| Summary: | kwin_x11 crashes as long as the window of a specific xcb/vulkan app exists. | ||
|---|---|---|---|
| Product: | [Plasma] kwin | Reporter: | kde |
| Component: | general | Assignee: | KWin default assignee <kwin-bugs-null> |
| Status: | RESOLVED FIXED | ||
| Severity: | crash | CC: | nate |
| Priority: | NOR | Keywords: | regression |
| Version: | 5.26.0 | ||
| Target Milestone: | --- | ||
| Platform: | Arch Linux | ||
| OS: | Linux | ||
| Latest Commit: | https://invent.kde.org/plasma/kwin/commit/eb6e7dedad89269207b2468e9ed93a4fd991bd54 | Version Fixed In: | 5.26.1 |
| Sentry Crash Report: | |||
> The code that creates the window is pretty basic.
Do you have a demo that you could attach to this bug report? It would make fixing this crash a lot easier.
> frameGeometry = {xp = 448, yp = 183, w = 1024, h = -4294966499}
The height is weird
I suspect that we have a bug in Workspace::outputAt() wrt handling such extreme cases https://invent.kde.org/plasma/kwin/-/blob/ed9a52778ce07ef553cf49edd1596c245e70b080/src/workspace.cpp#L1392 #4 0x00007f0e9a0cdd5c in KWin::Window::frameGeometryChanged(KWin::Window*, QRectF const&) (this=<optimized out>, _t1=<optimized out>, _t2=<optimized out>) at /usr/src/debug/kwin/build/src/kwin_autogen/include/moc_window.cpp:1671
_a = {0x0, 0x7ffc31754ce8, 0x7ffc31754d70}
#5 0x00007f0e9a10b557 in KWin::X11Window::moveResizeInternal(QRectF const&, KWin::Window::MoveResizeMode) (this=0x560a2411a130, rect=<optimized out>, mode=<optimized out>) at /usr/src/debug/kwin/kwin-5.26.0/src/x11window.cpp:4213
frameGeometry = {xp = 448, yp = 183, w = 1024, h = -4294966499}
oldBufferGeometry = {xp = 448, yp = 183, w = 1024, h = 797}
oldFrameGeometry = {xp = 448, yp = 183, w = 1024, h = 797}
oldClientGeometry = {xp = 448, yp = 212, w = 1024, h = 768}
oldOutput = 0x560a23d08b10
#6 0x00007f0e9a10a5dc in KWin::X11Window::getWmNormalHints() (this=0x560a2411a130) at /usr/src/debug/kwin/kwin-5.26.0/src/x11window.cpp:3705
origClientGeometry = {xp = 448, yp = 212, w = 1024, h = 768}
new_size = {wd = 1024, ht = -4294966499}
hadFixedAspect = <optimized out>
I wonder size hints are. Can you get the xprop output for the window?
---
xcb_size_hints_t hints;
xcb_icccm_size_hints_set_min_size(&hints, width, height);
xcb_icccm_size_hints_set_max_size(&hints, width, width);
I think that this code misses a line to zero initialize `hints`. However, garbage size hints should not crash kwin.
A possibly relevant merge request was started @ https://invent.kde.org/plasma/kwin/-/merge_requests/3061 (In reply to Vlad Zahorodnii from comment #4) > #4 0x00007f0e9a0cdd5c in KWin::Window::frameGeometryChanged(KWin::Window*, > QRectF const&) (this=<optimized out>, _t1=<optimized out>, _t2=<optimized > out>) at > /usr/src/debug/kwin/build/src/kwin_autogen/include/moc_window.cpp:1671 > _a = {0x0, 0x7ffc31754ce8, 0x7ffc31754d70} > #5 0x00007f0e9a10b557 in KWin::X11Window::moveResizeInternal(QRectF const&, > KWin::Window::MoveResizeMode) (this=0x560a2411a130, rect=<optimized out>, > mode=<optimized out>) at > /usr/src/debug/kwin/kwin-5.26.0/src/x11window.cpp:4213 > frameGeometry = {xp = 448, yp = 183, w = 1024, h = -4294966499} > oldBufferGeometry = {xp = 448, yp = 183, w = 1024, h = 797} > oldFrameGeometry = {xp = 448, yp = 183, w = 1024, h = 797} > oldClientGeometry = {xp = 448, yp = 212, w = 1024, h = 768} > oldOutput = 0x560a23d08b10 > #6 0x00007f0e9a10a5dc in KWin::X11Window::getWmNormalHints() > (this=0x560a2411a130) at > /usr/src/debug/kwin/kwin-5.26.0/src/x11window.cpp:3705 > origClientGeometry = {xp = 448, yp = 212, w = 1024, h = 768} > new_size = {wd = 1024, ht = -4294966499} > hadFixedAspect = <optimized out> > > I wonder size hints are. Can you get the xprop output for the window? > > --- > > xcb_size_hints_t hints; > xcb_icccm_size_hints_set_min_size(&hints, width, height); > xcb_icccm_size_hints_set_max_size(&hints, width, width); > > I think that this code misses a line to zero initialize `hints`. However, > garbage size hints should not crash kwin. Indeed, I didn't notice I was missing the ={} after the hints. (In reply to Vlad Zahorodnii from comment #1) > > The code that creates the window is pretty basic. > > Do you have a demo that you could attach to this bug report? It would make > fixing this crash a lot easier. Alas an upgrade earlier fixed the issue. I'll see if I can roll-back the upgrades and make a "minimal" example when I have a bit more time. kwin_x11 wasn't upgraded though : only the kernel and a bunch kde-related packages (nothing xcb-related) (In reply to Vlad Zahorodnii from comment #2) > > frameGeometry = {xp = 448, yp = 183, w = 1024, h = -4294966499} > > The height is weird (editer after your previous reply) The random hints content has to be the initial trigger. It's interesting to see the -4294966499 is actually -797, as in 0x100000000 - 0xfffffce3 = 797 frameGeometry = {xp = 448, yp = 183, w = 1024, h = -4294966499} oldBufferGeometry = {xp = 448, yp = 183, w = 1024, h = 797} oldFrameGeometry = {xp = 448, yp = 183, w = 1024, h = 797} oldClientGeometry = {xp = 448, yp = 212, w = 1024, h = 768} I presume the reason the issue happens during/around the expose is because it's at that moment that the header is added. IMHO, wherever the original fault is, getting a negative dimension should probably be checked, sanitised, and trigger some warning. The first crash seems to happen because moveResizeOutput returns a NULL that is used directly with a call to the uuid() method of an Output object. The subsequent crashes seem to happen calling the geometry() method on a NULL Output object: #7 0x00007fb6ad3ad132 in KWin::Output::geometry() const (this=0x0) at /usr/src/debug/kwin/kwin-5.26.0/src/core/output.cpp:169 #9 0x00007fb6ad4ed29e in KWin::Workspace::clientArea(KWin::clientAreaOption, KWin::Window const*, KWin::Output const*) const (this=this@entry=0x55feded8d290, opt=opt@entry=KWin::FullScreenArea, window=window@entry=0x55fedee1f830, output=0x0) at /usr/src/debug/kwin/kwin-5.26.0/src/workspace.cpp:2523 Because in WorkSpace::clientArea(clientAreaOption opt, const Window *window), the call to window->output() returns a NULL. Git commit 28899df48587d3ea528228043c9eba53724889a4 by Vlad Zahorodnii. Committed on 17/10/2022 at 09:34. Pushed by vladz into branch 'master'. Make Workspace::outputAt() more robust to extreme values Since QPointF can have values that exceed INT_MAX, "distance < minDistance" may not be triggered for the first output. In order to make Workspace::outputAt() more robust to such extreme cases, this patch changes the type of minDistance from int to qreal to avoid truncation and adds an explicit check to initialize bestOutput when we see the first workspace