424255 – kwin_wayland crashes when closing window

Bug 424255 - kwin_wayland crashes when closing window

Summary: kwin_wayland crashes when closing window

Status:	RESOLVED FIXED

Alias:	None

Product:	kwin
Classification:	Plasma
Component:	wayland-generic (other bugs)
Version First Reported In:	git master
Platform:	Other Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	KWin default assignee

URL:
Keywords:

Depends on:
Blocks:

Reported:	2020-07-15 19:53 UTC by Nicolas Fella
Modified:	2020-07-16 14:33 UTC (History)
CC List:	0 users

See Also:
Latest Commit:	https://invent.kde.org/plasma/kwin/commit/4a6badc22c88a30b10b4e288728981f225cba728
Version Fixed/Implemented In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Nicolas Fella 2020-07-15 19:53:38 UTC

It appears to be happening when I close a window (usually kclock).

SOFTWARE/OS VERSIONS

KDE stuff from master, Qt from 5.15 branch

#0  0x00007fdffd036914 in QScopedPointer<KWaylandServer::SurfaceInterfacePrivate, QScopedPointerDeleter<KWaylandServer::SurfaceInterfacePrivate> >::operator->() const (this=0x10)
    at /home/nico/kde/usr/include/QtCore/qscopedpointer.h:118
#1  0x00007fdffd0305e5 in KWaylandServer::SurfaceInterface::client() const (this=0x0) at /home/nico/kde/src/kwayland-server/src/server/surface_interface.cpp:407
#2  0x00007fdfff16bdad in KWin::WaylandClient::isLockScreen() const (this=0x56336f7d9aa0) at /home/nico/kde/src/kwin/waylandclient.cpp:110
#3  0x00007fdffef55f33 in KWin::AbstractClient::belongsToLayer() const (this=0x56336f7d9aa0) at /home/nico/kde/src/kwin/abstract_client.cpp:278
#4  0x00007fdffef55d83 in KWin::AbstractClient::updateLayer() (this=0x56336f7d9aa0) at /home/nico/kde/src/kwin/abstract_client.cpp:247
#5  0x00007fdfff05b2ab in KWin::Workspace::updateClientLayer(KWin::AbstractClient*) (this=0x56336e9e6b80, c=0x56336f7d9aa0) at /home/nico/kde/src/kwin/layers.cpp:111
#6  0x00007fdffef55bd0 in KWin::AbstractClient::setActive(bool) (this=0x56336f7d9aa0, act=false) at /home/nico/kde/src/kwin/abstract_client.cpp:221
#7  0x00007fdffef7a678 in KWin::Workspace::setActiveClient(KWin::AbstractClient*) (this=0x56336e9e6b80, c=0x0) at /home/nico/kde/src/kwin/activation.cpp:244
#8  0x00007fdffef7b30a in KWin::Workspace::activateNextClient(KWin::AbstractClient*) (this=0x56336e9e6b80, c=0x56336f7d9aa0) at /home/nico/kde/src/kwin/activation.cpp:451
#9  0x00007fdffef7b0be in KWin::Workspace::clientHidden(KWin::AbstractClient*) (this=0x56336e9e6b80, c=0x56336f7d9aa0) at /home/nico/kde/src/kwin/activation.cpp:415
#10 0x00007fdfff17383b in KWin::Workspace::removeShellClient(KWin::AbstractClient*) (this=0x56336e9e6b80, client=0x56336f7d9aa0) at /home/nico/kde/src/kwin/workspace.cpp:778
#11 0x00007fdfff190315 in QtPrivate::FunctorCall<QtPrivate::IndexesList<0>, QtPrivate::List<KWin::AbstractClient*>, void, void (KWin::Workspace::*)(KWin::AbstractClient*)>::call(void (KWin::Workspace::*)(KWin::AbstractClient*), KWin::Workspace*, void**) (f=
    (void (KWin::Workspace::*)(KWin::Workspace * const, KWin::AbstractClient *)) 0x7fdfff17372c <KWin::Workspace::removeShellClient(KWin::AbstractClient*)>, o=0x56336e9e6b80, arg=0x7ffd59c02170)
    at /home/nico/kde/usr/include/QtCore/qobjectdefs_impl.h:152
#12 0x00007fdfff18df31 in QtPrivate::FunctionPointer<void (KWin::Workspace::*)(KWin::AbstractClient*)>::call<QtPrivate::List<KWin::AbstractClient*>, void>(void (KWin::Workspace::*)(KWin::AbstractClient*), KWin::Workspace*, void**) (f=
    (void (KWin::Workspace::*)(KWin::Workspace * const, KWin::AbstractClient *)) 0x7fdfff17372c <KWin::Workspace::removeShellClient(KWin::AbstractClient*)>, o=0x56336e9e6b80, arg=0x7ffd59c02170)
    at /home/nico/kde/usr/include/QtCore/qobjectdefs_impl.h:185
