Bug 435042 - kwin_wayland segfaults in KWin::Cursors::positionChanged() while recording via pipewire if mouse hovers over (close) button of window
Summary: kwin_wayland segfaults in KWin::Cursors::positionChanged() while recording vi...
Status: RESOLVED DUPLICATE of bug 448162
Alias: None
Product: kwin
Classification: Plasma
Component: wayland-generic (show other bugs)
Version: 5.21.3
Platform: Arch Linux Linux
: NOR crash
Target Milestone: ---
Assignee: KWin default assignee
URL:
Keywords:
: 447084 (view as bug list)
Depends on:
Blocks:
 
Reported: 2021-03-28 00:52 UTC by henry
Modified: 2022-02-14 09:45 UTC (History)
7 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description henry 2021-03-28 00:52:47 UTC 
SUMMARY

Streaming my screen under wayland using https://github.com/H-M-H/Weylus/tree/0d85438a06965ff62d18c4a62fad1a13c03d112a kwin_wayland crashes once the mouse hovers over the close button of any window, so far I have not tried other ways to produce a crash but hovering the mouse like that reliably crashes kwin.

STEPS TO REPRODUCE

Run above program, open http://127.0.0.1:1701 with firefox, choose to share the desktop, set frame interval to 0 and finally hover the mouse over any window button.

OBSERVED RESULT

kwin_wayland crashes with the following backtrace:

Signal: 11 (SEGV)
Timestamp: Sun 2021-03-28 01:24:31 CET (26s ago)
Command Line: kwin_wayland --wayland_fd 4 --xwayland /usr/lib/startplasma-waylandsession
Executable: /usr/bin/kwin_wayland


