gnome-shell crashed with SIGSEGV in g_type_check_instance_cast() from free_fetch_user_request() [accountsservice]
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
accountsservice |
Fix Released
|
Unknown
|
|||
gnome-control-center |
Fix Released
|
Unknown
|
|||
accountsservice (Ubuntu) |
Fix Released
|
High
|
Sebastien Bacher | ||
gnome-control-center (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
gnome-shell (Ubuntu) |
Invalid
|
High
|
Unassigned |
Bug Description
This is now the #1 gnome-shell crasher in Ubuntu 23.04.
https:/
https:/
Valgrind memory errors in gnome-shell 42 from accountsservice:
==60511== Invalid read of size 8
==60511== at 0x4D207FA: g_type_
==60511== by 0x1E421CA2: free_fetch_
==60511== by 0x1E4298E7: on_find_
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300)
==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256)
==60511== by 0x4C298BA: reply_cb (gdbusproxy.c:2576)
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300)
==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256)
==60511== by 0x4C2107E: g_dbus_
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== by 0x4BC0C4C: complete_in_idle_cb (gtask.c:1244)
==60511== by 0x4D9CC23: UnknownInlinedFun (gmain.c:3417)
==60511== by 0x4D9CC23: g_main_
==60511== Address 0x185b5110 is 0 bytes inside a block of size 64 free'd
==60511== at 0x484B27F: free (in /usr/libexec/
==60511== by 0x4D1F7D4: g_type_
==60511== by 0x1E428ECA: UnknownInlinedFun (act-user.c:562)
==60511== by 0x1E428ECA: UnknownInlinedFun (act-user.c:557)
==60511== by 0x1E428ECA: _act_user_
==60511== by 0x1E42966F: fetch_user_
==60511== by 0x1E4298E7: on_find_
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300)
==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256)
==60511== by 0x4C298BA: reply_cb (gdbusproxy.c:2576)
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300)
==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256)
==60511== by 0x4C2107E: g_dbus_
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== Block was alloc'd at
==60511== at 0x4848899: malloc (in /usr/libexec/
==60511== by 0x4DA5718: g_malloc (gmem.c:125)
==60511== by 0x4DBCB64: g_slice_alloc (gslice.c:1072)
==60511== by 0x4DBD1CD: g_slice_alloc0 (gslice.c:1098)
==60511== by 0x4D24E61: g_type_
==60511== by 0x4D0BF4C: g_object_
==60511== by 0x4D0D1AC: g_object_
==60511== by 0x4D0DCB0: g_object_new (gobject.c:1821)
==60511== by 0x1E422792: create_new_user (act-user-
==60511== by 0x1E429BD8: act_user_
==60511== by 0x68ADE2D: ??? (in /usr/lib/
==60511== by 0x68AA492: ??? (in /usr/lib/
==60511==
==60511== Invalid read of size 8
==60511== at 0x4D206E9: g_type_
==60511== by 0x4D06E9A: g_object_set_data (gobject.c:3982)
==60511== by 0x1E421CB6: free_fetch_
==60511== by 0x1E4298E7: on_find_
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300)
==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256)
==60511== by 0x4C298BA: reply_cb (gdbusproxy.c:2576)
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300)
==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256)
==60511== by 0x4C2107E: g_dbus_
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== by 0x4BC0C4C: complete_in_idle_cb (gtask.c:1244)
==60511== Address 0x185b5110 is 0 bytes inside a block of size 64 free'd
==60511== at 0x484B27F: free (in /usr/libexec/
==60511== by 0x4D1F7D4: g_type_
==60511== by 0x1E428ECA: UnknownInlinedFun (act-user.c:562)
==60511== by 0x1E428ECA: UnknownInlinedFun (act-user.c:557)
==60511== by 0x1E428ECA: _act_user_
==60511== by 0x1E42966F: fetch_user_
==60511== by 0x1E4298E7: on_find_
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300)
==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256)
==60511== by 0x4C298BA: reply_cb (gdbusproxy.c:2576)
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== by 0x4BC0E0A: UnknownInlinedFun (gtask.c:1300)
==60511== by 0x4BC0E0A: g_task_return (gtask.c:1256)
==60511== by 0x4C2107E: g_dbus_
==60511== by 0x4BC0C08: g_task_return_now (gtask.c:1230)
==60511== Block was alloc'd at
==60511== at 0x4848899: malloc (in /usr/libexec/
==60511== by 0x4DA5718: g_malloc (gmem.c:125)
==60511== by 0x4DBCB64: g_slice_alloc (gslice.c:1072)
==60511== by 0x4DBD1CD: g_slice_alloc0 (gslice.c:1098)
==60511== by 0x4D24E61: g_type_
==60511== by 0x4D0BF4C: g_object_
==60511== by 0x4D0D1AC: g_object_
==60511== by 0x4D0DCB0: g_object_new (gobject.c:1821)
==60511== by 0x1E422792: create_new_user (act-user-
==60511== by 0x1E429BD8: act_user_
==60511== by 0x68ADE2D: ??? (in /usr/lib/
==60511== by 0x68AA492: ??? (in /usr/lib/
tags: | added: jammy |
Changed in accountsservice: | |
status: | Unknown → New |
summary: |
- Valgrind memory errors in gnome-shell 42 from accountsservice + Valgrind memory errors in gnome-shell from accountsservice |
tags: | added: lunar |
summary: |
- Valgrind memory errors in gnome-shell from accountsservice + Memory access errors in gnome-shell from accountsservice |
Changed in accountsservice (Ubuntu): | |
importance: | Medium → High |
Changed in gnome-shell (Ubuntu): | |
importance: | Undecided → High |
summary: |
- Invalid memory access in accountsservice: free_fetch_user_request() + Segfault in g_type_check_instance_cast → free_fetch_user_request → + fetch_user_incrementally → on_find_user_by_name_finished → + g_task_return_now |
description: | updated |
Changed in gnome-shell (Ubuntu): | |
status: | Confirmed → Triaged |
Changed in accountsservice (Ubuntu): | |
status: | Confirmed → Triaged |
Changed in gnome-shell (Ubuntu): | |
milestone: | none → ubuntu-23.04 |
Changed in accountsservice (Ubuntu): | |
milestone: | none → ubuntu-23.04 |
summary: |
- Segfault in g_type_check_instance_cast → free_fetch_user_request → - fetch_user_incrementally → on_find_user_by_name_finished → - g_task_return_now + gnome-shell crashed with SIGSEGV in g_type_check_instance_cast() from + free_fetch_user_request() [accountsservice] |
Changed in accountsservice (Ubuntu): | |
status: | Triaged → Fix Committed |
tags: | added: fixed-in-accountsservice-23.12ish fixed-upstream |
Changed in accountsservice: | |
status: | New → Fix Released |
Changed in gnome-control-center: | |
status: | Unknown → Fix Released |
Changed in gnome-shell (Ubuntu): | |
milestone: | ubuntu-23.04 → none |
Changed in accountsservice (Ubuntu): | |
assignee: | nobody → Sebastien Bacher (seb128) |
Reported upstream on https:/ /gitlab. freedesktop. org/accountsser vice/accountsse rvice/- /issues/ 103