Bug 418683

Summary: kwin_wayland crashes when I hover over task manager after dragging an entry in task manager to another virtual desktop
Product: [Plasma] kwin Reporter: Patrick Silva <bugseforuns>
Component: wayland-genericAssignee: KWin default assignee <kwin-bugs-null>
Status: RESOLVED FIXED    
Severity: crash CC: katyaberezyaka, nate
Priority: NOR    
Version: 5.18.90   
Target Milestone: ---   
Platform: Arch Linux   
OS: Linux   
Latest Commit: Version Fixed In: 5.21
Sentry Crash Report:

Description Patrick Silva 2020-03-10 00:26:42 UTC 
STEPS TO REPRODUCE
1. set virtual desktops in system settings > workspace behavior > virtual desktops (I use 4 VDs, 2 rows)
2. add Pager widget to Plasma panel
3. start Wayland session
4. open Konsole and maximize its window
5. drag Konsole entry in task manager to another virtual desktop (plasma switches to another virtual desktop) and do NOT release the mouse button
6. while mouse button is still pressed, move cursor to outside of Pager widget then hover over
the task manager

OBSERVED RESULT
kwin_wayland crashes and your system goes back to login screen

EXPECTED RESULT
no crash

SOFTWARE/OS VERSIONS
Operating System: KDE neon Unstable Edition
KDE Plasma Version: 5.18.80
KDE Frameworks Version: 5.68.0
Qt Version: 5.14.1