#13 0x00007fdfff18c65f in QtPrivate::QSlotObject<void (KWin::Workspace::*)(KWin::AbstractClient*), QtPrivate::List<KWin::AbstractClient*>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*)
    (which=1, this_=0x56336f0b1f80, r=0x56336e9e6b80, a=0x7ffd59c02170, ret=0x0) at /home/nico/kde/usr/include/QtCore/qobjectdefs_impl.h:418
#14 0x00007fdffbbc2ef6 in QtPrivate::QSlotObjectBase::call(QObject*, void**) (a=0x7ffd59c02170, r=0x56336e9e6b80, this=0x56336f0b1f80) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#15 doActivate<false>(QObject*, int, void**) (sender=0x56336e66a4b0, signal_index=4, argv=0x7ffd59c02170) at kernel/qobject.cpp:3886
#16 0x00007fdffef42ea2 in KWin::WaylandServer::shellClientRemoved(KWin::AbstractClient*) (this=0x56336e66a4b0, _t1=0x56336f7d9aa0) at kwin_autogen/EWIEGA46WW/moc_wayland_server.cpp:190
#17 0x00007fdfff15f5c5 in KWin::WaylandServer::removeClient(KWin::AbstractClient*) (this=0x56336e66a4b0, c=0x56336f7d9aa0) at /home/nico/kde/src/kwin/wayland_server.cpp:696
#18 0x00007fdfff1bb356 in KWin::XdgSurfaceClient::destroyClient() (this=0x56336f7d9aa0) at /home/nico/kde/src/kwin/xdgshellclient.cpp:587
#19 0x00007fdfff1c979c in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (KWin::XdgSurfaceClient::*)()>::call(void (KWin::XdgSurfaceClient::*)(), KWin::XdgSurfaceClient*, void**)
    (f=&virtual table offset 880, o=0x56336f7d9aa0, arg=0x7ffd59c023b0) at /home/nico/kde/usr/include/QtCore/qobjectdefs_impl.h:152
#20 0x00007fdfff1c8cb7 in QtPrivate::FunctionPointer<void (KWin::XdgSurfaceClient::*)()>::call<QtPrivate::List<>, void>(void (KWin::XdgSurfaceClient::*)(), KWin::XdgSurfaceClient*, void**)
    (f=&virtual table offset 880, o=0x56336f7d9aa0, arg=0x7ffd59c023b0) at /home/nico/kde/usr/include/QtCore/qobjectdefs_impl.h:185
#21 0x00007fdfff1c7b75 in QtPrivate::QSlotObject<void (KWin::XdgSurfaceClient::*)(), QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*)
    (which=1, this_=0x56336f8455a0, r=0x56336f7d9aa0, a=0x7ffd59c023b0, ret=0x0) at /home/nico/kde/usr/include/QtCore/qobjectdefs_impl.h:418
#22 0x00007fdffbbc2ef6 in QtPrivate::QSlotObjectBase::call(QObject*, void**) (a=0x7ffd59c023b0, r=0x56336f7d9aa0, this=0x56336f8455a0) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#23 doActivate<false>(QObject*, int, void**) (sender=0x56336f86b870, signal_index=0, argv=argv@entry=0x7ffd59c023b0) at kernel/qobject.cpp:3886
#24 0x00007fdffbbbc250 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**)
    (sender=sender@entry=0x56336f86b870, m=m@entry=0x7fdffbe528a0 <QObject::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd59c023b0) at kernel/qobject.cpp:3946
#25 0x00007fdffbbbc2ff in QObject::destroyed(QObject*) (this=this@entry=0x56336f86b870, _t1=<optimized out>, _t1@entry=0x56336f86b870) at .moc/moc_qobject.cpp:219
#26 0x00007fdffbbc127d in QObject::~QObject() (this=<optimized out>, __in_chrg=<optimized out>) at kernel/qobject.cpp:992
#27 0x00007fdffd030576 in KWaylandServer::SurfaceInterface::~SurfaceInterface() (this=0x56336f86b870, __in_chrg=<optimized out>) at /home/nico/kde/src/kwayland-server/src/server/surface_interface.cpp:396
#28 0x00007fdffd030592 in KWaylandServer::SurfaceInterface::~SurfaceInterface() (this=0x56336f86b870, __in_chrg=<optimized out>) at /home/nico/kde/src/kwayland-server/src/server/surface_interface.cpp:398
#29 0x00007fdffd02fe32 in KWaylandServer::SurfaceInterfacePrivate::surface_destroy_resource(QtWaylandServer::wl_surface::Resource*) (this=0x56336f88a4f0)
    at /home/nico/kde/src/kwayland-server/src/server/surface_interface.cpp:288
#30 0x00007fdffd06110a in QtWaylandServer::wl_surface::destroy_func(wl_resource*) (client_resource=0x56336f8222d0) at src/server/qwayland-server-wayland.cpp:2720
#31 0x00007fdffa823e90 in  () at /usr/lib/libwayland-server.so.0