Thread 15 (Thread 0x7f12d6e4b640 (LWP 2569)):
#0  0x00007f13b64df39e in epoll_wait () at /usr/lib/libc.so.6
#1  0x00007f12ebf0fed1 in  () at /usr/lib/spa-0.2/support/libspa-support.so
#2  0x00007f12ebf06154 in  () at /usr/lib/spa-0.2/support/libspa-support.so
#3  0x00007f13b67c2070 in  () at /usr/lib/libpipewire-0.3.so.0
#4  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#5  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 14 (Thread 0x7f12f14e7640 (LWP 1311)):
#0  0x00007f13b64d437f in poll () at /usr/lib/libc.so.6
#1  0x00007f13b584f9d8 in  () at /usr/lib/libglib-2.0.so.0
#2  0x00007f13b57f96f1 in g_main_context_iteration () at /usr/lib/libglib-2.0.so.0
#3  0x00007f13b7e83691 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5                                                                                                   
#4  0x00007f13b7e293ac in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#5  0x00007f13b7c41d12 in QThread::exec() () at /usr/lib/libQt5Core.so.5
#6  0x00007f13b4bbe5a9 in  () at /usr/lib/libQt5Qml.so.5
#7  0x00007f13b7c42eff in  () at /usr/lib/libQt5Core.so.5
#8  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#9  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 13 (Thread 0x7f12f24ff640 (LWP 880)):
#0  0x00007f13b68529ba in __futex_abstimed_wait_common64 () at /usr/lib/libpthread.so.0
#1  0x00007f13b684c574 in pthread_cond_timedwait@@GLIBC_2.3.2 () at /usr/lib/libpthread.so.0
#2  0x00007f13b7c49048 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/libQt5Core.so.5
#3  0x00007f13b7c464f4 in  () at /usr/lib/libQt5Core.so.5
#4  0x00007f13b7c42eff in  () at /usr/lib/libQt5Core.so.5
#5  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#6  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 12 (Thread 0x7f137e7fe640 (LWP 879)):
#0  0x00007f13b68529ba in __futex_abstimed_wait_common64 () at /usr/lib/libpthread.so.0
#1  0x00007f13b684c260 in pthread_cond_wait@@GLIBC_2.3.2 () at /usr/lib/libpthread.so.0
#2  0x00007f13b569cfee in  () at /usr/lib/libQt5Script.so.5
#3  0x00007f13b569d019 in  () at /usr/lib/libQt5Script.so.5
#4  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#5  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 11 (Thread 0x7f137ffff640 (LWP 876)):
#0  0x00007f13b68529ba in __futex_abstimed_wait_common64 () at /usr/lib/libpthread.so.0
#1  0x00007f13b684c574 in pthread_cond_timedwait@@GLIBC_2.3.2 () at /usr/lib/libpthread.so.0
#2  0x00007f13b7c49048 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/libQt5Core.so.5
#3  0x00007f13b7c464f4 in  () at /usr/lib/libQt5Core.so.5
#4  0x00007f13b7c42eff in  () at /usr/lib/libQt5Core.so.5
#5  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#6  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 10 (Thread 0x7f139771f640 (LWP 871)):
#0  0x00007f13b68529ba in __futex_abstimed_wait_common64 () at /usr/lib/libpthread.so.0
#1  0x00007f13b684c260 in pthread_cond_wait@@GLIBC_2.3.2 () at /usr/lib/libpthread.so.0
#2  0x00007f13ac8fccec in  () at /usr/lib/dri/iris_dri.so
#3  0x00007f13ac8fb4c8 in  () at /usr/lib/dri/iris_dri.so
#4  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#5  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 9 (Thread 0x7f1397f20640 (LWP 870)):
#0  0x00007f13b68529ba in __futex_abstimed_wait_common64 () at /usr/lib/libpthread.so.0
#1  0x00007f13b684c260 in pthread_cond_wait@@GLIBC_2.3.2 () at /usr/lib/libpthread.so.0
#2  0x00007f13ac8fccec in  () at /usr/lib/dri/iris_dri.so
#3  0x00007f13ac8fb4c8 in  () at /usr/lib/dri/iris_dri.so
#4  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#5  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 8 (Thread 0x7f1396f1e640 (LWP 872)):
#0  0x00007f13b68529ba in __futex_abstimed_wait_common64 () at /usr/lib/libpthread.so.0
#1  0x00007f13b684c260 in pthread_cond_wait@@GLIBC_2.3.2 () at /usr/lib/libpthread.so.0
#2  0x00007f13ac8fccec in  () at /usr/lib/dri/iris_dri.so
#3  0x00007f13ac8fb4c8 in  () at /usr/lib/dri/iris_dri.so
#4  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#5  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 7 (Thread 0x7f13965dd640 (LWP 873)):
#0  0x00007f13b68529ba in __futex_abstimed_wait_common64 () at /usr/lib/libpthread.so.0
#1  0x00007f13b684c574 in pthread_cond_timedwait@@GLIBC_2.3.2 () at /usr/lib/libpthread.so.0
#2  0x00007f13b7c49048 in QWaitCondition::wait(QMutex*, QDeadlineTimer) () at /usr/lib/libQt5Core.so.5
#3  0x00007f13b7c464f4 in  () at /usr/lib/libQt5Core.so.5
#4  0x00007f13b7c42eff in  () at /usr/lib/libQt5Core.so.5
#5  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#6  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 6 (Thread 0x7f1395806640 (LWP 874)):
#0  0x00007f13b64d437f in poll () at /usr/lib/libc.so.6
#1  0x00007f13b584f9d8 in  () at /usr/lib/libglib-2.0.so.0
#2  0x00007f13b57f96f1 in g_main_context_iteration () at /usr/lib/libglib-2.0.so.0
#3  0x00007f13b7e83691 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5                                                                                                   
#4  0x00007f13b7e293ac in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#5  0x00007f13b7c41d12 in QThread::exec() () at /usr/lib/libQt5Core.so.5
#6  0x00007f13b4bbe5a9 in  () at /usr/lib/libQt5Qml.so.5
#7  0x00007f13b7c42eff in  () at /usr/lib/libQt5Core.so.5
#8  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#9  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 5 (Thread 0x7f1398721640 (LWP 869)):
#0  0x00007f13b68529ba in __futex_abstimed_wait_common64 () at /usr/lib/libpthread.so.0
#1  0x00007f13b684c260 in pthread_cond_wait@@GLIBC_2.3.2 () at /usr/lib/libpthread.so.0
#2  0x00007f13ac8fccec in  () at /usr/lib/dri/iris_dri.so
#3  0x00007f13ac8fb4c8 in  () at /usr/lib/dri/iris_dri.so
#4  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#5  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 4 (Thread 0x7f13b066b640 (LWP 866)):
#0  0x00007f13b64d437f in poll () at /usr/lib/libc.so.6
#1  0x00007f13b584f9d8 in  () at /usr/lib/libglib-2.0.so.0
#2  0x00007f13b57f96f1 in g_main_context_iteration () at /usr/lib/libglib-2.0.so.0
#3  0x00007f13b7e83691 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5                                                                                                   
#4  0x00007f13b7e293ac in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#5  0x00007f13b7c41d12 in QThread::exec() () at /usr/lib/libQt5Core.so.5
#6  0x00007f13b87af098 in  () at /usr/lib/libQt5DBus.so.5
#7  0x00007f13b7c42eff in  () at /usr/lib/libQt5Core.so.5
#8  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#9  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 3 (Thread 0x7f13afe1e640 (LWP 867)):
#0  0x00007f13b64d437f in poll () at /usr/lib/libc.so.6
#1  0x00007f13b584f9d8 in  () at /usr/lib/libglib-2.0.so.0
#2  0x00007f13b57f96f1 in g_main_context_iteration () at /usr/lib/libglib-2.0.so.0
#3  0x00007f13b7e83691 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5                                                                                                   
#4  0x00007f13b7e293ac in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#5  0x00007f13b7c41d12 in QThread::exec() () at /usr/lib/libQt5Core.so.5
#6  0x00007f13b7c42eff in  () at /usr/lib/libQt5Core.so.5
#7  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#8  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 2 (Thread 0x7f13af56e640 (LWP 868)):
#0  0x00007f13b64d437f in poll () at /usr/lib/libc.so.6
#1  0x00007f13b584f9d8 in  () at /usr/lib/libglib-2.0.so.0
#2  0x00007f13b57f96f1 in g_main_context_iteration () at /usr/lib/libglib-2.0.so.0
#3  0x00007f13b7e83691 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#4  0x00007f13b7e293ac in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#5  0x00007f13b7c41d12 in QThread::exec() () at /usr/lib/libQt5Core.so.5
#6  0x00007f13b7c42eff in  () at /usr/lib/libQt5Core.so.5
#7  0x00007f13b6846299 in start_thread () at /usr/lib/libpthread.so.0
#8  0x00007f13b64df053 in clone () at /usr/lib/libc.so.6

