Bug 507359

Summary: master seg faults with bochs driver
Product: [Plasma] kwin Reporter: Harald Sitter <sitter>
Component: wayland-genericAssignee: KWin default assignee <kwin-bugs-null>
Status: RESOLVED FIXED    
Severity: normal CC: kde, nate
Priority: HI    
Version First Reported In: master   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: https://invent.kde.org/plasma/kwin/-/commit/c465180a5275d3cff050882cb8acbd1da6308ec3 Version Fixed/Implemented In: 6.5
Sentry Crash Report:

Description Harald Sitter 2025-07-22 11:36:46 UTC 
SUMMARY
when using the qemu default video output kwin_wayland crashes 100% of the time

STEPS TO REPRODUCE
1. git clone https://invent.kde.org/kde-linux/kde-linux
2. cd kde-linux
3. wget http://images.kde-linux.haraldsitter.eu/kde-linux_202507220830.raw
4. sudo ./basic-test.py kde-linux_202507220830.raw kde-linux_202507220830.efi
5. qemu pops up and boots

OBSERVED RESULT
eventually crashes to sddm

EXPECTED RESULT
no crash. this actually used to work until recently

SOFTWARE/OS VERSIONS
Operating System: KDE Linux 2025-07-22
KDE Plasma Version: 6.4.80
KDE Frameworks Version: 6.17.0
Qt Version: 6.9.1
Kernel Version: 6.15.7-arch1-1 (64-bit)
Graphics Platform: offscreen
Processors: 16 × AMD Ryzen 9 5950X 16-Core Processor
Memory: 31.3 GiB of RAM (30.6 GiB usable)

