Summary: | (wayland) possible crash in KWin::Tile::descendants() when waking display while screen is locked | ||
---|---|---|---|
Product: | [Plasma] kwin | Reporter: | Naxdy <xnaxdy> |
Component: | Custom Tiling | Assignee: | KWin default assignee <kwin-bugs-null> |
Status: | RESOLVED FIXED | ||
Severity: | crash | CC: | nate, notmart |
Priority: | NOR | ||
Version: | 5.26.90 | ||
Target Milestone: | --- | ||
Platform: | Gentoo Packages | ||
OS: | Linux | ||
Latest Commit: | https://invent.kde.org/plasma/kwin/commit/c5df8cedd8ef0b5f1b6461e71fdec3f6a712289e | Version Fixed In: | 5.27.1 |
Description
Naxdy
2023-02-09 22:48:41 UTC
After more investigation, it appears that the crash has a chance to occur every time the display is woken from sleep. For me, this is usually in the morning, since I leave the display off overnight with the screen locked. When I then turn the display on and unlock the screen, I find an empty session (indicating that kwin crashed). Monitoring the time of the crash puts it to exactly when I woke up the display, indicating that that was the cause for the crash. Can you get a backtrace with debug symbols please? No idea how things work on gentoo but you may need to recompile kwin with -DCMAKE_BUILD_TYPE=RelWithDebInfo or -DCMAKE_BUILD_TYPE=Debug This is with CMAKE_BUILD_TYPE=Debug symbols. Also, I think I've found a way to semi-reliably reproduce the issue: 1. Log in to plasma wayland session 2. Ensure at least 1 window is snapped to a custom tile (not sure if this is mandatory, but it's the case for me) 3. Lock plasma session (again, not sure if mandatory) 4. Wait for display to turn off by itself (10 min in my case; manually turning it off didn't crash it for me, or I was just unlucky) 5. Turn display back on by wiggling mouse 6. Unlock plasma session 7. If all windows are gone, kwin has crashed. If not, repeat from step 3. Thread 1 "kwin_wayland" received signal SIGSEGV, Segmentation fault. 0x00007f85799c70b2 in KWin::Tile::descendants() const () from /usr/lib64/libkwin.so.5 Thread 22 (Thread 0x7f8512dff6c0 (LWP 297371) "kwin_wayland"): #0 0x00007f8576f2f90a in epoll_wait () from /usr/lib64/libc.so.6 #1 0x00007f8544026f90 in ?? () from /usr/lib64/spa-0.2/support/libspa-support.so #2 0x00007f85440160bb in ?? () from /usr/lib64/spa-0.2/support/libspa-support.so #3 0x00007f857786dcd4 in ?? () from /usr/lib64/libpipewire-0.3.so.0 #4 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #5 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 15 (Thread 0x7f85219266c0 (LWP 296058) "kwin_way:gdrv0"): #0 0x00007f8576eabef6 in ?? () from /usr/lib64/libc.so.6 #1 0x00007f8576eae73f in pthread_cond_wait () from /usr/lib64/libc.so.6 #2 0x00007f856aa475a9 in ?? () from /usr/lib64/dri/radeonsi_dri.so #3 0x00007f856a8a31fb in ?? () from /usr/lib64/dri/radeonsi_dri.so #4 0x00007f856aa474e7 in ?? () from /usr/lib64/dri/radeonsi_dri.so #5 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #6 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 12 (Thread 0x7f85451be6c0 (LWP 294205) "kwin_way:gdrv0"): #0 0x00007f8576eabef6 in ?? () from /usr/lib64/libc.so.6 #1 0x00007f8576eae73f in pthread_cond_wait () from /usr/lib64/libc.so.6 #2 0x00007f856aa475a9 in ?? () from /usr/lib64/dri/radeonsi_dri.so #3 0x00007f856a8a31fb in ?? () from /usr/lib64/dri/radeonsi_dri.so #4 0x00007f856aa474e7 in ?? () from /usr/lib64/dri/radeonsi_dri.so #5 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #6 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 11 (Thread 0x7f85461ff6c0 (LWP 294203) "QQmlThread"): #0 