Bug 303450 - kwin glxgears crash
Summary: kwin glxgears crash
Status: RESOLVED FIXED
Alias: None
Product: kwin
Classification: Plasma
Component: aurorae (show other bugs)
Version: 4.8.97
Platform: Compiled Sources Linux
: NOR crash
Target Milestone: 4.9.0
Assignee: KWin default assignee
URL:
Keywords:
: 304579 309909 (view as bug list)
Depends on:
Blocks:
 
Reported: 2012-07-13 04:47 UTC by thardy01
Modified: 2012-12-29 08:49 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In: 4.9.0
Sentry Crash Report:


Attachments
QnD (tm) patch (1.70 KB, patch)
2012-07-13 14:24 UTC, Thomas Lübking
Details
Slightly different patch (1.17 KB, patch)
2012-07-13 14:36 UTC, Martin Flöser
Details
Fix Aurorae and Useractions (1.74 KB, patch)
2012-07-13 14:41 UTC, Martin Flöser
Details

Note You need to log in before you can comment on or make changes to this bug.
Description thardy01 2012-07-13 04:47:35 UTC
Application: kwin (4.8.97)
KDE Platform Version: 4.8.97 (Compiled from sources)
Qt Version: 4.8.1
Operating System: Linux 3.4.3-pf i686
Distribution (Platform): Gentoo Packages

-- Information about the crash:
- What I was doing when the application crashed: Closing glxgears

- Unusual behavior I noticed: Not sure if its related but Ive noticed alot of lag when attempting to click on title bars to move windows. Trying to determine the problem I decided to run glxgears. When I closed glxgears kwin crashed. This happens every time I run then close glxgears.

The crash can be reproduced every time.

-- Backtrace:
Application: KWin (kwin), signal: Segmentation fault
[Current thread is 1 (Thread 0xaf1b5730 (LWP 3205))]

Thread 2 (Thread 0xad8ffb70 (LWP 3208)):
#0  0xb773f424 in __kernel_vsyscall ()
#1  0xb5eae4fc in pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S:169
#2  0xb7568c9e in __pthread_cond_wait (cond=0xb6866290, mutex=0xb6866278) at forward.c:139
#3  0xb674d307 in QTWTF::TCMalloc_PageHeap::scavengerThread (this=0xb68611a0) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:2359
#4  0xb674d351 in QTWTF::TCMalloc_PageHeap::runScavengerThread (context=0xb68611a0) at ../3rdparty/javascriptcore/JavaScriptCore/wtf/FastMalloc.cpp:1464
#5  0xb6540b41 in ?? () from /usr/lib/libGL.so.1
#6  0x5c8b0824 in ?? ()
#7  0xbab80424 in ?? ()
#8  0x65000000 in ?? ()
#9  0x001015ff in ?? ()
#10 0xd3890000 in ?? ()
#11 0xfff0013d in ?? ()
#12 0xc30173ff in ?? ()
#13 0x0e15b4e8 in ?? ()
#14 0x0fc18100 in ?? ()
#15 0x8b0012f6 in ?? ()
#16 0xffffe089 in ?? ()
#17 0x29d231ff in ?? ()
#18 0x118965c2 in ?? ()
#19 0xebffc883 in ?? ()
#20 0x909090e2 in ?? ()
#21 0x81e58955 in ?? ()
#22 0x0000a4ec in ?? ()
#23 0xf45d8900 in ?? ()
#24 0x89f87589 in ?? ()
#25 0x00e8fc7d in ?? ()
#26 0x5b000000 in ?? ()
#27 0xf5ddc381 in ?? ()
#28 0x7d8b0012 in ?? ()
#29 0x68b58d08 in ?? ()
#30 0xc7ffffff in ?? ()
#31 0x00042444 in ?? ()
#32 0x89000000 in ?? ()
#33 0x89082474 in ?? ()
#34 0x75e8243c in ?? ()
#35 0x89fffff8 in ?? ()
#36 0xffffb8c2 in ?? ()
#37 0xd285ffff in ?? ()
#38 0x5d8b1279 in ?? ()
#39 0xf8758bf4 in ?? ()
#40 0xc9fc7d8b in ?? ()
#41 0x26b48dc3 in ?? ()
#42 0x00000000 in ?? ()

