Ubuntu
gnome-shell package

gnome-shell crashed with SIGSEGV in jammy live session (gnome-shell --sm-disable --mode=ubiquity)

Bug #1962513 reported by Cassandra Walsh
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
gnome-shell (Ubuntu)
In Progress
High
Daniel van Vugt

Bug Description

I was installing Jammy Jellyfish and an error popped up, It brought me to this so heres the info
Description: Ubuntu Jammy Jellyfish (development branch)
Release: 22.04
gnome-shell:
  Installed: 41.3-1ubuntu1
  Candidate: 41.3-1ubuntu1
  Version table:
 *** 41.3-1ubuntu1 500
        500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages
        100 /var/lib/dpkg/status

ProblemType: Crash
DistroRelease: Ubuntu 22.04
Package: gnome-shell 41.3-1ubuntu1
ProcVersionSignature: Ubuntu 5.15.0-18.18-generic 5.15.12
Uname: Linux 5.15.0-18-generic x86_64
NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
ApportVersion: 2.20.11-0ubuntu78
Architecture: amd64
CasperVersion: 1.465
CurrentDesktop: ubuntu:GNOME
Date: Wed Feb 16 18:10:33 2022
DisplayManager: gdm3
ExecutablePath: /usr/bin/gnome-shell
LiveMediaBuild: Ubuntu 22.04 LTS "Jammy Jellyfish" - Alpha amd64 (20220228)
ProcCmdline: gnome-shell --sm-disable --mode=ubiquity
ProcEnviron:
 PATH=(custom, no user)
 LANG=C.UTF-8
 XDG_RUNTIME_DIR=<set>
RelatedPackageVersions: mutter-common 41.3-3ubuntu1
SegvAnalysis:
 Segfault happened at: 0x7fe597633a6c: mov 0xffff0(%rsi),%rax
 PC (0x7fe597633a6c) ok
 source "0xffff0(%rsi)" (0x14ac711ffff0) not located in a known VMA region (needed readable region)!
 destination "%rax" ok
SegvReason: reading unknown VMA
Signal: 11
SourcePackage: gnome-shell
Stacktrace:
 #0 0x00007fe597633a6c in ?? ()
 No symbol table info available.
 Backtrace stopped: Cannot access memory at address 0x7ffdb417b9d0
StacktraceTop: ?? ()
Title: gnome-shell crashed with SIGSEGV
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin lxd plugdev sambashare sudo
separator:

Revision history for this message
Cassandra Walsh (vcbscassie) wrote :
Revision history for this message
Apport retracing service (apport) wrote :

Stacktrace:
 #0 0x00007fe597633a6c in ?? ()
 No symbol table info available.
 Backtrace stopped: Cannot access memory at address 0x7ffdb417b9d0
StacktraceSource: #0 0x00007fe597633a6c in ?? ()
StacktraceTop: ?? ()

tags: removed: need-amd64-retrace
Daniel van Vugt (vanvugt)
Changed in gnome-shell (Ubuntu):
assignee: nobody → Daniel van Vugt (vanvugt)
summary: - gnome-shell crashed with SIGSEGV
+ gnome-shell crashed with SIGSEGV in jammy live session (gnome-shell
+ --sm-disable --mode=ubiquity)
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-shell (Ubuntu):
status: New → Confirmed
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Thanks for the bug report. I'm aware of this problem but so far have been unable to decipher it. Seems this crash is no different :(

Changed in gnome-shell (Ubuntu):
status: Confirmed → Incomplete
Daniel van Vugt (vanvugt)
Changed in gnome-shell (Ubuntu):
status: Incomplete → Confirmed
importance: Undecided → High
information type: Private → Public
Daniel van Vugt (vanvugt)
Changed in gnome-shell (Ubuntu):
status: Confirmed → In Progress
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Stacktrace:
 #0 0x00007fe597633a6c in ?? ()
 No symbol table info available.

