Skip to content

GNOME shell/Xorg segfaults in notify_swap_buffers() after Mesa update to 23.0.0 (i915)

System information

System:
  Host: apollon.suse.de Kernel: 6.2.1-1-default arch: x86_64 bits: 64
    compiler: gcc v: 12.2.1 Desktop: GNOME v: 43.3 tk: GTK v: 3.24.35
    wm: gnome-shell dm: GDM Distro: openSUSE Tumbleweed 20230304
CPU:
  Info: dual core model: Intel Core i7-6600U bits: 64 type: MT MCP
    arch: Skylake rev: 3 cache: L1: 128 KiB L2: 512 KiB L3: 4 MiB
  Speed (MHz): avg: 800 min/max: 400/3400 cores: 1: 800 2: 800 3: 800 4: 800
    bogomips: 22399
  Flags: avx avx2 ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx
Graphics:
  Device-1: Intel Skylake GT2 [HD Graphics 520] vendor: Dell Latitude E7470
    driver: i915 v: kernel arch: Gen-9 ports: active: DP-2,DP-4,eDP-1
    empty: DP-1, DP-3, HDMI-A-1, HDMI-A-2 bus-ID: 00:02.0 chip-ID: 8086:1916
  Device-2: Sunplus Innovation Integrated_Webcam_HD type: USB
    driver: uvcvideo bus-ID: 1-2:3 chip-ID: 1bcf:28b8
  Display: x11 server: X.Org v: 21.1.7 with: Xwayland v: 22.1.8
    compositor: gnome-shell driver: X: loaded: intel
    unloaded: fbdev,modesetting,vesa dri: i965 gpu: i915 display-ID: :0
    screens: 1
  Screen-1: 0 s-res: 3648x1920 s-dpi: 96
  Monitor-1: DP-2 mapped: DP1-1 pos: primary,top-center model: Dell P2414H
    res: 1080x1920 dpi: 91 diag: 605mm (23.8")
  Monitor-2: DP-4 mapped: DP1-3 pos: top-left model: Fujitsu Siemens P24W-7
    LED res: 1200x1920 dpi: 95 diag: 611mm (24.1")
  Monitor-3: eDP-1 mapped: eDP1 pos: bottom-r model: LG Display 0x0490
    res: 1368x768 dpi: 112 diag: 355mm (14")
  API: OpenGL v: 4.6 Mesa 23.0.0 renderer: Mesa Intel HD Graphics 520 (SKL
    GT2) direct render: Yes

Describe the issue

GNOME shell dumps core during startup. Stack:

#0  0x00007fd104389e3d in cogl_onscreen_glx_notify_swap_buffers (swap_event=0x7ffc351d7f00, onscreen=0x55655988d120 [CoglOnscreenGlx])
    at ../cogl/cogl/winsys/cogl-onscreen-glx.c:991
#1  notify_swap_buffers (context=<optimized out>, swap_event=0x7ffc351d7f00) at ../cogl/cogl/winsys/cogl-winsys-glx.c:184
#2  glx_event_filter_cb (xevent=0x7ffc351d7f00, data=<optimized out>) at ../cogl/cogl/winsys/cogl-winsys-glx.c:224
#3  0x00007fd104388f18 in _cogl_renderer_handle_native_event (renderer=<optimized out>, event=0x7ffc351d7f00) at ../cogl/cogl/cogl-renderer.c:636
#4  cogl_xlib_renderer_handle_event (renderer=<optimized out>, event=0x7ffc351d7f00) at ../cogl/cogl/cogl-xlib-renderer.c:579
#5  0x00007fd1048de110 in cogl_xlib_filter (xevent=<optimized out>, event=<optimized out>, data=<optimized out>) at ../src/backends/x11/meta-clutter-backend-x11.c:94
#6  0x00007fd1048e9d93 in meta_clutter_backend_x11_process_event_filters
    (clutter_backend_x11=0x5565596b0010 [MetaClutterBackendX11], event=0x55655dd7a2e0, native=0x7ffc351d7f00) at ../src/backends/x11/meta-clutter-backend-x11.c:329
#7  meta_clutter_backend_x11_translate_event (clutter_backend=0x5565596b0010 [MetaClutterBackendX11], native=0x7ffc351d7f00, event=0x55655dd7a2e0)
    at ../src/backends/x11/meta-clutter-backend-x11.c:363
#8  0x00007fd10498c090 in meta_x11_handle_event.isra.0 (backend=backend@entry=0x5565595f31d0 [MetaBackendX11Cm], xevent=xevent@entry=0x7ffc351d7f00)
    at ../src/backends/x11/meta-event-x11.c:82
#9  0x00007fd1048e576d in handle_host_xevent (event=0x7ffc351d7f00, backend=0x5565595f31d0 [MetaBackendX11Cm]) at ../src/backends/x11/meta-backend-x11.c:421
#10 x_event_source_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at ../src/backends/x11/meta-backend-x11.c:475
#11 0x00007fd1056a0a90 in g_main_dispatch (context=0x5565595de9f0) at ../glib/gmain.c:3454
#12 g_main_context_dispatch (context=context@entry=0x5565595de9f0) at ../glib/gmain.c:4172
#13 0x00007fd1056a0e48 in g_main_context_iterate (context=0x5565595de9f0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4248
#14 0x00007fd1056a110f in g_main_loop_run (loop=0x55655b770f00) at ../glib/gmain.c:4448
#15 0x00007fd1048c28c5 in meta_context_run_main_loop (context=<optimized out>, error=error@entry=0x7ffc351d8160) at ../src/core/meta-context.c:465
#16 0x000055655892d904 in main (argc=<optimized out>, argv=<optimized out>) at ../src/main.c:582

Crashes in this code because info is NULL:


976	cogl_onscreen_glx_notify_swap_buffers (CoglOnscreen          *onscreen,
977	                                       GLXBufferSwapComplete *swap_event)
978	{
979	  CoglOnscreenGlx *onscreen_glx = COGL_ONSCREEN_GLX (onscreen);
980	  CoglFramebuffer *framebuffer = COGL_FRAMEBUFFER (onscreen);
981	  CoglContext *context = cogl_framebuffer_get_context (framebuffer);
982	  gboolean ust_is_monotonic;
983	  CoglFrameInfo *info;
984	
985	  /* We only want to notify that the swap is complete when the
986	     application calls cogl_context_dispatch so instead of immediately
987	     notifying we'll set a flag to remember to notify later */
988	  set_sync_pending (onscreen);
989	
990	  info = cogl_onscreen_peek_head_frame_info (onscreen);
991	  info->flags |= COGL_FRAME_INFO_FLAG_VSYNC;   // <==== SIGSEGV HERE ====
992

The caller of notify_swap_buffers was handling a GLX_BufferSwapComplete event.

217	#ifdef GLX_INTEL_swap_event
218	  glx_renderer = context->display->renderer->winsys;
219	
220	  if (xevent->type == (glx_renderer->glx_event_base + GLX_BufferSwapComplete))
221	    {
222	      GLXBufferSwapComplete *swap_event = (GLXBufferSwapComplete *) xevent;
223	
224	      notify_swap_buffers (context, swap_event);
225	
226	      /* remove SwapComplete events from the queue */
227	      return COGL_FILTER_REMOVE;
228	    }
229	#endif /* GLX_INTEL_swap_event */

Regression

This happened after updating Mesa to 23.0.0. Analysis in the downstream openSUSE bug tracked it down to commit 19c57ea3.

Other information

The issue was gone after reverting commit 19c57ea3. I have only observed it with GNOME shell under Xorg, not under Wayland.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information