Ubuntu
gobject-introspection package

g-ir-scanner/Shell-0.1 is crashing with SIGSEGV instead of succeeding

Bug #1812955 reported by Daniel van Vugt
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gobject-introspection (Ubuntu)
Invalid
Critical
Unassigned

Bug Description

https://gitlab.gnome.org/GNOME/gobject-introspection/issues/260

---

g-ir-scanner is crashing with SIGSEGV instead of succeeding. So I can't build gnome-shell any more.

Actually it looks like some kind of temporary sub-command "Shell-0.1" of g-ir-scanner that's crashing:

/usr/bin/g-ir-scanner -pthread -I/usr/include/gobject-introspection-1.0 -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include --no-libtool --namespace=Shell --nsversion=0.1 --warn-all --output src/Shell-0.1.gir --quiet -I/home/dan/git/gnome-shell/src -I/home/dan/git/gnome-shell/build/src -I./. -I../. -I./src/st/. -I../src/st/. -I./src/st/.. -I../src/st/.. -I./src/tray -I../src/tray --filelist=/home/dan/git/gnome-shell/build/src/src@@gnome-shell@sha/Shell_0.1_gir_filelist --include=Clutter-4 --include=ClutterX11-4 --include=Meta-4 --include=Gcr-3 --include=PolkitAgent-1.0 --include=NM-1.0 --include-uninstalled=subprojects/gvc/Gvc-1.0.gir --include-uninstalled=src/ShellMenu-0.1.gir --include-uninstalled=src/st/St-1.0.gir --cflags-begin -I./. -I../. -I./src/st/. -I../src/st/. -I./src/st/.. -I../src/st/.. -I./src/tray -I../src/tray -pthread -I/usr/include/gio-unix-2.0/ -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/include/libxml2 -I/usr/include/gtk-3.0 -I/usr/include/at-spi2-atk/2.0 -I/usr/include/at-spi-2.0 -I/usr/include/dbus-1.0 -I/usr/lib/x86_64-linux-gnu/dbus-1.0/include -I/usr/include/cairo -I/usr/include/libdrm -I/usr/include/pango-1.0 -I/usr/include/harfbuzz -I/usr/include/fribidi -I/usr/include/atk-1.0 -I/usr/include/pixman-1 -I/usr/include/uuid -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/gdk-pixbuf-2.0 -include /usr/include/mozjs-60/js/RequiredDefines.h -I/usr/include/gobject-introspection-1.0 -I/usr/include/mozjs-60 -I/usr/include/gjs-1.0 -I/home/dan/tmp.gs/include/mutter-4/clutter -I/home/dan/tmp.gs/include/mutter-4/cogl -I/usr/include/json-glib-1.0 -I/usr/include/libwacom-1.0 -I/usr/include/startup-notification-1.0 -I/usr/include/polkit-1 -I/usr/include/gcr-3 -I/usr/include/gck-1 -I/usr/include/p11-kit-1 -I/usr/include/libnm -I/usr/include/libsecret-1 -I/usr/include/gstreamer-1.0 -D_REENTRANT -I/home/dan/tmp.gs/include/mutter-4 -I/home/dan/tmp.gs/include/gsettings-desktop-schemas -I/usr/include/gnome-desktop-3.0 -I/usr/include/gnome-settings-daemon-3.0 -I/usr/include/gudev-1.0 --cflags-end -L/home/dan/git/gnome-shell/build/src --add-include-path=/usr/share/gir-1.0 --add-include-path=/home/dan/tmp.gs/lib/x86_64-linux-gnu/mutter-4 --add-include-path=/home/dan/git/gnome-shell/build/subprojects/gvc --add-include-path=/home/dan/git/gnome-shell/build/src --add-include-path=/home/dan/git/gnome-shell/build/src/st -L/home/dan/git/gnome-shell/build/src -L/home/dan/git/gnome-shell/build/src/st -L/lib/x86_64-linux-gnu --library gnome-shell --extra-library=gio-2.0 --extra-library=gobject-2.0 --extra-library=glib-2.0 --extra-library=xml2 --extra-library=gtk-3 --extra-library=gdk-3 --extra-library=pangocairo-1.0 --extra-library=pango-1.0 --extra-library=atk-1.0 --extra-library=cairo-gobject --extra-library=cairo --extra-library=gdk_pixbuf-2.0 --extra-library=atk-bridge-2.0 --extra-library=gjs -L/home/dan/tmp.gs//lib/x86_64-linux-gnu/mutter-4 --extra-library=mutter-clutter-4 --extra-library=m --extra-library=json-glib-1.0 --extra-library=pangoft2-1.0 --extra-library=fontconfig --extra-library=freetype --extra-library=wayland-egl --extra-library=wayland-client --extra-library=Xtst --extra-library=Xi --extra-library=udev --extra-library=input --extra-library=xkbcommon --extra-library=wacom --extra-library=mutter-cogl-4 --extra-library=gmodule-2.0 -pthread --extra-library=wayland-server --extra-library=EGL --extra-library=X11 --extra-library=Xext --extra-library=Xdamage --extra-library=Xfixes --extra-library=Xcomposite --extra-library=Xrandr --extra-library=GL --extra-library=GLESv2 --extra-library=mutter-cogl-pango-4 --extra-library=startup-notification-1 --extra-library=girepository-1.0 --extra-library=polkit-agent-1 --extra-library=polkit-gobject-1 --extra-library=gcr-base-3 --extra-library=gck-1 --extra-library=p11-kit --extra-library=systemd --extra-library=nm --extra-library=secret-1 --extra-library=gstreamer-1.0 --extra-library=gstbase-1.0 -L/home/dan/tmp.gs//lib/x86_64-linux-gnu --extra-library=mutter-4 --extra-library=gnome-desktop-3 --extra-library=canberra --extra-library=gudev-1.0 --extra-library=pipewire-0.2 --extra-library=Xinerama --extra-library=ICE --extra-library=Xcursor --extra-library=xkbfile --extra-library=xkbcommon-x11 --extra-library=Xrender --extra-library=X11-xcb --extra-library=xcb --extra-library=xcb-randr --extra-library=xcb-res --extra-library=SM --extra-library=drm --extra-library=gbm
Command '['/home/dan/git/gnome-shell/build/tmp-introspectu443gr_x/Shell-0.1', '--introspect-dump=/home/dan/git/gnome-shell/build/tmp-introspectu443gr_x/functions.txt,/home/dan/git/gnome-shell/build/tmp-introspectu443gr_x/dump.xml']' died with <Signals.SIGSEGV: 11>.

