Bug 1170868 - GNOME shell 3.36 dumps core in st_theme_node_get_font_features() after unlocking screen saver
GNOME shell 3.36 dumps core in st_theme_node_get_font_features() after unlock...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: GNOME
Current
Other Other
: P5 - None : Major (vote)
: ---
Assigned To: E-mail List
E-mail List
https://gitlab.gnome.org/GNOME/gnome-...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-04-29 21:31 UTC by Martin Wilck
Modified: 2020-06-29 13:14 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Martin Wilck 2020-04-29 21:31:49 UTC
After unlocking screen saver, gnome-shell crashed.

gnome-shell-3.36.1-1.1.x86_64
libmutter-6-0-3.36.1-1.1.x86_64
mutter-3.36.1-1.1.x86_64
mutter-data-3.36.1-1.1.x86_64

          PID: 4947 (gnome-shell)
           UID: 17326 (mwilck)
           GID: 50 (suse)
        Signal: 11 (SEGV)
     Timestamp: Wed 2020-04-29 16:31:25 CEST (6h ago)
  Command Line: /usr/bin/gnome-shell
    Executable: /usr/bin/gnome-shell
 Control Group: /user.slice/user-17326.slice/user@17326.service/gnome-shell-x11.service
          Unit: user@17326.service
     User Unit: gnome-shell-x11.service
         Slice: user-17326.slice
     Owner UID: 17326 (mwilck)
       Boot ID: 8862f9ed30bd47c785116dec9ce612d1
    Machine ID: a0385656b74c9241b77c1bb6577a603b
      Hostname: apollon.suse.de
       Storage: /var/lib/systemd/coredump/core.gnome-shell.17326.8862f9ed30bd47c785116dec9ce612d1.4947.1588170685000000000000.lz4
       Message: Process 4947 (gnome-shell) of user 17326 dumped core.
                