Thread 1 (Thread 0xaf1b5730 (LWP 3205)):
[KCrash Handler]
#7  0xb67adf35 in APIShim (engine=<optimized out>, this=<optimized out>) at api/qscriptengine_p.h:412
#8  QScriptValue::toVariant (this=0xbf889a4c) at api/qscriptvalue.cpp:1231
#9  0xb6bc3605 in QDeclarativeEnginePrivate::scriptValueToVariant (this=0x8ab2538, val=..., hint=508) at qml/qdeclarativeengine.cpp:2121
#10 0xb6bca977 in QDeclarativeExpressionPrivate::value (this=0x9383d88, secondaryScope=0x8f0a100, isUndefined=0x0) at qml/qdeclarativeexpression.cpp:667
#11 0xb6c066c4 in QDeclarativeBoundSignal::qt_metacall (this=0x93eb790, c=QMetaObject::InvokeMetaMethod, id=4, a=0xbf889bc8) at qml/qdeclarativeboundsignal.cpp:186
#12 0xb60419aa in QMetaObject::metacall (object=0x93eb790, cl=QMetaObject::InvokeMetaMethod, idx=4, argv=0xbf889bc8) at kernel/qmetaobject.cpp:245
#13 0xb6051ab5 in QMetaObject::activate (sender=0x8f83f88, m=0xb6dbc83c, local_signal_index=11, argv=0xbf889bc8) at kernel/qobject.cpp:3566
#14 0xb6ccf274 in QDeclarativeMouseArea::clicked (this=0x8f83f88, _t1=0xbf889c20) at .moc/release-shared/moc_qdeclarativemousearea_p.cpp:523
#15 0xb6b63193 in QDeclarativeMouseArea::setPressed (this=0x8f83f88, p=false) at graphicsitems/qdeclarativemousearea.cpp:935
#16 0xb6b632c2 in QDeclarativeMouseArea::mouseReleaseEvent (this=0x8f83f88, event=0xbf88a4a8) at graphicsitems/qdeclarativemousearea.cpp:587
#17 0xb5b8abea in QGraphicsItem::sceneEvent (this=0x8f83f90, event=0xbf88a4a8) at graphicsview/qgraphicsitem.cpp:6741
#18 0xb6b55c5d in QDeclarativeItem::sceneEvent (this=0x8f83f88, event=0xbf88a4a8) at graphicsitems/qdeclarativeitem.cpp:3013
#19 0xb6b626bd in QDeclarativeMouseArea::sceneEvent (this=0x8f83f88, event=0xbf88a4a8) at graphicsitems/qdeclarativemousearea.cpp:682
#20 0xb5bb4658 in QGraphicsScenePrivate::sendEvent (this=0x8f5f598, item=0x8f83f90, event=0xbf88a4a8) at graphicsview/qgraphicsscene.cpp:1221
#21 0xb5bb52fb in QGraphicsScenePrivate::sendMouseEvent (this=0x8f5f598, mouseEvent=0xbf88a4a8) at graphicsview/qgraphicsscene.cpp:1295
#22 0xb5bb5d95 in QGraphicsScene::mouseReleaseEvent (this=0x8d278c8, mouseEvent=0xbf88a4a8) at graphicsview/qgraphicsscene.cpp:4128
#23 0xb5bc898c in QGraphicsScene::event (this=0x8d278c8, event=0xbf88a4a8) at graphicsview/qgraphicsscene.cpp:3458
#24 0xb55454ac in QApplicationPrivate::notify_helper (this=0x89cf108, receiver=0x8d278c8, e=0xbf88a4a8) at kernel/qapplication.cpp:4554
#25 0xb554a2de in QApplication::notify (this=0xbf88b354, receiver=0x8d278c8, e=0xbf88a4a8) at kernel/qapplication.cpp:3936
#26 0xb72a279b in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#27 0xb763e550 in KWin::Application::notify(QObject*, QEvent*) () from /usr/lib/libkdeinit4_kwin.so
#28 0xb603a992 in QCoreApplication::notifyInternal (this=0xbf88b354, receiver=0x8d278c8, event=0xbf88a4a8) at kernel/qcoreapplication.cpp:876
#29 0xb55435df in sendSpontaneousEvent (event=0xbf88a4a8, receiver=0x8d278c8) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:234
#30 qt_sendSpontaneousEvent (receiver=0x8d278c8, event=0xbf88a4a8) at kernel/qapplication.cpp:5552
#31 0xb5be2786 in QGraphicsView::mouseReleaseEvent (this=0x8c45170, event=0xbf88ad18) at graphicsview/qgraphicsview.cpp:3338
#32 0xb559ed3e in QWidget::event (this=0x8c45170, event=0xbf88ad18) at kernel/qwidget.cpp:8362
#33 0xb598a114 in QFrame::event (this=0x8c45170, e=0xbf88ad18) at widgets/qframe.cpp:557
#34 0xb5a1ac23 in QAbstractScrollArea::viewportEvent (this=0x8c45170, e=0xbf88ad18) at widgets/qabstractscrollarea.cpp:1043
#35 0xb5be5d67 in QGraphicsView::viewportEvent (this=0x8c45170, event=0xbf88ad18) at graphicsview/qgraphicsview.cpp:2866
#36 0xb5a1d5d5 in viewportEvent (event=0xbf88ad18, this=<optimized out>) at widgets/qabstractscrollarea_p.h:100
#37 QAbstractScrollAreaFilter::eventFilter (this=0x8f15338, o=0x9402f98, e=0xbf88ad18) at widgets/qabstractscrollarea_p.h:116
#38 0xb603ab30 in QCoreApplicationPrivate::sendThroughObjectEventFilters (this=0x89cf108, receiver=0x9402f98, event=0xbf88ad18) at kernel/qcoreapplication.cpp:986
#39 0xb5545481 in QApplicationPrivate::notify_helper (this=0x89cf108, receiver=0x9402f98, e=0xbf88ad18) at kernel/qapplication.cpp:4550
#40 0xb554ac51 in QApplication::notify (this=0xbf88b354, receiver=0x9402f98, e=0xbf88ad18) at kernel/qapplication.cpp:4097
#41 0xb72a279b in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#42 0xb763e550 in KWin::Application::notify(QObject*, QEvent*) () from /usr/lib/libkdeinit4_kwin.so
#43 0xb603a992 in QCoreApplication::notifyInternal (this=0xbf88b354, receiver=0x9402f98, event=0xbf88ad18) at kernel/qcoreapplication.cpp:876
#44 0xb5546498 in sendSpontaneousEvent (event=0xbf88ad18, receiver=0x9402f98) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:234
#45 QApplicationPrivate::sendMouseEvent (receiver=0x9402f98, event=0xbf88ad18, alienWidget=0x0, nativeWidget=0x9402f98, buttonDown=0xb5ea0c20, lastMouseReceiver=..., spontaneous=true) at kernel/qapplication.cpp:3163
#46 0xb55cee94 in QETWidget::translateMouseEvent (this=0x9402f98, event=0xbf88b16c) at kernel/qapplication_x11.cpp:4502
#47 0xb55cd56f in QApplication::x11ProcessEvent (this=0xbf88b354, event=0xbf88b16c) at kernel/qapplication_x11.cpp:3625
#48 0xb55f8e33 in QEventDispatcherX11::processEvents (this=0x894a888, flags=...) at kernel/qeventdispatcher_x11.cpp:132
#49 0xb603976a in QEventLoop::processEvents (this=0xbf88b2a4, flags=...) at kernel/qeventloop.cpp:149
#50 0xb6039a72 in QEventLoop::exec (this=0xbf88b2a4, flags=...) at kernel/qeventloop.cpp:204
#51 0xb603e801 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1148
#52 0xb5543388 in QApplication::exec () at kernel/qapplication.cpp:3815
#53 0xb76411cb in kdemain () from /usr/lib/libkdeinit4_kwin.so
#54 0x080486cb in main ()