output. It would be also great to add size hints sanitization code in kwin, but it can be done later. --- Should close: * https://errors-eval.kde.org/organizations/kde/issues/321 * https://errors-eval.kde.org/organizations/kde/issues/341 M +3 -2 src/workspace.cpp https://invent.kde.org/plasma/kwin/commit/28899df48587d3ea528228043c9eba53724889a4 Git commit eb6e7dedad89269207b2468e9ed93a4fd991bd54 by Vlad Zahorodnii. Committed on 17/10/2022 at 09:35. Pushed by vladz into branch 'Plasma/5.26'. Make Workspace::outputAt() more robust to extreme values Since QPointF can have values that exceed INT_MAX, "distance < minDistance" may not be triggered for the first output. In order to make Workspace::outputAt() more robust to such extreme cases, this patch changes the type of minDistance from int to qreal to avoid truncation and adds an explicit check to initialize bestOutput when we see the first workspace output. It would be also great to add size hints sanitization code in kwin, but it can be done later. --- Should close: * https://errors-eval.kde.org/organizations/kde/issues/321 * https://errors-eval.kde.org/organizations/kde/issues/341 (cherry picked from commit 28899df48587d3ea528228043c9eba53724889a4) M +3 -2 src/workspace.cpp https://invent.kde.org/plasma/kwin/commit/eb6e7dedad89269207b2468e9ed93a4fd991bd54 |
SUMMARY kwin_x11 5.26.0 crashes with an xcb application. It seems the issue is recent. It happens around when the window is exposed. As long as that window exist, kwin_x11 keeps crashing in a loop. The window is created by a test program of mine. There are two stacktraces. One for the initial crash, one for every following crash until I kill the "bad" window. Here is that one's backtrace: (gdb) bt full #0 KWin::Output::uuid() const (this=0x0) at /usr/src/debug/kwin/kwin-5.26.0/src/core/output.cpp:93 #1 0x00007f0e9a0458b3 in KWin::PlacementTracker::saveGeometry(KWin::Window*) (this=<optimized out>, window=<optimized out>) at /usr/src/debug/kwin/kwin-5.26.0/src/placementtracker.cpp:145 data = @0x560a241bfae8: {outputUuid = {data1 = 3846842269, data2 = 2183, data3 = 21810, data4 = "\254\020\346_\354+x\210"}, geometry = {xp = 448, yp = 183, w = 1024, h = -4294966499}, maximize = KWin::MaximizeRestore, quickTile = {i = 0}, geometryRestore = {xp = 448, yp = 183, w = 1024, h = 797}, fullscreen = false, fullscreenGeometryRestore = {xp = 0, yp = 0, w = 0, h = 0}, interactiveMoveResizeCount = 0} #2 0x00007f0e986bdf21 in QtPrivate::QSlotObjectBase::call(QObject*, void**) (a=0x7ffc31754cf0, r=<optimized out>, this=0x560a2418d4c0, this=<optimized out>, r=<optimized out>, a=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398 receiver = <optimized out> td = <optimized out> receiverInSameThread = <optimized out> senderData = {previous = 0x0, receiver = 0x7f0e8c011f60, sender = 0x560a2411a130, signal = 22} c = 0x560a2418d4f0 connections = {d = 0x560a23fe3720} list = <optimized out> inSenderThread = true highestConnectionId = 50 signalVector = 0x560a241e7700 currentThreadId = 0x7f0e93404a80 sp = <optimized out> signal_spy_set = 0x0 empty_argv = {0x0} senderDeleted = false #3 doActivate<false>(QObject*, int, void**) (sender=0x560a2411a130, signal_index=22, argv=0x7ffc31754cf0) at kernel/qobject.cpp:3919 receiver = <optimized out> td = <optimized out> receiverInSameThread = <optimized out> senderData = {previous = 0x0, receiver = 0x7f0e8c011f60, sender = 0x560a2411a130, signal = 22} c = 0x560a2418d4f0 connections = {d = 0x560a23fe3720} list = <optimized out> inSenderThread = true highestConnectionId = 50 signalVector = 0x560a241e7700 currentThreadId = 0x7f0e93404a80 sp = <optimized out> signal_spy_set = 0x0 empty_argv = {0x0} senderDeleted = false #4 0x00007f0e9a0cdd5c in KWin::Window::frameGeometryChanged(KWin::Window*, QRectF const&) (this=<optimized out>, _t1=<optimized out>, _t2=<optimized out>) at /usr/src/debug/kwin/build/src/kwin_autogen/include/moc_window.cpp:1671 _a = {0x0, 0x7ffc31754ce8, 0x7ffc31754d70} #5 0x00007f0e9a10b557 in KWin::X11Window::moveResizeInternal(QRectF const&, KWin::Window::MoveResizeMode) (this=0x560a2411a130, rect=<optimized out>, mode=<optimized out>) at /usr/src/debug/kwin/kwin-5.26.0/src/x11window.cpp:4213 frameGeometry = {xp = 448, yp = 183, w = 1024, h = -4294966499} oldBufferGeometry = {xp = 448, yp = 183, w = 1024, h = 797} oldFrameGeometry = {xp = 448, yp = 183, w = 1024, h = 797} oldClientGeometry = {xp = 448, yp = 212, w = 1024, h = 768} oldOutput = 0x560a23d08b10 #6 0x00007f0e9a10a5dc in KWin::X11Window::getWmNormalHints() (this=0x560a2411a130) at /usr/src/debug/kwin/kwin-5.26.0/src/x11window.cpp:3705 origClientGeometry = {xp = 448, yp = 212, w = 1024, h = 768} new_size = {wd = 1024, ht = -4294966499} hadFixedAspect = <optimized out> #7 0x00007f0e99fffe38 in KWin::X11Window::windowEvent(xcb_generic_event_t*) (this=0x560a2411a130, e=e@entry=0x7f0e8400f5c0) at /usr/src/debug/kwin/kwin-5.26.0/src/events.cpp:415 eventType = <optimized out> #8 0x00007f0e9a00242a in KWin::Workspace::workspaceEvent(xcb_generic_event_t*) (this=0x560a24087040, e=0x7f0e8400f5c0) at /usr/src/debug/kwin/kwin-5.26.0/src/events.cpp:159 window = <optimized out> eventType = 28 '\034' eventWindow = 75497472 #9 0x00007f0e9868403f in QAbstractEventDispatcher::filterNativeEvent(QByteArray const&, void*, long*) (this=<optimized out>, eventType=..., message=message@entry=0x7f0e8400f5c0, result=result@entry=0x7ffc317550c0) at kernel/qabstracteventdispatcher.cpp:495 filter = <optimized out> i = 2 scopeLevelCounter = {threadData = 0x560a23d0bd70} d = 0x560a23d34ec0 #10 0x00007f0e92707030 in QXcbConnection::handleXcbEvent(xcb_generic_event_t*) (this=0x560a23d3bf70, event=0x7f0e8400f5c0) at /usr/src/debug/qt5-base/qtbase/src/plugins/platforms/xcb/qxcbconnection.cpp:579 dispatcher = <optimized out> result = 0 response_type = <optimized out> handled = <optimized out> #11 0x00007f0e9270b3a0 in QXcbConnection::processXcbEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x560a23d3bf70, flags=...) at /usr/src/debug/qt5-base/qtbase/src/plugins/platforms/xcb/qxcbconnection.cpp:1065 event = 0x7f0e8400f5c0 eventGuard = {d = 0x7f0e8400f5c0} connection_error = <optimized out> #12 0x00007f0e9272f6f2 in QXcbUnixEventDispatcher::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x560a23e5abd0, flags=...) at /usr/src/debug/qt5-base/qtbase/src/plugins/platforms/xcb/qxcbeventdispatcher.cpp:61 didSendEvents = true #13 0x00007f0e98685edc in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x7ffc317552a0, flags=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69 d = 0x7f0e8c002b00 threadData = <optimized out> locker = {val = 94601550545720} app = <optimized out> #14 0x00007f0e986909f9 in QCoreApplication::exec() () at ../../include/QtCore/../../src/corelib/global/qflags.h:121 threadData = 0x560a23d0bd70 eventLoop = {<QObject> = {_vptr.QObject = 0x7f0e98911750 <vtable for QEventLoop+16>, static staticMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7f0e98774920 <_ZL26qt_meta_stringdata_QObject.lto_priv.0>, data = 0x7f0e98774800 <_ZL20qt_meta_data_QObject.lto_priv.0>, static_metacall = 0x7f0e986be350 <QObject::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, d_ptr = {d = 0x7f0e8c002b00}, static staticQtMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7f0e9879b4a0 <_ZL21qt_meta_stringdata_Qt.lto_priv.0>, data = 0x7f0e98798620 <_ZL15qt_meta_data_Qt.lto_priv.0>, static_metacall = 0x0, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7f0e9890a580 <QObject::staticMetaObject>}, stringdata = 0x7f0e987702e0 <_ZL29qt_meta_stringdata_QEventLoop.lto_priv.0>, data = 0x7f0e98770280 <_ZL23qt_meta_data_QEventLoop.lto_priv.0>, static_metacall = 0x7f0e98684720 <QEventLoop::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}} returnCode = <optimized out> #15 0x00007f0e98b3a0e2 in QGuiApplication::exec() () at kernel/qguiapplication.cpp:1870 #16 0x00007f0e97d76f2a in QApplication::exec() () at kernel/qapplication.cpp:2829 #17 0x0000560a237eee4d in main(int, char**) (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/kwin/kwin-5.26.0/src/main_x11.cpp:409 format = {d = 0x560a23d30f80} a = {<KWin::Application> = {<QApplication> = {<QGuiApplication> = {<QCoreApplication> = {<QObject> = {_vptr.QObject = 0x560a238cd3d8 <vtable for KWin::ApplicationX11+16>, static staticMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7f0e98774920 <_ZL26qt_meta_stringdata_QObject.lto_priv.0>, data = 0x7f0e98774800 <_ZL20qt_meta_data_QObject.lto_priv.0>, static_metacall = 0x7f0e986be350 <QObject::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, d_ptr = {d = 0x560a23d30fd0}, static staticQtMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7f0e9879b4a0 <_ZL21qt_meta_stringdata_Qt.lto_priv.0>, data = 0x7f0e98798620 <_ZL15qt_meta_data_Qt.lto_priv.0>, static_metacall = 0x0, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7f0e9890a580 <QObject::staticMetaObject>}, stringdata = 0x7f0e98770060 <_ZL35qt_meta_stringdata_QCoreApplication.lto_priv.0>, data = 0x7f0e9876ff40 <_ZL29qt_meta_data_QCoreApplication.lto_priv.0>, static_metacall = 0x7f0e98690000 <QCoreApplication::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, static self = 0x7ffc317553b0}, static staticMetaObject = {d = {superdata = {direct = 0x7f0e9890f3a0 <QCoreApplication::staticMetaObject>}, stringdata = 0x7f0e98f5a720 <_ZL34qt_meta_stringdata_QGuiApplication.lto_priv.0>, data = 0x7f0e98f5a4a0 <_ZL28qt_meta_data_QGuiApplication.lto_priv.0>, static_metacall = 0x7f0e98b4b780 <QGuiApplication::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7f0e99046e80 <QGuiApplication::staticMetaObject>}, stringdata = 0x7f0e981468e0 <_ZL31qt_meta_stringdata_QApplication.lto_priv.0>, data = 0x7f0e98146760 <_ZL25qt_meta_data_QApplication.lto_priv.0>, static_metacall = 0x7f0e97d7a3f0 <QApplication::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7f0e982835e0 <QApplication::staticMetaObject>}, stringdata = 0x7f0e9a2637a0 <_ZL36qt_meta_stringdata_KWin__Application.lto_priv.0>, data = 0x7f0e9a25df60 <_ZL30qt_meta_data_KWin__Application.lto_priv.0>, static_metacall = 0x7f0e99f71c00 <KWin::Application::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, m_eventFilters = {<QListSpecialMethods<QPointer<KWin::X11EventFilterContainer> >> = {<No data fields>}, {p = {static shared_null = {ref = {atomic = {_q_value = std::atomic<int> = { -1 }}}, alloc = 0, begin = 0, end = 0, array = {0x0}}, d = 0x560a24146100}, d = 0x560a24146100}}, m_genericEventFilters = {<QListSpecialMethods<QPointer<KWin::X11EventFilterContainer> >> = {<No data fields>}, {p = {static shared_null = {ref = {atomic = {_q_value = std::atomic<int> = { -1 }}}, alloc = 0, begin = 0, end = 0, array = {0x0}}, d = 0x560a24198eb0}, d = 0x560a24198eb0}}, m_eventFilter = std::unique_ptr<KWin::XcbEventFilter> = {get() = 0x560a23fe6d10}, m_configLock = false, m_config = {d = 0x560a23f3dee0}, m_kxkbConfig = {d = 0x7f0e84004dc0}, m_operationMode = KWin::Application::OperationModeX11, m_x11Time = 7021374, m_rootWindow = 476, m_connection = 0x560a23d3d780, m_useKActivities = true, m_session = std::unique_ptr<KWin::Session> = {get() = 0x560a23fdf8d0}, m_platform = std::unique_ptr<KWin::Platform> = {get() = 0x560a23fbda20}, m_terminating = false, m_xwaylandScale = 1, m_processEnvironment = {d = {d = 0x0}}, m_pluginManager = std::unique_ptr<KWin::PluginManager> = {get() = 0x560a241df110}, m_inputMethod = std::unique_ptr<KWin::InputMethod> = {get() = 0x0}, m_colorManager = std::unique_ptr<KWin::ColorManager> = {get() = 0x560a24146510}, m_tabletModeManager = std::unique_ptr<KWin::TabletModeManager> = {get() = 0x7f0e84004ac0}, m_screenLockerWatcher = std::unique_ptr<KWin::ScreenLockerWatcher> = {get() = 0x560a23fec5e0}}, static staticMetaObject = {d = {superdata = {direct = 0x7f0e9a382780 <KWin::Application::staticMetaObject>}, stringdata = 0x560a23891800 <qt_meta_stringdata_KWin__ApplicationX11>, data = 0x560a23890d00 <qt_meta_data_KWin__ApplicationX11>, static_metacall = 0x560a237f0e80 <KWin::ApplicationX11::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, owner = std::unique_ptr<KWin::KWinSelectionOwner> = {get() = 0x7f0e840040a0}, m_replace = true} replaceOption = {d = {d = 0x560a23d30b60}} parser = {d = 0x560a23fc2dc0} noActivitiesOption = {d = {d = 0x560a23fe82a0}} Dump of assembler code for function _ZNK4KWin6Output4uuidEv: 0x00007f0e99faa2f0 <+0>: endbr64 => 0x00007f0e99faa2f4 <+4>: mov 0xa8(%rdi),%rax 0x00007f0e99faa2fb <+11>: mov 0xb0(%rdi),%rdx 0x00007f0e99faa302 <+18>: ret (gdb) print $rdi $1 = 0 An obvious NULL reference. Here is the sequence of events that seem to trigger the issue. The value 75497472 is the xcb_window_t id value. XcbWindowManager::eventLoop() begin XCB_REPARENT_NOTIFY: 75497472 XCB_MAP_NOTIFY: 75497472 XCB_EXPOSE:1x1 0,0 sequence: 9 window: 75497472 XCB_EXPOSE: show: 0000555555761E20 1 x 1 window: 75497472 exposed(): 1 XCB_FOCUS_IN: 75497472 XCB_EXPOSE:1x1 0,0 sequence: 9 window: 75497472 XCB_EXPOSE: show: 0000555555761E20 1 x 1 window: 75497472 exposed(): 1 XCB_CONFIGURE_NOTIFY: 75497472 XCB_RESIZE_REQUEST: 0000555555761E20 1024 x 768 XCB_EXPOSE:1024x768 0,0 sequence: 9 window: 75497472 XCB_EXPOSE: show: 0000555555761E20 1024 x 768 window: 75497472 exposed(): 1 XCB_FOCUS_OUT: 75497472 XCB_CONFIGURE_NOTIFY: 75497472 XCB_RESIZE_REQUEST: 0000555555761E20 1024 x 768 STEPS TO REPRODUCE Hard to say, beside this serie of events. But I've pasted the code that seems to