0x00007f8576f2268f in poll () from /usr/lib64/libc.so.6 #1 0x00007f857550b64e in ?? () from /usr/lib64/libglib-2.0.so.0 #2 0x00007f857550b76f in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0 #3 0x00007f8577d22194 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5 #4 0x00007f8577cc3f2b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5 #5 0x00007f8577acf0fe in QThread::exec() () from /usr/lib64/libQt5Core.so.5 #6 0x00007f8578d73de5 in ?? () from /usr/lib64/libQt5Qml.so.5 #7 0x00007f8577ad02cf in ?? () from /usr/lib64/libQt5Core.so.5 #8 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #9 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 9 (Thread 0x7f85479fe6c0 (LWP 294201) "kwin_way:gdrv0"): #0 0x00007f8576eabef6 in ?? () from /usr/lib64/libc.so.6 #1 0x00007f8576eae73f in pthread_cond_wait () from /usr/lib64/libc.so.6 #2 0x00007f856aa475a9 in ?? () from /usr/lib64/dri/radeonsi_dri.so #3 0x00007f856a8a31fb in ?? () from /usr/lib64/dri/radeonsi_dri.so #4 0x00007f856aa474e7 in ?? () from /usr/lib64/dri/radeonsi_dri.so #5 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #6 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 8 (Thread 0x7f85481ff6c0 (LWP 294200) "kwin_way:gdrv0"): #0 0x00007f8576eabef6 in ?? () from /usr/lib64/libc.so.6 #1 0x00007f8576eae73f in pthread_cond_wait () from /usr/lib64/libc.so.6 #2 0x00007f856aa475a9 in ?? () from /usr/lib64/dri/radeonsi_dri.so #3 0x00007f856a8a31fb in ?? () from /usr/lib64/dri/radeonsi_dri.so #4 0x00007f856aa474e7 in ?? () from /usr/lib64/dri/radeonsi_dri.so #5 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #6 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 7 (Thread 0x7f85609ff6c0 (LWP 294199) "libinput-connec"): #0 0x00007f8576f2268f in poll () from /usr/lib64/libc.so.6 #1 0x00007f857550b64e in ?? () from /usr/lib64/libglib-2.0.so.0 #2 0x00007f857550b76f in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0 #3 0x00007f8577d22194 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5 #4 0x00007f8577cc3f2b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5 #5 0x00007f8577acf0fe in QThread::exec() () from /usr/lib64/libQt5Core.so.5 #6 0x00007f8577ad02cf in ?? () from /usr/lib64/libQt5Core.so.5 #7 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #8 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 6 (Thread 0x7f85619fd6c0 (LWP 294198) "kwin_way:shlo0"): #0 0x00007f8576eabef6 in ?? () from /usr/lib64/libc.so.6 #1 0x00007f8576eae73f in pthread_cond_wait () from /usr/lib64/libc.so.6 #2 0x00007f856aa475a9 in ?? () from /usr/lib64/dri/radeonsi_dri.so #3 0x00007f856a8a31fb in ?? () from /usr/lib64/dri/radeonsi_dri.so #4 0x00007f856aa474e7 in ?? () from /usr/lib64/dri/radeonsi_dri.so #5 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #6 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 5 (Thread 0x7f85621fe6c0 (LWP 294197) "kwin_wayla:sh0"): #0 0x00007f8576eabef6 in ?? () from /usr/lib64/libc.so.6 #1 0x00007f8576eae73f in pthread_cond_wait () from /usr/lib64/libc.so.6 #2 0x00007f856aa475a9 in ?? () from /usr/lib64/dri/radeonsi_dri.so #3 0x00007f856a8a31fb in ?? () from /usr/lib64/dri/radeonsi_dri.so #4 0x00007f856aa474e7 in ?? () from /usr/lib64/dri/radeonsi_dri.so #5 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #6 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 4 (Thread 0x7f85629ff6c0 (LWP 294196) "kwin_wa:disk$0"): #0 0x00007f8576eabef6 in ?? () from /usr/lib64/libc.so.6 #1 0x00007f8576eae73f in pthread_cond_wait () from /usr/lib64/libc.so.6 #2 0x00007f856aa475a9 in ?? () from /usr/lib64/dri/radeonsi_dri.so #3 0x00007f856a8a31fb in ?? () from /usr/lib64/dri/radeonsi_dri.so #4 0x00007f856aa474e7 in ?? () from /usr/lib64/dri/radeonsi_dri.so #5 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #6 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 3 (Thread 0x7f8570ae16c0 (LWP 294195) "kwin_wayla:cs0"): #0 0x00007f8576eabef6 in ?? () from /usr/lib64/libc.so.6 #1 0x00007f8576eae73f in pthread_cond_wait () from /usr/lib64/libc.so.6 #2 0x00007f856aa475a9 in ?? () from /usr/lib64/dri/radeonsi_dri.so #3 0x00007f856a8a31fb in ?? () from /usr/lib64/dri/radeonsi_dri.so #4 0x00007f856aa474e7 in ?? () from /usr/lib64/dri/radeonsi_dri.so #5 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #6 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 2 (Thread 0x7f857151f6c0 (LWP 294193) "QDBusConnection"): #0 0x00007f8576f2268f in poll () from /usr/lib64/libc.so.6 #1 0x00007f857550b64e in ?? () from /usr/lib64/libglib-2.0.so.0 #2 0x00007f857550b76f in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0 #3 0x00007f8577d22194 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5 #4 0x00007f8577cc3f2b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5 #5 0x00007f8577acf0fe in QThread::exec() () from /usr/lib64/libQt5Core.so.5 #6 0x00007f8579ed6287 in ?? () from /usr/lib64/libQt5DBus.so.5 #7 0x00007f8577ad02cf in ?? () from /usr/lib64/libQt5Core.so.5 #8 0x00007f8576eaf36a in ?? () from /usr/lib64/libc.so.6 #9 0x00007f8576f303bc in ?? () from /usr/lib64/libc.so.6 Thread 1 (Thread 0x7f85745efd80 (LWP 294183) "kwin_wayland"): #0 0x00007f85799c70b2 in KWin::Tile::descendants() const () from /usr/lib64/libkwin.so.5 #1 0x00007f85799c70ea in KWin::Tile::descendants() const () from /usr/lib64/libkwin.so.5 #2 0x00007f85799c8e28 in KWin::TileManager::bestTileForPosition(QPointF const&) () from /usr/lib64/libkwin.so.5 #3 0x00007f85799c690c in KWin::Tile::~Tile() () from /usr/lib64/libkwin.so.5 #4 0x00007f85799c3da7 in KWin::CustomTile::~CustomTile() () from /usr/lib64/libkwin.so.5 #5 0x00007f8577cf168d in QObjectPrivate::deleteChildren() () from /usr/lib64/libQt5Core.so.5 #6 0x00007f8577cfcad5 in QObject::~QObject() () from /usr/lib64/libQt5Core.so.5 #7 0x00007f85799c3da7 in KWin::CustomTile::~CustomTile() () from /usr/lib64/libkwin.so.5 #8 0x00007f8577cf168d in QObjectPrivate::deleteChildren() () from /usr/lib64/libQt5Core.so.5 #9 0x00007f8577cfcad5 in QObject::~QObject() () from /usr/lib64/libQt5Core.so.5 #10 0x00007f85799c3df7 in KWin::RootTile::~RootTile() () from /usr/lib64/libkwin.so.5 #11 0x00007f85799c8d1f in KWin::TileManager::~TileManager() () from /usr/lib64/libkwin.so.5 #12 0x00007f85799c8d49 in KWin::TileManager::~TileManager() () from /usr/lib64/libkwin.so.5 #13 0x00007f8579a2c8eb in KWin::Workspace::updateOutputs(QVector<KWin::Output*> const&) () from /usr/lib64/libkwin.so.5 #14 0x00007f8579a2fdde in KWin::Workspace::slotOutputBackendOutputsQueried() () from /usr/lib64/libkwin.so.5 #15 0x00007f8577cfea7b in ?? () from /usr/lib64/libQt5Core.so.5 #16 0x00007f8579a7fd6a in KWin::DrmBackend::updateOutputs() () from /usr/lib64/libkwin.so.5 #17 0x00007f8579a81d2f in KWin::DrmBackend::handleUdevEvent() () from /usr/lib64/libkwin.so.5 #18 0x00007f8577cfea7b in ?? () from /usr/lib64/libQt5Core.so.5 #19 0x00007f8577d0205d in QSocketNotifier::activated(QSocketDescriptor, QSocketNotifier::Type, QSocketNotifier::QPrivateSignal) () from /usr/lib64/libQt5Core.so.5 #20 0x00007f8577d0286b in QSocketNotifier::event(QEvent*) () from /usr/lib64/libQt5Core.so.5 #21 0x00007f85771649df