ADDITIONAL INFORMATION

#0  0x00007f5cc839c74c in ??? () at /usr/lib/libc.so.6
#1  0x00007f5cc8342dc0 in raise () at /usr/lib/libc.so.6
#2  0x00007f5ccb17ae90 in KCrash::defaultCrashHandler(int) () at /usr/lib/libKF6Crash.so.6
#3  0x00007f5cc8342ef0 in <signal handler called> () at /usr/lib/libc.so.6
#4  0x00007f5ccba1be0f in KWin::DrmPipeline::prepareAtomicPlane
    (this=0x562ae410d710, commit=0x562ae896d6c0, plane=0x0, layer=0x562ae85357d0, frame=std::shared_ptr<KWin::OutputFrame> (use count 1, weak count 0) = {...}) at /home/live/kwin/src/backends/drm/drm_pipeline.cpp:256
#5  0x00007f5ccba1aeaa in KWin::DrmPipeline::present
    (this=0x562ae410d710, layersToUpdate=..., frame=std::shared_ptr<KWin::OutputFrame> (use count 1, weak count 0) = {...})
    at /home/live/kwin/src/backends/drm/drm_pipeline.cpp:96
#6  0x00007f5ccba128df in KWin::DrmOutput::present
    (this=0x562ae410a560, layersToUpdate=..., frame=std::shared_ptr<KWin::OutputFrame> (use count 1, weak count 0) = {...})
    at /home/live/kwin/src/backends/drm/drm_output.cpp:393
#7  0x00007f5ccb3d7655 in KWin::Compositor::composite (this=0x562ae41b69a0, renderLoop=0x562ae4051130) at /home/live/kwin/src/compositor.cpp:526
#8  0x00007f5ccb3d3a39 in KWin::Compositor::handleFrameRequested (this=0x562ae41b69a0, renderLoop=0x562ae4051130)
    at /home/live/kwin/src/compositor.cpp:100
#9  0x00007f5ccb3e8374 in QtPrivate::FunctorCall<std::integer_sequence<unsigned long, 0ul>, QtPrivate::List<KWin::RenderLoop*>, void, void (KWin::Compositor::*)(KWin::RenderLoop*)>::call(void (KWin::Compositor::*)(KWin::RenderLoop*), KWin::Compositor*, void**)::{lambda()#1}::operator()() const
    (__closure=0x7ffffe3160d0) at /usr/include/qt6/QtCore/qobjectdefs_impl.h:127
#10 0x00007f5ccb3e9122 in QtPrivate::FunctorCallBase::call_internal<void, QtPrivate::FunctorCall<std::integer_sequence<unsigned long, 0ul>, QtPrivate::List<KWin::RenderLoop*>, void, void (KWin::Compositor::*)(KWin::RenderLoop*)>::call(void (KWin::Compositor::*)(KWin::RenderLoop*), KWin::Compositor*, void**)::{lambda()#1}>(void**, QtPrivate::FunctorCall<std::integer_sequence<unsigned long, 0ul>, QtPrivate::List<KWin::RenderLoop*>, void, void (KWin::Compositor::*)(KWin::RenderLoop*)>::call(void (KWin::Compositor::*)(KWin::RenderLoop*), KWin::Compositor*, void**)::{lambda()#1}&&)
    (args=0x7ffffe3162a0, fn=...) at /usr/include/qt6/QtCore/qobjectdefs_impl.h:65
#11 0x00007f5ccb3e83e6 in QtPrivate::FunctorCall<std::integer_sequence<unsigned long, 0ul>, QtPrivate::List<KWin::RenderLoop*>, void, void (KWin::Compositor::*)(KWin::RenderLoop*)>::call
    (f=(void (KWin::Compositor::*)(class KWin::Compositor * const, class KWin::RenderLoop *)) 0x7f5ccb3d3a16 <KWin::Compositor::handleFrameRequested(KWin::RenderLoop*)>, o=0x562ae41b69a0, arg=0x7ffffe3162a0) at /usr/include/qt6/QtCore/qobjectdefs_impl.h:126
#12 0x00007f5ccb3e6d6e in QtPrivate::FunctionPointer<void (KWin::Compositor::*)(KWin::RenderLoop*)>::call<QtPrivate::List<KWin::RenderLoop*>, void>
    (f=(void (KWin::Compositor::*)(class KWin::Compositor * const, class KWin::RenderLoop *)) 0x7f5ccb3d3a16 <KWin::Compositor::handleFrameRequested(KWin::RenderLoop*)>, o=0x562ae41b69a0, arg=0x7ffffe3162a0) at /usr/include/qt6/QtCore/qobjectdefs_impl.h:174
#13 0x00007f5ccb3e4d49 in QtPrivate::QCallableObject<void (KWin::Compositor::*)(KWin::RenderLoop*), QtPrivate::List<KWin::RenderLoop*>, void>::impl
    (which=1, this_=0x562ae4000fc0, r=0x562ae41b69a0, a=0x7ffffe3162a0, ret=0x0) at /usr/include/qt6/QtCore/qobjectdefs_impl.h:545
#14 0x00007f5cc8a567ef in ??? () at /usr/lib/libQt6Core.so.6
#15 0x00007f5ccb43bf2d in QMetaObject::activate<void, KWin::RenderLoop*>
