SUMMARY kwin_wayland crashed twice when used as the sddm Wayland compositor about 30-60 seconds after sddm started in a Fedora 37 KDE Plasma installation. The sddm-wayland-plasma-5.26.4.1-1.fc37.noarch package had the configuration to use kwin_wayland to run sddm on Wayland. This crash happened infrequently. The trace showed a crash in bool with an invalid pointer this=0x38 which might've been due to KWin::Output::modeSize() having this=0x0 in frame 1. Core was generated by `/usr/bin/kwin_wayland --no-lockscreen --inputmethod maliit-keyboard'. Program terminated with signal SIGSEGV, Segmentation fault. #0 std::__shared_ptr<KWin::OutputMode, (__gnu_cxx::_Lock_policy)2>::operator bool (this=0x38) at /usr/include/c++/12/bits/shared_ptr_base.h:1669 1669 explicit operator bool() const noexcept [Current thread is 1 (Thread 0x7ffb5b6b3980 (LWP 1092))] (gdb) bt #0 std::__shared_ptr<KWin::OutputMode, (__gnu_cxx::_Lock_policy)2>::operator bool() const (this=0x38) at /usr/include/c++/12/bits/shared_ptr_base.h:1669 #1 KWin::Output::modeSize() const (this=0x0) at /usr/src/debug/kwin-5.26.4-1.fc37.x86_64/src/core/output.cpp:189 #2 0x00007ffb5c18bebb in KWin::LibInput::Connection::processEvents() (this=0x561b46a144a0) at /usr/src/debug/kwin-5.26.4-1.fc37.x86_64/src/backends/libinput/connection.cpp:347 #3 0x00007ffb5a6d2ec4 in QObject::event(QEvent*) (this=0x561b4697a560, e=0x7ffb20006830) at kernel/qobject.cpp:1347 #4 0x00007ffb59daed12 in QApplicationPrivate::notify_helper(QObject*, QEvent*) (this=<optimized out>, receiver=0x561b4697a560, e=0x7ffb20006830) at kernel/qapplication.cpp:3637 #5 0x00007ffb5a6a8278 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (receiver=0x561b4697a560, event=0x7ffb20006830) at kernel/qcoreapplication.cpp:1064 #6 0x00007ffb5a6ab5e4 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=data@entry=0x561b467b8fb0) at kernel/qcoreapplication.cpp:1821 #7 0x00007ffb5a6f68d5 in QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x561b467bb910, flags=...) at kernel/qeventdispatcher_unix.cpp:468 #8 0x0000561b44a85b81 in QUnixEventDispatcherQPA::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () #9 0x00007ffb5a6a6cca in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=this@entry=0x7fffb354b8d0, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69 #10 0x00007ffb5a6aed92 in QCoreApplication::exec() () --Type <RET> for more, q to quit, c to continue without paging--c at ../../include/QtCore/../../src/corelib/global/qflags.h:121 #11 0x00007ffb5ab5fbe0 in QGuiApplication::exec() () at kernel/qguiapplication.cpp:1863 #12 0x00007ffb59daec89 in QApplication::exec() () at kernel/qapplication.cpp:2829 #13 0x0000561b449aada8 in main(int, char**) (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/kwin-5.26.4-1.fc37.x86_64/src/main_wayland.cpp:613 STEPS TO REPRODUCE 1. Boot a Fedora 37 KDE Plasma installation with sddm-wayland-plasma-5.26.4.1-1.fc37.noarch to run sddm on Wayland with kwin_wayland compositor 2. When sddm starts, wait a minute 3. If kwin_wayland doesn't crash, reboot 4. Repeat 1-3 until the crash happens OBSERVED RESULT kwin_wayland occasionally crashed in bool when used as the sddm Wayland compositor EXPECTED RESULT No crash would happen. SOFTWARE/OS VERSIONS Linux/KDE Plasma: Fedora 37 (available in About System) KDE Plasma Version: 5.26,4 KDE Frameworks Version: 5.101.1 Qt Version: 5.15.7 ADDITIONAL INFORMATION