ProblemType: Bug
DistroRelease: Ubuntu 19.04
Package: gobject-introspection 1.58.3-2
ProcVersionSignature: Ubuntu 4.18.0-11.12-generic 4.18.12
Uname: Linux 4.18.0-11-generic x86_64
ApportVersion: 2.20.10-0ubuntu19
Architecture: amd64
Date: Wed Jan 23 15:04:24 2019
InstallationDate: Installed on 2018-12-04 (50 days ago)
InstallationMedia: Ubuntu 19.04 "Disco Dingo" - Alpha amd64 (20181203)
SourcePackage: gobject-introspection
UpgradeStatus: No upgrade log present (probably fresh install)

See original description
Revision history for this message
Daniel van Vugt (vanvugt) wrote :
Changed in gobject-introspection (Ubuntu):
importance: Undecided → Critical
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

This bug will probably prevent future rebuilds of gnome-shell on disco, so is at least High if not Critical.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Maybe related to bug 1812223.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

I downgraded to the cosmic version of gobject-introspection but the bug still happens.

I also tried bisecting gnome-shell git but the bug still happens in all cases.

Seems like the regression is coming from somewhere else.

Daniel van Vugt (vanvugt)
summary: - g-ir-scanner is crashing with SIGSEGV instead of succeeding
+ g-ir-scanner/Shell-0.1 is crashing with SIGSEGV instead of succeeding
Revision history for this message
Daniel van Vugt (vanvugt) wrote :
Download full text (3.7 KiB)

Annoyingly, many packages changed today. I think the regression occurred somewhere in here:

Start-Date: 2019-01-23 10:59:11
Commandline: apt full-upgrade
Requested-By: dan (1000)
Install: libsereal-encoder-perl:amd64 (4.005+ds-1build1, automatic), libio-async-perl:amd64 (0.72-1, automatic), libstruct-dumb-perl:amd64 (0.09-1, automatic), libasync-mergepoint-perl:amd64 (0.04-2, automatic), libfuture-perl:amd64 (0.39-1, automatic), libtest-refcount-perl:amd64 (0.08-3, automatic), libsereal-decoder-perl:amd64 (4.005+ds-1build1, automatic), libtest-fatal-perl:amd64 (0.014-1, automatic), libsereal-perl:amd64 (4.005-1, automatic)
