr.h:326
#34 0x00007fedffc99a6a in sweepaction::SweepActionRepeatFor<js::gc::SweepGroupsIter, JSRuntime*, js::gc::GCRuntime*, js::FreeOp*, js::SliceBudget&>::run (this=0x55dba9e61dd0, args#0=0x55dba9f75318, args#1=0x7fffa9103a70, args#2=...) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/dist/include/mozilla/UniquePtr.h:326
#35 0x00007fedffc9a657 in js::gc::GCRuntime::performSweepActions (this=this@entry=0x55dba9f75318, budget=...) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/dist/include/mozilla/UniquePtr.h:326
#36 0x00007fedffcbb2f1 in js::gc::GCRuntime::incrementalCollectSlice (this=this@entry=0x55dba9f75318, budget=..., reason=reason@entry=JS::gcreason::DESTROY_RUNTIME, session=...) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/gc/GC.cpp:7084
#37 0x00007fedffcbc2ec in js::gc::GCRuntime::gcCycle (this=this@entry=0x55dba9f75318, nonincrementalByAPI=nonincrementalByAPI@entry=true, budget=..., reason=reason@entry=JS::gcreason::DESTROY_RUNTIME) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/gc/GC.cpp:7413
#38 0x00007fedffcbc7c8 in js::gc::GCRuntime::collect (this=this@entry=0x55dba9f75318, nonincrementalByAPI=nonincrementalByAPI@entry=true, budget=..., reason=reason@entry=JS::gcreason::DESTROY_RUNTIME) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/gc/GC.cpp:7556
#39 0x00007fedffcbc94f in js::gc::GCRuntime::gc (this=this@entry=0x55dba9f75318, gckind=gckind@entry=GC_NORMAL, reason=reason@entry=JS::gcreason::DESTROY_RUNTIME) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/dist/include/js/SliceBudget.h:61
#40 0x00007fedffafb6c9 in JSRuntime::destroyRuntime (this=0x55dba9f74e20) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/vm/Runtime.cpp:316
#41 0x00007fedffa9420b in js::DestroyContext(JSContext*) () at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/vm/JSContext.h:305
#42 0x00007fedff9a86f9 in JS_DestroyContext (cx=<optimized out>) at /usr/src/debug/mozjs60-60.2.0-1.fc29.x86_64/jsapi.cpp:506
#43 0x00007fee02208ac9 in gjs_context_dispose (object=<optimized out>) at gjs/context.cpp:424
#44 0x00007fee02b6c148 in g_object_unref (_object=0x55dba9d321d0) at gobject.c:3309
#45 0x000055dba8368bba in main (argc=<optimized out>, argv=<optimized out>) at ../src/main.c:504
Not sure why there's a ?? at frame 30.
Edited by Iain Lane