be the cause below. OBSERVED RESULT Crash loop. Rarely : no crash until a second or two has elapsed (and during that time the program is drawn as intended) EXPECTED RESULT Not crashing. SOFTWARE/OS VERSIONS I'm on Artix, update of today. (I've not touchrf the code crashing kwin_x11 for a while though so the issue may have appeared during these last two weeks.) Possibly relevant packages: linux 6.0.1.artix1-1 (from today) kdeplasma-addons 5.26.0-1.2 plasma-browser-integration 5.26.0-1.3 plasma-desktop 5.26.0-1 plasma-disks 5.26.0-1 plasma-firewall 5.26.0-1 plasma-framework 5.99.0-1 plasma-integration 5.26.0-1 plasma-meta 5.25-1 plasma-nm 5.26.0-1 plasma-pa 5.26.0-1 plasma-systemmonitor 5.26.0-1 plasma-thunderbolt 5.26.0-1 plasma-vault 5.26.0-1 plasma-workspace 5.26.0-1.2 plasma-workspace-wallpapers 5.26.0-1 qt5-base 5.15.6+kde+r180-1 qt5-declarative 5.15.6+kde+r20-1 qt5-graphicaleffects 5.15.6+kde+r0-1 qt5-location 5.15.6+kde+r3-1 qt5-multimedia 5.15.6+kde+r1-1 qt5-networkauth 5.15.6+kde+r0-1 qt5-quickcontrols 5.15.6+kde+r0-1 qt5-quickcontrols2 5.15.6+kde+r5-1 qt5-sensors 5.15.6+kde+r0-1 qt5-speech 5.15.6+kde+r1-1 qt5-svg 5.15.6+kde+r9-1 qt5-tools 5.15.6+kde+r1-1 qt5-translations 5.15.6+kde+r2-1 qt5-wayland 5.15.6+kde+r50-1 qt5-webchannel 5.15.6+kde+r3-1 qt5-webview 5.15.6+kde+r0-1 qt5-x11extras 5.15.6+kde+r0-1 qt5-xmlpatterns 5.15.6+kde+r0-1 xdg-desktop-portal-kde 5.26.0-1 ADDITIONAL INFORMATION The program that crashes kwin_x11 opens an xcb window in order to do some Vulkan rendering (the Vulkan library isn't even loaded at the time of the crash though) The thread creating and setting-up the window is separate from the one handling the event loop. As long as the window of the program exists (paused in its debugger) kwin_x11 will crash in a loop. I presume something in its setup/state is the cause. After the first crash, the stacktrace becomes: #0 0x00007fb6aab140bf in __GI___poll (fds=fds@entry=0x7ffc7bf5c710, nfds=nfds@entry=1, timeout=timeout@entry=1000) at ../sysdeps/unix/sysv/linux/poll.c:29 sc_ret = -516 sc_cancel_oldtype = 0 #1 0x00007fb6ada66afa in poll (__timeout=1000, __nfds=1, __fds=0x7ffc7bf5c710) at /usr/include/bits/poll2.h:39 fd = {fd = 3, events = 1, revents = 0} r = <optimized out> clsockfd = <optimized out> msg = "\001\000/run/user/1000/kcra" running = <optimized out> sockfd = 3 pid = 10695 #2 pollDrKonqiSocket (sockfd=3, pid=10695) at /usr/src/debug/kcrash/kcrash-5.99.0/src/kcrash.cpp:865 fd = {fd = 3, events = 1, revents = 0} r = <optimized out> clsockfd = <optimized out> msg = "\001\000/run/user/1000/kcra" running = <optimized out> sockfd = 3 pid = 10695 #3 KCrash::startProcess(int, char const**, bool) (argv=argv@entry=0x7ffc7bf5c858, waitAndExit=waitAndExit@entry=true, argc=<optimized out>) at /usr/src/debug/kcrash/kcrash-5.99.0/src/kcrash.cpp:727 running = <optimized out> sockfd = 3 pid = 10695 #4 0x00007fb6ada677fc in KCrash::defaultCrashHandler(int) (sig=11) at /usr/src/debug/kcrash/kcrash-5.99.0/src/kcrash.cpp:623 data = {<KCrash::MetadataWriter> = {_vptr.MetadataWriter = 0x7fb6ada6a8b8 <vtable for KCrash::Metadata+16>}, argv = {_M_elems = {0x55fedecd63b0 "/usr/lib/drkonqi", 0x7fb6ada680c1 "--platform", 0x55fedeea40b8 "xcb", 0x7fb6ada680d4 "--display", 0x55fedea00e80 ":0", 0x7fb6ada680de "--appname", 0x55fedecbc710 "kwin_x11", 0x7fb6ada680f7 "--apppath", 0x55fedea12c00 "/usr/bin", 0x7fb6ada68104 "--signal", 0x7ffc7bf5c826 "11", 0x7fb6ada68112 "--pid", 0x7ffc7bf5c830 "10684", 0x7fb6ada68118 "--appversion", 0x55fedece7578 "5.26.0", 0x7fb6ada68125 "--programname", 0x55fedece2b78 "KWin", 0x7fb6ada68133 "--bugaddress", 0x55fedecee068 "submit@bugs.kde.org", 0x7fb6ada6814e "--startupid", 0x55fedeea40e8 "0", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, argc = 21, m_writer = 0x0} platformName = {d = 0x55fedeea40a0} about = <optimized out> argv = 0x7ffc7bf5c858 ini = {<KCrash::MetadataWriter> = {_vptr.MetadataWriter = 0x7fb6ada6a8e8 <vtable for KCrash::MetadataINIWriter+16>}, writable = false, fd = -1, iniLine = {_M_elems = '\000' <repeats 1023 times>}} sigtxt = "11\000sg\251\266\177\000" pidtxt = "10684\000\000\000\262Ri\251\266\177\000\000\000\000\000" startupId = {d = 0x55fedeea40d0} argc = <optimized out> crashRecursionCounter = 2 #5 0x00007fb6aaa51a00 in <signal handler called> () at /usr/lib/libc.so.6 #6 KWin::Output::scale() const (this=this@entry=0x0) at /usr/src/debug/kwin/kwin-5.26.0/src/core/output.cpp:164 #7 0x00007fb6ad3ad132 in KWin::Output::geometry() const (this=0x0) at /usr/src/debug/kwin/kwin-5.26.0/src/core/output.cpp:169 #8 0x00007fb6ad4ecee3 in KWin::Workspace::clientArea(KWin::clientAreaOption, KWin::Output const*, KWin::VirtualDesktop const*) const (this=this@entry=0x55feded8d290, opt=opt@entry=KWin::FullScreenArea, output=<optimized out>, output@entry=0x0, desktop=<optimized out>) at /usr/src/debug/kwin/kwin-5.26.0/src/workspace.cpp:2499 #9 0x00007fb6ad4ed29e in KWin::Workspace::clientArea(KWin::clientAreaOption, KWin::Window const*, KWin::Output const*) const (this=this@entry=0x55feded8d290, opt=opt@entry=KWin::FullScreenArea, window=window@entry=0x55fedee1f830, output=0x0) at /usr/src/debug/kwin/kwin-5.26.0/src/workspace.cpp:2523 desktop = <optimized out> #10 0x00007fb6ad4ed348 in KWin::Workspace::clientArea(KWin::clientAreaOption, KWin::Window const*) const (this=0x55feded8d290, opt=KWin::FullScreenArea, window=0x55fedee1f830) at /usr/src/debug/kwin/kwin-5.26.0/src/workspace.cpp:2511 #11 0x00007fb6ad4f6182 in KWin::X11Window::isFullScreenable() const (this=0x55fedee1f830) at /usr/src/debug/kwin/kwin-5.26.0/src/x11window.cpp:1295 fullScreenArea = {xp = 0, yp = 6.9377790352289549e-310, w = 2.3117479788605678e-318, h = 6.9377959010542321e-310} #12 0x00007fb6ad507a46 in KWin::X11Window::userCanSetFullScreen() const (this=0x55fedee1f830) at /usr/src/debug/kwin/kwin-5.26.0/src/x11window.cpp:4547 #13 0x00007fb6ad4ff62e in KWin::X11Window::updateAllowedActions(bool) (this=0x55fedee1f830, force=<optimized out>) at /usr/src/debug/kwin/kwin-5.26.0/src/x11window.cpp:2434 old_allowed_actions = {i = 0} relevant = {i = <optimized out>} #14 0x00007fb6ad4fbfce in KWin::X11Window::manage(unsigned int, bool) (this=0x55fedee1f830, w=<optimized out>, isMapped=<optimized out>) at /usr/src/debug/kwin/kwin-5.26.0/src/x11window.cpp:872 stacking_blocker = {ws = 0x55feded8d290} attr = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::WindowAttributesData>> = {_vptr.AbstractWrapper = 0x7fb6ad76c6f8 <vtable for KWin::Xcb::Wrapper<KWin::Xcb::WindowAttributesData, unsigned int>+16>, m_retrieved = true, m_cookie = {sequence = 1632}, m_window = 75497472, m_reply = 0x7fb698007880}, <No data fields>} windowGeometry = {<KWin::Xcb::Wrapper<KWin::Xcb::GeometryData, unsigned