Bug 483762

Summary: Plasma crashed after changing panel position
Product: [Plasma] plasmashell Reporter: Patrick Silva <bugseforuns>
Component: generic-crashAssignee: Plasma Bugs List <plasma-bugs>
Status: RESOLVED FIXED    
Severity: crash CC: nicolas.fella, qydwhotmail
Priority: NOR Keywords: drkonqi, qt6
Version: master   
Target Milestone: 1.0   
Platform: unspecified   
OS: Linux   
See Also: https://bugs.kde.org/show_bug.cgi?id=483154
Latest Commit: Version Fixed In: 6.1
Sentry Crash Report:
Attachments: New crash information added by DrKonqi

Description Patrick Silva 2024-03-16 13:14:43 UTC
Application: plasmashell (6.0.80)

Qt Version: 6.6.2
Frameworks Version: 6.0.0
Operating System: Linux 6.7.5-060705-generic x86_64
Windowing System: Wayland
Distribution: KDE neon Unstable Edition
DrKonqi: 6.0.80 [CoredumpBackend]

-- Information about the crash:
I moved the panel to right screen edge, then moved it to left screen edge and Plasma crashed.

The crash can be reproduced sometimes.

-- Backtrace (Reduced):
#6  QScreen::logicalDotsPerInchX() const (this=0x57617ff4cdc0) at ./src/gui/kernel/qscreen.cpp:235
#7  0x000070cd3d6f24c5 in qt_defaultDpiX() () at ./src/gui/text/qfont.cpp:116
#8  qt_defaultDpiX() () at ./src/gui/text/qfont.cpp:107
#9  0x000070cd3d48ec58 in QImageData::QImageData() (this=0x70cccea20330, this=<optimized out>) at ./src/gui/image/qimage.cpp:94
#10 0x000070cd3d4904df in std::make_unique<QImageData>() () at /usr/include/c++/12/bits/unique_ptr.h:1065


Reported using DrKonqi
Comment 1 Patrick Silva 2024-03-16 13:14:46 UTC
Created attachment 167327 [details]
New crash information added by DrKonqi