Reported using DrKonqi
Comment 1 Martin Flöser 2012-07-13 05:54:22 UTC
* which window decoration are you using?
* which graphics drivers are you using?
* does the problem happens also when closing other OpenGL applications?
Comment 2 thardy01 2012-07-13 12:04:02 UTC
(In reply to comment #1)
> * which window decoration are you using?
Oxygen with all annimations off
> * which graphics drivers are you using?
nvidia-drivers-295.59
> * does the problem happens also when closing other OpenGL applications?
Apperantly not.
Comment 3 thardy01 2012-07-13 12:21:24 UTC
(In reply to comment #2)
> (In reply to comment #1)
> > * which window decoration are you using?
> Oxygen with all annimations off
Sorry thats not true was using Dark-Translucent after switching back to default oxygen the crash has stoped and i dont have the mouse click lag.
> > * which graphics drivers are you using?
> nvidia-drivers-295.59
> > * does the problem happens also when closing other OpenGL applications?
> Apperantly not.
Comment 4 Martin Flöser 2012-07-13 12:32:30 UTC
ok, then it makes more sense. Not that I understand it, but at least the QML part in the backtrace makes sense.
Comment 5 thardy01 2012-07-13 12:39:43 UTC
After further testing I now realise this crash and the mouse lag happens when using any window decoration that has trasparancy.
Comment 6 Thomas Lübking 2012-07-13 13:04:25 UTC
DecorationButton.qml

case "X":
    // close
    decoration.closeWindow();

The DeclarativeView is still a GraphicsScene which cannot eat events at all, even if the sender is destroyed.
There's nothing changed compared to old aurorae except that the eventloop escaping queued connection is no more present in th current implementation (afaics)

You've to reimplement ::closeWindow (and likely maximize as well?) to QMetaObject::invokeMethod() some internal slot to call the KDecoration implementation on a QueuedConnection.


