Skip to content

GNOME Shell / mutter crash in meta_wayland_tablet_tool_set_focus()

Affected version

  • Fedora 40
  • mutter-46.0-1.fc40.x86_64
  • Wayland

Bug summary

Clicked on a button in the browser (using the mouse), and GNOME Shell / mutter crashed, back to the GDM login screen.

Steps to reproduce

  1. Have a tablet connected
  2. Click on a button using the mouse

What happened

GNOME Shell / mutter crashed

What did you expect to happen

GNOME Shell / mutter does not crash

Relevant logs, screenshots, screencasts etc.

Core was generated by `/usr/bin/gnome-shell'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  wl_resource_get_client (resource=0x38000008bb) at ../src/wayland-server.c:801
801             return resource->client;                                                                                                                                                      

[Current thread is 1 (Thread 0x7ff740647640 (LWP 43541))]
(gdb) bt
#0  wl_resource_get_client (resource=0x38000008bb) at ../src/wayland-server.c:801
#1  0x00007ff743d5d92a in meta_wayland_tablet_tool_set_focus (tool=0x55b173b8ddb0, surface=0x55b173be85e0, event=0x0) at ../src/wayland/meta-wayland-tablet-tool.c:342
#2  0x00007ff743d5e427 in meta_wayland_tablet_tool_focus_surface (tool=<optimized out>, surface=0x55b173be85e0) at ../src/wayland/meta-wayland-tablet-tool.c:1004
#3  meta_wayland_tablet_seat_focus_surface (tablet_seat=<optimized out>, device=0x7ff6dc12cfe0 [MetaInputDeviceNative], surface=0x55b173be85e0)
    at ../src/wayland/meta-wayland-tablet-seat.c:641
#4  default_focus (handler=<optimized out>, device=0x7ff6dc12cfe0 [MetaInputDeviceNative], sequence=<optimized out>, surface=0x55b173be85e0, user_data=0x55b17114ec90)
    at ../src/wayland/meta-wayland-seat.c:235
#5  0x00007ff743d506e3 in meta_wayland_event_handler_handle_event (handler=0x55b171040bb0, event=0x55b174e18ed0) at ../src/wayland/meta-wayland-input.c:198
#6  meta_wayland_input_handle_event (input=0x55b171040b10 [MetaWaylandInput], event=0x55b174e18ed0) at ../src/wayland/meta-wayland-input.c:376
#7  0x00007ff743ccd01c in meta_wayland_seat_handle_event (seat=<optimized out>, event=0x55b174e18ed0) at ../src/wayland/meta-wayland-seat.c:667
#8  meta_wayland_compositor_handle_event (compositor=0x55b17115a030 [MetaWaylandCompositor], event=0x55b174e18ed0) at ../src/wayland/meta-wayland.c:540
#9  meta_display_handle_event (display=0x55b17115c320 [MetaDisplay], event=0x55b174e18ed0, event_actor=<optimized out>) at ../src/core/events.c:464
#10 event_callback (event=0x55b174e18ed0, event_actor=<optimized out>, data=0x55b17115c320) at ../src/core/events.c:486
#11 0x00007ff7440dd85b in _clutter_event_process_filters (event=0x55b174e18ed0, event_actor=0x55b1723ef7e0 [Gjs_ui_panel_ActivitiesButton]) at ../clutter/clutter/clutter-event.c:1302
#12 0x00007ff744113b92 in clutter_stage_update_device
    (stage=0x55b170fd3a50 [MetaStage], device=<optimized out>, sequence=0x0, source_device=0x7ff6dc12cfe0 [MetaInputDeviceNative], point=..., time_ms=57507030, new_actor=0x55b170fa23e0 [MetaSurfaceActorWayland], clear_area=0x55b176f0af70, emit_crossing=1) at ../clutter/clutter/clutter-stage.c:3493
#13 0x00007ff744132323 in clutter_stage_pick_and_update_device.isra.0
    (stage=stage@entry=0x55b170fd3a50 [MetaStage], device=device@entry=0x7ff6dc12cfe0 [MetaInputDeviceNative], sequence=sequence@entry=0x0, source_device=source_device@entry=0x7ff6dc12cfe0 [MetaInputDeviceNative], flags=flags@entry=CLUTTER_DEVICE_UPDATE_EMIT_CROSSING, point=..., time_ms=57507030) at ../clutter/clutter/clutter-stage.c:3611
#14 0x00007ff7441012b4 in update_device_for_event (emit_crossing=1, stage=0x55b170fd3a50 [MetaStage], event=0x7ff6dc1c86c0) at ../clutter/clutter/clutter-main.c:451
#15 clutter_stage_handle_event (stage=0x55b170fd3a50 [MetaStage], event=0x7ff6dc1c86c0) at ../clutter/clutter/clutter-main.c:541
#16 0x00007ff743c76f43 in dispatch_clutter_event (backend=0x55b170ca2590 [MetaBackendNative]) at ../src/backends/meta-backend.c:1133
#17 0x00007ff743c77031 in clutter_source_dispatch (source=0x55b170fe5500, callback=<optimized out>, user_data=<optimized out>) at ../src/backends/meta-backend.c:1177
#18 0x00007ff74434426c in g_main_dispatch (context=0x55b170b3d100) at ../glib/gmain.c:3344