int>> = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::GeometryData>> = {_vptr.AbstractWrapper = 0x7fb6ad76c648 <vtable for KWin::Xcb::WindowGeometry+16>, m_retrieved = true, m_cookie = {sequence = 1633}, m_window = 75497472, m_reply = 0x55fedeefe290}, <No data fields>}, <No data fields>} properties = {i = 553549824} properties2 = {i = 1340679819} wmClientLeaderCookie = {<KWin::Xcb::Wrapper<KWin::Xcb::PropertyData, unsigned char, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int>> = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::PropertyData>> = {_vptr.AbstractWrapper = 0x7fb6ad76c078 <vtable for KWin::Xcb::Property+16>, m_retrieved = true, m_cookie = {sequence = 1696}, m_window = 75497472, m_reply = 0x7fb69800d9f0}, <No data fields>}, m_type = 33} skipCloseAnimationCookie = {<KWin::Xcb::Wrapper<KWin::Xcb::PropertyData, unsigned char, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int>> = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::PropertyData>> = {_vptr.AbstractWrapper = 0x7fb6ad76c078 <vtable for KWin::Xcb::Property+16>, m_retrieved = true, m_cookie = {sequence = 1697}, m_window = 75497472, m_reply = 0x7fb69800da60}, <No data fields>}, m_type = 6} showOnScreenEdgeCookie = {<KWin::Xcb::Wrapper<KWin::Xcb::PropertyData, unsigned char, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int>> = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::PropertyData>> = {_vptr.AbstractWrapper = 0x7fb6ad76c078 <vtable for KWin::Xcb::Property+16>, m_retrieved = false, m_cookie = {sequence = 1698}, m_window = 75497472, m_reply = 0x0}, <No data fields>}, m_type = 6} colorSchemeCookie = {<KWin::Xcb::Property> = {<KWin::Xcb::Wrapper<KWin::Xcb::PropertyData, unsigned char, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int>> = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::PropertyData>> = {_vptr.AbstractWrapper = 0x7fb6ad76c938 <vtable for KWin::Xcb::StringProperty+16>, m_retrieved = true, m_cookie = {sequence = 1699}, m_window = 75497472, m_reply = 0x7fb69800db40}, <No data fields>}, m_type = 31}, <No data fields>} firstInTabBoxCookie = {<KWin::Xcb::Wrapper<KWin::Xcb::PropertyData, unsigned char, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int>> = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::PropertyData>> = {_vptr.AbstractWrapper = 0x7fb6ad76c078 <vtable for KWin::Xcb::Property+16>, m_retrieved = true, m_cookie = {sequence = 1700}, m_window = 75497472, m_reply = 0x7fb69800dbb0}, <No data fields>}, m_type = 469} transientCookie = {<KWin::Xcb::Property> = {<KWin::Xcb::Wrapper<KWin::Xcb::PropertyData, unsigned char, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int>> = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::PropertyData>> = {_vptr.AbstractWrapper = 0x7fb6ad76ca80 <vtable for KWin::Xcb::TransientFor+16>, m_retrieved = true, m_cookie = {sequence = 1701}, m_window = 75497472, m_reply = 0x7fb69800dc20}, <No data fields>}, m_type = 33}, <No data fields>} activitiesCookie = {<KWin::Xcb::Property> = {<KWin::Xcb::Wrapper<KWin::Xcb::PropertyData, unsigned char, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int>> = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::PropertyData>> = {_vptr.AbstractWrapper = 0x7fb6ad76c938 <vtable for KWin::Xcb::StringProperty+16>, m_retrieved = true, m_cookie = {sequence = 1702}, m_window = 75497472, m_reply = 0x7fb69800dc90}, <No data fields>}, m_type = 31}, <No data fields>} applicationMenuServiceNameCookie = {<KWin::Xcb::Property> = {<KWin::Xcb::Wrapper<KWin::Xcb::PropertyData, unsigned char, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int>> = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::PropertyData>> = {_vptr.AbstractWrapper = 0x7fb6ad76c938 <vtable for KWin::Xcb::StringProperty+16>, m_retrieved = true, m_cookie = {sequence = 1703}, m_window = 75497472, m_reply = 0x7fb69800dd20}, <No data fields>}, m_type = 31}, <No data fields>} applicationMenuObjectPathCookie = {<KWin::Xcb::Property> = {<KWin::Xcb::Wrapper<KWin::Xcb::PropertyData, unsigned char, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int>> = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::PropertyData>> = {_vptr.AbstractWrapper = 0x7fb6ad76c938 <vtable for KWin::Xcb::StringProperty+16>, m_retrieved = true, m_cookie = {sequence = 1704}, m_window = 75497472, m_reply = 0x7fb69800dd90}, <No data fields>}, m_type = 31}, <No data fields>} init_minimize = <optimized out> desktopFileName = {d = 0x7fb6abb75ec0 <QArrayData::shared_null>} asn_id = {d = 0x7fb69800de70} asn_data = {d = 0x55fedeed3010} asn_valid = false session = <optimized out> initialDesktops = std::optional<QVector<KWin::VirtualDesktop*>> = {[contained value] = {d = 0x55fedee204b0}} activitiesList = {<QList<QString>> = {<QListSpecialMethods<QString>> = {<No data fields>}, {p = {static shared_null = {ref = {atomic = {_q_value = std::atomic<int> = { -1 }}}, alloc = 0, begin = 0, end = 0, array = {0x0}}, d = 0x7fb6abb75e90 <QListData::shared_null>}, d = 0x7fb6abb75e90 <QListData::shared_null>}}, <No data fields>} geom = {xp = 0, yp = -29, w = 1024, h = 768} placementDone = <optimized out> area = {xp = 0, yp = 0, w = 3840, h = 1200} partial_keep_in_area = <optimized out> usePosition = <optimized out> dontKeepInArea = <optimized out> constrainedClientSize = {wd = 1024, ht = -4294966528} forced_pos = {xp = -2147483648, yp = -2147483648} #15 0x00007fb6ad4de4a7 in KWin::Workspace::createX11Window(unsigned int, bool) (this=0x55feded8d290, windowId=75497472, is_mapped=<optimized out>) at /usr/src/debug/kwin/kwin-5.26.0/src/workspace.cpp:853 blocker = {ws = 0x55feded8d290} window = 0x55fedee1f830 #16 0x00007fb6ad4f39ad in KWin::Workspace::initializeX11() (this=<optimized out>) at /usr/src/debug/kwin/kwin-5.26.0/src/workspace.cpp:394 attr = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::WindowAttributesData>> = {_vptr.AbstractWrapper = <optimized out>, m_retrieved = true, m_cookie = {sequence = <optimized out>}, m_window = <optimized out>, m_reply = 0x7fb69800bb40}, <No data fields>} i = 74 tree = {<KWin::Xcb::Wrapper<KWin::Xcb::TreeData, unsigned int>> = {<KWin::Xcb::AbstractWrapper<KWin::Xcb::TreeData>> = {_vptr.AbstractWrapper = <optimized out>, m_retrieved = true, m_cookie = {sequence = <optimized out>}, m_window = <optimized out>, m_reply = 0x7fb698006f90}, <No data fields>}, <No data fields>} windowGeometries = {d = 0x55fedee283c0} viewports = <optimized out> blocker = {ws = <optimized out>} wins = <optimized out> windowAttributes = {d = 0x55fedef373a0} desktop_geometry = {width = -559647280, height = 22014} nullFocusValues = {1} vds = <optimized out> client_info = {<NET> = {<No data fields>}, _vptr.NETRootInfo = 0x7fb6ac5af7b8 <vtable for NETRootInfo+16>, p = 0x55fedee828b0} sessionRestored = <optimized out> newActiveWindow = <optimized out> #17 0x00007fb6ad4db9f7 in KWin::Workspace::init() (this=0x55feded8d290) at /usr/src/debug/kwin/kwin-5.26.0/src/workspace.cpp:263 vds = <optimized out> #18 0x00007fb6ad4dd4e4 in KWin::Workspace::Workspace() (this=<optimized out>, this=<optimized out>) at /usr/src/debug/kwin/kwin-5.26.0/src/workspace.cpp:193 reparseConfigFuture = {d = {_vptr.QFutureInterfaceBase = 0x7fb6abd13528 <vtable for QFutureInterfaceBase+16>, d = 0x55feded8f3a0}} #19 0x00007fb6ad437cf7 in KWin::Application::createWorkspace() (this=0x7ffc7bf5e210) at /usr/src/debug/kwin/kwin-5.26.0/src/main.cpp:242 #20 0x000055feddf9ca60 in operator() (__closure=0x55fedecf05e0) at /usr/src/debug/kwin/kwin-5.26.0/src/main_x11.cpp:244 maskValues = {1048576} this = 0x7ffc7bf5e210 #21 QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, KWin::ApplicationX11::performStartup()::<lambda()> >::call (arg=<optimized out>, f=...) at /usr/include/qt/QtCore/qobjectdefs_impl.h:146 #22 QtPrivate::Functor<KWin::ApplicationX11::performStartup()::<lambda()>, 0>::call<QtPrivate::List<>, void> (arg=<optimized out>, f=...) at /usr/include/qt/QtCore/qobjectdefs_impl.h:256 #23 QtPrivate::QFunctorSlotObject<KWin::ApplicationX11::performStartup()::<lambda()>, 0, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase *, QObject *, void **, bool *) (which=<optimized out>, this_=0x55fedecf05d0, r=<optimized out>, a=<optimized out>, ret=<optimized out>) at /usr/include/qt/QtCore/qobjectdefs_impl.h:443 #24 0x00007fb6ababdf21 in QtPrivate::QSlotObjectBase::call(QObject*, void**) (a=0x7ffc7bf5dd80, r=<optimized out>, this=0x55fedecf05d0, this=<optimized out>, r=<optimized out>, a=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398 receiver = <optimized out> td = <optimized out> receiverInSameThread = <optimized out> senderData = {previous = 0x0, receiver = 0x7ffc7bf5e210, sender = 0x7fb698002af0, signal = 4} c = 0x55fedeceed50 connections = {d = 0x55fedeceec60} list = <optimized out> inSenderThread = true highestConnectionId = 3 signalVector = 0x55fedecea690 currentThreadId = 0x7fb6a6107a80 sp = <optimized out> signal_spy_set = 0x0 empty_argv = {0x0} senderDeleted = false #25 doActivate<false>(QObject*, int, void**) (sender=0x7fb698002af0, signal_index=4, argv=0x7ffc7bf5dd80) at kernel/qobject.cpp:3919 receiver = <optimized out> td = <optimized out> receiverInSameThread = <optimized out> senderData = {previous = 0x0, receiver = 0x7ffc7bf5e210, sender = 0x7fb698002af0, signal = 4} c = 0x55fedeceed50 connections = {d = 0x55fedeceec60} list = <optimized out> inSenderThread = true highestConnectionId = 3 signalVector = 0x55fedecea690 currentThreadId = 0x7fb6a6107a80 sp = <optimized out> signal_spy_set = 0x0 empty_argv = {0x0} senderDeleted = false #26 0x00007fb6ac58634d in KSelectionOwner::Private::claimSucceeded() (this=this@entry=0x55fedece1690) at /usr/src/debug/kwindowsystem/kwindowsystem-5.99.0/src/platforms/xcb/kselectionowner.cpp:194 ev = {response_type = 33 '!', format = 32 ' ', sequence = 56993, window = 476, type = 282, data = {data8 = "G\302\177\000\321\001\000\000\v\000\340\004\000\000\000\000\000\000\000", data16 = {49735, 127, 465, 0, 11, 1248, 0, 0, 0, 0}, data32 = {8372807, 465, 81788939, 0, 0}}} #27 0x00007fb6ac58c144 in KSelectionOwner::Private::gotTimestamp() (this=0x55fedece1690) at /usr/src/debug/kwindowsystem/kwindowsystem-5.99.0/src/platforms/xcb/kselectionowner.cpp:228 c = 0x55fedea475d0 new_owner = 81788939 ev = <optimized out> event = <optimized out> response_type = <optimized out> #28 KSelectionOwner::filterEvent(void*) (this=<optimized out>, ev_P=<optimized out>) at /usr/src/debug/kwindowsystem/kwindowsystem-5.99.0/src/platforms/xcb/kselectionowner.cpp:422 ev = <optimized out> event = <optimized out> response_type = <optimized out> #29 0x00007fb6aba8403f in QAbstractEventDispatcher::filterNativeEvent(QByteArray const&, void*, long*) (this=<optimized out>, eventType=..., message=message@entry=0x55fedecec830, result=result@entry=0x7ffc7bf5df20) at kernel/qabstracteventdispatcher.cpp:495 filter = <optimized out> i = 0 scopeLevelCounter = {threadData = 0x55fedea15d70} d = 0x55fedea3ed10 #30 0x00007fb6a5b07030 in QXcbConnection::handleXcbEvent(xcb_generic_event_t*) (this=0x55fedea45dc0, event=0x55fedecec830) at /usr/src/debug/qt5-base/qtbase/src/plugins/platforms/xcb/qxcbconnection.cpp:579 dispatcher = <optimized out> result = 0 response_type = <optimized out> handled = <optimized out> #31 0x00007fb6a5b0b3a0 in QXcbConnection::processXcbEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x55fedea45dc0, flags=...) at /usr/src/debug/qt5-base/qtbase/src/plugins/platforms/xcb/qxcbconnection.cpp:1065 event = 0x55fedecec830 eventGuard = {d = 0x55fedecec830} connection_error = <optimized out> #32 0x00007fb6a5b2f6f2 in QXcbUnixEventDispatcher::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x55fedeb63d20, flags=...) at /usr/src/debug/qt5-base/qtbase/src/plugins/platforms/xcb/qxcbeventdispatcher.cpp:61 didSendEvents = true #33 0x00007fb6aba85edc in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x7ffc7bf5e100, flags=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69 d = 0x7fb6a0002aa0 threadData = <optimized out> locker = {val = 94553145172792} app = <optimized out> #34 0x00007fb6aba909f9 in QCoreApplication::exec() () at ../../include/QtCore/../../src/corelib/global/qflags.h:121 threadData = 0x55fedea15d70 eventLoop = {<QObject> = {_vptr.QObject = 0x7fb6abd11750 <vtable for QEventLoop+16>, static staticMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7fb6abb74920 <_ZL26qt_meta_stringdata_QObject.lto_priv.0>, data = 0x7fb6abb74800 <_ZL20qt_meta_data_QObject.lto_priv.0>, static_metacall = 0x7fb6ababe350 <QObject::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, d_ptr = {d = 0x7fb6a0002aa0}, static staticQtMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7fb6abb9b4a0 <_ZL21qt_meta_stringdata_Qt.lto_priv.0>, data = 0x7fb6abb98620 <_ZL15qt_meta_data_Qt.lto_priv.0>, static_metacall = 0x0, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7fb6abd0a580 <QObject::staticMetaObject>}, stringdata = 0x7fb6abb702e0 <_ZL29qt_meta_stringdata_QEventLoop.lto_priv.0>, data = 0x7fb6abb70280 <_ZL23qt_meta_data_QEventLoop.lto_priv.0>, static_metacall = 0x7fb6aba84720 <QEventLoop::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}} returnCode = <optimized out> #35 0x00007fb6abf3a0e2 in QGuiApplication::exec() () at kernel/qguiapplication.cpp:1870 #36 0x00007fb6ab176f2a in QApplication::exec() () at kernel/qapplication.cpp:2829 #37 0x000055feddf95e4d in