Bug 469055

Summary: kwin_wayland sometimes crashes in KWin::WindowScreenCastSource::textureSize() when hovering over Task Manager icons
Product: [Plasma] kwin Reporter: Nate Graham <nate>
Component: wayland-genericAssignee: KWin default assignee <kwin-bugs-null>
Status: RESOLVED FIXED    
Severity: crash CC: aleixpol, carl
Priority: NOR    
Version: 5.27.4   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed In: 5.27.5
Sentry Crash Report:

Description Nate Graham 2023-04-27 13:25:57 UTC
STEPS TO REPRODUCE
1. Hover cursor over a Task Manager icon on with Task Manager tooltips/previews turned on


OBSERVED RESULT
A small percentage of the time, kwin_wayland crashes. I do this enough times per day that it seems to happen 1-2 times per day.


EXPECTED RESULT
No kwin_wayland crash.


SOFTWARE/OS VERSIONS
Operating System: Fedora Linux 37
KDE Plasma Version: 5.27.4
KDE Frameworks Version: 5.106.0
Qt Version: 5.15.9
Kernel Version: 6.2.12-200.fc37.x86_64 (64-bit)
Graphics Platform: Wayland
Processors: 8 × Intel® Core™ i7-10510U CPU @ 1.80GHz
Memory: 15.2 GiB of RAM
Graphics Processor: Mesa Intel® UHD Graphics


ADDITIONAL INFORMATION
Crash backtrace:

Program terminated with signal SIGSEGV, Segmentation fault.
#0  KWin::Window::clientGeometry (this=0x0) at /home/nate/kde/src/kwin/src/window.h:2080
2080        return m_clientGeometry;
[Current thread is 1 (Thread 0x7fbd49804e40 (LWP 285288))]
(gdb) bt
#0  KWin::Window::clientGeometry() const (this=0x0) at /home/nate/kde/src/kwin/src/window.h:2080
#1  KWin::WindowScreenCastSource::textureSize() const (this=0x2ca9150)
    at /home/nate/kde/src/kwin/src/plugins/screencast/windowscreencastsource.cpp:40
#2  0x000000000047b3f9 in KWin::ScreenCastStream::recordFrame(QRegion const&)
    (this=0x219c590, _damagedRegion=<optimized out>)
    at /home/nate/kde/src/kwin/src/plugins/screencast/screencaststream.cpp:429
#3  0x00007fbd4ecd0ff6 in QtPrivate::QSlotObjectBase::call(QObject*, void**)
    (a=0x7ffd6b3da7d0, r=<optimized out>, this=0x2a0dae0)
    at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#4  doActivate<false>(QObject*, int, void**) (sender=0x219c780, signal_index=3, argv=0x7ffd6b3da7d0)
    at kernel/qobject.cpp:3923
#5  0x00007fbd4eccbf87 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**)
    (sender=<optimized out>, m=m@entry=0x7fbd4ef5e580 <QTimer::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd6b3da7d0) at kernel/qobject.cpp:3983
#6  0x00007fbd4ecd437e in QTimer::timeout(QTimer::QPrivateSignal) (this=<optimized out>, _t1=...)
    at .moc/moc_qtimer.cpp:205
#7  0x00007fbd4ecc8125 in QObject::event(QEvent*) (this=0x219c780, e=0x7ffd6b3da930)
    at kernel/qobject.cpp:1369
#8  0x00007fbd4d9aed62 in QApplicationPrivate::notify_helper(QObject*, QEvent*)
    (this=<optimized out>, receiver=0x219c780, e=0x7ffd6b3da930) at kernel/qapplication.cpp:3640
#9  0x00007fbd4ec9d648 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
    (receiver=0x219c780, event=0x7ffd6b3da930) at kernel/qcoreapplication.cpp:1064
#10 0x00007fbd4ec9d832 in QCoreApplication::sendEvent(QObject*, QEvent*)
    (receiver=<optimized out>, event=<optimized out>) at kernel/qcoreapplication.cpp:1462
#11 0x00007fbd4ecedae1 in QTimerInfoList::activateTimers() (this=this@entry=0xcd45c8)
    at kernel/qtimerinfo_unix.cpp:643
#12 0x00007fbd4eceb240 in QEventDispatcherUNIXPrivate::activateTimers() (this=this@entry=0xcd4540)
    at kernel/qeventdispatcher_unix.cpp:249
#13 0x00007fbd4ecec090 in QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
    (this=<optimized out>, flags=...) at kernel/qeventdispatcher_unix.cpp:516
#14 0x0000000000535091 in QUnixEventDispatcherQPA::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
#15 0x00007fbd4ec9c09a in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>)
    (this=this@entry=0x7ffd6b3daab0, flags=..., flags@entry=...)
    at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#16 0x00007fbd4eca4162 in QCoreApplication::exec() ()
    at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#17 0x00007fbd4f15fb50 in QGuiApplication::exec() () at kernel/qguiapplication.cpp:1863
#18 0x00007fbd4d9aecd9 in QApplication::exec() () at kernel/qapplication.cpp:2832
#19 0x00000000004471fe in main(int, char**) (argc=<optimized out>, argv=<optimized out>)
    at /home/nate/kde/src/kwin/src/main_wayland.cpp:628
Comment 1 Aleix Pol 2023-04-27 22:27:25 UTC
The second commit in this MR should address this problem:
https://invent.kde.org/plasma/kwin/-/merge_requests/4023

