1210317 – inkscape crash: gtk_application_set_screensaver_active (active=0, application=0xaaaaaaaaaaaaaaaa) at ../gtk/gtkapplication.c:1671

Bug 1210317 - inkscape crash: gtk_application_set_screensaver_active (active=0, application=0xaaaaaaaaaaaaaaaa) at ../gtk/gtkapplication.c:1671

Summary: inkscape crash: gtk_application_set_screensaver_active (active=0, application...

Status:	NEW

Alias:	None

Product:	openSUSE Tumbleweed
Classification:	openSUSE
Component:	Basesystem (show other bugs)
Version:	Current
Hardware:	Other Other

Priority:	P5 - None Severity: Normal (vote)
Target Milestone:	---
Assignee:	E-mail List
QA Contact:	E-mail List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-04-11 12:50 UTC by Martin Liška
Modified:	2023-11-20 18:35 UTC (History)
CC List:	0 users

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Martin Liška 2023-04-11 12:50:39 UTC

It crashes on just updated TW system:

$ wget https://dev.w3.org/SVG/tools/svgweb/samples/svg-files/aa.svg
$ gdb --args inkscape --export-filename=x.png aa.svg
$ r
...
Thread 1 "inkscape" received signal SIGSEGV, Segmentation fault.
gtk_application_set_screensaver_active (active=0, application=0xaaaaaaaaaaaaaaaa) at ../gtk/gtkapplication.c:1671
1671	  if (priv->screensaver_active != active)
(gdb) bt
#0  gtk_application_set_screensaver_active (active=0, application=0xaaaaaaaaaaaaaaaa) at ../gtk/gtkapplication.c:1671
#1  ss_get_active_cb (source=<optimized out>, result=<optimized out>, data=0x555555831550) at ../gtk/gtkapplication-dbus.c:251
#2  0x00007ffff56ccda4 in g_task_return_now (task=task@entry=0x555555832780 [GTask]) at ../gio/gtask.c:1309
#3  0x00007ffff56cd9f3 in g_task_return (type=<optimized out>, task=0x555555832780 [GTask]) at ../gio/gtask.c:1378
#4  g_task_return (task=0x555555832780 [GTask], type=<optimized out>) at ../gio/gtask.c:1335
#5  0x00007ffff5734c6c in reply_cb (connection=<optimized out>, res=<optimized out>, user_data=0x555555832780) at ../gio/gdbusproxy.c:2571
#6  0x00007ffff56ccda4 in g_task_return_now (task=task@entry=0x555555833440 [GTask]) at ../gio/gtask.c:1309
#7  0x00007ffff56cd9f3 in g_task_return (type=<optimized out>, task=0x555555833440 [GTask]) at ../gio/gtask.c:1378
#8  g_task_return (task=0x555555833440 [GTask], type=<optimized out>) at ../gio/gtask.c:1335
#9  0x00007ffff57288c2 in g_dbus_connection_call_done (source=0x5555555c3dc0 [GDBusConnection], result=<optimized out>, user_data=0x555555833440) at ../gio/gdbusconnection.c:5885
#10 0x00007ffff56ccda4 in g_task_return_now (task=task@entry=0x555555833530 [GTask]) at ../gio/gtask.c:1309
#11 0x00007ffff56ccdd9 in complete_in_idle_cb (task=task@entry=0x555555833530) at ../gio/gtask.c:1323
#12 0x00007ffff6712aae in g_idle_dispatch (source=0x7fffe0009b50, callback=0x7ffff56ccdd0 <complete_in_idle_cb>, user_data=0x555555833530) at ../glib/gmain.c:6163
#13 0x00007ffff6716f96 in g_main_dispatch (context=0x5555555c3a80) at ../glib/gmain.c:3460
#14 g_main_context_dispatch (context=context@entry=0x5555555c3a80) at ../glib/gmain.c:4200
#15 0x00007ffff6717358 in g_main_context_iterate (context=context@entry=0x5555555c3a80, block=block@entry=0, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4276
#16 0x00007ffff67173ec in g_main_context_iteration (context=context@entry=0x5555555c3a80, may_block=may_block@entry=0) at ../glib/gmain.c:4343
#17 0x00007ffff56fb8e8 in g_application_run (application=0x5555557885b0 [gtkmm__GtkApplication], argc=<optimized out>, argv=<optimized out>) at ../gio/gapplication.c:2604
#18 0x00007ffff602cbb0 in __libc_start_call_main (main=main@entry=0x555555556390 <main(int, char**)>, argc=argc@entry=3, argv=argv@entry=0x7fffffffda78) at ../sysdeps/nptl/libc_start_call_main.h:58
#19 0x00007ffff602cc79 in __libc_start_main_impl (main=0x555555556390 <main(int, char**)>, argc=3, argv=0x7fffffffda78, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffda68) at ../csu/libc-start.c:360
#20 0x0000555555556b65 in _start () at ../sysdeps/x86_64/start.S:115