    (sender=0x562ae4051130, mo=0x7f5ccc555ac0 <KWin::RenderLoop::staticMetaObject>, local_signal_index=2, ret=0x0)
    at /usr/include/qt6/QtCore/qobjectdefs.h:306
#16 0x00007f5ccb439f75 in KWin::RenderLoop::frameRequested (this=0x562ae4051130, _t1=0x562ae4051130)
    at /home/live/kwin/build/src/kwin_autogen/include/moc_renderloop.cpp:171
#17 0x00007f5ccb439311 in KWin::RenderLoopPrivate::dispatch (this=0x562ae410ca80) at /home/live/kwin/src/core/renderloop.cpp:191
#18 0x00007f5ccb43810d in operator() (__closure=0x562ae406d9f0) at /home/live/kwin/src/core/renderloop.cpp:37
--Type <RET> for more, q to quit, c to continue without paging--c
#19 0x00007f5ccb43a4db in operator() (__closure=0x7ffffe316390) at /usr/include/qt6/QtCore/qobjectdefs_impl.h:116
#20 0x00007f5ccb43a5d3 in QtPrivate::FunctorCallBase::call_internal<void, QtPrivate::FunctorCall<std::integer_sequence<long unsigned int>, QtPrivate::List<>, void, KWin::RenderLoopPrivate::RenderLoopPrivate(KWin::RenderLoop*, KWin::Output*)::<lambda()> >::call(KWin::RenderLoopPrivate::RenderLoopPrivate(KWin::RenderLoop*, KWin::Output*)::<lambda()>&, void**)::<lambda()> >(void **, struct {...} &&) (args=0x7ffffe316550, fn=...)
    at /usr/include/qt6/QtCore/qobjectdefs_impl.h:65
#21 0x00007f5ccb43a520 in QtPrivate::FunctorCall<std::integer_sequence<long unsigned int>, QtPrivate::List<>, void, KWin::RenderLoopPrivate::RenderLoopPrivate(KWin::RenderLoop*, KWin::Output*)::<lambda()> >::call(struct {...} &, void **) (f=..., arg=0x7ffffe316550)
    at /usr/include/qt6/QtCore/qobjectdefs_impl.h:115
#22 0x00007f5ccb43a485 in QtPrivate::FunctorCallable<KWin::RenderLoopPrivate::RenderLoopPrivate(KWin::RenderLoop*, KWin::Output*)::<lambda()> >::call<QtPrivate::List<>, void>(struct {...} &, void *, void **) (f=..., arg=0x7ffffe316550) at /usr/include/qt6/QtCore/qobjectdefs_impl.h:337
#23 0x00007f5ccb43a3a7 in QtPrivate::QCallableObject<KWin::RenderLoopPrivate::RenderLoopPrivate(KWin::RenderLoop*, KWin::Output*)::<lambda()>, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase *, QObject *, void **, bool *)
    (which=1, this_=0x562ae406d9e0, r=0x562ae4051130, a=0x7ffffe316550, ret=0x0) at /usr/include/qt6/QtCore/qobjectdefs_impl.h:547
#24 0x00007f5cc8a567ef in ??? () at /usr/lib/libQt6Core.so.6
#25 0x00007f5cc8a63abf in QTimer::timerEvent(QTimerEvent*) () at /usr/lib/libQt6Core.so.6
#26 0x00007f5cc8a43dd6 in QObject::event(QEvent*) () at /usr/lib/libQt6Core.so.6
#27 0x00007f5cc9b31c70 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/libQt6Widgets.so.6
#28 0x00007f5cc89eb118 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /usr/lib/libQt6Core.so.6
#29 0x00007f5cc8b9ec6f in QTimerInfoList::activateTimers() () at /usr/lib/libQt6Core.so.6
#30 0x00007f5cc8baa129 in QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt6Core.so.6
#31 0x00007f5cc9682d33 in QUnixEventDispatcherQPA::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt6Gui.so.6
#32 0x00007f5cc89f74b6 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt6Core.so.6
#33 0x00007f5cc89ef7c1 in QCoreApplication::exec() () at /usr/lib/libQt6Core.so.6
#34 0x0000562ad2333804 in ??? ()
#35 0x00007f5cc832c6b5 in ??? () at /usr/lib/libc.so.6
#36 0x00007f5cc832c769 in __libc_start_main () at /usr/lib/libc.so.6
#37 0x0000562ad23396d5 in ??? ()
Comment 1 Zamundaaa 2025-07-22 14:32:44 UTC 
Git commit c465180a5275d3cff050882cb8acbd1da6308ec3 by Xaver Hugl.
Committed on 22/07/2025 at 11:53.
Pushed by zamundaaa into branch 'master'.

backends/drm: add a missing check for nullptr cursor planes

M  +7    -0    src/backends/drm/drm_pipeline.cpp

https://invent.kde.org/plasma/kwin/-/commit/c465180a5275d3cff050882cb8acbd1da6308ec3