in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/libQt5Widgets.so.5 #22 0x00007f8577cc5618 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib64/libQt5Core.so.5 #23 0x00007f8577d1dfbb in QEventDispatcherUNIXPrivate::activateSocketNotifiers() () from /usr/lib64/libQt5Core.so.5 #24 0x00007f8577d1e433 in QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5 #25 0x000055dd504842cd in QUnixEventDispatcherQPA::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () #26 0x00007f8577cc3f2b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5 #27 0x00007f8577ccc83d in QCoreApplication::exec() () from /usr/lib64/libQt5Core.so.5 #28 0x000055dd5035c599 in main () Do you use libstdc++ or libc++? (In reply to Vlad Zahorodnii from comment #4) > Do you use libstdc++ or libc++? libstdc++.so.6 => /usr/lib/gcc/x86_64-pc-linux-gnu/12/libstdc++.so.6 (0x00007fba67800000) Some more info: Just now as I tried reproducing this crash again (lock screen -> wait for display to sleep -> wake display -> unlock screen), although kwin didn't crash, I found that the padding of the custom tiling was reset from 0 (my value) to 4 (the default), and all windows followed it. Setting the padding back to 0 didn't automatically adapt all windows, but instead I had to re-snap them. Not sure if this is a different version of the same bug, or a different bug altogether. I will keep investigating. A possibly relevant merge request was started @ https://invent.kde.org/plasma/kwin/-/merge_requests/3580 Git commit 0ca7b40da0457e1ee5ce079d78d304c76b7592b5 by Vlad Zahorodnii, on behalf of Dominique Hummel. Committed on 14/02/2023 at 12:03. Pushed by vladz into branch 'master'. tiling: Evacuate tiled windows from custom & quick tiling on output removal Context: If a display is removed, the corresponding TileManager is removed with it. This in turn removes every one of its Tiles with it, and when a Tile's destructor is called, it attempts to find a new replacement tile for any windows it was previously managing. However, if the Tile is removed because its corresponding TileManager has been removed, this has the potential to cause a segfault in KWin, causing it to crash (I suspect a possible race condition? but not sure). This MR correctly evacuates custom tiled windows & migrates quick tiled windows upon output removal. M +8 -0 src/tiles/tile.cpp M +5 -0 src/tiles/tile.h M +42 -3 src/workspace.cpp https://invent.kde.org/plasma/kwin/commit/0ca7b40da0457e1ee5ce079d78d304c76b7592b5 Git commit c5df8cedd8ef0b5f1b6461e71fdec3f6a712289e by Vlad Zahorodnii, on behalf of Dominique Hummel. Committed on 14/02/2023 at 12:35. Pushed by vladz into branch 'cherry-pick-0ca7b40d'. tiling: Evacuate tiled windows from custom & quick tiling on output removal Context: If a display is removed, the corresponding TileManager is removed with it. This in turn removes every one of its Tiles with it, and when a Tile's destructor is called, it attempts to find a new replacement tile for any windows it was previously managing. However, if the Tile is removed because its corresponding TileManager has been removed, this has the potential to cause a segfault in KWin, causing it to crash (I suspect a possible race condition? but not sure). This MR correctly evacuates custom tiled windows & migrates quick tiled windows upon output removal. (cherry picked from commit 0ca7b40da0457e1ee5ce079d78d304c76b7592b5) M +8 -0 src/tiles/tile.cpp M +5 -0 src/tiles/tile.h M +42 -3 src/workspace.cpp https://invent.kde.org/plasma/kwin/commit/c5df8cedd8ef0b5f1b6461e71fdec3f6a712289e |