Bug 1417996
| Summary: | Firefox/Wayland: crash at subsurface_role_get_toplevel() | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Martin Stransky <stransky> | ||||||||||||||||||||||||||||
| Component: | gnome-shell | Assignee: | Owen Taylor <otaylor> | ||||||||||||||||||||||||||||
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||||||||||||||||||||||
| Severity: | unspecified | Docs Contact: | |||||||||||||||||||||||||||||
| Priority: | unspecified | ||||||||||||||||||||||||||||||
| Version: | 25 | CC: | fmuellner, jadahl, j.bittner, ofourdan, otaylor, wgianopoulos | ||||||||||||||||||||||||||||
| Target Milestone: | --- | ||||||||||||||||||||||||||||||
| Target Release: | --- | ||||||||||||||||||||||||||||||
| Hardware: | x86_64 | ||||||||||||||||||||||||||||||
| OS: | Unspecified | ||||||||||||||||||||||||||||||
| URL: | https://retrace.fedoraproject.org/faf/reports/bthash/241ec71e8004fb3ede24f91559a4f78b11f2392d | ||||||||||||||||||||||||||||||
| Whiteboard: | abrt_hash:8ee440234af510ad061a50806d8ebd720ccbc580;VARIANT_ID=workstation; | ||||||||||||||||||||||||||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||||||||||||||||||||||||||
| Doc Text: | Story Points: | --- | |||||||||||||||||||||||||||||
| Clone Of: | Environment: | ||||||||||||||||||||||||||||||
| Last Closed: | 2017-06-19 12:29:41 UTC | Type: | --- | ||||||||||||||||||||||||||||
| Regression: | --- | Mount Type: | --- | ||||||||||||||||||||||||||||
| Documentation: | --- | CRM: | |||||||||||||||||||||||||||||
| Verified Versions: | Category: | --- | |||||||||||||||||||||||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||||||||||||||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||||||||||||||||||||||
| Embargoed: | |||||||||||||||||||||||||||||||
| Attachments: |
|
||||||||||||||||||||||||||||||
|
Description
Martin Stransky
2017-01-31 14:50:51 UTC
Created attachment 1246293 [details]
File: backtrace
Created attachment 1246294 [details]
File: cgroup
Created attachment 1246295 [details]
File: core_backtrace
Created attachment 1246296 [details]
File: dso_list
Created attachment 1246297 [details]
File: environ
Created attachment 1246298 [details]
File: exploitable
Created attachment 1246299 [details]
File: limits
Created attachment 1246300 [details]
File: maps
Created attachment 1246301 [details]
File: mountinfo
Created attachment 1246303 [details]
File: namespaces
Created attachment 1246304 [details]
File: open_fds
Created attachment 1246305 [details]
File: proc_pid_status
Created attachment 1246306 [details]
File: var_log_messages
I happens to me regularly when I test Firefox Wayland build. *** Bug 1412311 has been marked as a duplicate of this bug. *** Hello, can we move with this please? It's blocking our Firefox/Wayland effort. Not sure it's Firefox or Mutter/gnome-shell bug but needs to be fixed. Reproduction steps: 1) Install Wayland Firefox from https://firefox-flatpak.mojefedora.cz/ 2) Run it, try to show some popups repeatedly (menu, tooltips...) 3) Crashes whole session Fixed in the patch on https://bugzilla.gnome.org/show_bug.cgi?id=781391 . The problem was that Firefox committed surface state to a surface of a subsurface which had been destroyed. Mutter did not handle that well, and the patch in the upstream bug fixes that. Now, another issue here is that Firefox uses subsurface's for popups. That is wrong for various reasons: 1) you wont be able to keep the popup window within the monitor region. At best, a popup menu can be kept within the parent window by managing the position itself, but this is not how popup menus usually work. 2) dismissing the popup menu will only work if its the Firefox client itself that does it; for example opening a popup and clicking outside of the window will not dismiss the popup. To fix 1 and 2 and get proper popup menu semantics you must use xdg_popup (currently zxdg_popup_v6) or gtk's popup API. Just a side note; it would have been fixed faster if this issue had been reported upstream. (In reply to Jonas Ådahl from comment #17) Thanks Jonas, the crashes seems to be fixed now (Fedora 26, gtk3-3.22.15-2.fc26.x86_64) > Fixed in the patch on https://bugzilla.gnome.org/show_bug.cgi?id=781391 . > > The problem was that Firefox committed surface state to a surface of a > subsurface which had been destroyed. Mutter did not handle that well, and > the patch in the upstream bug fixes that. Filed as Bug 1462725 for further investigation. > Now, another issue here is that Firefox uses subsurface's for popups. That > is wrong for various reasons: > > 1) you wont be able to keep the popup window within the monitor region. At > best, a popup menu can be kept within the parent window by managing the > position itself, but this is not how popup menus usually work. I think we cal live with that now. > 2) dismissing the popup menu will only work if its the Firefox client itself > that does it; for example opening a popup and clicking outside of the window > will not dismiss the popup. That's recent popup behavior at Firefox where Firefox handles all popups by itself. It's also a reason why https://bugzilla.gnome.org/show_bug.cgi?id=783957 breaks that. > To fix 1 and 2 and get proper popup menu semantics you must use xdg_popup > (currently zxdg_popup_v6) or gtk's popup API. Unfortunately xdg_popup requires exact pop-up hierarchy which Firefox does not follow. Using xdg_popup means that some sub-menus are now shown (see Bug 1457201) because FF creates all popups as a child of main window. To utilize the xdg_popups we will need rewrite and update FF popup code to create popup hierarchy or at least detect which popups should map together which is not so easy AFAIK. I think we can close it now as the crashes are fixed. |