DrKonqi auto-attaching complete backtrace.
Comment 2 Nicolas Fella 2024-03-16 13:16:58 UTC
#6  QScreen::logicalDotsPerInchX() const (this=0x57617ff4cdc0) at ./src/gui/kernel/qscreen.cpp:235
#7  0x000070cd3d6f24c5 in qt_defaultDpiX() () at ./src/gui/text/qfont.cpp:116
#8  qt_defaultDpiX() () at ./src/gui/text/qfont.cpp:107
#9  0x000070cd3d48ec58 in QImageData::QImageData() (this=0x70cccea20330, this=<optimized out>) at ./src/gui/image/qimage.cpp:94
#10 0x000070cd3d4904df in std::make_unique<QImageData>() () at /usr/include/c++/12/bits/unique_ptr.h:1065
#11 QImageData::create(QSize const&, QImage::Format) (size=..., format=format@entry=QImage::Format_RGBA8888_Premultiplied) at ./src/gui/image/qimage.cpp:123
#12 0x000070cd3d4905ff in QImage::QImage(QSize const&, QImage::Format) (this=0x70cd0adfcd70, size=..., format=QImage::Format_RGBA8888_Premultiplied, this=<optimized out>, size=<optimized out>, format=<optimized out>) at ./src/gui/image/qimage.cpp:799
#13 0x000070cd3d49063b in QImage::QImage(int, int, QImage::Format) (this=<optimized out>, width=<optimized out>, height=<optimized out>, format=<optimized out>, this=<optimized out>, width=<optimized out>, height=<optimized out>, format=<optimized out>) at ./src/gui/image/qimage.cpp:783
#14 0x000070cd3d4934d6 in QImage::convertToFormat_helper(QImage::Format, QFlags<Qt::ImageConversionFlag>) const (this=this@entry=0x70cd0adfceb0, format=format@entry=QImage::Format_RGBA8888_Premultiplied, flags=..., flags@entry=...) at ./src/gui/image/qimage.cpp:2202
#15 0x000070cd3e61b3e5 in QImage::convertToFormat(QImage::Format, QFlags<Qt::ImageConversionFlag>) && (f=QImage::Format_RGBA8888_Premultiplied, flags=..., this=0x70cd0adfceb0) at /usr/include/x86_64-linux-gnu/qt6/QtGui/qimage.h:131
#16 QSGRhiAtlasTexture::Atlas::enqueueTextureUpload(QSGRhiAtlasTexture::TextureBase*, QRhiResourceUpdateBatch*) (this=0x70cccc5d0140, t=0x70cccdddd870, resourceUpdates=0x70cccc1d3580) at ./src/quick/scenegraph/util/qsgrhiatlastexture.cpp:215
#17 0x000070cd3e619d6c in QSGRhiAtlasTexture::AtlasBase::commitTextureOperations(QRhiResourceUpdateBatch*) (resourceUpdates=0x70cccc1d3580, this=0x70cccc5d0140) at ./src/quick/scenegraph/util/qsgrhiatlastexture.cpp:148
#18 QSGRhiAtlasTexture::TextureBase::commitTextureOperations(QRhi*, QRhiResourceUpdateBatch*) (this=<optimized out>, rhi=<optimized out>, resourceUpdates=0x70cccc1d3580) at ./src/quick/scenegraph/util/qsgrhiatlastexture.cpp:345
#19 0x000070cd3e7a38a0 in QSGOpaqueTextureMaterialRhiShader::updateSampledImage(QSGMaterialShader::RenderState&, int, QSGTexture**, QSGMaterial*, QSGMaterial*) (this=<optimized out>, binding=<optimized out>, oldMaterial=<optimized out>, newMaterial=<optimized out>, texture=0x70cd0adfe908, state=...) at ./src/quick/scenegraph/util/qsgtexturematerial.cpp:69
#20 QSGOpaqueTextureMaterialRhiShader::updateSampledImage(QSGMaterialShader::RenderState&, int, QSGTexture**, QSGMaterial*, QSGMaterial*) (this=<optimized out>, state=..., binding=<optimized out>, texture=0x70cd0adfe908, newMaterial=<optimized out>, oldMaterial=<optimized out>) at ./src/quick/scenegraph/util/qsgtexturematerial.cpp:36
#21 0x000070cd3e672c65 in QSGBatchRenderer::Renderer::updateMaterialDynamicData(QSGBatchRenderer::ShaderManagerShader*, QSGMaterialShader::RenderState&, QSGMaterial*, QSGBatchRenderer::Batch const*, QSGBatchRenderer::Element*, int, int) (this=this@entry=0x70cccc1be330, sms=sms@entry=0x70cccca2eea0, renderState=..., material=material@entry=0x70cccdbbdb38, batch=batch@entry=0x70ccce38f820, e=e@entry=0x70cccc5c21e0, ubufOffset=0, ubufRegionSize=64) at /usr/include/x86_64-linux-gnu/qt6/QtCore/qvarlengtharray.h:84
#22 0x000070cd3e677133 in QSGBatchRenderer::Renderer::prepareRenderUnmergedBatch(QSGBatchRenderer::Batch*, QSGBatchRenderer::Renderer::PreparedRenderBatch*) (this=this@entry=0x70cccc1be330, batch=0x70ccce38f820, renderBatch=renderBatch@entry=0x70cd0adff780) at ./src/quick/scenegraph/coreapi/qsgbatchrenderer.cpp:3344
#23 0x000070cd3e678368 in QSGBatchRenderer::Renderer::prepareRenderPass(QSGBatchRenderer::Renderer::RenderPassContext*) (this=this@entry=0x70cccc1be330, ctx=ctx@entry=0x70cccc1be678) at ./src/quick/scenegraph/coreapi/qsgbatchrenderer.cpp:3775
#24 0x000070cd3e679be6 in QSGBatchRenderer::Renderer::render() (this=0x70cccc1be330) at ./src/quick/scenegraph/coreapi/qsgbatchrenderer.cpp:3532
#25 QSGBatchRenderer::Renderer::render() (this=0x70cccc1be330) at ./src/quick/scenegraph/coreapi/qsgbatchrenderer.cpp:3525
#26 0x000070cd3e682a85 in QSGRenderer::renderScene() (this=0x70cccc1be330) at ./src/quick/scenegraph/coreapi/qsgrenderer.cpp:147
#27 QSGRenderer::renderScene() (this=0x70cccc1be330) at ./src/quick/scenegraph/coreapi/qsgrenderer.cpp:122
#28 0x000070cd3e708be7 in QQuickWindowPrivate::renderSceneGraph() (this=0x5761806de110) at ./src/quick/items/qquickwindow.cpp:655
#29 0x000070cd3e4fc3b8 in QSGRenderThread::syncAndRender() (this=0x576181fbacb0) at ./src/quick/scenegraph/qsgthreadedrenderloop.cpp:734
#30 QSGRenderThread::run() (this=0x576181fbacb0) at ./src/quick/scenegraph/qsgthreadedrenderloop.cpp:946
#31 0x000070cd3cf5ce7d in operator() (__closure=<optimized out>) at ./src/corelib/thread/qthread_unix.cpp:324
#32 (anonymous namespace)::terminate_on_exception<QThreadPrivate::start(void*)::<lambda()> > (t=<optimized out>) at ./src/corelib/thread/qthread_unix.cpp:260
#33 QThreadPrivate::start(void*) (arg=0x576181fbacb0) at ./src/corelib/thread/qthread_unix.cpp:283
#34 0x000070cd3c494ac3 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
#35 0x000070cd3c526850 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
Comment 3 Fushan Wen 2024-03-17 01:22:51 UTC
Can also reproduce this on X11
Comment 4 Fushan Wen 2024-03-17 02:21:56 UTC
screen->handle() is a dangling pointer
Comment 5 Bug Janitor Service 2024-03-23 09:45:03 UTC
A possibly relevant merge request was started @ https://invent.kde.org/plasma/plasma-workspace/-/merge_requests/4129
Comment 6 Fushan Wen 2024-03-23 11:58:55 UTC
Git commit debb30001905718a348484a621a744a499f799a6 by Fushan Wen.
Committed on 23/03/2024 at 11:39.
Pushed by fusionfuture into branch 'master'.

PanelConfigView: set ownership before returning screen

https://wiki.qt.io/Shared_Pointers_and_QML_Ownership says:

> ownership change: if ownership semantics were not previously
> explicitly set; e.g. ' if the QObject returned from a Q_INVOKABLE
> function to JS does not have CppOwnership explicitly set, it will
> become JavaScriptOwnership owned. To avoid that, you can explicitly
> set the ownership semantic prior to returning it.
FIXED-IN: 6.1

M  +10   -1    shell/panelconfigview.cpp

https://invent.kde.org/plasma/plasma-workspace/-/commit/debb30001905718a348484a621a744a499f799a6