                Stack trace of thread 4947:
                #0  0x00007fe5fd267bf2 st_theme_node_get_font_features (libst-1.0.so + 0x45bf2)
                #1  0x00007fe5fd27af89 _st_set_text_from_style (libst-1.0.so + 0x58f89)
                #2  0x00007fe5fd281394 n/a (libst-1.0.so + 0x5f394)
                #3  0x00007fe5fe1a4206 n/a (libgobject-2.0.so.0 + 0x14206)
                #4  0x00007fe5fe1c2910 g_signal_emit_valist (libgobject-2.0.so.0 + 0x32910)
                #5  0x00007fe5fe1c328f g_signal_emit (libgobject-2.0.so.0 + 0x3328f)
                #6  0x00007fe5fd2625a7 n/a (libst-1.0.so + 0x405a7)
                #7  0x00007fe5fd712b9d n/a (libmutter-clutter-6.so.0 + 0xb0b9d)
                #8  0x00007fe5fd73694d n/a (libmutter-clutter-6.so.0 + 0xd494d)
                #9  0x00007fe5fd737a48 n/a (libmutter-clutter-6.so.0 + 0xd5a48)
                #10 0x00007fe5fd2626ea n/a (libst-1.0.so + 0x406ea)
                #11 0x00007fe5fd712b9d n/a (libmutter-clutter-6.so.0 + 0xb0b9d)
                #12 0x00007fe5fd73694d n/a (libmutter-clutter-6.so.0 + 0xd494d)
                #13 0x00007fe5fd737a48 n/a (libmutter-clutter-6.so.0 + 0xd5a48)
                #14 0x00007fe5fd2626ea n/a (libst-1.0.so + 0x406ea)
                #15 0x00007fe5fd712b9d n/a (libmutter-clutter-6.so.0 + 0xb0b9d)
                #16 0x00007fe5fd73694d n/a (libmutter-clutter-6.so.0 + 0xd494d)
                #17 0x00007fe5fd737a48 n/a (libmutter-clutter-6.so.0 + 0xd5a48)
                #18 0x00007fe5fd2626ea n/a (libst-1.0.so + 0x406ea)
                #19 0x00007fe5fd712b9d n/a (libmutter-clutter-6.so.0 + 0xb0b9d)
                #20 0x00007fe5fd73694d n/a (libmutter-clutter-6.so.0 + 0xd494d)
                #21 0x00007fe5fd737a48 n/a (libmutter-clutter-6.so.0 + 0xd5a48)
                #22 0x00007fe5fd2626ea n/a (libst-1.0.so + 0x406ea)
                #23 0x00007fe5fd712b9d n/a (libmutter-clutter-6.so.0 + 0xb0b9d)
                #24 0x00007fe5fd73694d n/a (libmutter-clutter-6.so.0 + 0xd494d)
                #25 0x00007fe5fd73721a n/a (libmutter-clutter-6.so.0 + 0xd521a)
                #26 0x00007fe5fe1a4206 n/a (libgobject-2.0.so.0 + 0x14206)
                #27 0x00007fe5fe1c2910 g_signal_emit_valist (libgobject-2.0.so.0 + 0x32910)
                #28 0x00007fe5fe1c328f g_signal_emit (libgobject-2.0.so.0 + 0x3328f)
                #29 0x00007fe5fd7376b2 clutter_actor_show (libmutter-clutter-6.so.0 + 0xd56b2)
                #30 0x00007fe5fd7297a8 clutter_actor_add_child (libmutter-clutter-6.so.0 + 0xc77a8)
                #31 0x00007fe5fc8333ed n/a (libffi.so.8 + 0x73ed)
                #32 0x00007fe5fc82f34a n/a (libffi.so.8 + 0x334a)
                #33 0x00007fe5fd7cd3dc n/a (libgjs.so.0 + 0x3a3dc)
                #34 0x00007fe5fd7cee37 n/a (libgjs.so.0 + 0x3be37)
                #35 0x00007fe5fc06b016 n/a (libmozjs-68.so + 0x864016)
                #36 0x00007fe5fc05c89b n/a (libmozjs-68.so + 0x85589b)
                #37 0x00007fe5fc06a716 n/a (libmozjs-68.so + 0x863716)
                #38 0x00007fe5fc06af26 n/a (libmozjs-68.so + 0x863f26)
                #39 0x00007fe5fc06b637 n/a (libmozjs-68.so + 0x864637)
                #40 0x00007fe5fbd3abb5 _Z20JS_CallFunctionValueP9JSContextN2JS6HandleIP8JSObjectEENS2_INS1_5ValueEEERKNS1_16HandleValu>
                #41 0x00007fe5fd7f84a3 n/a (libgjs.so.0 + 0x654a3)
                #42 0x00007fe5fd7d9f69 n/a (libgjs.so.0 + 0x46f69)
                #43 0x00007fe5fd7e4b9e n/a (libgjs.so.0 + 0x51b9e)
                #44 0x00007fe5fc06b39f n/a (libmozjs-68.so + 0x86439f)
                #45 0x00007fe5fc05d7fd n/a (libmozjs-68.so + 0x8567fd)
                #46 0x00007fe5fc06a716 n/a (libmozjs-68.so + 0x863716)
                #47 0x00007fe5fc06af26 n/a (libmozjs-68.so + 0x863f26)
                #48 0x00007fe5fc06b637 n/a (libmozjs-68.so + 0x864637)
                #49 0x00007fe5fbbb88f9 n/a (libmozjs-68.so + 0x3b18f9)
                #50 0x00007fe5fbbb8abd n/a (libmozjs-68.so + 0x3b1abd)
                #51 0x00003cf171236f64 n/a (n/a + 0x0)
                #52 0x000055d2c08c1a88 n/a (n/a + 0x0)
                #53 0x00003cf1712364df n/a (n/a + 0x0)
                #54 0x00007fe5fba93b0e n/a (libmozjs-68.so + 0x28cb0e)
                #55 0x00007fe5fba93e8e n/a (libmozjs-68.so + 0x28ce8e)
                #56 0x00007fe5fc06a66d n/a (libmozjs-68.so + 0x86366d)
                #57 0x00007fe5fc06af26 n/a (libmozjs-68.so + 0x863f26)
                #58 0x00007fe5fc06b637 n/a (libmozjs-68.so + 0x864637)
                #59 0x00007fe5fbd3a9e8 _Z15JS_CallFunctionP9JSContextN2JS6HandleIP8JSObjectEENS2_IP10JSFunctionEERKNS1_16HandleValueAr>
                #60 0x00007fe5fd7c72ac n/a (libgjs.so.0 + 0x342ac)
                #61 0x00007fe5fd7f2dd4 n/a (libgjs.so.0 + 0x5fdd4)
                #62 0x00007fe5fe1a3fd2 g_closure_invoke (libgobject-2.0.so.0 + 0x13fd2)
                #63 0x00007fe5fe1b7b34 n/a (libgobject-2.0.so.0 + 0x27b34)


Core was generated by `/usr/bin/gnome-shell'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007fe5fd267bf2 in st_theme_node_get_font_features (node=<optimized out>) at ../src/st/st-theme-node.c:2980
2980	      if (strcmp (decl->property->stryng->str, "font-feature-settings") == 0)


