Bug 378445 - kscreenlocker_greet occasionally freezes in malloc in signal handler
Summary: kscreenlocker_greet occasionally freezes in malloc in signal handler
Status: RESOLVED WORKSFORME
Alias: None
Product: Powerdevil
Classification: Plasma
Component: general (show other bugs)
Version: unspecified
Platform: openSUSE Linux
: NOR normal
Target Milestone: ---
Assignee: Plasma Development Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-04-04 17:53 UTC by rlk
Modified: 2022-11-06 15:54 UTC (History)
4 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description rlk 2017-04-04 17:53:43 UTC
Using kscreenlocker 5.9.4-66.1 (and earlier versions) on openSUSE Leap 42.2, kscreenlocker occasionally (perhaps every few days) freezes, not accepting any input.  The clock is also stopped at the moment of the freeze.  The workaround is to log in to a virtual terminal and kill the kscreenlocker_greet process.

A representative stack trace, all of which show the same top of the stack (malloc called inside  asignal handler).  Unfortunately, the debuginfo packages aren't conveniently available to me, but calling a malloc that isn't re-entrant inside a signal handler is not a good idea.

(gdb) where
#0  0x00007fb1e919913b in __lll_lock_wait_private () from /lib64/libc.so.6
#1  0x00007fb1e911e62a in malloc () from /lib64/libc.so.6
#2  0x00007fb1e94dce38 in operator new(unsigned long) () from /usr/lib64/libstdc++.so.6
#3  0x00007fb1eab5c65d in QQmlProperty::QQmlProperty(QObject*, QString const&) () from /usr/lib64/libQt5Qml.so.5
#4  0x000000000040c65e in ?? ()
#5  <signal handler called>
#6  0x00007fb1e911b179 in _int_free () from /lib64/libc.so.6
#7  0x00007fb1e911d980 in _int_realloc () from /lib64/libc.so.6
#8  0x00007fb1e911edaf in realloc () from /lib64/libc.so.6
#9  0x00007fb1e98fc897 in QString::reallocData(unsigned int, bool) () from /usr/lib64/libQt5Core.so.5
#10 0x00007fb1e98fd0d4 in QString::append(QString const&) () from /usr/lib64/libQt5Core.so.5
#11 0x00007fb1e35171ae in ?? () from /usr/lib64/libQt5DBus.so.5
#12 0x00007fb1e3519253 in ?? () from /usr/lib64/libQt5DBus.so.5
#13 0x00007fb1e3519464 in ?? () from /usr/lib64/libQt5DBus.so.5
#14 0x00007fb1e35195d4 in ?? () from /usr/lib64/libQt5DBus.so.5
#15 0x00007fb1e355fc67 in ?? () from /usr/lib64/libQt5DBus.so.5
#16 0x00007fb1e355fd2a in QDBusServiceWatcher::QDBusServiceWatcher(QString const&, QDBusConnection const&, QFlags<QDBusServiceWatcher::WatchModeFlag>, QObject*) () from /usr/lib64/libQt5DBus.so.5
#17 0x00007fb1e352af63 in ?? () from /usr/lib64/libQt5DBus.so.5
#18 0x00007fb1e352ed63 in QDBusInterface::QDBusInterface(QString const&, QString const&, QString const&, QDBusConnection const&, QObject*) () from /usr/lib64/libQt5DBus.so.5
#19 0x00007fb1d9b8efa7 in ?? () from /usr/lib64/libKF5Solid.so.5
#20 0x00007fb1d9b8bc04 in ?? () from /usr/lib64/libKF5Solid.so.5