main(int, char**) (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/kwin/kwin-5.26.0/src/main_x11.cpp:409 format = {d = 0x55fedea3add0} a = {<KWin::Application> = {<QApplication> = {<QGuiApplication> = {<QCoreApplication> = {<QObject> = {_vptr.QObject = 0x55fede0743d8 <vtable for KWin::ApplicationX11+16>, static staticMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7fb6abb74920 <_ZL26qt_meta_stringdata_QObject.lto_priv.0>, data = 0x7fb6abb74800 <_ZL20qt_meta_data_QObject.lto_priv.0>, static_metacall = 0x7fb6ababe350 <QObject::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, d_ptr = {d = 0x55fedea3ae20}, static staticQtMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7fb6abb9b4a0 <_ZL21qt_meta_stringdata_Qt.lto_priv.0>, data = 0x7fb6abb98620 <_ZL15qt_meta_data_Qt.lto_priv.0>, static_metacall = 0x0, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7fb6abd0a580 <QObject::staticMetaObject>}, stringdata = 0x7fb6abb70060 <_ZL35qt_meta_stringdata_QCoreApplication.lto_priv.0>, data = 0x7fb6abb6ff40 <_ZL29qt_meta_data_QCoreApplication.lto_priv.0>, static_metacall = 0x7fb6aba90000 <QCoreApplication::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, static self = 0x7ffc7bf5e210}, static staticMetaObject = {d = {superdata = {direct = 0x7fb6abd0f3a0 <QCoreApplication::staticMetaObject>}, stringdata = 0x7fb6ac35a720 <_ZL34qt_meta_stringdata_QGuiApplication.lto_priv.0>, data = 0x7fb6ac35a4a0 <_ZL28qt_meta_data_QGuiApplication.lto_priv.0>, static_metacall = 0x7fb6abf4b780 <QGuiApplication::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7fb6ac446e80 <QGuiApplication::staticMetaObject>}, stringdata = 0x7fb6ab5468e0 <_ZL31qt_meta_stringdata_QApplication.lto_priv.0>, data = 0x7fb6ab546760 <_ZL25qt_meta_data_QApplication.lto_priv.0>, static_metacall = 0x7fb6ab17a3f0 <QApplication::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7fb6ab6835e0 <QApplication::staticMetaObject>}, stringdata = 0x7fb6ad6637a0 <_ZL36qt_meta_stringdata_KWin__Application.lto_priv.0>, data = 0x7fb6ad65df60 <_ZL30qt_meta_data_KWin__Application.lto_priv.0>, static_metacall = 0x7fb6ad371c00 <KWin::Application::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, m_eventFilters = {<QListSpecialMethods<QPointer<KWin::X11EventFilterContainer> >> = {<No data fields>}, {p = {static shared_null = {ref = {atomic = {_q_value = std::atomic<int> = { -1 }}}, alloc = 0, begin = 0, end = 0, array = {0x0}}, d = 0x55fedeec9f90}, d = 0x55fedeec9f90}}, m_genericEventFilters = {<QListSpecialMethods<QPointer<KWin::X11EventFilterContainer> >> = {<No data fields>}, {p = {static shared_null = {ref = {atomic = {_q_value = std::atomic<int> = { -1 }}}, alloc = 0, begin = 0, end = 0, array = {0x0}}, d = 0x7fb6abb75e90 <QListData::shared_null>}, d = 0x7fb6abb75e90 <QListData::shared_null>}}, m_eventFilter = std::unique_ptr<class KWin::XcbEventFilter> = {get() = 0x55fedecf1560}, m_configLock = false, m_config = {d = 0x55fedec45fc0}, m_kxkbConfig = {d = 0x7fb698002cf0}, m_operationMode = KWin::Application::OperationModeX11, m_x11Time = 8372968, m_rootWindow = 476, m_connection = 0x55fedea475d0, m_useKActivities = true, m_session = std::unique_ptr<class KWin::Session> = {get() = 0x55fedecec7a0}, m_platform = std::unique_ptr<class KWin::Platform> = {get() = 0x55fedecc60a0}, m_terminating = false, m_xwaylandScale = 1, m_processEnvironment = {d = {d = 0x0}}, m_pluginManager = std::unique_ptr<class KWin::PluginManager> = {get() = 0x0}, m_inputMethod = std::unique_ptr<class KWin::InputMethod> = {get() = 0x0}, m_colorManager = std::unique_ptr<class KWin::ColorManager> = {get() = 0x0}, m_tabletModeManager = std::unique_ptr<class KWin::TabletModeManager> = {get() = 0x7fb698002e90}, m_screenLockerWatcher = std::unique_ptr<class KWin::ScreenLockerWatcher> = {get() = 0x7fb698007d30}}, static staticMetaObject = {d = {superdata = {direct = 0x7fb6ad782780 <KWin::Application::staticMetaObject>}, stringdata = 0x55fede038800 <qt_meta_stringdata_KWin__ApplicationX11>, data = 0x55fede037d00 <qt_meta_data_KWin__ApplicationX11>, static_metacall = 0x55feddf97e80 <KWin::ApplicationX11::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, owner = std::unique_ptr<class KWin::KWinSelectionOwner> = {get() = 0x7fb698002af0}, m_replace = false} replaceOption = {d = {d = 0x55fedea3ab60}} parser = {d = 0x55fedeccaee0} noActivitiesOption = {d = {d = 0x55fedecefec0}} Here, if I look at the instruction that triggers the crash, it's : (gdb) disas Dump of assembler code for function _ZNK4KWin6Output5scaleEv: 0x00007fb6ad3aa430 <+0>: endbr64 => 0x00007fb6ad3aa434 <+4>: movsd 0x20(%rdi),%xmm0 0x00007fb6ad3aa439 <+9>: ret (gdb) print $rdi $1 = 0 And this time, the sequence of events is: XcbWindowManager::eventLoop() begin XCB_MAP_NOTIFY: 75497472 XCB_EXPOSE:1024x768 0,0 sequence: 8 window: 75497472 XCB_*: response_type: 7 XCB_*: response_type: 8 XCB_EXPOSE:1024x679 0,89 sequence: 11 window: 75497472 XCB_EXPOSE: show: 0000555555761E20 1024 x 679 window: 75497472 exposed(): 1 The code that creates the window is pretty basic. if((width == 0) && (height == 0)) { width = 1024; height = 768; } xcb_window_t window = xcb_generate_id(_connection); uint32_t value_mask = /*XCB_CW_BACK_PIXEL |*/ XCB_CW_EVENT_MASK; uint32_t value_list[4]; value_list[0] = XCB_EVENT_MASK_KEY_PRESS | XCB_EVENT_MASK_KEY_RELEASE | XCB_EVENT_MASK_BUTTON_PRESS | XCB_EVENT_MASK_BUTTON_RELEASE | XCB_EVENT_MASK_ENTER_WINDOW | XCB_EVENT_MASK_LEAVE_WINDOW | XCB_EVENT_MASK_POINTER_MOTION |XCB_EVENT_MASK_FOCUS_CHANGE | XCB_EVENT_MASK_EXPOSURE | XCB_EVENT_MASK_STRUCTURE_NOTIFY; value_list[1] = 0;//_screen->black_pixel; value_list[2] = 0; xcb_void_cookie_t xcbcookie = xcb_create_window_checked(_connection, XCB_COPY_FROM_PARENT, window, _screen->root, 0, 0, width, height, 0, XCB_WINDOW_CLASS_INPUT_OUTPUT, _screen->root_visual, value_mask, value_list); xcb_generic_error_t* err = xcb_request_check(_connection, xcbcookie); if(err != nullptr) { Log::err << "xcb_create_window failed" << endl; throw std::runtime_error("xcb_create_window"); } xcb_intern_atom_cookie_t cookie = xcb_intern_atom(_connection, 1, 12, "WM_PROTOCOLS"); xcb_intern_atom_reply_t* reply = xcb_intern_atom_reply(_connection, cookie, 0); xcbcookie = xcb_change_property_checked(_connection, XCB_PROP_MODE_REPLACE, window, (*reply).atom, 4, 32, 1, &(*_delete_window_atom).atom); err = xcb_request_check(_connection, xcbcookie); if(err != nullptr) { Log::err << "xcb_change_property failed" << endl; throw std::runtime_error("xcb_change_property"); } free(reply); auto xcbwindowp = new XcbWindow(*this, window, width, height); xcbcookie = xcb_map_window_checked(_connection, window); err = xcb_request_check(_connection, xcbcookie); if(err != nullptr) { delete xcbwindowp; Log::err << "xcb_map_window