is inside

  7fe5975c9000-7fe597e62000 r-xp 000ca000 07:00 32276 /usr/lib/x86_64-linux-gnu/libmozjs-78.so.78.15.0

and

  Backtrace stopped: Cannot access memory at address 0x7ffdb417b9d0

is near the bottom (high address) of the stack:

  7ffdb415d000-7ffdb417e000 rw-p 00000000 00:00 0 [stack]

Revision history for this message
Daniel van Vugt (vanvugt) wrote (last edit ):

Success! Forced the kernel to create regular core files and then added debug symbols in the live session. Also got lucky in that the core dump was not corrupt this time:

Core was generated by `gnome-shell --sm-disable --mode=ubiquity'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007f2ace7dda6c in js::gc::Cell::storeBuffer (this=<optimized out>, this=<optimized out>) at .././js/src/gc/Cell.h:363
[Current thread is 1 (Thread 0x7f2ac912f5c0 (LWP 1795))]
(gdb) bt
#0 0x00007f2ace7dda6c in js::gc::Cell::storeBuffer (this=<optimized out>, this=<optimized out>) at .././js/src/gc/Cell.h:363
#1 JSObject::writeBarrierPost (next=<optimized out>, prev=<optimized out>, cellp=<optimized out>) at .././js/src/vm/JSObject.h:758
#2 js::InternalBarrierMethods<JSObject*>::postBarrier (next=<optimized out>, prev=<optimized out>, vp=0x7f2ab4029cf0) at .././js/src/gc/Barrier.h:332
#3 js::InternalBarrierMethods<JSObject*>::postBarrier (vp=0x7f2ab4029cf0, prev=<optimized out>, next=<optimized out>) at .././js/src/gc/Barrier.h:331
#4 0x00007f2ad064a792 in js::BarrierMethods<JSObject*>::postWriteBarrier (next=<optimized out>, prev=<optimized out>, vp=<optimized out>, vp=<optimized out>, prev=<optimized out>, next=<optimized out>) at /usr/include/mozjs-78/js/RootingAPI.h:772
#5 JS::Heap<JSObject*>::postWriteBarrier (next=<optimized out>, prev=<optimized out>, this=<optimized out>, this=<optimized out>, prev=<optimized out>, next=<optimized out>) at /usr/include/mozjs-78/js/RootingAPI.h:366
#6 JS::Heap<JSObject*>::~Heap (this=<optimized out>, this=<optimized out>) at /usr/include/mozjs-78/js/RootingAPI.h:328
#7 mozilla::detail::VectorImpl<JS::Heap<JSObject*>, 0ul, js::SystemAllocPolicy, false>::destroy (aEnd=0x7f2ab4029d00, aBegin=<optimized out>) at /usr/include/mozjs-78/mozilla/Vector.h:65
#8 mozilla::Vector<JS::Heap<JSObject*>, 0ul, js::SystemAllocPolicy>::~Vector (this=<optimized out>, this=<optimized out>) at /usr/include/mozjs-78/mozilla/Vector.h:889
#9 JS::GCVector<JS::Heap<JSObject*>, 0ul, js::SystemAllocPolicy>::~GCVector (this=<optimized out>, this=<optimized out>) at /usr/include/mozjs-78/js/GCVector.h:35
#10 GjsContextPrivate::~GjsContextPrivate (this=<optimized out>, this=<optimized out>) at ../gjs/context.cpp:467
#11 0x00007f2ad064b748 in gjs_context_finalize (object=0x55e730b0d220) at ../gjs/context.cpp:480
#12 0x00007f2ad10d7e5d in g_object_unref () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#13 0x00007f2ad132277d in _shell_global_destroy_gjs_context (self=<optimized out>) at ../src/shell-global.c:703
#14 0x000055e72f365ece in main (argc=<optimized out>, argv=<optimized out>) at ../src/main.c:659

Looks like bug 1947130.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.