#21 0x00007fb1d9b6087e in Solid::Device::listFromType(Solid::DeviceInterface::Type const&, QString const&) () from /usr/lib64/libKF5Solid.so.5
#22 0x00007fb1b57104b4 in ?? () from /usr/lib64/qt5/plugins/plasma/dataengine/plasma_engine_powermanagement.so
#23 0x00007fb1b57114e3 in ?? () from /usr/lib64/qt5/plugins/plasma/dataengine/plasma_engine_powermanagement.so
#24 0x00007fb1e9a5d71c in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#25 0x00007fb1d9bc0cc6 in Solid::Battery::chargeStateChanged(int, QString const&) () from /usr/lib64/libKF5Solid.so.5
#26 0x00007fb1d9bc36c7 in ?? () from /usr/lib64/libKF5Solid.so.5
#27 0x00007fb1e9a5d0d5 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#28 0x00007fb1d9bc0816 in ?? () from /usr/lib64/libKF5Solid.so.5
#29 0x00007fb1d9b91d8e in ?? () from /usr/lib64/libKF5Solid.so.5
#30 0x00007fb1d9bc2a2d in ?? () from /usr/lib64/libKF5Solid.so.5
#31 0x00007fb1e9a5d0d5 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#32 0x00007fb1d9bc9ce3 in ?? () from /usr/lib64/libKF5Solid.so.5
#33 0x00007fb1e351b49b in ?? () from /usr/lib64/libQt5DBus.so.5
#34 0x00007fb1e9a5e886 in QObject::event(QEvent*) () from /usr/lib64/libQt5Core.so.5
#35 0x00007fb1e9a3530c in QCoreApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQt5Core.so.5
#36 0x00007fb1e9a35245 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib64/libQt5Core.so.5
#37 0x00007fb1e9a372a3 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib64/libQt5Core.so.5
#38 0x00007fb1e9a84043 in ?? () from /usr/lib64/libQt5Core.so.5
#39 0x00007fb1e5624134 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#40 0x00007fb1e5624388 in ?? () from /usr/lib64/libglib-2.0.so.0
#41 0x00007fb1e562442c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#42 0x00007fb1e9a8388c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#43 0x00007fb1e9a336ab in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#44 0x00007fb1e9a3b344 in QCoreApplication::exec() () from /usr/lib64/libQt5Core.so.5
#45 0x0000000000409bf4 in ?? ()
#46 0x00007fb1e90c36e5 in __libc_start_main () from /lib64/libc.so.6
#47 0x0000000000409e49 in _start ()
Comment 1 rlk 2017-04-04 17:59:30 UTC
I should also note that there is no change in system configuration proximate to this happening.  It's a Dell Precision M6500 with ATI Radeon graphics adapter, no external monitor or keyboard connected.  It usually happens overnight, with the lid closed but the system not suspended (I don't suspend it overnight).  The timing can be at any time; it's most often overnight because that's when the screen is most commonly locked.
Comment 2 Martin Flöser 2017-04-04 19:08:47 UTC
The backtrace is lacking debug information. Due to that we do not see where exactly it freezes. It could be somewhere in DBus, but that's just a fair guess.
Comment 3 rlk 2017-04-04 19:15:37 UTC
It's deadlocking in a signal handler; I assume you're looking for what's at frames 3 and 4?

