Ubuntu
gnome-shell package

gnome-shell crashed with SIGSEGV in meta_surface_actor_get_texture() from meta_wayland_actor_surface_real_sync_actor_state() from meta_wayland_subsurface_sync_actor_state()

Bug #1859259 reported by Asif Youssuff
44
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Mutter
Fix Released
Unknown
gnome-shell (Ubuntu)
Invalid
Medium
Unassigned
mutter (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

https://errors.ubuntu.com/problem/afac105a2b17f4a362200df1802b62a248fd7bc2

---

This has begun happening in the last few days; I was unable to create a bug for the last crash because I had some outdated packages installed.

This crash occurred as I started Firefox Nightly on my machine with a fairly large session being restored.

GNOME logged me out as the windows were being spawned by session restored.

My Firefox is being started in pure Wayland mode -- MOZ_ENABLE_WAYLAND=1

I am using "Basic" compositing (not WebRender) in this session.

Happy to provide any other details.

ProblemType: Crash
DistroRelease: Ubuntu 20.04
Package: gnome-shell 3.34.3-1ubuntu1
ProcVersionSignature: Ubuntu 5.4.0-9.12-generic 5.4.3
Uname: Linux 5.4.0-9-generic x86_64
ApportVersion: 2.20.11-0ubuntu15
Architecture: amd64
CurrentDesktop: GNOME
Date: Fri Jan 10 20:22:13 2020
DisplayManager: gdm3
ExecutablePath: /usr/bin/gnome-shell
InstallationDate: Installed on 2020-01-05 (5 days ago)
InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Alpha amd64 (20200104)
ProcCmdline: /usr/bin/gnome-shell
ProcEnviron:
 LANG=en_US.UTF-8
 PATH=(custom, user)
 SHELL=/bin/bash
 XDG_RUNTIME_DIR=<set>
RelatedPackageVersions: mutter-common 3.34.3-1ubuntu1
SegvAnalysis:
 Segfault happened at: 0x7fa5318821db: mov (%rdi,%rax,1),%rax
 PC (0x7fa5318821db) ok
 source "(%rdi,%rax,1)" (0xfffffffffffffcb0) not located in a known VMA region (needed readable region)!
 destination "%rax" ok
SegvReason: reading unknown VMA
Signal: 11
SourcePackage: gnome-shell
StacktraceTop:
 ?? () from /lib/x86_64-linux-gnu/libmutter-5.so.0
 ?? () from /lib/x86_64-linux-gnu/libmutter-5.so.0
 ?? () from /lib/x86_64-linux-gnu/libmutter-5.so.0
 ?? () from /lib/x86_64-linux-gnu/libmutter-5.so.0
 ?? () from /lib/x86_64-linux-gnu/libmutter-5.so.0
Title: gnome-shell crashed with SIGSEGV
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin lxd plugdev sambashare sudo
separator:

See original description
Revision history for this message
Asif Youssuff (yoasif) wrote :
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 meta_surface_actor_get_texture (self=self@entry=0x0) at ../src/compositor/meta-surface-actor.c:334
 meta_wayland_actor_surface_real_sync_actor_state (actor_surface=0x7fa52033fb00) at ../src/wayland/meta-wayland-actor-surface.c:155
 meta_wayland_subsurface_sync_actor_state (actor_surface=0x7fa52033fb00) at ../src/wayland/meta-wayland-subsurface.c:278
 meta_wayland_actor_surface_sync_actor_state (actor_surface=<optimized out>) at ../src/wayland/meta-wayland-actor-surface.c:238
 meta_wayland_actor_surface_real_sync_actor_state (actor_surface=<optimized out>) at ../src/wayland/meta-wayland-actor-surface.c:228

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : StacktraceSource.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in gnome-shell (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace
Revision history for this message
Daniel van Vugt (vanvugt) wrote : Re: gnome-shell crashed with SIGSEGV in meta_surface_actor_get_texture() from meta_wayland_actor_surface_real_sync_actor_state()

Tracking in https://errors.ubuntu.com/problem/afac105a2b17f4a362200df1802b62a248fd7bc2

summary: - gnome-shell crashed with SIGSEGV
+ gnome-shell crashed with SIGSEGV in meta_surface_actor_get_texture()
+ from meta_wayland_actor_surface_real_sync_actor_state()
information type: Private → Public
Changed in gnome-shell (Ubuntu):
status: New → Confirmed
description: updated
tags: added: eoan
Changed in mutter (Ubuntu):
status: New → Confirmed
importance: Undecided → Medium
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

It looks like some JavaScript is doing painting here...

#8 0x00007fa5318efa05 in meta_wayland_surface_role_commit (pending=0x555e42fcde50, surface_role=<optimized out>) at ../src/wayland/meta-wayland-surface.h:45
No locals.
#9 meta_wayland_surface_apply_pending_state (surface=0x555e458b8540, pending=0x555e42fcde50) at ../src/wayland/meta-wayland-surface.c:802
        had_damage = 1
        __func__ = "meta_wayland_surface_apply_pending_state"
#10 0x00007fa53093a81e in ffi_call_unix64 () at ../src/x86/unix64.S:76
No locals.
#11 0x00007fa53093a1ef in ffi_call (cif=cif@entry=0x7ffde18c88f0, fn=<optimized out>, rvalue=<optimized out>, rvalue@entry=0x0, avalue=avalue@entry=0x7ffde18c89c0) at ../src/x86/ffi64.c:525

So that sounds like a buggy extension more than a Gnome Shell issue. You also have a few extensions installed:

'<email address hidden>'
'<email address hidden>'
'<email address hidden>'
'<email address hidden>'
'<email address hidden>'

Please try UNINSTALLING those. I suspect BingWallpaper the most since it would do rendering, and it shows up in your system log with errors too.