Thread 1 (Thread 0x7f13b14dfec0 (LWP 865)):
#0  0x00007f13b76c8b60 in  () at /usr/lib/libkwinglutils.so.13
#1  0x00007f13b76c9b3d in KWin::GLVertexBuffer::setData(int, int, float const*, float const*) () at /usr/lib/libkwinglutils.so.13
#2  0x00007f13b76c4988 in KWin::GLTexture::render(QRegion const&, QRect const&, bool) () at /usr/lib/libkwinglutils.so.13
#3  0x00005627d2e41726 in KWin::PipeWireStream::recordFrame(KWin::GLTexture*, QRegion const&) ()
#4  0x00005627d2e419a5 in  ()
#5  0x00007f13b7e61d86 in  () at /usr/lib/libQt5Core.so.5
#6  0x00007f13b78e8fb8 in KWin::Cursors::positionChanged(KWin::Cursor*, QPoint const&) () at /usr/lib/libkwin.so.5
#7  0x00007f13b7e61d86 in  () at /usr/lib/libQt5Core.so.5
#8  0x00007f13b78e8df3 in KWin::Cursor::posChanged(QPoint const&) () at /usr/lib/libkwin.so.5
#9  0x00007f13b79bee51 in  () at /usr/lib/libkwin.so.5
#10 0x00007f13b7e61d86 in  () at /usr/lib/libQt5Core.so.5
#11 0x00007f13b78e96e3 in KWin::InputRedirection::globalPointerChanged(QPointF const&) () at /usr/lib/libkwin.so.5
#12 0x00007f13b79c1114 in KWin::PointerInputRedirection::updatePosition(QPointF const&) () at /usr/lib/libkwin.so.5
#13 0x00007f13b79c2633 in KWin::PointerInputRedirection::processMotion(QPointF const&, QSizeF const&, QSizeF const&, unsigned int, unsigned long long, KWin::LibInput::Device*) () at /usr/lib/libkwin.so.5
#14 0x00007f13b7979785 in  () at /usr/lib/libkwin.so.5
#15 0x00007f13b7e61d86 in  () at /usr/lib/libQt5Core.so.5
#16 0x00007f13b78ea5da in KWin::LibInput::Connection::pointerMotion(QSizeF const&, QSizeF const&, unsigned int, unsigned long long, KWin::LibInput::Device*) () at /usr/lib/libkwin.so.5
#17 0x00007f13b799fe7a in KWin::LibInput::Connection::processEvents() () at /usr/lib/libkwin.so.5
#18 0x00007f13b7e57532 in QObject::event(QEvent*) () at /usr/lib/libQt5Core.so.5
#19 0x00007f13b6e5c752 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/libQt5Widgets.so.5
#20 0x00007f13b7e2aa2a in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /usr/lib/libQt5Core.so.5
#21 0x00007f13b7e2d523 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () at /usr/lib/libQt5Core.so.5
#22 0x00007f13b7e80aec in QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#23 0x00005627d2e6c7ee in  ()
#24 0x00007f13b7e293ac in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#25 0x00007f13b7e31844 in QCoreApplication::exec() () at /usr/lib/libQt5Core.so.5
#26 0x00005627d2e16e89 in  ()
#27 0x00007f13b6407b25 in __libc_start_main () at /usr/lib/libc.so.6
#28 0x00005627d2e1792e in _start ()
Comment 1 henry 2021-03-29 10:36:39 UTC 
Further investigations show, this only happens if the cursor is captured and only if the desktop is selected.