-------
[assume unpostable comment about that aspect of QGraphicsScene here]
Comment 7 Martin Flöser 2012-07-13 13:57:03 UTC
> There's nothing changed compared to old aurorae except that the eventloop
> escaping queued connection is no more present in th current implementation
> (afaics)
I have been using Aurorae now for > 1 month on both of my systems and never 
had a crash, neither when maximizing nor when closing the window. I assume 
that this nasty behavior of GraphicsScene is fixed and that something else 
triggered a crash here.

E.g. I find the reference to libGL in Thread 2 most interesting...
Comment 8 Martin Flöser 2012-07-13 14:00:31 UTC
Very interesting: I can reproduce the crash with glxgears. No other window has ever crashed.

Driver can be ruled out as a cause, it's radeon here.
Comment 9 Thomas Lübking 2012-07-13 14:11:25 UTC
XIO:  fatal IO error 11 (Resource temporarily unavailable) on X server ":0"   after 73 requests (73 known processed) with 0 events remaining.

Happens with or without any compositor and on either the raster or native graphicssystem.

I'll try scheduling the event....
Comment 10 Thomas Lübking 2012-07-13 14:24:42 UTC
Created attachment 72498 [details]
QnD (tm) patch

Attached is a Quick and dirty patch, delaying the close by 125ms (recalling i've to cross more than one event loops, may be wrong though) - but i'm pretty sure the value can be narrowed.

The patch adds a slot  and a debug out since i'm not sure what QML calls when you reimplement the slot.

-> The crash is no longer reproducible (still getting the XIO error though)
Comment 11 Thomas Lübking 2012-07-13 14:34:49 UTC
xio error is from glxgears - it's an emulation of the "heavy load" condition that used to cause the bug. nice testcase.
Comment 12 Martin Flöser 2012-07-13 14:36:09 UTC
Created attachment 72500 [details]
Slightly different patch

Attached another attempt by reimplementing the closeWindow slot. But: I still get a crash when using the close action of the useraction menu
Comment 13 Martin Flöser 2012-07-13 14:41:50 UTC
Created attachment 72501 [details]
Fix Aurorae and Useractions

added a queued connection also to useractions. Now following actions do not trigger a crash:
* close button
* useractions menu
* alt+F4
* kwin script
Comment 14 Thomas Lübking 2012-07-13 14:58:55 UTC
"Ship It!"
(Maybe add a comment to explain why the Op is scheduled)
---
You don't have to convince me about this ;-P
Comment 15 Martin Flöser 2012-07-14 09:17:13 UTC
Git commit 0fea5325de3a469dfb608c96d3bbeb896d031606 by Martin Gräßlin.
Committed on 14/07/2012 at 11:11.
Pushed by graesslin into branch 'KDE/4.9'.

Delay closing of a window by one event cycle

This is an issue we already had in the past with Aurorae. When
closing a window the graphics scene crashes because the deco
gets destroyed before the code in the graphics scene finished
the execution.

With the port to QML this seemed to be fixed unless as it turns
out it throws an XIO error on closing:
fatal IO error 11 (Resource temporarily unavailable) on X server ":0"

This can be triggered using glxgears. Closing glxgears would
reliable crash Aurorae. To circumvent this issue we have to
delay the close by one event cycle using QMetaObject's
invokeMethod with a Qt::QueuedConnection.

This has also to be done in the useractions menu as the menu
is still open when the window closes causing the same problem
inside Aurorae.
FIXED-IN: 4.9.0
Reviewed-By: Thomas Lüking

M  +10   -0    kwin/clients/aurorae/src/aurorae.cpp
M  +2    -0    kwin/clients/aurorae/src/aurorae.h
M  +1    -1    kwin/useractions.cpp

http://commits.kde.org/kde-workspace/0fea5325de3a469dfb608c96d3bbeb896d031606
Comment 16 Thomas Lübking 2012-08-05 02:42:15 UTC
*** Bug 304579 has been marked as a duplicate of this bug. ***
Comment 17 Martin Flöser 2012-12-29 08:49:49 UTC
*** Bug 309909 has been marked as a duplicate of this bug. ***