Bug 400678

Summary:	Wayland session crashes when I press enter after try to drag a CSD window with a touch screen
Product:	[Plasma] kwin	Reporter:	Patrick Silva <bugseforuns>
Component:	wayland-generic	Assignee:	KWin default assignee <kwin-bugs-null>
Status:	RESOLVED WORKSFORME
Severity:	crash	CC:	nate, notuxius
Priority:	NOR	Flags:	mgraesslin: Wayland+ mgraesslin: X11-
Version:	5.14.2
Target Milestone:	---
Platform:	Neon
OS:	Linux
Latest Commit:		Version Fixed In:
Sentry Crash Report:

Description Patrick Silva 2018-11-04 19:09:13 UTC

STEPS TO REPRODUCE
1. open a CSD window (gnome mpv player, for example)
2. try to drag the window using a touch screen
3. dragging does not work but the window enters in "drag mode"
4. while the window is still in "drag mode", close it using the touch screen
5. apparently the window is closed, but it reappears after some milliseconds
in "drag mode"
6. press enter key

OBSERVED RESULT
wayland session crashes and the system goes to login screen

EXPECTED RESULT
no crash

SOFTWARE VERSIONS
KDE neon Developer Edition
KDE Plasma: 5.14.80
Qt: 5.11.2
KDE Frameworks: 5.52.0
kernel: 4.18.8-041808-generic