A more minimal program that crashed kwin_wayland: https://git.sr.ht/~hmh/pipewire_gst_bugs/tree/kwin

All it does is capturing the screen repeatedly.
Comment 2 Nate Graham 2021-12-16 19:18:22 UTC 
*** Bug 447084 has been marked as a duplicate of this bug. ***
Comment 3 Aleix Pol 2022-01-14 19:01:25 UTC 
I've been trying to reproduce this issue with no success. I'd say there's a chance this is already fixed.

The backtrace that  the duplicate 447084 is on 5.23.4 seems to indicate that it might still be present on 5.23, so I'd appreciate some more information like a fully populated backtrace with debug symbols or so.

I ran the pw_test you shared and it also does not reproduce.
Comment 4 Aleix Pol 2022-01-25 01:04:46 UTC 
I feel like 52bc46069e6a96c03166c961266cbf2c86b3a92c might have fixed, please retest after 5.24.0.
Comment 5 Nate Graham 2022-01-25 17:34:03 UTC 
.
Comment 6 Bug Janitor Service 2022-02-09 04:36:57 UTC 
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!
Comment 7 SS 2022-02-12 09:15:13 UTC 
Same bug on KDE Plasma Version 5.24.0
Comment 8 Vlad Zahorodnii 2022-02-14 09:45:42 UTC 

*** This bug has been marked as a duplicate of bug 448162 ***