Bug 2268998

Summary: [abrt] gnome-shell: meta_wayland_surface_get_window(): gnome-shell killed by SIGSEGV
Product: [Fedora] Fedora Reporter: Kamil Páral <kparal>
Component: mutterAssignee: GNOME SIG Unassigned <gnome-sig>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 40CC: adscvr, fmuellner, gnome-sig, hdegoede, jadahl, kparal, otaylor, ovitters, philip.wyett, robatino, romulasry, walters
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
URL: https://retrace.fedoraproject.org/faf/reports/bthash/b73f280d88b1ba18999c7533f6d4e26d0bf239a
Whiteboard: abrt_hash:67aaacb90588ecb6e41be8832105fba2457e8687;VARIANT_ID=workstation;
Fixed In Version: mutter-46.0-1.fc40 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-03-20 19:56:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2187794    
Attachments:
Description Flags
File: proc_pid_status
none
File: maps
none
File: limits
none
File: environ
none
File: open_fds
none
File: mountinfo
none
File: os_info
none
File: cpuinfo
none
File: core_backtrace
none
File: exploitable
none
File: var_log_messages
none
File: backtrace none

Description Kamil Páral 2024-03-11 12:52:55 UTC 
Description of problem:
Trying to reproduce bug 2267822. Closed Frozen Bubble with the X button, whole GNOME crashed.

Version-Release number of selected component:
gnome-shell-46~rc-1.fc40

Additional info:
reporter:       libreport-2.17.15
type:           CCpp
reason:         gnome-shell killed by SIGSEGV
journald_cursor: s=cda6d290548446e4955d95a4ce559d54;i=5af0;b=9e4f47e830724bd19dbaace5da8cf870;m=271e3f7d;t=61361e8146aff;x=a7c61aa21a91adeb
executable:     /usr/bin/gnome-shell
cmdline:        /usr/bin/gnome-shell
cgroup:         0::/user.slice/user-1000.slice/user/session.slice/org.gnome.Shell
rootdir:        /
uid:            1000
kernel:         6.8.0-0.rc6.49.fc40.x86_64
package:        gnome-shell-46~rc-1.fc40
runlevel:       N 5
dso_list:       /usr/bin/gnome-shell gnome-shell-46~rc-1.fc40.x86_64 (Fedora Project) 1709903054
backtrace_rating: 4
crash_function: meta_wayland_surface_get_window
comment:        Trying to reproduce bug 2267822. Closed Frozen Bubble with the X button, whole GNOME crashed.

Truncated backtrace:
Thread no. 1 (34 frames)
 #0 meta_wayland_surface_get_window at ../src/wayland/meta-wayland-surface.c:2065
 #1 repick_for_event at ../src/wayland/meta-wayland-pointer.c:606
 #2 meta_wayland_pointer_update at ../src/wayland/meta-wayland-pointer.c:639
 #3 meta_wayland_seat_update at ../src/wayland/meta-wayland-seat.c:441
 #5 meta_wayland_compositor_update at ../src/wayland/meta-wayland.c:399
 #6 meta_display_handle_event at ../src/core/events.c:297
 #7 event_callback at ../src/core/events.c:497
 #8 _clutter_event_process_filters at ../clutter/clutter/clutter-event.c:1281
 #9 clutter_stage_handle_event at ../clutter/clutter/clutter-main.c:557
 #10 dispatch_clutter_event at ../src/backends/meta-backend.c:1133
 #11 clutter_source_dispatch at ../src/backends/meta-backend.c:1177
 #13 g_main_context_dispatch_unlocked at ../glib/gmain.c:4152
 #14 g_main_context_iterate_unlocked.isra.0 at ../glib/gmain.c:4217
 #16 meta_context_run_main_loop at ../src/core/meta-context.c:523
 #17 ffi_call_unix64 at ../src/x86/unix64.S:104
 #18 ffi_call_int at ../src/x86/ffi64.c:673
 #19 ffi_call at ../src/x86/ffi64.c:710
 #20 Gjs::Function::invoke at ../gi/function.cpp:1052
 #21 Gjs::Function::call at ../gi/function.cpp:1229
 #22 CallJSNative at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:486
 #23 js::InternalCallOrConstruct at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:566
 #24 InternalCall at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:647
 #25 js::CallFromStack at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:652
 #26 js::Interpret at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:3395
 #27 MaybeEnterInterpreterTrampoline at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:400
 #28 js::RunScript at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:458
 #29 js::InternalCallOrConstruct at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:612
 #30 InternalCall at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:647
 #31 js::Call at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/Interpreter.cpp:679
 #32 JS::Call at /usr/src/debug/mozjs115-115.7.0-1.fc40.x86_64/vm/CallAndConstruct.cpp:117
 #34 GjsContextPrivate::run_main_loop_hook at ../gjs/context.cpp:1434
 #35 GjsContextPrivate::eval_module at ../gjs/context.cpp:1551
 #36 gjs_context_eval_module at ../gjs/context.cpp:1330
 #37 gjs_context_eval_module_file at ../gjs/context.cpp:1635
Comment 1 Kamil Páral 2024-03-11 12:52:59 UTC 
Created attachment 2021114 [details]
File: proc_pid_status
Comment 2 Kamil Páral 2024-03-11 12:53:01 UTC 
Created attachment 2021115 [details]
File: maps
Comment 3 Kamil Páral 2024-03-11 12:53:03 UTC 
Created attachment 2021116 [details]
File: limits
Comment 4 Kamil Páral 2024-03-11 12:53:05 UTC 
Created attachment 2021117 [details]
File: environ
Comment 5 Kamil Páral 2024-03-11 12:53:07 UTC 
Created attachment 2021118 [details]
File: open_fds
Comment 6 Kamil Páral 2024-03-11 12:53:09 UTC 
Created attachment 2021119 [details]
File: mountinfo
Comment 7 Kamil Páral 2024-03-11 12:53:11 UTC 
Created attachment 2021120 [details]
File: os_info
Comment 8 Kamil Páral 2024-03-11 12:53:13 UTC 
Created attachment 2021121 [details]
File: cpuinfo
Comment 9 Kamil Páral 2024-03-11 12:53:15 UTC 
Created attachment 2021122 [details]
File: core_backtrace
Comment 10 Kamil Páral 2024-03-11 12:53:17 UTC 
Created attachment 2021124 [details]
File: exploitable
Comment 11 Kamil Páral 2024-03-11 12:53:19 UTC 
Created attachment 2021126 [details]
File: var_log_messages
Comment 12 Kamil Páral 2024-03-11 12:53:21 UTC 
Created attachment 2021129 [details]
File: backtrace
Comment 13 Fedora Admin user for bugzilla script actions 2024-03-11 13:03:08 UTC 
This component is maintained by the GNOME project. Issues with it should be reported directly to GNOME at https://gitlab.gnome.org/GNOME/.