#19 g_main_context_dispatch_unlocked (context=0x55b170b3d100) at ../glib/gmain.c:4152
#20 0x00007ff7443a52a8 in g_main_context_iterate_unlocked.isra.0 (context=0x55b170b3d100, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4217
#21 0x00007ff74434a227 in g_main_loop_run (loop=0x55b171176c10) at ../glib/gmain.c:4419
#22 0x00007ff743cd1ffa in meta_context_run_main_loop (context=<optimized out>, error=0x7ffcfea8df80) at ../src/core/meta-context.c:523
#23 0x00007ff7432e4056 in ffi_call_unix64 () at ../src/x86/unix64.S:104
#24 0x00007ff7432e06a0 in ffi_call_int (cif=cif@entry=0x55b1711efa60, fn=<optimized out>, rvalue=<optimized out>, avalue=<optimized out>, closure=closure@entry=0x0)
    at ../src/x86/ffi64.c:673
#25 0x00007ff7432e34ee in ffi_call (cif=0x55b1711efa60, fn=<optimized out>, rvalue=<optimized out>, avalue=<optimized out>) at ../src/x86/ffi64.c:710
#26 0x00007ff7441d5dce in Gjs::Function::invoke (this=0x55b1711efa40, context=0x55b170b6aac0, args=..., this_obj=..., r_value=<optimized out>) at ../gi/function.cpp:1052
#27 0x00007ff7441d66a3 in Gjs::Function::call (context=0x55b170b6aac0, js_argc=<optimized out>, vp=<optimized out>) at ../gi/function.cpp:1229
#28 0x00007ff74247cb64 in CallJSNative (args=..., reason=js::CallReason::Call, native=0x7ff7441d65c0 <Gjs::Function::call(JSContext*, unsigned int, JS::Value*)>, cx=0x55b170b6aac0)
    at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:486
#29 js::InternalCallOrConstruct (cx=0x55b170b6aac0, args=..., construct=<optimized out>, reason=js::CallReason::Call) at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:566
#30 0x00007ff742486286 in InternalCall (reason=<optimized out>, args=<optimized out>, cx=<optimized out>) at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:647
#31 js::CallFromStack (reason=<optimized out>, args=<optimized out>, cx=<optimized out>) at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:652
#32 js::Interpret (cx=0x55b170b6aac0, state=...) at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:3395
#33 0x00007ff74247c523 in MaybeEnterInterpreterTrampoline (state=..., cx=0x55b170b6aac0) at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:400
#34 js::RunScript (cx=cx@entry=0x55b170b6aac0, state=...) at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:458
#35 0x00007ff74247ca67 in js::InternalCallOrConstruct (cx=cx@entry=0x55b170b6aac0, args=..., construct=construct@entry=js::NO_CONSTRUCT, reason=<optimized out>)
    at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:612
#36 0x00007ff74247cedd in InternalCall (reason=<optimized out>, args=..., cx=0x55b170b6aac0) at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:647
#37 js::Call (cx=0x55b170b6aac0, fval=..., thisv=..., args=..., rval=..., reason=<optimized out>) at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:679
#38 0x00007ff742501bd8 in JS::Call (cx=0x55b170b6aac0, thisv=..., fval=fval@entry=..., args=..., rval=..., rval@entry=...)
    at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/CallAndConstruct.cpp:117
#39 0x00007ff744209c62 in JS::Call (cx=<optimized out>, thisv=..., funObj=..., args=..., rval=...) at /usr/include/mozjs-115/js/RootingAPI.h:1219
#40 GjsContextPrivate::run_main_loop_hook (this=0x55b170b614e0) at ../gjs/context.cpp:1434
--Type <RET> for more, q to quit, c to continue without paging--
#41 0x00007ff74421222f in GjsContextPrivate::eval_module
    (this=0x55b170b614e0, identifier=0x55b170e1de30 "resource:///org/gnome/shell/ui/init.js", exit_status_p=0x7ffcfea8e91b "C\001", error=0x7ffcfea8e920) at ../gjs/context.cpp:1551
#42 gjs_context_eval_module (js_context=<optimized out>, identifier=0x55b170e1de30 "resource:///org/gnome/shell/ui/init.js", exit_code=0x7ffcfea8e91b "C\001", error=0x7ffcfea8e920)
    at ../gjs/context.cpp:1330
#43 0x00007ff744212459 in gjs_context_eval_module_file
    (js_context=js_context@entry=0x55b170b61660 [GjsContext], filename=filename@entry=0x55b16ed15640 "resource:///org/gnome/shell/ui/init.js", exit_status_p=exit_status_p@entry=0x7ffcfea8e91b "C\001", error=error@entry=0x7ffcfea8e920) at ../gjs/context.cpp:1635
#44 0x000055b16ed14036 in main (argc=<optimized out>, argv=<optimized out>) at ../src/main.c:708