Comment 1 David Edmundson 2020-07-16 13:43:49 UTC

Git commit e925f98effaab144726e61fbaca2eb2434001172 by David Edmundson.
Committed on 15/07/2020 at 21:55.
Pushed by davidedmundson into branch 'master'.

Cache clientConnection in SurfaceInterface

Order of a client teardown is:
 - ClientConnection is removed from the static map
 - All our client owned resources are torn down
 - ClientConnection is deleted (via a previous deleteLater)

The recent refactor led to a behavioural change where ::client could
return a null pointer.

We want the client getter to be valid throughout the lifespan of
SurfaceInterface, by doing the lookup once we achieve that.

M  +2    -1    src/server/surface_interface.cpp
M  +2    -0    src/server/surface_interface_p.h

https://invent.kde.org/plasma/kwayland-server/commit/e925f98effaab144726e61fbaca2eb2434001172

Comment 2 Vlad Zahorodnii 2020-07-16 14:33:15 UTC

Git commit 4a6badc22c88a30b10b4e288728981f225cba728 by Vlad Zahorodnii.
Committed on 16/07/2020 at 14:04.
Pushed by vladz into branch 'master'.

Ignore setActive() for windows that are being deleted

We may call setActive() on a window that is being deleted. We cannot
guarantee that at that moment the X11 window or the Wayland surface is
still valid. So, the best course of actions is to do nothing.

M  +14   -0    abstract_client.cpp
M  +3    -0    abstract_client.h
M  +1    -0    internal_client.cpp
M  +6    -9    x11client.cpp
M  +0    -1    x11client.h
M  +6    -11   xdgshellclient.cpp
M  +0    -2    xdgshellclient.h

https://invent.kde.org/plasma/kwin/commit/4a6badc22c88a30b10b4e288728981f225cba728