Thread 9 (Thread 2526.2562):
#0  0x00007fd25f8a09f3 in futex_wait_cancelable (private=<optimized out>, expected=0, 
    futex_word=0x7fd25d2c8fb8 <QTWTF::pageheap_memory+57592>) at ../sysdeps/unix/sysv/linux/futex-internal.h:88
#1  __pthread_cond_wait_common (abstime=0x0, mutex=0x7fd25d2c8f68 <QTWTF::pageheap_memory+57512>, 
    cond=0x7fd25d2c8f90 <QTWTF::pageheap_memory+57552>) at pthread_cond_wait.c:502
#2  __pthread_cond_wait (cond=cond@entry=0x7fd25d2c8f90 <QTWTF::pageheap_memory+57552>, 
    mutex=mutex@entry=0x7fd25d2c8f68 <QTWTF::pageheap_memory+57512>) at pthread_cond_wait.c:655
#3  0x00007fd25cfd3954 in QTWTF::TCMalloc_PageHeap::scavengerThread (this=0x7fd25d2baec0 <QTWTF::pageheap_memory>)
    at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:2359
#4  0x00007fd25cfd3999 in QTWTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>)
    at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:1464
#5  0x00007fd25f89a6db in start_thread (arg=0x7fd21dfb8700) at pthread_create.c:463
#6  0x00007fd25d94a88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 8 (Thread 2526.2560):
#0  0x00007fd25f8a09f3 in futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x55dc5bd88f00)
    at ../sysdeps/unix/sysv/linux/futex-internal.h:88
#1  __pthread_cond_wait_common (abstime=0x0, mutex=0x55dc5bd88eb0, cond=0x55dc5bd88ed8) at pthread_cond_wait.c:502
#2  __pthread_cond_wait (cond=cond@entry=0x55dc5bd88ed8, mutex=mutex@entry=0x55dc5bd88eb0) at pthread_cond_wait.c:655
#3  0x00007fd25e27b94b in QWaitConditionPrivate::wait (time=18446744073709551615, this=0x55dc5bd88eb0)
    at thread/qwaitcondition_unix.cpp:143
#4  QWaitCondition::wait (this=this@entry=0x55dc5bd88cf0, mutex=mutex@entry=0x55dc5bd88ce8, time=time@entry=18446744073709551615)
    at thread/qwaitcondition_unix.cpp:215
#5  0x00007fd21f7c822b in FileInfoThread::run (this=0x55dc5bd88cd8) at fileinfothread.cpp:227
#6  0x00007fd25e27aadb in QThreadPrivate::start (arg=0x55dc5bd88cd8) at thread/qthread_unix.cpp:367
#7  0x00007fd25f89a6db in start_thread (arg=0x7fd21efba700) at pthread_create.c:463
#8  0x00007fd25d94a88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 7 (Thread 2526.2559):
#0  syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x00007fd25e26e594 in QtLinuxFutex::_q_futex (val3=0, addr2=0x0, val2=0, val=<optimized out>, op=0, addr=<optimized out>)
    at thread/qfutex_p.h:92
#2  QtLinuxFutex::futexWait<QBasicAtomicInteger<unsigned int> > (expectedValue=<optimized out>, futex=...) at thread/qfutex_p.h:107
#3  futexSemaphoreTryAcquire_loop<false> (timeout=-1, nn=8589934593, curValue=<optimized out>, u=...) at thread/qsemaphore.cpp:221
#4  futexSemaphoreTryAcquire<false> (timeout=-1, n=n@entry=1, u=...) at thread/qsemaphore.cpp:264
#5  QSemaphore::acquire (this=this@entry=0x55dc5be4ead8, n=n@entry=1) at thread/qsemaphore.cpp:328
#6  0x00007fd2470b499b in QtVirtualKeyboard::HunspellWorker::run (this=0x55dc5be4eac0) at hunspellworker.cpp:293
#7  0x00007fd25e27aadb in QThreadPrivate::start (arg=0x55dc5be4eac0) at thread/qthread_unix.cpp:367
#8  0x00007fd25f89a6db in start_thread (arg=0x7fd21f7bb700) at pthread_create.c:463
#9  0x00007fd25d94a88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 6 (Thread 2526.2558):
#0  0x00007fd25d93dbf9 in __GI___poll (fds=0x7fd220004660, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007fd2548ca439 in ?? () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fd2548ca54c in g_main_context_iteration () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fd25e4a002f in QEventDispatcherGlib::processEvents (this=0x7fd220000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:422
#4  0x00007fd25e44430a in QEventLoop::exec (this=this@entry=0x7fd2294b2d40, flags=..., flags@entry=...) at kernel/qeventloop.cpp:214
#5  0x00007fd25e26fbba in QThread::exec (this=this@entry=0x55dc5bd18280) at thread/qthread.cpp:525
#6  0x00007fd2589c64f5 in QQmlThreadPrivate::run (this=0x55dc5bd18280) at qml/ftw/qqmlthread.cpp:148
#7  0x00007fd25e27aadb in QThreadPrivate::start (arg=0x55dc5bd18280) at thread/qthread_unix.cpp:367
#8  0x00007fd25f89a6db in start_thread (arg=0x7fd2294b3700) at pthread_create.c:463
#9  0x00007fd25d94a88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 5 (Thread 2526.2555):
#0  0x00007fd25d93dbf9 in __GI___poll (fds=0x7fd224003ce0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007fd2548ca439 in ?? () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fd2548ca54c in g_main_context_iteration () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fd25e4a002f in QEventDispatcherGlib::processEvents (this=0x7fd224000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:422
#4  0x00007fd25e44430a in QEventLoop::exec (this=this@entry=0x7fd23318bd40, flags=..., flags@entry=...) at kernel/qeventloop.cpp:214
#5  0x00007fd25e26fbba in QThread::exec (this=this@entry=0x55dc5bc28050) at thread/qthread.cpp:525
#6  0x00007fd2589c64f5 in QQmlThreadPrivate::run (this=0x55dc5bc28050) at qml/ftw/qqmlthread.cpp:148
#7  0x00007fd25e27aadb in QThreadPrivate::start (arg=0x55dc5bc28050) at thread/qthread_unix.cpp:367
#8  0x00007fd25f89a6db in start_thread (arg=0x7fd23318c700) at pthread_create.c:463