2969	gchar *
2970	st_theme_node_get_font_features (StThemeNode *node)
2971	{
2972	  int i;
2973	
2974	  ensure_properties (node);
2975	
(gdb) 
2976	  for (i = node->n_properties - 1; i >= 0; i--)
2977	    {
2978	      CRDeclaration *decl = node->properties[i];
2979	
2980	      if (strcmp (decl->property->stryng->str, "font-feature-settings") == 0)

Crashes here because decl->property->stryng is NULL:

$4 = {stryng = 0x0, location = {line = 65, column = 0, byte_offset = 3255128592}}

n = %rax = 2, node-properties = %r9 = 0x55d2c2053940, decl = %r8 = 0x55d2c2a4f100, node = %r12 = 0x55d2c12ff080

(gdb) p ((StThemeNode*)0x55d2c12ff080)->n_properties
(gdb) p *((StThemeNode*)0x55d2c12ff080)->properties[0]->property
$46 = {stryng = 0x55d2c058e140, location = {line = 22, column = 3, byte_offset = 901}}
(gdb) p *((StThemeNode*)0x55d2c12ff080)->properties[1]->property
$47 = {stryng = 0x55d2c058e060, location = {line = 23, column = 3, byte_offset = 920}}
(gdb) p *((StThemeNode*)0x55d2c12ff080)->properties[2]->property
$48 = {stryng = 0x0, location = {line = 65, column = 0, byte_offset = 3255128592}}


(gdb) p *((StThemeNode*)0x55d2c12ff080)->properties[0]->property->stryng
$52 = {str = 0x55d2c0843d70 "font-size", len = 9, allocated_len = 16}
(gdb) p *((StThemeNode*)0x55d2c12ff080)->properties[1]->property->stryng
$53 = {str = 0x55d2c0850e40 "color", len = 5, allocated_len = 8}
Comment 1 Martin Wilck 2020-04-29 21:41:24 UTC
The Core dump is too large to attach it here (29M). I've uploaded it to 

https://www.dropbox.com/sh/o8ee44djwxnkel7/AAAwywUk7v9vUkdnGayqXthra?dl=0

After killing X and trying to re-login, gnome shell crashed again with a similar though not identical stack.
Comment 2 Martin Wilck 2020-04-29 21:43:51 UTC
Occurs on Red Hat, too: https://bugzilla.redhat.com/show_bug.cgi?id=1812781
Comment 3 Martin Wilck 2020-04-29 21:44:31 UTC
And on Ubuntu: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1868660
Comment 4 Martin Wilck 2020-04-29 22:24:39 UTC
Upstream issue:

https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2541

Upstream fix in 3.36.2:

https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1218
  -> e57a4e0 st/theme-context: Also remove theme nodes on stylesheet changes

The fix doesn't apply cleanly on top of 3.36.1, and although the conflicts can be easily resolved, 3.36.2 contains a couple of other fixes related to theme handling, e.g.

https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1223

So probably the easiest way to fix this is to update gnome-shell to upstream 3.36.2.
Comment 5 Martin Wilck 2020-04-29 22:34:50 UTC
FTR, I'm trying to build gnome-shell 3.36.2 in home:mwilck:branches:GNOME:Next.
Comment 6 Martin Wilck 2020-04-30 13:10:49 UTC
I just saw that 3.36.2 has already hit GNOME:Next. Thanks!
Comment 7 Dominique Leuenberger 2020-04-30 13:22:39 UTC
(In reply to Martin Wilck from comment #6)
> I just saw that 3.36.2 has already hit GNOME:Next. Thanks!

It's actually even already in Staging for Factory:

799175  State:review     By:dimstar_suse When:2020-04-30T11:52:33
        submit:          GNOME:Factory/gnome-shell@430 ->                   openSUSE:Factory
        Review by User       is new:       licensedigger                                     
        Review by User       is accepted:  factory-auto(factory-auto)                        
        Review by Group      is accepted:  factory-staging(dimstar_suse)                     
        Review by Group      is accepted:  opensuse-review-team(namtrac)                     
        Review by Project    is new:       openSUSE:Factory:Staging:D(dimstar_suse)          
        Descr: New stable release, NOT BUILDTESTED! (forwarded request 799134
               from iznogood)
        Comment: Being evaluated by staging project "openSUSE:Factory:Staging:D"
Comment 8 Dominique Leuenberger 2020-06-29 13:14:35 UTC
(In reply to Martin Wilck from comment #6)
> I just saw that 3.36.2 has already hit GNOME:Next. Thanks!

3.36.2 has been in TW for a while already. I'm assuming this issue to be fixed.
Should you still see problems, please either reopen or file a new bug (if it's a different issue)