Thread 13 (Thread 1876.2008):
#0  0x00007f71120f69f3 in futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x7f710fcbffb8 <QTWTF::pageheap_memory+57592>)
    at ../sysdeps/unix/sysv/linux/futex-internal.h:88
#1  __pthread_cond_wait_common (abstime=0x0, mutex=0x7f710fcbff68 <QTWTF::pageheap_memory+57512>, cond=0x7f710fcbff90 <QTWTF::pageheap_memory+57552>)
    at pthread_cond_wait.c:502
#2  __pthread_cond_wait (cond=cond@entry=0x7f710fcbff90 <QTWTF::pageheap_memory+57552>, mutex=mutex@entry=0x7f710fcbff68 <QTWTF::pageheap_memory+57512>)
    at pthread_cond_wait.c:655
#3  0x00007f710f9ca944 in QTWTF::TCMalloc_PageHeap::scavengerThread (this=0x7f710fcb1ec0 <QTWTF::pageheap_memory>)
    at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:2359
#4  0x00007f710f9ca989 in QTWTF::TCMalloc_PageHeap::runScavengerThread (context=<optimized out>) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:1464
#5  0x00007f71120f06db in start_thread (arg=0x7f70c916b700) at pthread_create.c:463
#6  0x00007f711010188f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 12 (Thread 1876.2007):
#0  syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x00007f7110a36d44 in QtLinuxFutex::_q_futex (val3=0, addr2=0x0, val2=0, val=<optimized out>, op=0, addr=<optimized out>) at thread/qfutex_p.h:116
#2  QtLinuxFutex::futexWait<QBasicAtomicInteger<unsigned int> > (expectedValue=<optimized out>, futex=...) at thread/qfutex_p.h:135
#3  futexSemaphoreTryAcquire_loop<false> (timeout=-1, nn=8589934593, curValue=<optimized out>, u=...) at thread/qsemaphore.cpp:219
#4  futexSemaphoreTryAcquire<false> (timeout=-1, n=n@entry=1, u=...) at thread/qsemaphore.cpp:262
#5  QSemaphore::acquire (this=this@entry=0x555ada558910, n=n@entry=1) at thread/qsemaphore.cpp:326
#6  0x00007f70fa6bdd7a in QtVirtualKeyboard::HunspellWorker::run (this=0x555ada5588f0) at hunspellworker.cpp:744
#7  0x00007f7110a347ec in QThreadPrivate::start (arg=0x555ada5588f0) at thread/qthread_unix.cpp:342
#8  0x00007f71120f06db in start_thread (arg=0x7f70c996c700) at pthread_create.c:463
#9  0x00007f711010188f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 10 (Thread 1876.2005):
#0  0x00007f71120f69f3 in futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x555adaa7d360) at ../sysdeps/unix/sysv/linux/futex-internal.h:88
#1  __pthread_cond_wait_common (abstime=0x0, mutex=0x555adaa7d310, cond=0x555adaa7d338) at pthread_cond_wait.c:502
#2  __pthread_cond_wait (cond=cond@entry=0x555adaa7d338, mutex=mutex@entry=0x555adaa7d310) at pthread_cond_wait.c:655
#3  0x00007f7110a3ad9b in QWaitConditionPrivate::wait (deadline=..., this=0x555adaa7d310) at thread/qwaitcondition_unix.cpp:146
#4  QWaitCondition::wait (this=<optimized out>, mutex=0x555adaad1f78, deadline=...) at thread/qwaitcondition_unix.cpp:225
#5  0x00007f7110a3af19 in QWaitCondition::wait (this=this@entry=0x555adaad1f80, mutex=mutex@entry=0x555adaad1f78, time=time@entry=18446744073709551615)
    at thread/qwaitcondition_unix.cpp:208
#6  0x00007f70d023d8eb in FileInfoThread::run (this=0x555adaad1f68) at fileinfothread.cpp:231
#7  0x00007f7110a347ec in QThreadPrivate::start (arg=0x555adaad1f68) at thread/qthread_unix.cpp:342
#8  0x00007f71120f06db in start_thread (arg=0x7f70ca96e700) at pthread_create.c:463
#9  0x00007f711010188f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 9 (Thread 1876.2004):
#0  syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x00007f7110a36d44 in QtLinuxFutex::_q_futex (val3=0, addr2=0x0, val2=0, val=<optimized out>, op=0, addr=<optimized out>) at thread/qfutex_p.h:116
#2  QtLinuxFutex::futexWait<QBasicAtomicInteger<unsigned int> > (expectedValue=<optimized out>, futex=...) at thread/qfutex_p.h:135
---Type <return> to continue, or q <return> to quit---
#3  futexSemaphoreTryAcquire_loop<false> (timeout=-1, nn=8589934593, curValue=<optimized out>, u=...) at thread/qsemaphore.cpp:219
#4  futexSemaphoreTryAcquire<false> (timeout=-1, n=n@entry=1, u=...) at thread/qsemaphore.cpp:262
#5  QSemaphore::acquire (this=this@entry=0x555ada4bfac0, n=n@entry=1) at thread/qsemaphore.cpp:326
#6  0x00007f70fa6bdd7a in QtVirtualKeyboard::HunspellWorker::run (this=0x555ada4bfaa0) at hunspellworker.cpp:744
#7  0x00007f7110a347ec in QThreadPrivate::start (arg=0x555ada4bfaa0) at thread/qthread_unix.cpp:342
#8  0x00007f71120f06db in start_thread (arg=0x7f70cb16f700) at pthread_create.c:463
#9  0x00007f711010188f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 8 (Thread 1876.2003):
#0  0x00007f71100f4bf9 in __GI___poll (fds=0x7f70cc0029e0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007f71074db5c9 in ?? () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f71074db6dc in g_main_context_iteration () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f7110c830bc in QEventDispatcherGlib::processEvents (this=0x7f70cc000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#4  0x00007f7110c2263a in QEventLoop::exec (this=this@entry=0x7f70d34f2d80, flags=..., flags@entry=...) at kernel/qeventloop.cpp:225
#5  0x00007f7110a33317 in QThread::exec (this=this@entry=0x555adaae0400) at thread/qthread.cpp:536
#6  0x00007f710be29605 in QQmlThreadPrivate::run (this=0x555adaae0400) at qml/ftw/qqmlthread.cpp:155
#7  0x00007f7110a347ec in QThreadPrivate::start (arg=0x555adaae0400) at thread/qthread_unix.cpp:342
#8  0x00007f71120f06db in start_thread (arg=0x7f70d34f3700) at pthread_create.c:463
#9  0x00007f711010188f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 7 (Thread 1876.1913):
#0  0x00007f71100f4bf9 in __GI___poll (fds=0x7f70dc002de0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007f71074db5c9 in ?? () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f71074db6dc in g_main_context_iteration () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0