I'll have to see if I can find debuginfo RPMs.  But I'm not seeing this in any other application, so it appears specific to kscreenlocker_greet; perhaps you could look at the code inside any signal handlers it sets up to see if it's mucking with QQmlProperty's?
Comment 4 rlk 2017-04-05 18:56:52 UTC
I've installed the -debuginfo packages.  I'll update the bug the next time this happens (which again is sporadic).
Comment 5 rlk 2017-04-10 12:34:11 UTC
Finally got it to reproduce with debuginfo installed.

Please let me know if you need more information; I'd like to upgrade to the latest packages, and if I have to reinstall the debuginfo packages again it will be a pain.

Script started on Mon Apr 10 08:29:52 2017
[1m[31mrlk-mobile:/tmp #[0;10m gdb /usr/lib64/libexec/kscreenlocker_greet 6571
GNU gdb (GDB; openSUSE Leap 42.2) 7.11.1
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-suse-linux".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://bugs.opensuse.org/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/lib64/libexec/kscreenlocker_greet...Reading symbols from /usr/lib/debug/usr/lib64/libexec/kscreenlocker_greet.debug...done.
done.
Attaching to program: /usr/lib64/libexec/kscreenlocker_greet, process 6571
[New LWP 6572]
[New LWP 6573]
[New LWP 6574]
[New LWP 6575]
[New LWP 6576]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
0x00007f4f6642c13b in __lll_lock_wait_private () from /lib64/libc.so.6
Missing separate debuginfos, use: zypper install fontconfig-debuginfo-2.11.1-2.2.x86_64 glibc-debuginfo-2.22-3.7.x86_64 libFLAC8-debuginfo-1.3.2-3.1.x86_64 libHalf11-debuginfo-2.1.0-5.3.x86_64 libIex-2_1-11-debuginfo-2.1.0-5.3.x86_64 libIlmImf-Imf_2_1-21-debuginfo-2.1.0-7.4.x86_64 libIlmThread-2_1-11-debuginfo-2.1.0-5.3.x86_64 libLLVM-debuginfo-3.8.0-1.23.x86_64 libacl1-debuginfo-2.2.52-8.55.x86_64 libattr1-debuginfo-2.4.47-6.57.x86_64 libbz2-1-debuginfo-1.0.6-32.53.x86_64 libcap2-debuginfo-2.22-16.55.x86_64 libdbus-1-3-debuginfo-1.8.22-3.1.x86_64 libdouble-conversion1-debuginfo-2.0.1-6.3.x86_64 libelf1-debuginfo-0.158-10.50.x86_64 libexpat1-debuginfo-2.1.0-19.1.x86_64 libffi4-debuginfo-5.3.1+r233831-7.1.x86_64 libfreetype6-debuginfo-2.6.3-1.2.x86_64 libgcc_s1-debuginfo-6.2.1+r239768-5.3.1.x86_64 libgcrypt20-debuginfo-1.6.1-33.1.x86_64 libglib-2_0-0-debuginfo-2.48.2-1.10.x86_64 libgraphite2-3-debuginfo-1.3.9-53.1.x86_64 libharfbuzz0-debuginfo-1.4.2-3.1.x86_64 libicu52_1-debuginfo-52.1-11.5.x86_64 libjasper1-debuginfo-1.900.14-173.1.x86_64 libjbig2-debuginfo-2.1-28.4.x86_64 libjpeg8-debuginfo-8.1.2-103.1.x86_64 libjson-c2-debuginfo-0.12-5.4.x86_64 liblcms1-debuginfo-1.19-20.4.x86_64 liblzma5-debuginfo-5.2.2-1.11.x86_64 libmng1-debuginfo-1.0.10-4.4.x86_64 libncurses5-debuginfo-5.9-54.48.x86_64 libogg0-debuginfo-1.3.0-4.3.x86_64 libopenssl1_0_0-debuginfo-1.0.2j-4.1.x86_64 libpcre1-debuginfo-8.39-6.1.x86_64 libpcre16-0-debuginfo-8.39-6.1.x86_64 libpng16-16-debuginfo-1.6.8-8.1.x86_64 libpulse-mainloop-glib0-debuginfo-9.0-1.2.x86_64 libpulse0-debuginfo-9.0-1.2.x86_64 libselinux1-debuginfo-2.5-2.12.x86_64 libsndfile1-debuginfo-1.0.25-25.1.x86_64 libspeex1-debuginfo-1.2~rc2-2.5.x86_64 