Comment 1 Martin Liška 2023-04-11 12:53:53 UTC

Valgrind tells the following:

==450== Invalid read of size 8
==450==    at 0x8307EC2: ??? (in /usr/lib64/libgtk-3.so.0.2405.32)
==450==    by 0x6FA1DA3: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FA29F2: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x7009C6B: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FA1DA3: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FA29F2: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FFD8C1: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FA1DA3: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FA1DD8: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x5F70AAD: ??? (in /usr/lib64/libglib-2.0.so.0.7600.1)
==450==    by 0x5F74F95: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.7600.1)
==450==    by 0x5F75357: ??? (in /usr/lib64/libglib-2.0.so.0.7600.1)
==450==  Address 0xf9bcff8 is 24 bytes inside a block of size 176 free'd
==450==    at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==450==    by 0x5F7BD58: g_free_sized (in /usr/lib64/libglib-2.0.so.0.7600.1)
==450==    by 0x71110C2: g_type_free_instance (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x7FD5760: ??? (in /usr/lib64/libgtk-3.so.0.2405.32)
==450==    by 0x70EE6E8: ??? (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x7108725: g_signal_emit_valist (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x7108A5E: g_signal_emit (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x6FD09E9: g_application_run (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6568BAF: (below main) (in /usr/lib64/libc.so.6)
==450==  Block was alloc'd at
==450==    at 0x48485EF: calloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==450==    by 0x5F7BCB0: g_malloc0 (in /usr/lib64/libglib-2.0.so.0.7600.1)
==450==    by 0x7110B33: g_type_create_instance (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x70F453F: ??? (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x70F5BAF: g_object_new_with_properties (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x70F69A0: g_object_new (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x7FD81F6: ??? (in /usr/lib64/libgtk-3.so.0.2405.32)
==450==    by 0x70EE4EF: g_closure_invoke (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x71015F4: ??? (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x71088E5: g_signal_emit_valist (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x7108A5E: g_signal_emit (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==450==    by 0x6FD0091: g_application_register (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450== 
==450== Invalid read of size 4
==450==    at 0x8307ED4: ??? (in /usr/lib64/libgtk-3.so.0.2405.32)
==450==    by 0x6FA1DA3: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FA29F2: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x7009C6B: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FA1DA3: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FA29F2: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FFD8C1: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FA1DA3: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x6FA1DD8: ??? (in /usr/lib64/libgio-2.0.so.0.7600.1)
==450==    by 0x5F70AAD: ??? (in /usr/lib64/libglib-2.0.so.0.7600.1)
==450==    by 0x5F74F95: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.7600.1)
==450==    by 0x5F75357: ??? (in /usr/lib64/libglib-2.0.so.0.7600.1)
==450==  Address 0xaaaaaaaaaaaaa9ea is not stack'd, malloc'd or (recently) free'd

Comment 2 Martin Liška 2023-04-11 12:56:35 UTC

valgrind back-trace including symbol names:

==1026== Invalid read of size 8
==1026==    at 0x8307EC2: ss_get_active_cb (gtkapplication-dbus.c:251)
==1026==    by 0x6FA1DA3: g_task_return_now (gtask.c:1309)
==1026==    by 0x6FA29F2: g_task_return (gtask.c:1378)
==1026==    by 0x6FA29F2: g_task_return (gtask.c:1335)
==1026==    by 0x7009C6B: reply_cb (gdbusproxy.c:2571)
==1026==    by 0x6FA1DA3: g_task_return_now (gtask.c:1309)
==1026==    by 0x6FA29F2: g_task_return (gtask.c:1378)
==1026==    by 0x6FA29F2: g_task_return (gtask.c:1335)
==1026==    by 0x6FFD8C1: g_dbus_connection_call_done (gdbusconnection.c:5885)
==1026==    by 0x6FA1DA3: g_task_return_now (gtask.c:1309)
==1026==    by 0x6FA1DD8: complete_in_idle_cb (gtask.c:1323)
==1026==    by 0x5F70AAD: ??? (in /usr/lib64/libglib-2.0.so.0.7600.1)
==1026==    by 0x5F74F95: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.7600.1)
==1026==    by 0x5F75357: ??? (in /usr/lib64/libglib-2.0.so.0.7600.1)
==1026==  Address 0xf9bda48 is 24 bytes inside a block of size 176 free'd
==1026==    at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==1026==    by 0x5F7BD58: g_free_sized (in /usr/lib64/libglib-2.0.so.0.7600.1)
==1026==    by 0x71110C2: g_type_free_instance (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x7FD5760: gtk_application_shutdown (gtkapplication.c:321)
==1026==    by 0x70EE6E8: ??? (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x7108725: g_signal_emit_valist (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x7108A5E: g_signal_emit (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x6FD09E9: g_application_run (gapplication.c:2579)
==1026==    by 0x6568BAF: (below main) (in /usr/lib64/libc.so.6)
==1026==  Block was alloc'd at
==1026==    at 0x48485EF: calloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==1026==    by 0x5F7BCB0: g_malloc0 (in /usr/lib64/libglib-2.0.so.0.7600.1)
==1026==    by 0x7110B33: g_type_create_instance (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x70F453F: ??? (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x70F5BAF: g_object_new_with_properties (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x70F69A0: g_object_new (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x7FD81F6: UnknownInlinedFun (gtkapplicationimpl.c:188)
==1026==    by 0x7FD81F6: gtk_application_startup (gtkapplication.c:306)
==1026==    by 0x70EE4EF: g_closure_invoke (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x71015F4: ??? (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x71088E5: g_signal_emit_valist (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x7108A5E: g_signal_emit (in /usr/lib64/libgobject-2.0.so.0.7600.1)
==1026==    by 0x6FD0091: g_application_register (gapplication.c:2213)
==1026== 
==1026== Invalid read of size 4
==1026==    at 0x8307ED4: UnknownInlinedFun (gtkapplication.c:1671)
==1026==    by 0x8307ED4: ss_get_active_cb (gtkapplication-dbus.c:251)
==1026==    by 0x6FA1DA3: g_task_return_now (gtask.c:1309)
==1026==    by 0x6FA29F2: g_task_return (gtask.c:1378)
==1026==    by 0x6FA29F2: g_task_return (gtask.c:1335)
==1026==    by 0x7009C6B: reply_cb (gdbusproxy.c:2571)
==1026==    by 0x6FA1DA3: g_task_return_now (gtask.c:1309)
==1026==    by 0x6FA29F2: g_task_return (gtask.c:1378)
==1026==    by 0x6FA29F2: g_task_return (gtask.c:1335)
==1026==    by 0x6FFD8C1: g_dbus_connection_call_done (gdbusconnection.c:5885)
==1026==    by 0x6FA1DA3: g_task_return_now (gtask.c:1309)
==1026==    by 0x6FA1DD8: complete_in_idle_cb (gtask.c:1323)
==1026==    by 0x5F70AAD: ??? (in /usr/lib64/libglib-2.0.so.0.7600.1)
==1026==    by 0x5F74F95: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.7600.1)
==1026==    by 0x5F75357: ??? (in /usr/lib64/libglib-2.0.so.0.7600.1)
==1026==  Address 0xaaaaaaaaaaaaa9ea is not stack'd, malloc'd or (recently) free'd

Comment 3 Martin Liška 2023-04-11 13:00:10 UTC

Upstream issue:
https://gitlab.com/inkscape/inkscape/-/issues/4177