Upgrade: libpolkit-gobject-1-0:amd64 (0.105-22ubuntu2, 0.105-25), libisccfg163:amd64 (1:9.11.5+dfsg-1ubuntu1, 1:9.11.5.P1+dfsg-1ubuntu1), gir1.2-gtk-3.0:amd64 (3.24.3-1ubuntu1, 3.24.4-1ubuntu1), libsasl2-modules-db:amd64 (2.1.27~rc8-1, 2.1.27+dfsg-1), libgcr-base-3-1:amd64 (3.28.0-4, 3.28.1-1), libgtk-3-common:amd64 (3.24.3-1ubuntu1, 3.24.4-1ubuntu1), grub-common:amd64 (2.02+dfsg1-5ubuntu9, 2.02+dfsg1-5ubuntu10), libgtk-3-0:amd64 (3.24.3-1ubuntu1, 3.24.4-1ubuntu1), python-simplejson:amd64 (3.15.0-1build2, 3.16.0-1), ubuntu-advantage-tools:amd64 (17, 18), libirs161:amd64 (1:9.11.5+dfsg-1ubuntu1, 1:9.11.5.P1+dfsg-1ubuntu1), bind9-host:amd64 (1:9.11.5+dfsg-1ubuntu1, 1:9.11.5.P1+dfsg-1ubuntu1), dnsutils:amd64 (1:9.11.5+dfsg-1ubuntu1, 1:9.11.5.P1+dfsg-1ubuntu1), gtk-3-examples:amd64 (3.24.3-1ubuntu1, 3.24.4-1ubuntu1), dnsmasq-base:amd64 (2.80-1, 2.80-1ubuntu1), gcr:amd64 (3.28.0-4, 3.28.1-1), libpolkit-agent-1-0:amd64 (0.105-22ubuntu2, 0.105-25), grub2-common:amd64 (2.02+dfsg1-5ubuntu9, 2.02+dfsg1-5ubuntu10), libsasl2-2:amd64 (2.1.27~rc8-1, 2.1.27+dfsg-1), libisc-export1100:amd64 (1:9.11.5+dfsg-1ubuntu1, 1:9.11.5.P1+dfsg-1ubuntu1), grub-pc:amd64 (2.02+dfsg1-5ubuntu9, 2.02+dfsg1-5ubuntu10), debianutils:amd64 (4.8.6, 4.8.6.1), libgcr-ui-3-1:amd64 (3.28.0-4, 3.28.1-1), libpolkit-gobject-1-dev:amd64 (0.105-22ubuntu2, 0.105-25), libisc1100:amd64 (1:9.11.5+dfsg-1ubuntu1, 1:9.11.5.P1+dfsg-1ubuntu1), libpolkit-agent-1-dev:amd64 (0.105-22ubuntu2, 0.105-25), python3-simplejson:amd64 (3.15.0-1build2, 3.16.0-1), grub-pc-bin:amd64 (2.02+dfsg1-5ubuntu9, 2.02+dfsg1-5ubuntu10), gir1.2-gck-1:amd64 (3.28.0-4, 3.28.1-1), grub-efi-amd64-bin:amd64 (2.02+dfsg1-5ubuntu9, 2.02+dfsg1-5ubuntu10), libgtk-3-bin:amd64 (3.24.3-1ubuntu1, 3.24.4-1ubuntu1), python3-distupgrade:amd64 (1:19.04.9, 1:19.04.10), libsasl2-modules:amd64 (2.1.27~rc8-1, 2.1.27+dfsg-1), libgck-1-dev:amd64 (3.28.0-4, 3.28.1-1), ubuntu-release-upgrader-core:amd64 (1:19.04.9, 1:19.04.10), libzvbi0:amd64 (0.2.35-15, 0.2.35-16), libgtk-3-dev:amd64 (3.24.3-1ubuntu1, 3.24.4-1ubuntu1), libhtml-tree-perl:amd64 (5.07-1, 5.07-2), liblwres161:amd64 (1:9.11.5+dfsg-1ubuntu1, 1:9.11.5.P1+dfsg-1ubuntu1), libgcr-3-dev:amd64 (3.28.0-4, 3.28.1-1), lintian:amd64 (2.5.122, 2.5.123), gir1.2-gcr-3:amd64 (3.28.0-4, 3.28.1-1), libgck-1-0:amd64 (3.28.0-4, 3.28.1-1), libpolkit-backend-1-0:amd64 (0.105-22ubuntu2, 0.105-25), libdns-export1104:amd64 (1:9.11.5+dfsg-1ubuntu1, 1:9.11.5.P1+dfsg-1ubuntu1), policykit-1:amd64 (0.105-22ubuntu2, 0.105-25), ubuntu-release-upgrader-gtk:amd64 (1:19.04.9, 1:19.04.10), findutils...

