segfault in wayland OSK input handling
Affected version
43.1
Bug summary
In the wayland session, while frantically switching between rnote and gnome-terminal (where switching to gnome-terminal causes the on-screen keyboard to appear) gnome-shell crashed and left me back in gdm. The coredump was called gnome-shell, but all of the code in the backtrace is in mutter, so I put it here.
Steps to reproduce
At the time of the crash, I think this is what happened:
- I opened activities view
- I tried to tap on rnote (probably failed by moving my finger too much and just dragging the window around instead)
- the on-screen keyboard came up, which may have been from me tapping inside gnome-terminal just before opening activities
- I tried to dismiss the on-screen keyboard
What happened
Whole session disappeared, blinking linux cursor for a bit, then back in gdm.
What did you expect to happen
No crash
Relevant logs, screenshots, screencasts etc.
#0 0x00007f23a72bbeaf in wl_list_remove (elm=elm@entry=0x55a717741448) at ../wayland-1.21.0/src/wayland-util.c:56
#1 0x00007f23a7188540 in meta_wayland_text_input_set_focus (text_input=0x55a717741410, surface=0x0) at ../mutter/src/wayland/meta-wayland-text-input.c:370
#2 0x00007f23a70b45b0 in meta_wayland_seat_set_input_focus (surface=0x0, seat=0x55a717a3afe0) at ../mutter/src/wayland/meta-wayland-seat.c:426
#3 meta_wayland_compositor_set_input_focus (compositor=<optimized out>, window=<optimized out>) at ../mutter/src/wayland/meta-wayland.c:148
#4 meta_display_sync_wayland_input_focus (display=<optimized out>) at ../mutter/src/core/display.c:1445
#5 0x00007f23a70c4b14 in meta_display_handle_event (event_actor=0x55a71a7fc660, event=0x55a71a744a00, display=0x55a717c64040) at ../mutter/src/core/events.c:249
#6 event_callback (event=0x55a71a744a00, event_actor=0x55a71a7fc660, data=0x55a717c64040) at ../mutter/src/core/events.c:560
#7 0x00007f23a73daba0 in _clutter_event_process_filters (event=0x55a71a744a00, event_actor=0x55a71a7fc660) at ../mutter/clutter/clutter/clutter-event.c:1691
#8 0x00007f23a7423380 in clutter_stage_update_device
(stage=0x55a7177c5c00, device=0x55a717747180, sequence=0x1, point=..., time_ms=2366247, new_actor=0x55a71a7fc660, clear_area=<optimized out>, emit_crossing=1)
at ../mutter/clutter/clutter/clutter-stage.c:3494
#9 0x00007f23a7401844 in clutter_stage_pick_and_update_device (time_ms=2366247, point=..., flags=CLUTTER_DEVICE_UPDATE_EMIT_CROSSING, sequence=0x1, device=0x55a717747180, stage=0x55a7177c5c00)
at ../mutter/clutter/clutter/clutter-stage.c:3575
#10 update_device_for_event (emit_crossing=1, event=0x7f2368137da0, stage=0x55a7177c5c00) at ../mutter/clutter/clutter/clutter-main.c:703
#11 clutter_do_event (event=0x7f2368137da0) at ../mutter/clutter/clutter/clutter-main.c:771
#12 0x00007f23a70677ea in clutter_source_dispatch (source=0x55a717765110, callback=<optimized out>, user_data=<optimized out>) at ../mutter/src/backends/meta-backend.c:1112
#13 0x00007f23a7ee787b in g_main_dispatch (context=0x55a7174391c0) at ../glib/glib/gmain.c:3444
#14 g_main_context_dispatch (context=0x55a7174391c0) at ../glib/glib/gmain.c:4162
#15 0x00007f23a7f3e279 in g_main_context_iterate.constprop.0 (context=0x55a7174391c0, block=1, dispatch=1, self=<optimized out>) at ../glib/glib/gmain.c:4238
#16 0x00007f23a7ee6ddf in g_main_loop_run (loop=0x55a718f82ab0) at ../glib/glib/gmain.c:4438
#17 0x00007f23a70d0bab in meta_context_run_main_loop (context=<optimized out>, error=0x7ffcabc76b30) at ../mutter/src/core/meta-context.c:453
The crashing line in wayland-util.c
is elm->prev->next = elm->next;
, and elm->prev
is null. I guess it could be a libwayland-* problem? I don't really know what I'm doing.