#9  0x00007fd25d94a88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 4 (Thread 2526.2529):
#0  0x00007fd25d93dbf9 in __GI___poll (fds=0x7fd23c0046c0, nfds=2, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007fd2548ca439 in ?? () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fd2548ca54c in g_main_context_iteration () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fd25e4a002f in QEventDispatcherGlib::processEvents (this=0x7fd23c000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:422
#4  0x00007fd25e44430a in QEventLoop::exec (this=this@entry=0x7fd2450f5d60, flags=..., flags@entry=...) at kernel/qeventloop.cpp:214
#5  0x00007fd25e26fbba in QThread::exec (this=<optimized out>) at thread/qthread.cpp:525
#6  0x00007fd25e27aadb in QThreadPrivate::start (arg=0x55dc5b355160) at thread/qthread_unix.cpp:367
#7  0x00007fd25f89a6db in start_thread (arg=0x7fd2450f6700) at pthread_create.c:463
#8  0x00007fd25d94a88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 3 (Thread 2526.2528):
#0  0x00007fd25d93dbf9 in __GI___poll (fds=0x7fd238003ce0, nfds=2, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007fd2548ca439 in ?? () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fd2548ca54c in g_main_context_iteration () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fd25e4a002f in QEventDispatcherGlib::processEvents (this=0x7fd238000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:422
#4  0x00007fd25e44430a in QEventLoop::exec (this=this@entry=0x7fd2458f6d60, flags=..., flags@entry=...) at kernel/qeventloop.cpp:214
#5  0x00007fd25e26fbba in QThread::exec (this=<optimized out>) at thread/qthread.cpp:525
#6  0x00007fd25e27aadb in QThreadPrivate::start (arg=0x55dc5b2ff620) at thread/qthread_unix.cpp:367
#7  0x00007fd25f89a6db in start_thread (arg=0x7fd2458f7700) at pthread_create.c:463
#8  0x00007fd25d94a88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 2 (Thread 2526.2527):
#0  0x00007fd25d93dbf9 in __GI___poll (fds=0x55dc5b4323e0, nfds=6, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007fd2548ca439 in ?? () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fd2548ca54c in g_main_context_iteration () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fd25e4a002f in QEventDispatcherGlib::processEvents (this=0x7fd240000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:422
#4  0x00007fd25e44430a in QEventLoop::exec (this=this@entry=0x7fd246750d30, flags=..., flags@entry=...) at kernel/qeventloop.cpp:214
#5  0x00007fd25e26fbba in QThread::exec (
    this=this@entry=0x7fd25f891d60 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at thread/qthread.cpp:525
#6  0x00007fd25f619e45 in QDBusConnectionManager::run (
    this=0x7fd25f891d60 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at qdbusconnection.cpp:178
#7  0x00007fd25e27aadb in QThreadPrivate::start (
    arg=0x7fd25f891d60 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at thread/qthread_unix.cpp:367
#8  0x00007fd25f89a6db in start_thread (arg=0x7fd246751700) at pthread_create.c:463
#9  0x00007fd25d94a88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 1 (Thread 2526.2526):
#0  0x0000000000000000 in ?? ()
#1  0x00007fd2607b2fb3 in KWin::AbstractClient::finishMoveResize (this=this@entry=0x55dc5bc41da0, cancel=<optimized out>)
    at ./geometry.cpp:2750
#2  0x00007fd260708f32 in KWin::AbstractClient::keyPressEvent (this=this@entry=0x55dc5bc41da0, key_code=16777220)
    at ./abstract_client.cpp:1577
#3  0x00007fd260740f67 in KWin::MoveResizeFilter::keyEvent (this=<optimized out>, event=<optimized out>) at ./input.cpp:472
#4  0x00007fd2607459b5 in std::__invoke_impl<bool, bool (KWin::InputEventFilter::*&)(QKeyEvent*), KWin::InputEventFilter* const&, KWin::KeyEvent*&> (__t=<optimized out>, __f=<optimized out>) at /usr/include/c++/7/bits/invoke.h:73
#5  std::__invoke<bool (KWin::InputEventFilter::*&)(QKeyEvent*), KWin::InputEventFilter* const&, KWin::KeyEvent*&> (
    __fn=@0x7ffea407c0a0: &virtual table offset 32) at /usr/include/c++/7/bits/invoke.h:96
#6  std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)>::__call<bool, KWin::InputEventFilter* const&, 0ul, 1ul>(std::tuple<KWin::InputEventFilter* const&>&&, std::_Index_tuple<0ul, 1ul>) (__args=..., this=0x7ffea407c0a0)
    at /usr/include/c++/7/functional:469
#7  std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)>::operator()<KWin::InputEventFilter* const&, bool>(KWin::InputEventFilter* const&) (this=0x7ffea407c0a0) at /usr/include/c++/7/functional:551
#8  __gnu_cxx::__ops::_Iter_pred<std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)> >::operator()<KWin::InputEventFilter* const*>(KWin::InputEventFilter* const*) (__it=0x55dc5bd02e48, this=0x7ffea407c0a0)
    at /usr/include/c++/7/bits/predefined_ops.h:283
#9  std::__find_if<KWin::InputEventFilter* const*, __gnu_cxx::__ops::_Iter_pred<std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)> > >(KWin::InputEventFilter* const*, KWin::InputEventFilter* const*, __gnu_cxx::__ops::_Iter_pred<std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)> >, std::random_access_iterator_tag)
    (__first=0x55dc5bd02e48, __last=0x55dc5bd02e80, __pred=...) at /usr/include/c++/7/bits/stl_algo.h:120
