Crash when trying to unpin from dash from right click menu
Affected version
Fedora 38 Testing Silverblue, mutter-44~beta-2.fc38.x86_64, gnome-shell-44~beta-2.fc38.x86_64, gjs-1.75.2-1.fc38.x86_64, Wayland, no extensions
Bug summary
I accidentally pinned an app to the dash with DnD, then tried to unpin it through the right click menu, and shell crashed. The app ended up not pinned next login.
Relevant logs, screenshots, screencasts etc.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007fdc6ce9e7f5 in gjs_value_from_g_argument (context=0x563035b7b1f0, value_p=..., type_info=<optimized out>, arg=0x7ffc4d6a8350, copy_structs=<optimized out>) at ../gi/arg.cpp:2624
2624 gtype = G_TYPE_FROM_INSTANCE(gjs_arg_get<GTypeInstance*>(arg));
(gdb) p arg
$3 = (GArgument *) 0x7ffc4d6a8350
(gdb) p *arg
$4 = {v_boolean = 920561360, v_int8 = -48 '\320', v_uint8 = 208 '\320', v_int16 = -22832, v_uint16 = 42704, v_int32 = 920561360, v_uint32 = 920561360, v_int64 = 94765078980304, v_uint64 = 94765078980304, v_float = 6.6355351e-06, v_double = 4.6820169949600633e-310, v_short = -22832, v_ushort = 42704, v_int = 920561360, v_uint = 920561360, v_long = 94765078980304, v_ulong = 94765078980304, v_ssize = 94765078980304, v_size = 94765078980304, v_string = 0x563036dea6d0 "", v_pointer = 0x563036dea6d0}
(gdb) p *(GTypeInstance*)(arg->v_pointer)
$5 = {g_class = 0x0}
(gdb) bt
#0 0x00007fdc6ce9e7f5 in gjs_value_from_g_argument (context=0x563035b7b1f0, value_p=..., type_info=<optimized out>, arg=0x7ffc4d6a8350, copy_structs=<optimized out>) at ../gi/arg.cpp:2624
#1 0x00007fdc6ce9fd35 in gjs_array_from_g_list<_GList> (list=0x563035ff0450, type_info=<optimized out>, value_p=..., cx=0x563035b7b1f0) at ../gi/arg.cpp:1909
#2 gjs_value_from_g_argument (context=0x563035b7b1f0, value_p=..., type_info=<optimized out>, arg=<optimized out>, copy_structs=<optimized out>) at ../gi/arg.cpp:2784
#3 0x00007fdc6ceb175f in Gjs::Function::invoke (this=0x563038b98150, context=context@entry=0x563035b7b1f0, args=..., this_obj=..., r_value=r_value@entry=0x0) at ../gi/function.cpp:1044
#4 0x00007fdc6cebb839 in Gjs::Function::call (context=0x563035b7b1f0, js_argc=<optimized out>, vp=<optimized out>) at ../gi/function.cpp:1171
#5 0x00007fdc6ad4d30a in CallJSNative (args=..., reason=js::CallReason::Call, native=0x7fdc6cebb750 <Gjs::Function::call(JSContext*, unsigned int, JS::Value*)>, cx=0x563035b7b1f0) at /usr/src/debug/mozjs102-102.8.0-1.fc38.x86_64/vm/Interpreter.cpp:420
#6 js::InternalCallOrConstruct (cx=0x563035b7b1f0, args=..., construct=<optimized out>, reason=js::CallReason::Call) at /usr/src/debug/mozjs102-102.8.0-1.fc38.x86_64/vm/Interpreter.cpp:493
#7 0x00007fdc6ad4127c in InternalCall (reason=<optimized out>, args=..., cx=<optimized out>) at /usr/src/debug/mozjs102-102.8.0-1.fc38.x86_64/vm/Interpreter.cpp:574
#8 js::CallFromStack (args=..., cx=<optimized out>) at /usr/src/debug/mozjs102-102.8.0-1.fc38.x86_64/vm/Interpreter.cpp:578
#9 Interpret (cx=0x563035b7b1f0, state=...) at /usr/src/debug/mozjs102-102.8.0-1.fc38.x86_64/vm/Interpreter.cpp:3314
#10 0x00007fdc6ad4cb99 in js::RunScript (cx=0x563035b7b1f0, state=...) at /usr/src/debug/mozjs102-102.8.0-1.fc38.x86_64/vm/Interpreter.cpp:389
#11 0x00007fdc6ad4d108 in js::InternalCallOrConstruct (cx=0x563035b7b1f0, args=..., construct=js::NO_CONSTRUCT, reason=js::CallReason::Call) at /usr/src/debug/mozjs102-102.8.0-1.fc38.x86_64/vm/Interpreter.cpp:539
#12 0x00007fdc6b1ce91c in InternalCall (reason=js::CallReason::Call, args=..., cx=0x563035b7b1f0) at /usr/src/debug/mozjs102-102.8.0-1.fc38.x86_64/vm/Interpreter.cpp:574
#13 js::CallFromStack (args=..., cx=0x563035b7b1f0) at /usr/src/debug/mozjs102-102.8.0-1.fc38.x86_64/vm/Interpreter.cpp:578
#14 js::jit::DoCallFallback (cx=0x563035b7b1f0, frame=0x7ffc4d6a9030, stub=0x563036365830, argc=<optimized out>, vp=0x7ffc4d6a8fd8, res=...) at /usr/src/debug/mozjs102-102.8.0-1.fc38.x86_64/jit/BaselineIC.cpp:1582
#15 0x00000032d47dce28 in ?? ()
#16 0xfffe000000000000 in ?? ()
#17 0x00007ffc4d6a8f98 in ?? ()
#18 0x00007ffc4d6a90e0 in ?? ()
#19 0xfff9800000000000 in ?? ()
#20 0x00007fdc6b6a6828 in _ZN2js3jitL11vmFunctionsE.lto_priv.0 () from /lib64/libmozjs-102.so.0
#21 0x00000032d47e21a2 in ?? ()
#22 0x0000000000004822 in ?? ()
#23 0x00007ffc4d6a9030 in ?? ()
#24 0x0000563036365830 in ?? ()
#25 0x0000000000000001 in ?? ()
#26 0x00007ffc4d6a8fd8 in ?? ()
#27 0xfffe3535ef81a4a0 in ?? ()
#28 0xfffe27252f9c38c8 in ?? ()
#29 0xfff9000000000001 in ?? ()
#30 0x00007ffc4d6a9078 in ?? ()
#31 0x0000563036365830 in ?? ()
#32 0x00000032d47e467f in ?? ()
#33 0x0000000000007021 in ?? ()
#34 0xfff9000000000001 in ?? ()
#35 0xfffe27252f9c38c8 in ?? ()
#36 0xfffe3535ef81a4a0 in ?? ()
#37 0xfffe27252f9c38c8 in ?? ()
#38 0x0000245b803c1d80 in ?? ()
#39 0x000056303761ac54 in ?? ()
#40 0x00005630363657e0 in ?? ()
#41 0x0000245b803ad5b0 in ?? ()
#42 0x00005630363657a8 in ?? ()
#43 0x00007ffc4d6a9070 in ?? ()
#44 0x0000000000000000 in ?? ()
Edited by Ivan Molodetskikh