failed" << endl; throw std::runtime_error("xcb_map_window"); } _window_list.emplace_back(xcbwindowp); xcb_flush(_connection); xcb_size_hints_t hints; xcb_icccm_size_hints_set_min_size(&hints, width, height); xcb_icccm_size_hints_set_max_size(&hints, width, width); xcbcookie = xcb_icccm_set_wm_size_hints_checked(_connection, window, XCB_ATOM_WM_NORMAL_HINTS, &hints); err = xcb_request_check(_connection, xcbcookie); if(err != nullptr) { _window_list.remove(xcbwindowp); delete xcbwindowp; Log::err << "xcb_icccm_set_wm_size_hints failed" << endl; throw std::runtime_error("xcb_icccm_set_wm_size_hints"); } xcb_flush(_connection); while(!xcbwindowp->exposed()) // NOTE: when the window is exposed, the flag is changed by the event loop. The kwin_x11 often crashes before reaching this point. { Thread::sleep(500); } The event loop is pretty minor and mostly dump the events and frees the memory. Finally, I've kept the output of /usr/bin/kwin_x11 --replace and crashed it immediately: kwin_xkbcommon: XKB: couldn't find a Compose file for locale "en_US.utf-8" (mapped to "en_US.utf-8") kwin_xkbcommon: XKB: inet:323:58: unrecognized keysym "XF86EmojiPicker" kwin_xkbcommon: XKB: inet:324:58: unrecognized keysym "XF86Dictate" qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 1701, resource id: 77594658, major code: 3 (GetWindowAttributes), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 9 (BadDrawable), sequence: 1702, resource id: 77594658, major code: 14 (GetGeometry), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 1711, resource id: 77594662, major code: 3 (GetWindowAttributes), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 9 (BadDrawable), sequence: 1712, resource id: 77594662, major code: 14 (GetGeometry), minor code: 0 Application::crashHandler() called with signal 11; recent crashes: 1 KCrash: crashing... crashRecursionCounter = 2 KCrash: Application Name = kwin_x11 path = /usr/bin pid = 11114 KCrash: Arguments: /usr/bin/kwin_x11 --replace KCrash: Attempting to start /usr/lib/drkonqi kwin_xkbcommon: XKB: couldn't find a Compose file for locale "en_US.utf-8" (mapped to "en_US.utf-8") kwin_xkbcommon: XKB: inet:323:58: unrecognized keysym "XF86EmojiPicker" kwin_xkbcommon: XKB: inet:324:58: unrecognized keysym "XF86Dictate" qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 180, resource id: 77594637, major code: 20 (GetProperty), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 181, resource id: 77594637, major code: 20 (GetProperty), minor code: 0 QSocketNotifier: Invalid socket 4 with type Read, disabling... QSocketNotifier: Invalid socket 9 with type Read, disabling... QSocketNotifier: Invalid socket 26 with type Read, disabling... Application::crashHandler() called with signal 11; recent crashes: 2 KCrash: crashing... crashRecursionCounter = 2 KCrash: Application Name = kwin_x11 path = /usr/bin pid = 11182 KCrash: Arguments: /usr/bin/kwin_x11 --crashes 1 KCrash: Attempting to start /usr/lib/drkonqi kwin_xkbcommon: XKB: couldn't find a Compose file for locale "en_US.utf-8" (mapped to "en_US.utf-8") qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 180, resource id: 88080397, major code: 20 (GetProperty), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 181, resource id: 88080397, major code: 20 (GetProperty), minor code: 0 kwin_xkbcommon: XKB: inet:323:58: unrecognized keysym "XF86EmojiPicker" kwin_xkbcommon: XKB: inet:324:58: unrecognized keysym "XF86Dictate" QSocketNotifier: Invalid socket 28 with type Read, disabling... QSocketNotifier: Invalid socket 9 with type Read, disabling... QSocketNotifier: Invalid socket 4 with type Read, disabling... Application::crashHandler() called with signal 11; recent crashes: 3 KCrash: crashing... crashRecursionCounter = 2 KCrash: Application Name = kwin_x11 path = /usr/bin pid = 11191 KCrash: Arguments: /usr/bin/kwin_x11 --crashes 2 KCrash: Attempting to start /usr/lib/drkonqi kwin_xkbcommon: XKB: couldn't find a Compose file for locale "en_US.utf-8" (mapped to "en_US.utf-8") qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 180, resource id: 90177549, major code: 20 (GetProperty), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 181, resource id: 90177549, major code: 20 (GetProperty), minor code: 0 kwin_xkbcommon: XKB: inet:323:58: unrecognized keysym "XF86EmojiPicker" kwin_xkbcommon: XKB: inet:324:58: unrecognized keysym "XF86Dictate" QSocketNotifier: Invalid socket 4 with type Read, disabling... QSocketNotifier: Invalid socket 9 with type Read, disabling... QSocketNotifier: Invalid socket 30 with type Read, disabling... Application::crashHandler() called with signal 11; recent crashes: 4 KCrash: crashing... crashRecursionCounter = 2 KCrash: Application Name = kwin_x11 path = /usr/bin pid = 11200 KCrash: Arguments: /usr/bin/kwin_x11 --crashes 3 KCrash: Attempting to start /usr/lib/drkonqi qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 180, resource id: 92274701, major code: 20 (GetProperty), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 181, resource id: 92274701, major code: 20 (GetProperty), minor code: 0 kwin_xkbcommon: XKB: couldn't find a Compose file for locale "en_US.utf-8" (mapped to "en_US.utf-8") kwin_xkbcommon: XKB: inet:323:58: unrecognized keysym "XF86EmojiPicker" kwin_xkbcommon: XKB: inet:324:58: unrecognized keysym "XF86Dictate" qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 1694, resource id: 75497506, major code: 3 (GetWindowAttributes), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 9 (BadDrawable), sequence: 1695, resource id: 75497506, major code: 14 (GetGeometry), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 1704, resource id: 75497510, major code: 3 (GetWindowAttributes), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 9 (BadDrawable), sequence: 1705, resource id: 75497510, major code: 14 (GetGeometry), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 3865, resource id: 41943817, major code: 18 (ChangeProperty), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 4123, resource id: 75497534, major code: 3 (GetWindowAttributes), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 4291, resource id: 83886090, major code: 18 (ChangeProperty), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 4295, resource id: 81788938, major code: 18 (ChangeProperty), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 4299, resource id: 79691786, major code: 18 (ChangeProperty), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 4303, resource id: 73400330, major code: 18 (ChangeProperty), minor code: 0 qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 4314, resource id: 41943818, major code: 18 (ChangeProperty), minor code: 0 That's all I can think of.