#3  0x00007f7110c830bc in QEventDispatcherGlib::processEvents (this=0x7f70dc000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#4  0x00007f7110c2263a in QEventLoop::exec (this=this@entry=0x7f70e54aed80, flags=..., flags@entry=...) at kernel/qeventloop.cpp:225
#5  0x00007f7110a33317 in QThread::exec (this=this@entry=0x555ad9fad7c0) at thread/qthread.cpp:536
#6  0x00007f710be29605 in QQmlThreadPrivate::run (this=0x555ad9fad7c0) at qml/ftw/qqmlthread.cpp:155
#7  0x00007f7110a347ec in QThreadPrivate::start (arg=0x555ad9fad7c0) at thread/qthread_unix.cpp:342
#8  0x00007f71120f06db in start_thread (arg=0x7f70e54af700) at pthread_create.c:463
#9  0x00007f711010188f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 5 (Thread 1876.1880):
#0  0x00007f71120f69f3 in futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x555ada017b2c) at ../sysdeps/unix/sysv/linux/futex-internal.h:88
#1  __pthread_cond_wait_common (abstime=0x0, mutex=0x555ada017ad8, cond=0x555ada017b00) at pthread_cond_wait.c:502
#2  __pthread_cond_wait (cond=0x555ada017b00, mutex=0x555ada017ad8) at pthread_cond_wait.c:655
#3  0x00007f70f137eecb in ?? () from target:/usr/lib/x86_64-linux-gnu/dri/i965_dri.so
#4  0x00007f70f137eac7 in ?? () from target:/usr/lib/x86_64-linux-gnu/dri/i965_dri.so
#5  0x00007f71120f06db in start_thread (arg=0x7f70e7cac700) at pthread_create.c:463
#6  0x00007f711010188f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 4 (Thread 1876.1879):
#0  0x00007f71100f4bf9 in __GI___poll (fds=0x7f70e80029e0, nfds=2, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
---Type <return> to continue, or q <return> to quit---
#1  0x00007f71074db5c9 in ?? () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f71074db6dc in g_main_context_iteration () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f7110c830bc in QEventDispatcherGlib::processEvents (this=0x7f70e8000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#4  0x00007f7110c2263a in QEventLoop::exec (this=this@entry=0x7f70f3ffeda0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:225
#5  0x00007f7110a33317 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:536
#6  0x00007f7110a347ec in QThreadPrivate::start (arg=0x555ad9f69600) at thread/qthread_unix.cpp:342
#7  0x00007f71120f06db in start_thread (arg=0x7f70f3fff700) at pthread_create.c:463
#8  0x00007f711010188f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 3 (Thread 1876.1878):
#0  0x00007f71100f4bf9 in __GI___poll (fds=0x7f70ec002de0, nfds=2, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007f71074db5c9 in ?? () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f71074db6dc in g_main_context_iteration () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f7110c830bc in QEventDispatcherGlib::processEvents (this=0x7f70ec000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#4  0x00007f7110c2263a in QEventLoop::exec (this=this@entry=0x7f70f8b29da0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:225
#5  0x00007f7110a33317 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:536
#6  0x00007f7110a347ec in QThreadPrivate::start (arg=0x555ad9f685c0) at thread/qthread_unix.cpp:342
#7  0x00007f71120f06db in start_thread (arg=0x7f70f8b2a700) at pthread_create.c:463
#8  0x00007f711010188f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 2 (Thread 1876.1877):
#0  0x00007f71100f4bf9 in __GI___poll (fds=0x7f70f4017100, nfds=5, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007f71074db5c9 in ?? () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f71074db6dc in g_main_context_iteration () from target:/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f7110c830bc in QEventDispatcherGlib::processEvents (this=0x7f70f4000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#4  0x00007f7110c2263a in QEventLoop::exec (this=this@entry=0x7f70f998fd70, flags=..., flags@entry=...) at kernel/qeventloop.cpp:225
#5  0x00007f7110a33317 in QThread::exec (this=this@entry=0x7f71120e7da0 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at thread/qthread.cpp:536
#6  0x00007f7111e6f555 in QDBusConnectionManager::run (this=0x7f71120e7da0 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at qdbusconnection.cpp:179
#7  0x00007f7110a347ec in QThreadPrivate::start (arg=0x7f71120e7da0 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>) at thread/qthread_unix.cpp:342
#8  0x00007f71120f06db in start_thread (arg=0x7f70f9990700) at pthread_create.c:463
#9  0x00007f711010188f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 1 (Thread 1876.1876):
#0  0x00007f71123a9c39 in KWayland::Server::SurfaceInterface::buffer() () from target:/usr/lib/x86_64-linux-gnu/libKF5WaylandServer.so.5

