445984 – kwin_wayland crashes when snapping wayland windows.

Bug 445984 - kwin_wayland crashes when snapping wayland windows.

Summary: kwin_wayland crashes when snapping wayland windows.

Status:	RESOLVED NOT A BUG

Alias:	None

Product:	kwin
Classification:	Plasma
Component:	wayland-generic (show other bugs)
Version:	5.23.3
Platform:	Arch Linux Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	KWin default assignee

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-11-23 17:53 UTC by kkartaltepe
Modified:	2022-01-24 16:36 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Flags:	vlad.zahorodnii: NVIDIA+

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description kkartaltepe 2021-11-23 17:53:41 UTC

SUMMARY

Snapping windows can sometimes result in a crash in kwin_wayland nested.

STEPS TO REPRODUCE
1.  Start an X11 environment
2.  Start kwin_wayland as a nested client.
3.  Run the sample application
4.  Snap the application to the right side.
5.  Observe the crash.

On a fresh boot this occurs with 100% reproduction rate. I was able to somehow get into a state where it didnt occur eventually, but upon rebooting it was 100% reproducible again.

OBSERVED RESULT
kwin crashes

EXPECTED RESULT
kwin doesnt crash

SOFTWARE/OS VERSIONS
Linux/KDE Plasma:  Archlinux, kernel `5.15.2-arch1-1`
(available in About System)
kwin_wayland Version:  `5.23.3`
KDE Plasma Version: Im not sure what this refers to, I just have kwin and the bare minimum to run it nested.
KDE Frameworks Version:   Im not sure what this refers to.
Qt Version:  `5.15.2+kde+r256-1`
nvidia drivers: 495.44
nvidia's egl-wayland: 1.1.9 (commit daab854)

ADDITIONAL INFORMATION

Sample program:

https://github.com/kkartaltepe/wayland-egl-simple

Interesting output right before the crash:

```
No provider of eglDestroyImageKHR found.  Requires one of:
    EGL_KHR_image
    EGL_KHR_image_base
    EGL 15
```

(However EGL 1.5 is supported under X11 and Wayland along with both extensions on X11 and wayland, at least as reported by `eglinfo`)

Stack trace for the crashed thread:

```
Thread 1 "kwin_wayland" received signal SIGABRT, Aborted.
0x00007f97c970ed22 in raise () from /usr/lib/libc.so.6
(gdb) bt
#0  0x00007f97c970ed22 in raise () at /usr/lib/libc.so.6
#1  0x00007f97c96f8862 in abort () at /usr/lib/libc.so.6
#2  0x00007f97c9c6ecee in  () at /usr/lib/libepoxy.so.0
#3  0x00007f97c9c722ba in  () at /usr/lib/libepoxy.so.0
#4  0x00007f97cbc28def in  ()
    at /usr/lib/qt/plugins/org.kde.kwin.waylandbackends/KWinWaylandX11Backend.so
#5  0x00007f97cbc290d3 in  ()
    at /usr/lib/qt/plugins/org.kde.kwin.waylandbackends/KWinWaylandX11Backend.so
#6  0x00007f97c90a080f in  () at /usr/lib/libwayland-server.so.0
#7  0x00007f97c90a0f51 in wl_resource_destroy () at /usr/lib/libwayland-server.so.0
#8  0x00007f97c7289d4a in  () at /usr/lib/libffi.so.8
#9  0x00007f97c7289267 in  () at /usr/lib/libffi.so.8
#10 0x00007f97c90a6173 in  () at /usr/lib/libwayland-server.so.0
#11 0x00007f97c90a155c in  () at /usr/lib/libwayland-server.so.0
#12 0x00007f97c90a404a in wl_event_loop_dispatch () at /usr/lib/libwayland-server.so.0
#13 0x00007f97ca9e11a7 in KWaylandServer::Display::dispatchEvents() ()
    at /usr/lib/libKWaylandServer.so.5
#14 0x00007f97c9fd57ab in  () at /usr/lib/libQt5Core.so.5
#15 0x00007f97c9fd8c70 in QSocketNotifier::activated(QSocketDescriptor, QSocketNotifier::Type, QSocketNotifier::QPrivateSignal) () at /usr/lib/libQt5Core.so.5
#16 0x00007f97c9fd947d in QSocketNotifier::event(QEvent*) () at /usr/lib/libQt5Core.so.5
#17 0x00007f97cac7bd62 in QApplicationPrivate::notify_helper(QObject*, QEvent*) ()
    at /usr/lib/libQt5Widgets.so.5
#18 0x00007f97c9f9e3fa in QCoreApplication::notifyInternal2(QObject*, QEvent*) ()
    at /usr/lib/libQt5Core.so.5
#19 0x00007f97c9ff4364 in QEventDispatcherUNIXPrivate::activateSocketNotifiers() ()
    at /usr/lib/libQt5Core.so.5
#20 0x00007f97c9ff47e5 in QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
    () at /usr/lib/libQt5Core.so.5
#21 0x000055829affccee in  ()
#22 0x00007f97c9f9cd6c in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) ()
    at /usr/lib/libQt5Core.so.5
#23 0x00007f97c9fa52d4 in QCoreApplication::exec() () at /usr/lib/libQt5Core.so.5
#24 0x000055829af998cb in  ()
#25 0x00007f97c96f9b25 in __libc_start_main () at /usr/lib/libc.so.6
#26 0x000055829af9a2ce in  ()
```