libstdc++6-debuginfo-6.2.1+r239768-5.3.1.x86_64 libsystemd0-debuginfo-228-25.1.x86_64 libtiff5-debuginfo-4.0.7-121.1.x86_64 libtxc_dxtn-debuginfo-1.0.1-4.2.x86_64 libudev1-debuginfo-228-25.1.x86_64 libuuid1-debuginfo-2.28-10.1.x86_64 libvorbis0-debuginfo-1.3.3-4.18.x86_64 libvorbisenc2-debuginfo-1.3.3-4.18.x86_64 libwayland-client0-debuginfo-1.9.0-2.5.x86_64 libwebp5-debuginfo-0.4.3-7.4.x86_64 libwebpdemux1-debuginfo-0.4.3-7.4.x86_64 libz1-debuginfo-1.2.8-10.1.x86_64
(gdb) where
#0  0x00007f4f6642c13b in __lll_lock_wait_private () from /lib64/libc.so.6
#1  0x00007f4f663b162a in malloc () from /lib64/libc.so.6
#2  0x00007f4f6676fe38 in operator new(unsigned long) () from /usr/lib64/libstdc++.so.6
#3  0x00007f4f67def65d in QQmlProperty::QQmlProperty (this=0x7fff69aefa20, obj=0x20f7b70, name=...) at /usr/src/debug/qtdeclarative-opensource-src-5.8.0/src/qml/qml/qqmlproperty.cpp:190
#4  0x000000000040c65e in ScreenLocker::UnlockApp::setLockedPropertyOnViews (this=<optimized out>) at /usr/src/debug/kscreenlocker-5.9.4/greeter/greeterapp.cpp:414
#5  <signal handler called>
#6  0x00007f4f663aead7 in _int_free () from /lib64/libc.so.6
#7  0x00007f4f607cd097 in QDBusUtil::isValidBusName(QString const&) () from /usr/lib64/libQt5DBus.so.5
#8  0x00007f4f607ba99a in QDBusMessagePrivate::toDBusMessage(QDBusMessage const&, QFlags<QDBusConnection::ConnectionCapability>, QDBusError*) () from /usr/lib64/libQt5DBus.so.5
#9  0x00007f4f607b5151 in QDBusConnectionPrivate::sendWithReplyAsync(QDBusMessage const&, QObject*, char const*, char const*, int) () from /usr/lib64/libQt5DBus.so.5
#10 0x00007f4f607a3588 in QDBusConnection::asyncCall(QDBusMessage const&, int) const () from /usr/lib64/libQt5DBus.so.5
#11 0x00007f4f52ca7b5e in Solid::Backends::UPower::UPowerDevice::allProperties (this=this@entry=0x7fff69af0490) at /usr/src/debug/solid-5.32.0/src/solid/devices/backends/upower/upowerdevice.cpp:208
#12 0x00007f4f52ca83fd in Solid::Backends::UPower::UPowerDevice::checkCache (this=0x7fff69af0490, key=...) at /usr/src/debug/solid-5.32.0/src/solid/devices/backends/upower/upowerdevice.cpp:175
#13 0x00007f4f52ca88ac in Solid::Backends::UPower::UPowerDevice::prop (this=this@entry=0x7fff69af0490, key=...) at /usr/src/debug/solid-5.32.0/src/solid/devices/backends/upower/upowerdevice.cpp:193
#14 0x00007f4f52ca8946 in Solid::Backends::UPower::UPowerDevice::queryDeviceInterface (this=this@entry=0x7fff69af0490, type=@0x7fff69af043c: Solid::DeviceInterface::Battery)
    at /usr/src/debug/solid-5.32.0/src/solid/devices/backends/upower/upowerdevice.cpp:87
#15 0x00007f4f52ca5c0f in Solid::Backends::UPower::UPowerManager::devicesFromQuery (this=0x1e24400, parentUdi=..., type=Solid::DeviceInterface::Battery) at /usr/src/debug/solid-5.32.0/src/solid/devices/backends/upower/upowermanager.cpp:129
#16 0x00007f4f52c7a87e in Solid::Device::listFromType (type=@0x7fff69af0640: Solid::DeviceInterface::Battery, parentUdi=...) at /usr/src/debug/solid-5.32.0/src/solid/devices/frontend/devicemanager.cpp:115
#17 0x00007f4f3298e4b4 in PowermanagementEngine::updateOverallBattery (this=this@entry=0x18dc530) at /usr/src/debug/plasma-workspace-5.9.4/dataengines/powermanagement/powermanagementengine.cpp:466