#10 0x00007fd26074562f in std::__find_if<KWin::InputEventFilter* const*, __gnu_cxx::__ops::_Iter_pred<std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)> > >(KWin::InputEventFilter* const*, KWin::InputEventFilter* const*, __gnu_cxx::__ops::_Iter_pred<std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)> >) (
    __pred=..., __last=<optimized out>, __first=<optimized out>) at /usr/include/c++/7/bits/stl_algo.h:162
#11 std::find_if<KWin::InputEventFilter* const*, std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)> >(KWin::InputEventFilter* const*, KWin::InputEventFilter* const*, std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)>) (__pred=..., __last=<optimized out>, __first=<optimized out>)
    at /usr/include/c++/7/bits/stl_algo.h:3933
#12 std::none_of<KWin::InputEventFilter* const*, std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)> >(KWin::InputEventFilter* const*, KWin::InputEventFilter* const*, std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)>) (__pred=..., __last=<optimized out>, __first=<optimized out>)
    at /usr/include/c++/7/bits/stl_algo.h:526
#13 std::any_of<KWin::InputEventFilter* const*, std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)> >(KWin::InputEventFilter* const*, KWin::InputEventFilter* const*, std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)>) (__pred=..., __last=<optimized out>, __first=<optimized out>)
    at /usr/include/c++/7/bits/stl_algo.h:544
#14 KWin::InputRedirection::processFilters<std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)> >(std::_Bind<bool (KWin::InputEventFilter::*(std::_Placeholder<1>, KWin::KeyEvent*))(QKeyEvent*)>) (function=..., 
    this=<optimized out>) at ./input.h:188
#15 KWin::KeyboardInputRedirection::processKey (this=0x55dc5b354b10, key=<optimized out>, state=<optimized out>, time=26756328, 
    device=<optimized out>) at ./keyboard_input.cpp:242
#16 0x00007fd25e47518f in QtPrivate::QSlotObjectBase::call (a=0x7ffea407c280, r=0x55dc5b354b10, this=0x55dc5b424dc0)
    at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:376
#17 QMetaObject::activate (sender=sender@entry=0x55dc5b424240, signalOffset=<optimized out>, 
    local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffea407c280) at kernel/qobject.cpp:3754
#18 0x00007fd25e475747 in QMetaObject::activate (sender=sender@entry=0x55dc5b424240, 
    m=m@entry=0x7fd260b6b820 <KWin::LibInput::Connection::staticMetaObject>, local_signal_index=local_signal_index@entry=0, 
    argv=argv@entry=0x7ffea407c280) at kernel/qobject.cpp:3633
#19 0x00007fd2608a5e99 in KWin::LibInput::Connection::keyChanged (this=this@entry=0x55dc5b424240, _t1=<optimized out>, 
    _t2=<optimized out>, _t2@entry=KWin::InputRedirection::KeyboardKeyPressed, _t3=<optimized out>, _t3@entry=26756328, 
    _t4=<optimized out>, _t4@entry=0x55dc5b43f6d0) at ./obj-x86_64-linux-gnu/kwin_autogen/PCJB6APXE6/moc_connection.cpp:528
#20 0x00007fd2608754ac in KWin::LibInput::Connection::processEvents (this=0x55dc5b424240) at ./libinput/connection.cpp:341
#21 0x00007fd25e475be2 in QObject::event (this=0x55dc5b35b840, e=<optimized out>) at kernel/qobject.cpp:1251
#22 0x00007fd25ea2be1c in QApplicationPrivate::notify_helper (this=this@entry=0x55dc5b2f00b0, receiver=receiver@entry=0x55dc5b35b840, 
    e=e@entry=0x7fd23c0067d0) at kernel/qapplication.cpp:3727
#23 0x00007fd25ea333ef in QApplication::notify (this=0x7ffea407ca20, receiver=0x55dc5b35b840, e=0x7fd23c0067d0)
    at kernel/qapplication.cpp:3486
#24 0x00007fd25e445fe8 in QCoreApplication::notifyInternal2 (receiver=0x55dc5b35b840, event=event@entry=0x7fd23c0067d0)
    at kernel/qcoreapplication.cpp:1048
#25 0x00007fd25e448b2d in QCoreApplication::sendEvent (event=0x7fd23c0067d0, receiver=<optimized out>)
    at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:234
#26 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x55dc5b2dc500) at kernel/qcoreapplication.cpp:1745
#27 0x00007fd25e49d274 in QEventDispatcherUNIX::processEvents (this=0x55dc5b30b020, flags=...) at kernel/qeventdispatcher_unix.cpp:466
#28 0x00007fd24930cfed in QUnixEventDispatcherQPA::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
   from target:/usr/lib/x86_64-linux-gnu/qt5/plugins/platforms/KWinQpaPlugin.so
#29 0x00007fd25e44430a in QEventLoop::exec (this=this@entry=0x7ffea407c7e0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:214
#30 0x00007fd25e44d4d0 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1336
#31 0x000055dc5a07c897 in main (argc=<optimized out>, argv=<optimized out>) at ./main_wayland.cpp:807
Detaching from program: target:/usr/bin/kwin_wayland, process 2526
Ending remote debugging.

Comment 1 Martin Flöser 2018-11-05 08:01:00 UTC

Backtrace and description look good: I'm quite confident that we can create a test case for it.

Comment 2 Alexander Mentyu 2018-11-12 11:54:18 UTC

Possibly related to https://bugs.kde.org/show_bug.cgi?id=397577

Comment 3 Patrick Silva 2019-03-24 20:08:57 UTC

I can't reproduce this crash on neon dev unstable.

Operating System: KDE neon Developer Edition
KDE Plasma Version: 5.15.80
KDE Frameworks Version: 5.57.0
Qt Version: 5.12.0

Comment 4 Vlad Zahorodnii 2019-03-28 12:33:29 UTC

Neither can I. If the crash happens again, please reopen this bug report.