533710 – [Wayland] Gnome-shell crashes when selecting an item from List

Bug 533710 - [Wayland] Gnome-shell crashes when selecting an item from List

Summary: [Wayland] Gnome-shell crashes when selecting an item from List

Status:	RESOLVED FIXED

Alias:	None

Product:	Platform
Classification:	Eclipse Project
Component:	SWT (show other bugs)
Version:	4.8
Hardware:	PC Linux

Importance:	P1 major (vote)
Target Milestone:	4.8
Assignee:	Leo Ufimtsev
QA Contact:

URL:
Whiteboard:
Keywords:	regression, triaged

Depends on:
Blocks:	swtWaylandTracker48
	Show dependency tree

Reported:	2018-04-17 16:38 EDT by Eric Williams
Modified:	2018-05-29 05:18 EDT (History)
CC List:	4 users (show)

See Also:	515773

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Eric Williams

2018-04-17 16:38:28 EDT

Only on Wayland: gnome-shell crashes when selection an item from the content assist.

Steps to reproduce:
1) Open a Java editor in Eclipse
2) Type <object_name>. and observe the content assist pop-up to select a method
3) Select (with a single click only) an item from the list
4) gnome-shell will crash

Sometimes it requires 1-3 times to reproduce, but it always happens on Wayland. X11 seems unaffected, as does 4.7. I have reproduced the bug on 4.8 M6 and master as of today.

Fedora 27
GTK3.22

Comment 1 Leo Ufimtsev

2018-05-01 14:59:27 EDT

Been investigating this.

Doesn't seem to be Webkit specific. The issue still occurs if all of webkit is removed from SWT and Browser is reduced only to it's constructor.


Note to self:
###########################
One thing gtk folks advised was to debug in mutter so that the main gnome session doesn't crash.

(tab 1)
mutter --nested --wayland

(tab 2)
WAYLAND_DISPLAY=wayland-1 gdb ~/apps/eclipse/eclipse

I was able to reproduce the crash in the mutter session.  But still trying to figure out how to get a proper stack trace for mutter.

Useful reading:
https://fedoraproject.org/wiki/How_to_debug_Wayland_problems#Debugging_gnome-shell

Comment 2 Leo Ufimtsev

2018-05-01 15:37:51 EDT

Note to self:
-------------

I found that I can launch mutter via:
  mutter --nested

(this pops up a mutter window, that is a separate wayland session).

Then in eclipse, I can launch a child eclipse inside this mutter by setting environment variables:

  GDK_BACKEND=wayland
  WAYLAND_DISPLAY=wayland-1

On the side, this is rather useful for jUnit test cases as well as they don't steal mouse input.

This mutter mechanism is quite useful on wayland development, I'll document this business later on.

Comment 3 Leo Ufimtsev

2018-05-01 15:51:58 EDT

Note to self:

I've debugged mutter itself via:

gdb --args mutter --nested

When gnome crashes, I get the following trace:

[Thread 0x7fffda3b2700 (LWP 25920) exited]
Thread 1 "mutter" received signal SIGSEGV, Segmentation fault.
meta_wayland_surface_is_effectively_synchronized (surface=surface@entry=0x555555775770 [MetaWaylandSurface]) at wayland/meta-wayland-surface.c:584
584	          return meta_wayland_surface_is_effectively_synchronized (parent);
(gdb) bt
#0  0x00007ffff7b33d81 in meta_wayland_surface_is_effectively_synchronized (surface=surface@entry=0x555555775770 [MetaWaylandSurface]) at wayland/meta-wayland-surface.c:584
#1  0x00007ffff7b34384 in meta_wayland_surface_commit (surface=0x555555775770 [MetaWaylandSurface]) at wayland/meta-wayland-surface.c:925
#2  0x00007ffff7b34384 in wl_surface_commit (client=<optimized out>, resource=<optimized out>) at wayland/meta-wayland-surface.c:925
#3  0x00007fffebc2003e in ffi_call_unix64 () at ../src/x86/unix64.S:76
#4  0x00007fffebc1f9ff in ffi_call (cif=<optimized out>, fn=<optimized out>, rvalue=<optimized out>, avalue=<optimized out>) at ../src/x86/ffi64.c:525
#5  0x00007fffef657f2d in wl_closure_invoke () at /lib64/libwayland-server.so.0
#6  0x00007fffef6543df in wl_client_connection_data () at /lib64/libwayland-server.so.0
#7  0x00007fffef655f02 in wl_event_loop_dispatch () at /lib64/libwayland-server.so.0
#8  0x00007ffff7b1d87b in wayland_event_source_dispatch (base=<optimized out>, callback=<optimized out>, data=<optimized out>) at wayland/meta-wayland.c:86
#9  0x00007fffefccc7cd in g_main_dispatch (context=0x55555576d560) at gmain.c:3177
#10 0x00007fffefccc7cd in g_main_context_dispatch (context=context@entry=0x55555576d560) at gmain.c:3830
#11 0x00007fffefcccb98 in g_main_context_iterate (context=0x55555576d560, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3903
#12 0x00007fffefcccec2 in g_main_loop_run (loop=0x5555559c0040) at gmain.c:4099
#13 0x00007ffff7ae4b00 in meta_run () at core/main.c:664
#14 0x0000555555555079 in main (argc=<optimized out>, argv=<optimized out>) at core/mutter.c:85


I.e, it looks like there is some kind of invalid surface somewhere.

~ Investigating.

Comment 4 Eric Williams

2018-05-02 09:56:12 EDT

Happens also during the "Fetch from Gerrit" window, i.e. when selecting a change from the dropdown list, after providing a change ID. After a single click it crashed my entire gnome-shell instance.

Comment 5 Leo Ufimtsev

2018-05-02 12:18:24 EDT

The regression is caused by this guy:
515773 – [wayland] Text widget not able to grab focus with SWT.ON_TOP shell
https://bugs.eclipse.org/bugs/show_bug.cgi?id=515773

I'll investigate a fix or try to revert before code freeze next week.

Comment 6 Leo Ufimtsev

2018-05-03 15:45:00 EDT

Fixed by:
https://git.eclipse.org/r/122135