#18 0x00007f4f3298f4e3 in PowermanagementEngine::updateBatteryChargeState (this=0x18dc530, newState=3, udi=...) at /usr/src/debug/plasma-workspace-5.9.4/dataengines/powermanagement/powermanagementengine.cpp:405
#19 0x00007f4f66cf071c in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#20 0x00007f4f52cdacc6 in Solid::Battery::chargeStateChanged (this=<optimized out>, _t1=3, _t2=...) at /usr/src/debug/solid-5.32.0/build/src/solid/KF5Solid_automoc.dir/moc_battery_NAL3HI7VHR2LZV.cpp:474
#21 0x00007f4f52cdd6c7 in Solid::Battery::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>)
    at /usr/src/debug/solid-5.32.0/build/src/solid/KF5Solid_automoc.dir/moc_battery_NAL3HI7VHR2LZV.cpp:240
#22 0x00007f4f66cf00d5 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#23 0x00007f4f52cda816 in Solid::Backends::UPower::Battery::chargeStateChanged (this=<optimized out>, _t1=3, _t2=...) at /usr/src/debug/solid-5.32.0/build/src/solid/KF5Solid_automoc.dir/moc_upowerbattery_UEQNREVPUFDZQ4.cpp:336
#24 0x00007f4f52cabd8e in Solid::Backends::UPower::Battery::slotChanged (this=0x2136a20) at /usr/src/debug/solid-5.32.0/src/solid/devices/backends/upower/upowerbattery.cpp:250
#25 0x00007f4f52cdca2d in Solid::Backends::UPower::Battery::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>)
    at /usr/src/debug/solid-5.32.0/build/src/solid/KF5Solid_automoc.dir/moc_upowerbattery_UEQNREVPUFDZQ4.cpp:157
#26 0x00007f4f66cf00d5 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#27 0x00007f4f52ce3ce3 in Solid::Backends::UPower::UPowerDevice::qt_metacall (this=0x20973a0, _c=QMetaObject::InvokeMetaMethod, _id=<optimized out>, _a=0x7fff69af0d90)
    at /usr/src/debug/solid-5.32.0/build/src/solid/KF5Solid_automoc.dir/moc_upowerdevice_QA2DYM42M6DFDP.cpp:136
#28 0x00007f4f607ae49b in QDBusConnectionPrivate::deliverCall(QObject*, int, QDBusMessage const&, QVector<int> const&, int) () from /usr/lib64/libQt5DBus.so.5
#29 0x00007f4f66cf1886 in QObject::event(QEvent*) () from /usr/lib64/libQt5Core.so.5
#30 0x00007f4f66cc830c in QCoreApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQt5Core.so.5
#31 0x00007f4f66cc8245 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib64/libQt5Core.so.5
#32 0x00007f4f66cca2a3 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib64/libQt5Core.so.5
#33 0x00007f4f66d17043 in postEventSourceDispatch(_GSource*, int (*)(void*), void*) () from /usr/lib64/libQt5Core.so.5
#34 0x00007f4f628b7134 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#35 0x00007f4f628b7388 in ?? () from /usr/lib64/libglib-2.0.so.0
#36 0x00007f4f628b742c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#37 0x00007f4f66d1688c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#38 0x00007f4f66cc66ab in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#39 0x00007f4f66cce344 in QCoreApplication::exec() () from /usr/lib64/libQt5Core.so.5
#40 0x0000000000409bf4 in main (argc=6, argv=<optimized out>) at /usr/src/debug/kscreenlocker-5.9.4/greeter/main.cpp:181
(gdb) kill
Kill the program being debugged? (y or n) y
(gdb) quit