#1  0x00007f7113734c01 in KWin::CursorImage::updateDragCursor (this=0x555ada4114c0) at ./pointer_input.cpp:1222
#2  0x00007f7110c5efe7 in QtPrivate::QSlotObjectBase::call (a=0x7fff39a57a80, r=0x555ada4114c0, this=<optimized out>)
    at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:394
#3  doActivate<false> (sender=0x555ada70c380, signal_index=5, argv=0x7fff39a57a80) at kernel/qobject.cpp:3870
#4  0x00007f7110c5efe7 in QtPrivate::QSlotObjectBase::call (a=0x7fff39a57b60, r=0x555ada70c380, this=<optimized out>)
    at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:394
#5  doActivate<false> (sender=0x555ada839670, signal_index=6, argv=0x7fff39a57b60) at kernel/qobject.cpp:3870
#6  0x00007f71123920de in KWayland::Server::Cursor::Private::update(QPointer<KWayland::Server::SurfaceInterface> const&, unsigned int, QPoint const&) ()
   from target:/usr/lib/x86_64-linux-gnu/libKF5WaylandServer.so.5
---Type <return> to continue, or q <return> to quit---
#7  0x00007f7112392206 in KWayland::Server::PointerInterface::Private::setCursor(unsigned int, KWayland::Server::SurfaceInterface*, QPoint const&) ()
   from target:/usr/lib/x86_64-linux-gnu/libKF5WaylandServer.so.5
#8  0x00007f71123923da in KWayland::Server::PointerInterface::Private::setCursorCallback(wl_client*, wl_resource*, unsigned int, wl_resource*, int, int) ()
   from target:/usr/lib/x86_64-linux-gnu/libKF5WaylandServer.so.5
#9  0x00007f7102ed0dae in ffi_call_unix64 () from target:/usr/lib/x86_64-linux-gnu/libffi.so.6
#10 0x00007f7102ed071f in ffi_call () from target:/usr/lib/x86_64-linux-gnu/libffi.so.6
#11 0x00007f71091347e4 in wl_closure_invoke (closure=closure@entry=0x555adae20e50, flags=flags@entry=2, target=<optimized out>, target@entry=0x555ada8324d0, 
    opcode=opcode@entry=0, data=<optimized out>, data@entry=0x555ada709270) at ../src/connection.c:1006
#12 0x00007f710913126f in wl_client_connection_data (fd=<optimized out>, mask=<optimized out>, data=0x555ada709270) at ../src/wayland-server.c:420
#13 0x00007f7109132832 in wl_event_loop_dispatch (loop=0x555ad9f3f7d0, timeout=<optimized out>) at ../src/event-loop.c:641
#14 0x00007f71123749de in KWayland::Server::Display::Private::dispatch() () from target:/usr/lib/x86_64-linux-gnu/libKF5WaylandServer.so.5
#15 0x00007f7110c5efe7 in QtPrivate::QSlotObjectBase::call (a=0x7fff39a583b0, r=0x555ad9f57490, this=<optimized out>)
    at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:394
#16 doActivate<false> (sender=0x555ad9f64320, signal_index=3, argv=0x7fff39a583b0) at kernel/qobject.cpp:3870
#17 0x00007f7110c598a2 in QMetaObject::activate (sender=sender@entry=0x555ad9f64320, m=m@entry=0x7f71110f1bc0 <QSocketNotifier::staticMetaObject>, 
    local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fff39a583b0) at kernel/qobject.cpp:3930
#18 0x00007f7110c625c8 in QSocketNotifier::activated (this=this@entry=0x555ad9f64320, _t1=<optimized out>, _t2=...) at .moc/moc_qsocketnotifier.cpp:141
#19 0x00007f7110c62982 in QSocketNotifier::event (this=0x555ad9f64320, e=0x7fff39a58680) at kernel/qsocketnotifier.cpp:266
#20 0x00007f71112578bc in QApplicationPrivate::notify_helper (this=this@entry=0x555ad9f07bd0, receiver=receiver@entry=0x555ad9f64320, e=e@entry=0x7fff39a58680)
    at kernel/qapplication.cpp:3684
#21 0x00007f711125eac0 in QApplication::notify (this=0x7fff39a58a90, receiver=0x555ad9f64320, e=0x7fff39a58680) at kernel/qapplication.cpp:3430
#22 0x00007f7110c23db8 in QCoreApplication::notifyInternal2 (receiver=0x555ad9f64320, event=0x7fff39a58680) at kernel/qcoreapplication.cpp:1092
#23 0x00007f7110c80283 in QEventDispatcherUNIXPrivate::activateSocketNotifiers (this=this@entry=0x555ad9f16e70) at kernel/qeventdispatcher_unix.cpp:304
#24 0x00007f7110c8068f in QEventDispatcherUNIX::processEvents (this=<optimized out>, flags=...) at kernel/qeventdispatcher_unix.cpp:509
#25 0x00007f70fcbc2bad in QUnixEventDispatcherQPA::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
   from target:/usr/lib/x86_64-linux-gnu/qt5/plugins/platforms/KWinQpaPlugin.so
#26 0x00007f7110c2263a in QEventLoop::exec (this=this@entry=0x7fff39a58830, flags=..., flags@entry=...) at kernel/qeventloop.cpp:225
#27 0x00007f7110c2bdb0 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1400
#28 0x0000555ad7ef70ff in main (argc=<optimized out>, argv=<optimized out>) at ./main_wayland.cpp:676
Comment 1 Patrick Silva 2020-05-17 15:14:22 UTC 
Crash reproducible on Plasma 5.19 beta.

Operating System: Arch Linux 
KDE Plasma Version: 5.18.90
KDE Frameworks Version: 5.70.0
Qt Version: 5.15.0 rc2
Comment 2 Patrick Silva 2021-01-24 16:35:00 UTC 
I no longer can reproduce this crash. :)

Operating System: Arch Linux
KDE Plasma Version: 5.20.90
KDE Frameworks Version: 5.78.0
Qt Version: 5.15.2
Comment 3 Nate Graham 2021-02-09 19:18:39 UTC 
Hooray!