Created attachment 154708 [details] full trace of all threads of kwin_wayland crash when used as sddm Wayland compositor I noticed in the full trace that in KWin::LibInput::Connection::processEvents in frame 2 of the crashing thread output = 0x0 which might have led to KWin::Output::modeSize() having this=0x0 and globalPos = {xp = 4.6505189011229344e-310, yp = 1.1857575500189917e-322} which looked like abnormally small values. Thread 1 (Thread 0x7fc4b15fd980 (LWP 1088)): #0 std::__shared_ptr<KWin::OutputMode, (__gnu_cxx::_Lock_policy)2>::operator bool() const (this=0x38) at /usr/include/c++/12/bits/shared_ptr_base.h:1669 #1 KWin::Output::modeSize() const (this=0x0) at /usr/src/debug/kwin-5.26.4-1.fc37.x86_64/src/core/output.cpp:189 #2 0x00007fc4b258bebb in KWin::LibInput::Connection::processEvents() (this=0x559bc75b34c0) at /usr/src/debug/kwin-5.26.4-1.fc37.x86_64/src/backends/libinput/connection.cpp:347 te = 0x7fc47c0060e0 output = 0x0 globalPos = {xp = 4.6505189011229344e-310, yp = 1.1857575500189917e-322} event = std::unique_ptr<KWin::LibInput::Event> = {get() = 0x7fc47c0060e0} locker = {val = 94127552935129} #3 0x00007fc4b0ad2ec4 in QObject::event(QEvent*) (this=0x559bc7519730, e=0x7fc47c0069a0) at kernel/qobject.cpp:1347 mce = 0x7fc47c0069a0 sender = {previous = 0x0, receiver = 0x559bc7519730, sender = 0x559bc75b34c0, signal = 5} #4 0x00007fc4affaed12 in QApplicationPrivate::notify_helper(QObject*, QEvent*) (this=<optimized out>, receiver=0x559bc7519730, e=0x7fc47c0069a0) at kernel/qapplication.cpp:3637 consumed = false filtered = false #5 0x00007fc4b0aa8278 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (receiver=0x559bc7519730, event=0x7fc47c0069a0) at kernel/qcoreapplication.cpp:1064 selfRequired = true result = false cbdata = {0x559bc7519730, 0x7fc47c0069a0, 0x7fff85632ccf} d = <optimized out> threadData = 0x559bc7357fb0 scopeLevelCounter = {threadData = 0x559bc7357fb0} #6 0x00007fc4b0aab5e4 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=data@entry=0x559bc7357fb0) at kernel/qcoreapplication.cpp:1821 e = 0x7fc47c0069a0 pe = <optimized out> r = 0x559bc7519730 event_deleter = {d = 0x7fc47c0069a0} locker = {_M_device = 0x559bc7357fe0, _M_owns = false} startOffset = 0 i = @0x559bc7357fd4: 1 cleanup = {receiver = 0x0, event_type = 0, data = 0x559bc7357fb0, exceptionCaught = true} #7 0x00007fc4b0af68d5 in QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x559bc735a910, flags=...) at kernel/qeventdispatcher_unix.cpp:468 d = 0x559bc735c820 threadData = 0x559bc7357fb0 include_timers = <optimized out> canWait = <optimized out> tm = <optimized out> wait_tm = {tv_sec = 140482759133936, tv_nsec = 140482759134718} nevents = <optimized out> #8 0x0000559bc7297b81 in QUnixEventDispatcherQPA::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () #9 0x00007fc4b0aa6cca in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=this@entry=0x7fff85632ee0, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69 d = 0x559bc75dc720 threadData = <optimized out> locker = {val = 94127550297272} ref = {d = 0x559bc75dc720, locker = @0x7fff85632e68, exceptionCaught = true} app = 0x7fff85633160 #10 0x00007fc4b0aaed92 in QCoreApplication::exec() () at ../../include/QtCore/../../src/corelib/global/qflags.h:121 threadData = 0x559bc7357fb0 eventLoop = {<QObject> = {_vptr.QObject = 0x7fc4b0d6cb68 <vtable for QEventLoop+16>, static staticMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7fc4b0c5fa40 <qt_meta_stringdata_QObject>, data = 0x7fc4b0c5f920 <qt_meta_data_QObject>, static_metacall = 0x7fc4b0ad90c0 <QObject::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, d_ptr = {d = 0x559bc75dc720}, static staticQtMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7fc4b0c629e0 <qt_meta_stringdata_Qt>, data = 0x7fc4b0c5fb60 <qt_meta_data_Qt>, static_metacall = 0x0, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7fc4b0d643e0 <QObject::staticMetaObject>}, stringdata = 0x7fc4b0c597e0 <qt_meta_stringdata_QEventLoop>, data = 0x7fc4b0c59780 <qt_meta_data_QEventLoop>, static_metacall = 0x7fc4b0aa6900 <QEventLoop::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}} returnCode = <optimized out> #11 0x00007fc4b0f5fbe0 in QGuiApplication::exec() () at kernel/qguiapplication.cpp:1863 #12 0x00007fc4affaec89 in QApplication::exec() () at kernel/qapplication.cpp:2829 #13 0x0000559bc71bcda8 in main(int, char**) (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/kwin-5.26.4-1.fc37.x86_64/src/main_wayland.cpp:613 environment = {d = {d = 0x559bc7356af0}} a = {<KWin::Application> = {<QApplication> = {<QGuiApplication> = {<QCoreApplication> = {<QObject> = {_vptr.QObject = 0x559bc72f0c80 <vtable for KWin::ApplicationWayland+16>, static staticMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7fc4b0c5fa40 <qt_meta_stringdata_QObject>, data = 0x7fc4b0c5f920 <qt_meta_data_QObject>, static_metacall = 0x7fc4b0ad90c0 <QObject::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, d_ptr = {d = 0x559bc7357e40}, static staticQtMetaObject = {d = {superdata = {direct = 0x0}, stringdata = 0x7fc4b0c629e0 <qt_meta_stringdata_Qt>, data = 0x7fc4b0c5fb60 <qt_meta_data_Qt>, static_metacall = 0x0, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7fc4b0d643e0 <QObject::staticMetaObject>}, stringdata = 0x7fc4b0c59ec0 <qt_meta_stringdata_QCoreApplication>, data = 0x7fc4b0c59da0 <qt_meta_data_QCoreApplication>, static_metacall = 0x7fc4b0aa9b20 <QCoreApplication::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, static self = 0x7fff85633160}, static staticMetaObject = {d = {superdata = {direct = 0x7fc4b0d6cd00 <QCoreApplication::staticMetaObject>}, stringdata = 0x7fc4b1318600 <qt_meta_stringdata_QGuiApplication>, data = 0x7fc4b1318380 <qt_meta_data_QGuiApplication>, static_metacall = 0x7fc4b0f60bf0 <QGuiApplication::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7fc4b1418b40 <QGuiApplication::staticMetaObject>}, stringdata = 0x7fc4b036d8c0 <qt_meta_stringdata_QApplication>, data = 0x7fc4b036d740 <qt_meta_data_QApplication>, static_metacall = 0x7fc4affb2890 <QApplication::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}}, static staticMetaObject = {d = {superdata = {direct = 0x7fc4b04d44a0 <QApplication::staticMetaObject>}, stringdata = 0x7fc4b268c800 <_ZL36qt_meta_stringdata_KWin__Application.lto_priv.0>, data = 0x7fc4b2686f60 <_ZL30qt_meta_data_KWin__Application.lto_priv.0>, static_metacall = 0x7fc4b23a6ae0 <KWin::Application::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, m_eventFilters = {<QListSpecialMethods<QPointer<KWin::X11EventFilterContainer> >> = {<No data fields>}, {p = {static shared_null = {ref = {atomic = {_q_value = std::atomic<int> = { -1 }}}, alloc = 0, begin = 0, end = 0, array = {0x0}}, d = 0x7fc4b0b78d50 <QListData::shared_null>}, d = 0x7fc4b0b78d50 <QListData::shared_null>}}, m_genericEventFilters = {<QListSpecialMethods<QPointer<KWin::X11EventFilterContainer> >> = {<No data fields>}, {p = {static shared_null = {ref = {atomic = {_q_value = std::atomic<int> = { -1 }}}, alloc = 0, begin = 0, end = 0, array = {0x0}}, d = 0x7fc4b0b78d50 <QListData::shared_null>}, d = 0x7fc4b0b78d50 <QListData::shared_null>}}, m_eventFilter = std::unique_ptr<class KWin::XcbEventFilter> = {get() = 0x559bc7365810}, m_configLock = false, m_config = {d = 0x559bc7364440}, m_kxkbConfig = {d = 0x559bc7371440}, m_operationMode = KWin::Application::OperationModeWaylandOnly, m_x11Time = 0, m_rootWindow = 0, m_connection = 0x0, m_useKActivities = true, m_session = std::unique_ptr<class KWin::Session> = {get() = 0x559bc736e320}, m_platform = std::unique_ptr<class KWin::Platform> = {get() = 0x559bc73725b0}, m_terminating = false, m_xwaylandScale = 