Changed in gnome-shell (Ubuntu):
status: Confirmed → Incomplete
Changed in mutter (Ubuntu):
status: Confirmed → Incomplete
Revision history for this message
Asif Youssuff (yoasif) wrote :

Okay, looks like my new bug in 1859890 was closed as a duplicate.

As I mentioned in that bug, I both removed the extensions mentioned *and* disabled extensions entirely in GNOME Tweak. I ran into the bug in 1859890.

Hopefully that gives you some more information and shows that the issue exists in plain GNOME, not just when add-ons are installed.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Asif,

Please try again. Bug 1859890 says you had the extensions enabled when that crash happened:

b'org.gnome.shell' b'enabled-extensions' b"['<email address hidden>', '<email address hidden>', '<email address hidden>', '<email address hidden>', '<email address hidden>']"

Assuming you have disabled the extensions then the crash in bug 1859890 might be from before or after you disabled them. So that's kind of good -- there is no evidence of the crash happening WITHOUT the extensions. Please uninstall them and keep them uninstalled. Then let us know about any future crashes.

Revision history for this message
Asif Youssuff (yoasif) wrote :

Daniel,

The first line in GsettingsChanges.txt says:

b'org.gnome.shell' b'disable-user-extensions' b'true'

I globally disabled extensions via GNOME Tweak -- does this switch not work?

I just now also removed everything inside of /home/asif/.local/share/gnome-shell/extensions -- there was only one extension there (but it should have been disabled anyway).

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

The GSettingsChanges.txt in this bug and bug 1859890 both say you had at the time of the crashes:

b'org.gnome.shell' b'enabled-extensions' b"['<email address hidden>', '<email address hidden>', '<email address hidden>', '<email address hidden>', '<email address hidden>']"

I'm not sure how effective disable-user-extensions is as we have found in other bug reports that buggy extensions can just ignore the disable setting. Extensions need to be uninstalled to be sure.

It is also possible you have disabled extensions successfully and the latest crash dump (bug 1859890) was just sitting on disk from before that time. Hence removing extensions may have successfully stopped the crash from occurring. Let's give it time and see if any more occur.

Also worth noting you are the only person reporting this crash right now, which suggests it's caused by something uncommon.

summary: gnome-shell crashed with SIGSEGV in meta_surface_actor_get_texture()
- from meta_wayland_actor_surface_real_sync_actor_state()
+ from meta_wayland_actor_surface_real_sync_actor_state() from
+ meta_wayland_subsurface_sync_actor_state()
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

The uncommon thing might be subsurfaces:

  meta_wayland_subsurface_sync_actor_state

which would be triggered by MOZ_ENABLE_WAYLAND=1. So maybe extensions are not involved. We should wait and get a clean crash report from your system while no extensions are installed, to be completely sure.

I still can't find any other reports of this crash from other people in Ubuntu or upstream :/

Revision history for this message
Asif Youssuff (yoasif) wrote :

This crash just happened: 1859911

I still see those errant extensions inside of GsettingsChanges.txt, but they don't appear in the GNOME Tweak UI, nor do I see them in /home/asif/.local/share/gnome-shell/extensions

I have no idea where they are on disk, and I would be happy to remove them from disk if I knew where they were.

I also don't see them installed via apt.

I went ahead and reset the key via dconf-editor since it seems like those are stale entries, so new crashes shouldn't have that set and confound the situation.

Revision history for this message
Asif Youssuff (yoasif) wrote :

Also rebooting my machine after resetting the key so extensions should not be enabled after this for sure.

Revision history for this message
Asif Youssuff (yoasif) wrote :

Please see bug 1859924.

GsettingsChanges.txt doesn't show any enabled extensions.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Perfect, thanks. It's now conclusive that extensions are not the problem.

Given the stack trace mentions Wayland subsurfaces I guess you're just the first to hit this crash.

Next please try avoiding MOZ_ENABLE_WAYLAND=1

Also note that upstream the mutter maintainer has been rewriting the Wayland subsurfaces code recently. This might mean it's a recent regression in 3.34.3, or it might mean this issue has already been fixed in 3.35 (which you can't try yet, sorry).

Changed in gnome-shell (Ubuntu):
status: Incomplete → New
Changed in mutter (Ubuntu):
status: Incomplete → New
tags: added: wayland
Daniel van Vugt (vanvugt)
tags: added: fixed-in-3.35.4 fixed-upstream
Changed in gnome-shell (Ubuntu):
status: New → Triaged
Changed in mutter (Ubuntu):
status: New → Triaged
Bug Watch Updater (bug-watch-updater)
Changed in mutter:
status: Unknown → Fix Released
Daniel van Vugt (vanvugt)
tags: added: fixed-in-3.34.4
Marco Trevisan (Treviño) (3v1n0)
Changed in gnome-shell (Ubuntu):
status: Triaged → In Progress
status: In Progress → Invalid
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mutter - 3.35.91-1ubuntu1

---------------
mutter (3.35.91-1ubuntu1) focal; urgency=medium

  * Merge with debian. Remaining changes:
    + debian/control:
      - Update VCS flags to point to launchpad
    + debian/gbp.conf: update branch to point to ubuntu/master
    + debian/patches/x11-Add-support-for-fractional-scaling-using-Randr.patch:
      - X11: Add support for fractional scaling using Randr

 -- Marco Trevisan (Treviño) <email address hidden> Wed, 26 Feb 2020 15:33:52 +0100

Changed in mutter (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.