[Wayland-bugs] [Bug 741042] New: Segfault in wayland move drag after drag is unset

gtk+ (bugzilla.gnome.org) bugzilla at gnome.org
Tue Dec 2 11:55:46 PST 2014 

https://bugzilla.gnome.org/show_bug.cgi?id=741042
  gtk+ | Backend: Wayland | 3.14.x

           Summary: Segfault in wayland move drag after drag is unset
    Classification: Platform
           Product: gtk+
           Version: 3.14.x
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: Normal
         Component: Backend: Wayland
        AssignedTo: gtk-bugs at gtk.org
        ReportedBy: jonnylamb at gnome.org
         QAContact: gtk-bugs at gtk.org
                CC: rob at robster.org.uk, carlosg at gnome.org,
                    wayland-bugs at lists.freedesktop.org
     GNOME version: ---


bug #731380 fixed some problems with touch events but now move drag segfaults,
specifically because of 29d9b2f7cfec936b3a923797ac.

(sorry for the lack of debug symbols. not sure why they're not showing, the
library is not stripped)

#0  0x2b0938d4 in touch_handle_motion () from /usr/lib/libgdk-3.so.0
#1  0x2bae13bc in ffi_call_SYSV () at ../src/arm/sysv.S:196
#2  0x2bae1b54 in ffi_call (cif=0x7eec1a28, fn=<optimized out>, rvalue=0x0,
avalue=<optimized out>)
    at ../src/arm/ffi.c:250
#3  0x2bb4847c in wl_closure_invoke (closure=<optimized out>, flags=<optimized
out>, target=0x7eec1978, 
    opcode=904, data=0x13b218) at src/connection.c:934
#4  0x2bb45ddc in dispatch_event (display=0x10b588, queue=<optimized out>) at
src/wayland-client.c:1136
#5  0x2bb45e58 in dispatch_queue (display=0x10b588, queue=0x10b5f0) at
src/wayland-client.c:1261
#6  0x2bb46d60 in wl_display_dispatch_queue (display=0x10b588, queue=0x10b5f0)
at src/wayland-client.c:1445
#7  0x2b0983b8 in _gdk_wayland_display_queue_events () from
/usr/lib/libgdk-3.so.0
#8  0x2b0791e8 in gdk_display_get_event () from /usr/lib/libgdk-3.so.0
#9  0x2b098174 in gdk_event_source_dispatch () from /usr/lib/libgdk-3.so.0
#10 0x2b3d8de8 in g_main_dispatch (context=0x12c440) at gmain.c:3064
#11 g_main_context_dispatch (context=0x12c440) at gmain.c:3663
#12 0x2b3d90d0 in g_main_context_iterate (dispatch=1, block=<optimized out>,
context=0x12c440, 
    self=<optimized out>) at gmain.c:3734
#13 g_main_context_iterate (context=0x12c440, block=<optimized out>,
dispatch=1, self=<optimized out>)
    at gmain.c:3671
#14 0x2b3d9174 in g_main_context_iteration (context=0x12c440, may_block=1) at
gmain.c:3795
#15 0x2b2c1c40 in g_application_run (application=0xf5878, argc=<optimized out>,
argv=0x7eec1d44)
    at gapplication.c:2282
#16 0x0001583c in main ()

Turns out the GdkWaylandTouchData for the touch ID is being removed from the
GdkWaylandDeviceData.touches hash table here:

#0  0x2b09628c in gdk_wayland_device_unset_touch_grab () from
/usr/lib/libgdk-3.so.0
#1  0x2b09d018 in gdk_wayland_window_begin_move_drag () from
/usr/lib/libgdk-3.so.0
#2  0x2b08e370 in gdk_window_begin_move_drag_for_device () from
/usr/lib/libgdk-3.so.0
#3  0x2add80a8 in multipress_gesture_stopped_cb () from /usr/lib/libgtk-3.so.0
#4  0x2b362b7c in g_cclosure_marshal_VOID__VOIDv (closure=<optimized out>,
return_value=<optimized out>, 
    instance=<optimized out>, args=..., marshal_data=0x0, n_params=0,
param_types=0x0) at gmarshal.c:115
#5  0x2b360fd4 in _g_closure_invoke_va (closure=0x1b2bc8,
return_value=0x25e0c0, instance=0x25e0c0, 
    args=..., n_params=0, param_types=0x0) at gclosure.c:831
#6  0x2b376958 in g_signal_emit_valist (instance=<optimized out>,
signal_id=<optimized out>, detail=0, 
    var_args=...) at gsignal.c:3218
#7  0x2b377164 in g_signal_emit (instance=<optimized out>, signal_id=<optimized
out>, detail=0)
    at gsignal.c:3365
#8  0x2ac56cfc in _gtk_gesture_multi_press_stop () from /usr/lib/libgtk-3.so.0
#9  0x2ac56d8c in _double_click_timeout_cb () from /usr/lib/libgtk-3.so.0
#10 0x2b0732c0 in gdk_threads_dispatch () from /usr/lib/libgdk-3.so.0
#11 0x2b3d99b0 in g_timeout_dispatch (source=0x16ca48, callback=0x2b073294
<gdk_threads_dispatch>, 
    user_data=<optimized out>) at gmain.c:4473
#12 0x2b3d8de8 in g_main_dispatch (context=0x12c580) at gmain.c:3064
#13 g_main_context_dispatch (context=0x12c580) at gmain.c:3663
#14 0x2b3d90d0 in g_main_context_iterate (dispatch=1, block=<optimized out>,
context=0x12c580, 
    self=<optimized out>) at gmain.c:3734
#15 g_main_context_iterate (context=0x12c580, block=<optimized out>,
dispatch=1, self=<optimized out>)
    at gmain.c:3671
#16 0x2b3d9174 in g_main_context_iteration (context=0x12c580, may_block=1) at
gmain.c:3795
#17 0x2b2c1c40 in g_application_run (application=0xf5878, argc=<optimized out>,
argv=0x7ec07d34)
    at gapplication.c:2282
#18 0x0001583c in main ()

I don't really understand why gdk_wayland_device_unset_touch_grab() is being
called here but it was explicitly added in the aforementioned commit. Perhaps
the fix here is just to ignore the motion event if we don't have a
GdkWaylandTouchData (which doesn't appear to cause other issues)?

I don't know enough about this touch stack so I thought I'd just open a bug.

-- 
Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the wayland-bugs mailing list