This issue should only be kept open if it:

1. Relates to Fedora packaging or integration with other Fedora components
2. Is required for Fedora release processes, such as blocker bugs and freeze exceptions

If this issue isn't needed for either of these two reasons, please:

 * create an issue with GNOME
 * add a link to the GNOME issue here
 * close this issue as CLOSED/UPSTREAM

Thank you!
Comment 14 Kamil Páral 2024-03-11 13:07:05 UTC 
I can reproduce this consistently with Frozen Bubble, Neverball, SuperTux Kart. It crashes the desktop only if you close the window using a mouse. Closing the game via Alt+F4 works fine. I don't see this problem with GNOME Mines and AisleRiot Solitaire.
Comment 15 Kamil Páral 2024-03-11 13:08:25 UTC 
*** Bug 2267822 has been marked as a duplicate of this bug. ***
Comment 16 Kamil Páral 2024-03-11 13:11:48 UTC 
Proposing as a blocker against:
https://fedoraproject.org/wiki/Fedora_40_Final_Release_Criteria#Window_manager_functionality

There's clearly some set of apps for which closing the window doesn't work correctly, but it crashes the whole session. We'll need to figure out how large the set is and what defines it, but it's clearly not small and it's trivial to hit.
Comment 17 Kamil Páral 2024-03-11 13:14:32 UTC 
Forgot to add: All games were installed as RPM packages (Flatpak versions weren't tested).
Comment 18 Kamil Páral 2024-03-11 15:21:56 UTC 
More examples of affected games:
AstroMenace (if you switch to a windows mode, and then try to close it via X in titlebar, and confirm game menu prompt)
BlockOut II
Fish Fillets
Comment 19 Olav Vitters 2024-03-13 16:12:22 UTC 
I seemingly hit the same mutter crash with Cameractrls in bug 2269389, though that's only a Flatpak app ("Software" does not show it available as a package).
Comment 20 Jonas Ådahl 2024-03-18 09:22:55 UTC 
Fixed in 46.0.
Comment 21 Fedora Update System 2024-03-18 16:23:39 UTC 
FEDORA-2024-1ed0b13d87 (gnome-shell-46.0-1.fc40, gnome-shell-extensions-46.0-1.fc40, and 1 more) has been submitted as an update to Fedora 40.
https://bodhi.fedoraproject.org/updates/FEDORA-2024-1ed0b13d87
Comment 22 Kamil Páral 2024-03-19 11:22:07 UTC 
(In reply to Fedora Update System from comment #21)
> FEDORA-2024-1ed0b13d87 (gnome-shell-46.0-1.fc40,
> gnome-shell-extensions-46.0-1.fc40, and 1 more) has been submitted as an
> update to Fedora 40.
> https://bodhi.fedoraproject.org/updates/FEDORA-2024-1ed0b13d87

I can't reproduce the crash with this update, looks fixed.
Comment 23 Fedora Update System 2024-03-20 19:56:19 UTC 
FEDORA-2024-1ed0b13d87 (gnome-shell-46.0-1.fc40, gnome-shell-extensions-46.0-1.fc40, and 1 more) has been pushed to the Fedora 40 stable repository.
If problem still persists, please make note of it in this bug report.