When the kscreen kcm on wayland gets closed (by closing systemsettings or switching to a different module), systemsettings5 dies with a wayland protocol error. When instead of closing the kcm you go back and open the kcm again (sometimes multiple attempts are necessary), the whole session dies as kwin_wayland crashes. #0 0x00007ffff71f61f0 in KWayland::Server::SurfaceInterface::d_func() const (this=0x0) at /usr/src/debug/kwayland-5.41.0/src/server/surface_interface.cpp:884 #1 0x00007ffff71fbd5f in KWayland::Server::SubSurfaceInterface::mainSurface() const (this=<optimized out>) at /usr/src/debug/kwayland-5.41.0/src/server/subcompositor_interface.cpp:363 #2 0x00007ffff71fbe1a in KWayland::Server::SubSurfaceInterface::mainSurface() const (this=<optimized out>) at /usr/src/debug/kwayland-5.41.0/src/server/subcompositor_interface.cpp:364 #3 0x00007ffff71fbe1a in KWayland::Server::SubSurfaceInterface::mainSurface() const (this=<optimized out>) at /usr/src/debug/kwayland-5.41.0/src/server/subcompositor_interface.cpp:364 #4 0x00007ffff71fbe1a in KWayland::Server::SubSurfaceInterface::mainSurface() const (this=<optimized out>) at /usr/src/debug/kwayland-5.41.0/src/server/subcompositor_interface.cpp:364 #5 0x00007ffff71fbe1a in KWayland::Server::SubSurfaceInterface::mainSurface() const (this=<optimized out>) at /usr/src/debug/kwayland-5.41.0/src/server/subcompositor_interface.cpp:364 #6 0x00007ffff71fbe1a in KWayland::Server::SubSurfaceInterface::mainSurface() const (this=<optimized out>) at /usr/src/debug/kwayland-5.41.0/src/server/subcompositor_interface.cpp:364 #7 0x00007ffff71fbe1a in KWayland::Server::SubSurfaceInterface::mainSurface() const (this=<optimized out>) at /usr/src/debug/kwayland-5.41.0/src/server/subcompositor_interface.cpp:364 #8 0x00007ffff71fbe1a in KWayland::Server::SubSurfaceInterface::mainSurface() const (this=<optimized out>) at /usr/src/debug/kwayland-5.41.0/src/server/subcompositor_interface.cpp:364 #9 0x00007ffff71fbe1a in KWayland::Server::SubSurfaceInterface::mainSurface() const (this=<optimized out>) at /usr/src/debug/kwayland-5.41.0/src/server/subcompositor_interface.cpp:364 #10 0x00007ffff71fbe1a in KWayland::Server::SubSurfaceInterface::mainSurface() const (this=<optimized out>) at /usr/src/debug/kwayland-5.41.0/src/server/subcompositor_interface.cpp:364 #11 0x00007ffff71f95bb in KWayland::Server::SurfaceInterface::Private::swapStates(KWayland::Server::SurfaceInterface::Private::State*, KWayland::Server::SurfaceInterface::Private::State*, bool) (this=this@entry=0x555556772db0, source=source@entry=0x555556772e80, target=target@entry=0x555556772df0, emitChanged=emitChanged@entry=true) at /usr/src/debug/kwayland-5.41.0/src/server/surface_interface.cpp:456 #12 0x00007ffff71f968e in KWayland::Server::SurfaceInterface::Private::commit() (this=0x555556772db0) at /usr/src/debug/kwayland-5.41.0/src/server/surface_interface.cpp:494 #13 0x00007fffe793b6bd in () at /usr/lib64/libffi.so.7 #14 0x00007fffe793abcf in () at /usr/lib64/libffi.so.7 #15 0x00007fffee6320ab in () at /usr/lib64/libwayland-server.so.0 #16 0x00007fffee62e8ef in () at /usr/lib64/libwayland-server.so.0 #17 0x00007fffee630282 in wl_event_loop_dispatch () at /usr/lib64/libwayland-server.so.0 #18 0x00007ffff71cdf6e in KWayland::Server::Display::Private::dispatch() (this=<optimized out>) at /usr/src/debug/kwayland-5.41.0/src/server/display.cpp:137 #19 0x00007ffff5e04ebc in QMetaObject::activate(QObject*, int, int, void**) () at /usr/lib64/libQt5Core.so.5
moving to kwayland as the complete backtrace is in kwayland. I think the two issues are very related. Systemsettings (or more likely Qt) does something fishy resulting in the one case in KWayland killing the connection and once in KWayland crashing. First is OK, latter of course not.
So from the backtrace it looks like we have a sub-surface tree which doesn't have a parent anymore. I can implement a patch, but so far I didn't succeed in reproducing the issue.
Patch at https://phabricator.kde.org/D10300
*** Bug 389696 has been marked as a duplicate of this bug. ***
Git commit d38825d934e4d0b656495851fdf9a0d2fc247449 by Martin Flöser. Committed on 07/02/2018 at 18:41. Pushed by graesslin into branch 'master'. [server] Don't crash when a subsurface gets commited whose parent surface got destroyed Summary: Qt seems to damage and commit child subsurfaces although their parent got destroyed. This actually doesn't make any sense as without a parent surface they cannot be shown. But nevertheless we should not crash in such a situation. This change guards the places in the commit handling code where the parent gets accessed. Test Plan: New test case which exposes the problem Reviewers: #frameworks, #kwin, #plasma Subscribers: plasma-devel Tags: #plasma, #frameworks Differential Revision: https://phabricator.kde.org/D10300 M +47 -0 autotests/client/test_wayland_subsurface.cpp M +3 -0 src/server/subcompositor_interface.cpp M +5 -2 src/server/surface_interface.cpp https://commits.kde.org/kwayland/d38825d934e4d0b656495851fdf9a0d2fc247449