Read more...

Revision history for this message
Daniel van Vugt (vanvugt) wrote :
Download full text (3.3 KiB)

Using GI_SCANNER_DEBUG=save-temps I can at least see the offending binary. So here's more useful information:

Thread 1 "Shell-0.1" received signal SIGSEGV, Segmentation fault.
0x00007ffff7bb911f in type_check_is_value_type_U (
    type=type@entry=<error reading variable: Cannot access memory at address 0x555cfd48>) at ../../../../gobject/gtype.c:4156
4156 ../../../../gobject/gtype.c: No such file or directory.
(gdb) bt
#0 0x00007ffff7bb911f in type_check_is_value_type_U
    (type=type@entry=<error reading variable: Cannot access memory at address 0x555cfd48>) at ../../../../gobject/gtype.c:4156
#1 0x00007ffff7bb911f in g_type_check_is_value_type
    (type=type@entry=<error reading variable: Cannot access memory at address 0x555cfd48>) at ../../../../gobject/gtype.c:4192
#2 0x00007ffff7baab10 in g_signal_newv
    (signal_name=signal_name@entry=0x7ffff7dbbbae "startup-sequence-changed", itype=itype@entry=0x5555555cfb50 [ShellWindowTracker], signal_flags=G_SIGNAL_RUN_LAST, class_closure=0x0, accumulator=0x0, accu_data=0x0, c_marshaller=0x0, return_type=0x4 [void], n_params=1, param_types=0x5555555c9a70)
    at ../../../../gobject/gsignal.c:1672
#3 0x00007ffff7bab964 in g_signal_new_valist
    (signal_name=signal_name@entry=0x7ffff7dbbbae "startup-sequence-changed", itype=itype@entry=0x5555555cfb50 [ShellWindowTracker], signal_flags=<optimised out>, class_closure=<optimised out>, accumulator=<optimised out>, accu_data=<optimised out>, c_marshaller=0x0, return_type=0x4 [void], n_params=1, args=0x7fffffffe000) at ../../../../gobject/gsignal.c:1902
#4 0x00007ffff7baba4e in g_signal_new
    (signal_name=0x7ffff7dbbbae "startup-sequence-changed", itype=0x5555555cfb50 [ShellWindowTracker], signal_flags=<optimised out>, class_offset=<optimised out>, accumulator=<optimised out>, accu_data=<optimised out>, c_marshaller=0x0, return_type=0x4 [void], n_params=1) at ../../../../gobject/gsignal.c:1437
#5 0x00007ffff7dad20e in shell_window_tracker_class_init
    (klass=0x5555555cfc90) at ../src/shell-window-tracker.c:112
#6 0x00007ffff7dacfca in shell_window_tracker_class_intern_init
    (klass=0x5555555cfc90) at ../src/shell-window-tracker.c:51
#7 0x00007ffff7bb574b in type_class_init_Wm
    (pclass=0x50 [g_type: GObject], node=0x5555555cfb50)
    at ../../../../gobject/gtype.c:2232
#8 0x00007ffff7bb574b in g_type_class_ref (type=<optimised out>)
    at ../../../../gobject/gtype.c:2947
#9 0x00005555555580e5 in dump_properties
    (type=0x5555555cfb50 [ShellWindowTracker], out=0x5555555b6510 [GLocalFileOutputStream])
    at /home/dan/git/gnome-shell/build/tmp-introspectrg6kp9rm/Shell-0.1.c:137
#10 0x0000555555557b83 in dump_object_type
    (out=0x5555555b6510 [GLocalFileOutputStream], symbol=<optimised out>, type=0x5555555cfb50 [ShellWindowTracker])
    at /home/dan/git/gnome-shell/build/tmp-introspectrg6kp9rm/Shell-0.1.c:260
#11 0x0000555555557b83 in dump_type
    (out=0x5555555b6510 [GLocalFileOutputStream], symbol=<optimised out>, type=0x5555555cfb50 [ShellWindowTracker])
    at /home/dan/git/gnome-shell/build/tmp-introspectrg6kp9rm/Shell-0.1.c:402
#12 0x0000555555557b83 in dump_irepository
    (error=0x7fffffffe260, arg=<optimised out>)
    at /h...

Read more...

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Strangely, it doesn't crash under valgrind. Although valgrind does mention:

==26043== Warning: set address range perms: large range [0x2bf9a654a000, 0x2bf9e654a000) (noaccess)
==26043== Warning: set address range perms: large range [0x2bf9a654a000, 0x2bf9e654a000) (noaccess)

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

The same crash is happening upstream:
https://gitlab.gnome.org/GNOME/gnome-build-meta/-/jobs/194604

Revision history for this message
Daniel van Vugt (vanvugt) wrote :
Download full text (3.4 KiB)

And a fresh retrace today:

