MR Upstream: https://gitlab.gnome.org/GNOME/gjs/merge_requests/247
** Changed in: gjs (Ubuntu Cosmic)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gjs in Ubuntu.
https://bugs.launchpad.net/bugs/1796238
Title:
[regression] mozjs60 crashes with SIGSEGV on gnome-shell exit, in
GetPropertyOperation() from Interpret() from js::RunScript()
Status in gjs package in Ubuntu:
In Progress
Status in mozjs60 package in Ubuntu:
Invalid
Status in gjs source package in Cosmic:
In Progress
Status in mozjs60 source package in Cosmic:
Invalid
Bug description:
https://errors.ubuntu.com/problem/f64145b51a9d0fd20bfff57836b8f743e56c50ba
https://gitlab.gnome.org/GNOME/gjs/issues/212
---
mozjs60 crashes on gnome-shell exit (didn't happen with mozjs52 which
was still the latest yesterday)
Steps to reproduce:
1. Start gnome-shell (master)
2. Super+A to show applications
3. Alt+F2 and type "debugexit" to exit cleanly.
Backtrace:
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007f3bf4033a4e in GetPropertyOperation (vp=..., lval=...,
pc=<optimised out>, script=..., fp=<optimised out>, cx=<optimised out>)
at ./js/src/vm/JSContext.h:161
161 ./js/src/vm/JSContext.h: No such file or directory.
[Current thread is 1 (Thread 0x7f3bebd2e340 (LWP 4269))]
(gdb) bt
#0 0x00007f3bf4033a4e in GetPropertyOperation
(vp=..., lval=..., pc=<optimised out>, script=..., fp=<optimised out>,
cx=<optimised out>) at ./js/src/vm/JSContext.h:161
#1 0x00007f3bf4033a4e in Interpret(JSContext*, js::RunState&)
(cx=0x55d07921beb0, state=...) at ./js/src/vm/Interpreter.cpp:2834
#2 0x00007f3bf403eb06 in js::RunScript(JSContext*, js::RunState&)
(cx=0x55d07921beb0, state=...) at ./js/src/vm/Interpreter.cpp:418
#3 0x00007f3bf403f0d1 in js::InternalCallOrConstruct(JSContext*,
JS::CallArgs const&, js::MaybeConstruct)
(cx=0x55d07921beb0, args=..., construct=<optimised out>)
at ./js/src/vm/Interpreter.cpp:490
#4 0x00007f3bf403f339 in js::Call(JSContext*, JS::Handle<JS::Value>,
JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>)
(cx=cx@entry=0x55d07921beb0, fval=..., fval@entry=..., thisv=...,
thisv@entry=..., args=..., rval=...) at ./js/src/vm/Interpreter.cpp:536
#5 0x00007f3bf4372b81 in JS_CallFunctionValue(JSContext*,
JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&,
JS::MutableHandle<JS::Value>) (cx=0x55d07921beb0, obj=..., fval=..., args=...,
rval=...)
at ./debian/build/dist/include/js/RootingAPI.h:1128
#6 0x00007f3bf7631310 in gjs_call_function_value () at /usr/lib/libgjs.so.0
#7 0x00007f3bf76045d5 in gjs_closure_invoke () at /usr/lib/libgjs.so.0
#8 0x00007f3bf7625573 in () at /usr/lib/libgjs.so.0
#9 0x00007f3bf7f65b6d in g_closure_invoke ()
at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#10 0x00007f3bf7f788f3 in () at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#11 0x00007f3bf7f81882 in g_signal_emit_valist ()
at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#12 0x00007f3bf7f81ecf in g_signal_emit ()
at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#13 0x00007f3bf74a9c33 in clutter_actor_dispose (object=0x55d0795aa5c0)
at clutter-actor.c:5932
#14 0x00007f3bf70529b4 in st_widget_dispose (gobject=0x55d0795aa5c0)
at ../src/st/st-widget.c:354
#15 0x00007f3bf7025d48 in st_bin_dispose (gobject=0x55d0795aa5c0)
at ../src/st/st-bin.c:188
#16 0x00007f3bf7f6c448 in g_object_run_dispose ()
at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#17 0x00007f3bf749d023 in clutter_actor_destroy (self=0x55d0795aa5c0)
at clutter-actor.c:8615
#18 0x00007f3bf74a4404 in clutter_actor_iter_destroy (iter=0x7fff3285e4e0)
at clutter-actor.c:19002
#19 0x00007f3bf74a44b8 in clutter_actor_real_destroy (actor=0x55d0795a9ba0)
at clutter-actor.c:6264
#20 0x00007f3bf7f65b6d in g_closure_invoke ()
at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#21 0x00007f3bf7f78c4a in () at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#22 0x00007f3bf7f81882 in g_signal_emit_valist ()
at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#23 0x00007f3bf7f81ecf in g_signal_emit ()
at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#24 0x00007f3bf74a9c33 in clutter_actor_dispose (object=0x55d0795a9ba0)
at clutter-actor.c:5932
#25 0x00007f3bf70529b4 in st_widget_dispose (gobject=0x55d0795a9ba0)
at ../src/st/st-widget.c:354
#26 0x00007f3bf7f6c448 in g_object_run_dispose ()
at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#27 0x00007f3bf749d023 in clutter_actor_destroy (self=0x55d0795a9ba0)
at clutter-actor.c:8615
#28 0x00007f3bf7025cf5 in st_bin_dispose (gobject=0x55d0795a8260)
at ../src/st/st-bin.c:185
#29 0x00007f3bf7f6ac13 in g_object_unref ()
at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#30 0x00007f3bf7610f5e in ObjectInstance::release_native_object() ()
at /usr/lib/libgjs.so.0
#31 0x00007f3bf7618496 in ObjectInstance::disassociate_js_gobject() ()
at /usr/lib/libgjs.so.0
#32 0x00007f3bf76140cc in
ObjectInstance::remove_wrapped_gobjects_if(std::function<bool
(ObjectInstance*)>, std::function<void (ObjectInstance*)>) ()
at /usr/lib/libgjs.so.0
#33 0x00007f3bf76141a4 in () at /usr/lib/libgjs.so.0
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gjs/+bug/1796238/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
