SIGSEGV in clutter_stage_schedule_update (stage=0x0) at ../mutter/clutter/clutter/clutter-stage.c:2640
I can make mutter 41 crash reliably with the following backtrace:
#0 clutter_stage_schedule_update (stage=0x0) at ../mutter/clutter/clutter/clutter-stage.c:2640
stage_window = <optimized out>
#1 0x00007f3bb943d083 in meta_wayland_actor_surface_apply_state (surface_role=<optimized out>, pending=0x560438d4eea0) at ../mutter/src/wayland/meta-wayland-actor-surface.c:311
stage = 0x0
actor_surface = 0x560433b415b0
priv = <optimized out>
#2 0x00007f3bb945b4b9 in meta_wayland_surface_role_apply_state (pending=0x560438d4eea0, surface_role=<optimized out>) at ../mutter/src/wayland/meta-wayland-surface.c:1869
subsurface_surface = <optimized out>
had_damage = 1
__func__ = "meta_wayland_surface_apply_state"
#3 meta_wayland_surface_apply_state (surface=<optimized out>, state=<optimized out>) at ../mutter/src/wayland/meta-wayland-surface.c:832
subsurface_surface = <optimized out>
had_damage = 1
__func__ = "meta_wayland_surface_apply_state"
#4 0x00007f3bb87c8acd in () at /usr/lib/libffi.so.7
#5 0x00007f3bb87c803a in () at /usr/lib/libffi.so.7
#6 0x00007f3bb8d40124 in () at /usr/lib/libwayland-server.so.0
#7 0x00007f3bb8d3b57c in () at /usr/lib/libwayland-server.so.0
#8 0x00007f3bb8d3e07a in wl_event_loop_dispatch () at /usr/lib/libwayland-server.so.0
#9 0x00007f3bb9439c3d in wayland_event_source_dispatch (base=<optimized out>, callback=<optimized out>, data=<optimized out>) at ../mutter/src/wayland/meta-wayland.c:100
source = <optimized out>
loop = <optimized out>
#10 0x00007f3bba0154dc in g_main_context_dispatch () at /usr/lib/libglib-2.0.so.0
#11 0x00007f3bba069749 in () at /usr/lib/libglib-2.0.so.0
#12 0x00007f3bba014a63 in g_main_loop_run () at /usr/lib/libglib-2.0.so.0
#13 0x00007f3bb93d074b in meta_context_run_main_loop (context=context@entry=0x5604321b6060, error=error@entry=0x7fff622cb000) at ../mutter/src/core/meta-context.c:433
priv = 0x5604321b6000
__func__ = "meta_context_run_main_loop"
#14 0x0000560432112475 in main (argc=<optimized out>, argv=<optimized out>) at ../gnome-shell/src/main.c:563
context = 0x5604321b6060
error = 0x0
ecode = 0
I download a pptx file from Firefox, open it from Firefox, and when the LibreOffice Read Only warning pop-up window appears, mutter crashes.
mutter 41 from fcgu, Arch Linux, Wayland, Intel, Firefox Nightly, linux Kernel 5.14.10