Script done on Mon Apr 10 08:30:49 2017
Comment 6 Martin Flöser 2017-04-10 14:51:21 UTC
reassigning to powerdevil as it seems to be inside upower dbus handling
Comment 7 rlk 2017-04-21 15:29:49 UTC
Still happens with kscreenlocker (and powerdevil) 5.9.4.

It's rare, so I can't reproduce it reliably.  And I don't have the debuginfo packages -- my normal source for KDE packages doesn't have the debuginfo packages so I have to go back to download.opensuse.org and download them specially for doing this.
Comment 8 David Edmundson 2017-04-21 16:55:33 UTC
How on Earth do we get from:


#7  0x00007f4f607cd097 in QDBusUtil::isValidBusName(QString const&) () from /usr/lib64/libQt5DBus.so.5

to 

#4  0x000000000040c65e in ScreenLocker::UnlockApp::setLockedPropertyOnViews (this=<optimized out>) at /usr/src/debug/kscreenlocker-5.9.4/greeter/greeterapp.cpp:414


isValidBusName is just a string check making sure it's "foo.bar.blah" It can't call or emit anything, no nested event loops or anything.


The ony thing this means is that we have a corrupt backtrace.

This could be beause the debug symboles were installed badly and refer to a different version - or we have some code smashing the stack. 

Also note that the two backtraces are actually different. The first is in QDBusServiceWatcher::QDBusServiceWatcher, which the second isn't in.
Comment 9 Martin Flöser 2017-04-21 17:21:31 UTC
or another explanation could be memory corruption or even defect RAM.
Comment 10 rlk 2017-04-21 17:45:32 UTC
Note that frame 5 is a signal handler, so it's hardly surprising that frame 4 and frame 7 are unrelated.

I don't know this code, but it sure looks to me like something (in the second trace, isValidBusName; in the first case, probably something different but I didn't have debug symbols installed) was in the middle of free'ing something, during which time kscreenlocker_greet() received a signal, and the signal handler did a new QQmlProperty while the memory allocator was locked by the free() called synchronously above it, so we have a deadlock.

My own guess -- and obviously this isn't my code -- is that something in kscreenlocker_greet has set a signal handler (possibly a timeout) that is allocating memory -- a no-no, unless you're using a re-entrant version of malloc.

I'm pretty certain I had the right -debuginfo packages installed; rpm does the version checking quite well.  And I don't think it's bad memory either; the problem is consistently within the signal handler within kscreenlocker_greet, and I don't see any other indications of bad memory on the system.
Comment 11 Martin Flöser 2017-04-22 05:48:13 UTC
In the case of sigusr1 it could happen that memory gets allocated from the signal handler.
Comment 12 Martin Flöser 2017-04-22 06:04:29 UTC
Assuming the signal handler is the reason the steps to reproduce are:
Let screen lock through idle timeout and during grace period lock the screen through shortcut
Comment 13 rlk 2017-04-22 15:41:40 UTC
That's not likely what happened here; this most often happens overnight when I had shut the laptop's lid, and it's not right after I shut it either (I have my lid set to lock when shut, not suspend).

I wasn't able to induce this behavior.  The problem is that the lock sequence must consist of at least two keys (main key and modifier), and as soon as one of the keys is touched during the grace period, the screen unlocks.
Comment 14 rlk 2017-05-02 00:58:15 UTC
Happened again:

#0  0x00007ff984e2d13b in __lll_lock_wait_private () from /lib64/libc.so.6
#1  0x00007ff984db262a in malloc () from /lib64/libc.so.6
#2  0x00007ff985170e38 in operator new(unsigned long) () from /usr/lib64/libstdc++.so.6
#3  0x00007ff9867f065d in QQmlProperty::QQmlProperty(QObject*, QString const&) () from /usr/lib64/libQt5Qml.so.5
#4  0x000000000040c65e in ?? ()
#5  <signal handler called>
#6  0x00007ff984daf0b6 in _int_free () from /lib64/libc.so.6
#7  0x00007ff984db1980 in _int_realloc () from /lib64/libc.so.6
#8  0x00007ff984db2daf in realloc () from /lib64/libc.so.6
#9  0x00007ff985590897 in QString::reallocData(unsigned int, bool) () from /usr/lib64/libQt5Core.so.5
#10 0x00007ff9855910d4 in QString::append(QString const&) () from /usr/lib64/libQt5Core.so.5
#11 0x00007ff97f1aa292 in ?? () from /usr/lib64/libQt5DBus.so.5
#12 0x00007ff97f1ac253 in ?? () from /usr/lib64/libQt5DBus.so.5
#13 0x00007ff97f1ac464 in ?? () from /usr/lib64/libQt5DBus.so.5
#14 0x00007ff97f1a4013 in QDBusConnection::connect(QString const&, QString const&, QString const&, QString const&, QObject*, char const*) () from /usr/lib64/libQt5DBus.so.5
#15 0x00007ff97582212b in ?? () from /usr/lib64/libKF5Solid.so.5
#16 0x00007ff97581ec04 in ?? () from /usr/lib64/libKF5Solid.so.5
#17 0x00007ff9757f387e in Solid::Device::listFromType(Solid::DeviceInterface::Type const&, QString const&) () from /usr/lib64/libKF5Solid.so.5
#18 0x00007ff9513a24b4 in ?? () from /usr/lib64/qt5/plugins/plasma/dataengine/plasma_engine_powermanagement.so
#19 0x00007ff9513a3255 in ?? () from /usr/lib64/qt5/plugins/plasma/dataengine/plasma_engine_powermanagement.so
#20 0x00007ff9856f171c in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#21 0x00007ff975853c06 in Solid::Battery::chargePercentChanged(int, QString const&) () from /usr/lib64/libKF5Solid.so.5
#22 0x00007ff975856817 in ?? () from /usr/lib64/libKF5Solid.so.5
#23 0x00007ff9856f10d5 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#24 0x00007ff975853726 in ?? () from /usr/lib64/libKF5Solid.so.5
#25 0x00007ff975824c5d in ?? () from /usr/lib64/libKF5Solid.so.5
#26 0x00007ff975855a2d in ?? () from /usr/lib64/libKF5Solid.so.5
#27 0x00007ff9856f10d5 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#28 0x00007ff97585cce3 in ?? () from /usr/lib64/libKF5Solid.so.5
#29 0x00007ff97f1ae49b in ?? () from /usr/lib64/libQt5DBus.so.5
#30 0x00007ff9856f2886 in QObject::event(QEvent*) () from /usr/lib64/libQt5Core.so.5
#31 0x00007ff9856c930c in QCoreApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQt5Core.so.5
#32 0x00007ff9856c9245 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib64/libQt5Core.so.5
#33 0x00007ff9856cb2a3 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib64/libQt5Core.so.5
#34 0x00007ff985718043 in ?? () from /usr/lib64/libQt5Core.so.5
#35 0x00007ff9812b9134 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#36 0x00007ff9812b9388 in ?? () from /usr/lib64/libglib-2.0.so.0
#37 0x00007ff9812b942c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#38 0x00007ff98571788c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#39 0x00007ff9856c76ab in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#40 0x00007ff9856cf344 in QCoreApplication::exec() () from /usr/lib64/libQt5Core.so.5
#41 0x0000000000409bf4 in ?? ()
#42 0x00007ff984d576e5 in __libc_start_main () from /lib64/libc.so.6
#43 0x0000000000409e49 in _start ()

Again, I don't know this code, but there are some commonalities about the stack traces:

1) They're always in a signal handler that's invoking QQmlProperty::QQmlProperty, allocating memory.

2) Above the signal handler, they're allocating or freeing memory (not really all that surprising; most versions of malloc aren't re-entrant).

3) Above that there are a variety of things, but they all seem to happen from Solid::Battery::chargePercentChanged or Solid::Battery::chargeStateChanged.

In this case -- it hasn't always been true -- I had just driven home from work with the laptop suspended, so the battery would have run down a bit.  I had plugged it back in, resumed it, checked email, and then shut the lid (locking the screen, but not suspending the laptop).  The hang happened about 10 minutes after I first resumed it, so it's certainly possible that the laptop's charge percent might have changed.  In other cases, though, it happened overnight, when the laptop was surely fully charged.  That doesn't guarantee that the charge state isn't changing, though.
Comment 15 rlk 2017-05-02 18:48:21 UTC
And another one, involving chargePercentChanged.  The laptop had been on AC for an extended period of time prior, and was likely at 100% charged, but that doesn't mean that ACPI can't report changes.

Installing all of the debuginfo packages is a pain, but would installing the debuginfo for libKF5Solid alone be helpful?