Core was generated by `/home/dan/git/gnome-shell/build/tmp-introspectcxwjenqm/Shell-0.1 --introspect-d'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007f0586db711f in type_check_is_value_type_U (
    type=type@entry=1694390208) at ../../../../gobject/gtype.c:4156
4156 ../../../../gobject/gtype.c: No such file or directory.
[Current thread is 1 (Thread 0x7f057dcc21c0 (LWP 18932))]
(gdb) bt
#0 0x00007f0586db711f in type_check_is_value_type_U
    (type=type@entry=<error reading variable: Cannot access memory at address 0x64fe57e8>) at ../../../../gobject/gtype.c:4156
#1 0x00007f0586db711f in g_type_check_is_value_type
    (type=type@entry=<error reading variable: Cannot access memory at address 0x64fe57e8>) at ../../../../gobject/gtype.c:4192
#2 0x00007f0586da8b10 in g_signal_newv
    (signal_name=signal_name@entry=0x7f0586fd9bae "startup-sequence-changed", itype=itype@entry=0x559364fe55d0 [ShellWindowTracker], signal_flags=G_SIGNAL_RUN_LAST, class_closure=0x0, accumulator=0x0, accu_data=0x0, c_marshaller=0x0, return_type=0x4 [void], n_params=1, param_types=0x559364fdf3e0)
    at ../../../../gobject/gsignal.c:1672
#3 0x00007f0586da9964 in g_signal_new_valist
    (signal_name=signal_name@entry=0x7f0586fd9bae "startup-sequence-changed", itype=itype@entry=0x559364fe55d0 [ShellWindowTracker], signal_flags=<optimised out>, class_closure=<optimised out>, accumulator=<optimised out>, accu_data=<optimised out>, c_marshaller=0x0, return_type=0x4 [void], n_params=1, args=0x7ffc1ddd2880) at ../../../../gobject/gsignal.c:1902
#4 0x00007f0586da9a4e in g_signal_new
    (signal_name=0x7f0586fd9bae "startup-sequence-changed", itype=0x559364fe55d0 [ShellWindowTracker], signal_flags=<optimised out>, class_offset=<optimised out>, accumulator=<optimised out>, accu_data=<optimised out>, c_marshaller=0x0, return_type=0x4 [void], n_params=1) at ../../../../gobject/gsignal.c:1437
#5 0x00007f0586fcb20e in shell_window_tracker_class_init
    (klass=0x559364fe5730) at ../src/shell-window-tracker.c:112
#6 0x00007f0586fcafca in shell_window_tracker_class_intern_init
    (klass=0x559364fe5730) at ../src/shell-window-tracker.c:51
#7 0x00007f0586db374b in type_class_init_Wm
    (pclass=0x50 [g_type: GObject], node=0x559364fe55d0)
    at ../../../../gobject/gtype.c:2232
#8 0x00007f0586db374b in g_type_class_ref (type=<optimised out>)
    at ../../../../gobject/gtype.c:2947
#9 0x0000559364ad20e5 in dump_properties
    (type=0x559364fe55d0 [ShellWindowTracker], out=0x559364fcc510 [GLocalFileOutputStream])
    at /home/dan/git/gnome-shell/build/tmp-introspectcxwjenqm/Shell-0.1.c:137
#10 0x0000559364ad1b83 in dump_object_type
    (out=0x559364fcc510 [GLocalFileOutputStream], symbol=<optimised out>, type=0x559364fe55d0 [ShellWindowTracker])
    at /home/dan/git/gnome-shell/build/tmp-introspectcxwjenqm/Shell-0.1.c:260
#11 0x0000559364ad1b83 in dump_type
    (out=0x559364fcc510 [GLocalFileOutputStream], symbol=<optimised out>, type=0x559364fe55d0 [ShellWindowTracker])
    at /home/dan/git/gnome-shell/build/tmp-introspectcxwjenqm/Shell-0.1.c:402
#12 0x0000559364ad1b83 in dump_irepository
    (error=0x7ffc1ddd2ae0, arg=<optim...

Read more...

Changed in gobject-introspection (Ubuntu):
status: New → Confirmed
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Finally bisected. It seems like a regression in upstream mutter master this week:

1bbb5c8107ab77435f97c1b037a89a76121f6e3c is the first bad commit
commit 1bbb5c8107ab77435f97c1b037a89a76121f6e3c
Author: Jonas Ådahl <email address hidden>
Date: Sun Jan 20 17:41:53 2019 +0100

    meta: Only declare types when generating gir files

    Some types were declared in the public headers so that g-ir-scanner
    could resolve the types. This caused warnings when using
    -Wredundant-decls, so only redeclare them for the gir scanner.

:040000 040000 4ae3c1d894a568cf0903696034af467698403bc8 d32098d7d43859454dcc33c99f56e63e05a0fb03 M src

So not an Ubuntu bug.

Changed in gobject-introspection (Ubuntu):
status: Confirmed → Invalid
Daniel van Vugt (vanvugt)
Changed in gobject-introspection (Ubuntu):
status: Invalid → Confirmed
description: updated
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Fixed upstream:

https://gitlab.gnome.org/GNOME/mutter/merge_requests/412

Changed in gobject-introspection (Ubuntu):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.