Comment 1 kkartaltepe 2021-11-24 18:53:03 UTC

I rebuilt kwin with debug symbols however only the top of the stack is actually in kwin so it doesnt provide much additional info, the Qt5 core libraries do carry their function symbols though so I presume this is sufficient.

```
#22 0x00007ffff4aead6c in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/libQt5Core.so.5
#23 0x00007ffff4af32d4 in QCoreApplication::exec() () at /usr/lib/libQt5Core.so.5
#24 0x00005555555cd654 in main(int, char**) (argc=2, argv=0x7fffffffe608) at /home/upstreams/kwin/src/main_wayland.cpp:745
```

Comment 2 Vlad Zahorodnii 2022-01-19 18:48:53 UTC

#4  0x00007f97cbc28def in  ()
    at /usr/lib/qt/plugins/org.kde.kwin.waylandbackends/KWinWaylandX11Backend.so
#5  0x00007f97cbc290d3 in  ()
    at /usr/lib/qt/plugins/org.kde.kwin.waylandbackends/KWinWaylandX11Backend.so
#6  0x00007f97c90a080f in  () at /usr/lib/libwayland-server.so.0
#7  0x00007f97c90a0f51 in wl_resource_destroy () at /usr/lib/libwayland-server.so.0

I wonder what happens here. Can you please get a backtrace with debug symbols? Without it, I'm afraid this crash is inactionable.

Comment 3 kkartaltepe 2022-01-20 01:56:52 UTC

> Can you please get a backtrace with debug symbols? 

Compiling Qt is intractable on my system last time I attempted it. At least unless I wanted to remove the package manager's installation. So im not sure that I personally would be able to provide any additional symbols from qt code.

Comment 4 Vlad Zahorodnii 2022-01-20 11:45:24 UTC

You only need to rebuild kwin and probably kwayland-server

Comment 5 kkartaltepe 2022-01-20 15:41:25 UTC

> You only need to rebuild kwin and probably kwayland-server

Comment 1 _is_ after building kwin with debug symbols, only frame #24 is attributed to kwin and you can see the stack in the comment. The frames you mention begin with `/qt/` so they appear to be part of Qt. I can try building kwayland-server but you would need to tell me which repository that is in as it doesnt appear to be part of the kwin repository.

Comment 6 Vlad Zahorodnii 2022-01-24 12:26:28 UTC

No, the relevant stuff is over here

#0  0x00007f97c970ed22 in raise () at /usr/lib/libc.so.6
#1  0x00007f97c96f8862 in abort () at /usr/lib/libc.so.6
#2  0x00007f97c9c6ecee in  () at /usr/lib/libepoxy.so.0
#3  0x00007f97c9c722ba in  () at /usr/lib/libepoxy.so.0
#4  0x00007f97cbc28def in  ()
    at /usr/lib/qt/plugins/org.kde.kwin.waylandbackends/KWinWaylandX11Backend.so
#5  0x00007f97cbc290d3 in  ()
    at /usr/lib/qt/plugins/org.kde.kwin.waylandbackends/KWinWaylandX11Backend.so

Note that kwin's part of the backtrace has no debug symbols. You need to build kwin with -DCMAKE_BUILD_TYPE=RelWithDebInfo cmake option.

Comment 7 kkartaltepe 2022-01-24 16:09:55 UTC

It seems the part that I missed was 
>  QT_PLUGIN_PATH=`pwd`

Is required to inform the session how to find the compiled plugins, but it does not crash now.