1, m_processEnvironment = {d = {d = 0x559bc7356af0}}, m_pluginManager = std::unique_ptr<class KWin::PluginManager> = {get() = 0x559bc8115940}, m_inputMethod = std::unique_ptr<class KWin::InputMethod> = {get() = 0x559bc7584360}, m_colorManager = std::unique_ptr<class KWin::ColorManager> = {get() = 0x559bc735a780}, m_tabletModeManager = std::unique_ptr<class KWin::TabletModeManager> = {get() = 0x559bc756b830}, m_screenLockerWatcher = std::unique_ptr<class KWin::ScreenLockerWatcher> = {get() = 0x559bc751fc40}}, static staticMetaObject = {d = {superdata = {direct = 0x7fc4b27acb60 <KWin::Application::staticMetaObject>}, stringdata = 0x559bc72a1020 <qt_meta_stringdata_KWin__ApplicationWayland>, data = 0x559bc729f700 <qt_meta_data_KWin__ApplicationWayland>, static_metacall = 0x559bc71be450 <KWin::ApplicationWayland::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, extradata = 0x0}}, m_startXWayland = false, m_applicationsToStart = {<QList<QString>> = {<QListSpecialMethods<QString>> = {<No data fields>}, {p = {d = 0x7fc4b0b78d50 <QListData::shared_null>}, d = 0x7fc4b0b78d50 <QListData::shared_null>}}, <No data fields>}, m_inputMethodServerToStart = {d = 0x559bc73685a0}, m_sessionArgument = {d = 0x7fc4b0b78240 <QArrayData::shared_null>}, m_xwayland = std::unique_ptr<class KWin::Xwl::Xwayland> = {get() = 0x0}, m_xwaylandListenFds = {d = 0x7fc4b0b78240 <QArrayData::shared_null>}, m_xwaylandDisplay = {d = 0x7fc4b0b78240 <QArrayData::shared_null>}, m_xwaylandXauthority = {d = 0x7fc4b0b78240 <QArrayData::shared_null>}, m_settingsWatcher = {value = 0x559bc7371a70, d = 0x559bc73714c0}} xwaylandOption = {d = {d = 0x559bc7359260}} waylandSocketOption = {d = {d = 0x559bc73691f0}} x11DisplayOption = {d = {d = 0x559bc7369230}} waylandDisplayOption = {d = {d = 0x559bc7369270}} virtualFbOption = {d = {d = 0x559bc73692b0}} widthOption = {d = {d = 0x559bc7369320}} heightOption = {d = {d = 0x559bc73693c0}} scaleOption = {d = {d = 0x559bc7369480}} outputCountOption = {d = {d = 0x559bc7369670}} waylandSocketFdOption = {d = {d = 0x559bc7369730}} xwaylandListenFdOption = {d = {d = 0x559bc73697a0}} xwaylandDisplayOption = {d = {d = 0x559bc7369810}} xwaylandXAuthorityOption = {d = {d = 0x559bc7369850}} replaceOption = {d = {d = 0x559bc73699a0}} drmOption = {d = {d = 0x559bc73699e0}} parser = {d = 0x559bc7369a50} inputMethodOption = {d = {d = 0x559bc736a820}} screenLockerOption = {d = {d = 0x559bc736a9f0}} noScreenLockerOption = {d = {d = 0x559bc736aa90}} noGlobalShortcutsOption = {d = {d = 0x559bc736ab90}} noActivitiesOption = {d = {d = 0x559bc736aca0}} exitWithSessionOption = {d = {d = 0x559bc736ae60}} backendType = <optimized out> pluginName = {d = 0x7fc4b0b78240 <QArrayData::shared_null>} initialWindowSize = {wd = <optimized out>, ht = <optimized out>} deviceIdentifier = {d = 0x7fc4b0b78240 <QArrayData::shared_null>} outputCount = 1 outputScale = <optimized out> ok = true width = <optimized out> height = <optimized out> scale = <optimized out> count = <optimized out> server = <optimized out> flags = {i = <optimized out>} socketName = {d = 0x7fc4b0b78240 <QArrayData::shared_null>}
*** This bug has been marked as a duplicate of bug 463385 ***
I reproduced a kwin_wayland crash with this trace by touching Virtual Keyboard in the lower-left corner of sddm on Wayland with kwin-wayland-5.26.5-1.fc37.x86_64, sddm-0.19.0^git20221025.fc24321-1.fc37.x86_64, sddm-wayland-plasma-5.26.5-1.fc37.noarch Clicking on Virtual Keyboard with a mouse didn't show the keyboard with sddm on Wayland for me, and so output was null in KWin::LibInput::Connection::processEvents() as a result. The patch at https://bugs.kde.org/show_bug.cgi?id=463385#c5 should fix this problem. Thanks.