It should happen when a window closes. I reproduced it today with a similar bt:

#0  KWin::Window::clientGeometry() const (this=0x0) at /home/apol/devel/frameworks/kwin/src/window.h:2080
#1  0x0000559517d15e16 in KWin::WindowScreenCastSource::textureSize() const (this=0x55951bb29a10) at /home/apol/devel/frameworks/kwin/src/plugins/screencast/windowscreencastsource.cpp:40
#2  0x0000559517d09148 in KWin::ScreenCastStream::recordFrame(QRegion const&) (this=0x55951c05a820, _damagedRegion=...) at /home/apol/devel/frameworks/kwin/src/plugins/screencast/screencaststream.cpp:429
#3  0x0000559517d0f092 in KWin::ScreenCastStream::ScreenCastStream(KWin::ScreenCastSource*, QObject*)::$_0::operator()() const (this=0x55951bf93a70) at /home/apol/devel/frameworks/kwin/src/plugins/screencast/screencaststream.cpp:308
#4  0x0000559517d0f036 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, KWin::ScreenCastStream::ScreenCastStream(KWin::ScreenCastSource*, QObject*)::$_0>::call(KWin::ScreenCastStream::ScreenCastStream(KWin::ScreenCastSource*, QObject*)::$_0&, void**) (f=..., arg=0x7ffd316e3130) at /home/apol/devel/kde5/include/QtCore/qobjectdefs_impl.h:146
#5  0x0000559517d0f001 in QtPrivate::Functor<KWin::ScreenCastStream::ScreenCastStream(KWin::ScreenCastSource*, QObject*)::$_0, 0>::call<QtPrivate::List<>, void>(KWin::ScreenCastStream::ScreenCastStream(KWin::ScreenCastSource*, QObject*)::$_0&, void*, void**)
    (f=..., arg=0x7ffd316e3130) at /home/apol/devel/kde5/include/QtCore/qobjectdefs_impl.h:256
#6  0x0000559517d0efa1 in QtPrivate::QFunctorSlotObject<KWin::ScreenCastStream::ScreenCastStream(KWin::ScreenCastSource*, QObject*)::$_0, 0, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*)
    (which=1, this_=0x55951bf93a60, r=0x55951c05a820, a=0x7ffd316e3130, ret=0x0) at /home/apol/devel/kde5/include/QtCore/qobjectdefs_impl.h:443
Comment 2 Aleix Pol 2023-04-28 14:20:16 UTC
Git commit 660ad887ee3eec7374ef83a1d04d0cec9e8ebd19 by Aleix Pol Gonzalez, on behalf of Aleix Pol.
Committed on 28/04/2023 at 14:03.
Pushed by apol into branch 'master'.

screencast: Disable screencasting when a window closes

There were still some cases where we might have queried the window,
leading to a crash.

M  +4    -1    src/plugins/screencast/screencaststream.cpp

https://invent.kde.org/plasma/kwin/commit/660ad887ee3eec7374ef83a1d04d0cec9e8ebd19
Comment 3 Aleix Pol 2023-04-28 18:36:47 UTC
Git commit 709b3db17efc214bb6ae7e7ddf37e9697b287bc5 by Aleix Pol.
Committed on 28/04/2023 at 18:11.
Pushed by apol into branch 'Plasma/5.27'.

screencast: Disable screencasting when a window closes

There were still some cases where we might have queried the window,
leading to a crash.

M  +4    -1    src/plugins/screencast/screencaststream.cpp

https://invent.kde.org/plasma/kwin/commit/709b3db17efc214bb6ae7e7ddf37e9697b287bc5
Comment 4 Zamundaaa 2023-07-30 15:05:13 UTC
*** Bug 472797 has been marked as a duplicate of this bug. ***