1913988 - Firefox can Crash when failing to Create a Wayland Subsurface

Status: RESOLVED FIXED

(Core :: Widget: Gtk, defect)

Description

[Sarah Jamie Lewis]

Attachment: minidump

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:129.0) Gecko/20100101 Firefox/129.0

Steps to reproduce:

When testing an in-development Wayland Compositor, a Firefox process segfaulted during setup. I have attached the minidump-stackwalk output.

Actual results:

From the stack dump it appears as if while attempting moz_container_wayland_surface_create_locked, Firefox assumes wl_subcompositor_get_subsurface Firefox ends up passing a null pointer through to wl_proxy_marshal_constructor in libwayland-client

Looking at the code...I believe this is because the Compositor did not advertise support for the wl_subcompositor global interface and Firefox did not check the output of WaylandDisplayGet()->GetSubcompositor() prior to passing it into wl_subcompositor_get_subsurface

Expected results:

Firefox should fail gracefully in the presence of incomplete compositors / malformed compositor protocol setups.

Comment 1

[BugBot [:suhaib / :marco/ :calixte]]

The Bugbug bot thinks this bug should belong to the 'Core::Widget: Gtk' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Comment 2

[Martin Stránský [:stransky] (ni? me)]

We're expected to have a subcompositor:
https://searchfox.org/mozilla-central/rev/e942f7bc56cd103bba86b396ddeba5b1ab04f1a4/widget/gtk/nsWaylandDisplay.cpp#208

Comment 3

[Martin Stránský [:stransky] (ni? me)]

Attachment: Bug 1913988 [Wayland] Quit if we're missing requested Wayland interface r?emilio

Comment 4

[Pulsebot]

Pushed by stransky@redhat.com:
https://hg.mozilla.org/integration/autoland/rev/8d31fd9f50c3
[Wayland] Quit if we're missing requested Wayland interface r=emilio

Comment 5

[Serban Stanca [:SerbanS]]

https://hg.mozilla.org/mozilla-central/rev/8d31fd9f50c3