#0  0x00007ff626da413b in __lll_lock_wait_private () from /lib64/libc.so.6
#1  0x00007ff626d2962a in malloc () from /lib64/libc.so.6
#2  0x00007ff6270e7e38 in operator new(unsigned long) () from /usr/lib64/libstdc++.so.6
#3  0x00007ff62876765d in QQmlProperty::QQmlProperty(QObject*, QString const&) () from /usr/lib64/libQt5Qml.so.5
#4  0x000000000040c65e in ?? ()
#5  <signal handler called>
#6  0x00007ff626d26634 in _int_free () from /lib64/libc.so.6
#7  0x00007ff621144097 in QDBusUtil::isValidBusName(QString const&) () from /usr/lib64/libQt5DBus.so.5
#8  0x00007ff62111a721 in QDBusConnection::connect(QString const&, QString const&, QString const&, QString const&, QStringList const&, QString const&, QObject*, char const*) () from /usr/lib64/libQt5DBus.so.5
#9  0x00007ff62111b013 in QDBusConnection::connect(QString const&, QString const&, QString const&, QString const&, QObject*, char const*) () from /usr/lib64/libQt5DBus.so.5
#10 0x00007ff6135ee28a in ?? () from /usr/lib64/libKF5Solid.so.5
#11 0x00007ff6135eac04 in ?? () from /usr/lib64/libKF5Solid.so.5
#12 0x00007ff6135bf87e in Solid::Device::listFromType(Solid::DeviceInterface::Type const&, QString const&) () from /usr/lib64/libKF5Solid.so.5
#13 0x00007ff5f83324b4 in ?? () from /usr/lib64/qt5/plugins/plasma/dataengine/plasma_engine_powermanagement.so
#14 0x00007ff5f8333255 in ?? () from /usr/lib64/qt5/plugins/plasma/dataengine/plasma_engine_powermanagement.so
#15 0x00007ff62766871c in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#16 0x00007ff61361fc06 in Solid::Battery::chargePercentChanged(int, QString const&) () from /usr/lib64/libKF5Solid.so.5
#17 0x00007ff613622817 in ?? () from /usr/lib64/libKF5Solid.so.5
#18 0x00007ff6276680d5 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#19 0x00007ff61361f726 in ?? () from /usr/lib64/libKF5Solid.so.5
#20 0x00007ff6135f0c5d in ?? () from /usr/lib64/libKF5Solid.so.5
#21 0x00007ff613621a2d in ?? () from /usr/lib64/libKF5Solid.so.5
#22 0x00007ff6276680d5 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/lib64/libQt5Core.so.5
#23 0x00007ff613628ce3 in ?? () from /usr/lib64/libKF5Solid.so.5
#24 0x00007ff62112549b in ?? () from /usr/lib64/libQt5DBus.so.5
#25 0x00007ff627669886 in QObject::event(QEvent*) () from /usr/lib64/libQt5Core.so.5
#26 0x00007ff62764030c in QCoreApplication::notify(QObject*, QEvent*) () from /usr/lib64/libQt5Core.so.5
#27 0x00007ff627640245 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /usr/lib64/libQt5Core.so.5
#28 0x00007ff6276422a3 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib64/libQt5Core.so.5
#29 0x00007ff62768f043 in ?? () from /usr/lib64/libQt5Core.so.5
#30 0x00007ff623230134 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
#31 0x00007ff623230388 in ?? () from /usr/lib64/libglib-2.0.so.0
#32 0x00007ff62323042c in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
#33 0x00007ff62768e88c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#34 0x00007ff62763e6ab in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/libQt5Core.so.5
#35 0x00007ff627646344 in QCoreApplication::exec() () from /usr/lib64/libQt5Core.so.5
#36 0x0000000000409bf4 in ?? ()
#37 0x00007ff626cce6e5 in __libc_start_main () from /lib64/libc.so.6
#38 0x0000000000409e49 in _start ()
Comment 16 rlk 2017-05-22 15:32:50 UTC
Happened again in charge_state_changed.

This *may* have been at the time my laptop reached full charge but I have no logs.
Comment 17 Justin Zobel 2022-11-06 09:24:40 UTC
Thank you for reporting this issue in KDE software. As it has been a while since this issue was reported, can we please ask you to see if you can reproduce the issue with a recent software version?

If you can reproduce the issue, please change the status to "REPORTED" when replying. Thank you!
Comment 18 rlk 2022-11-06 14:07:42 UTC
This has not happened to me in quite some time.  I'm fine with it being closed.
Comment 19 Nate Graham 2022-11-06 15:54:33 UTC
Cool, thanks for following up!