Application: plasmashell (6.2.90) ApplicationNotResponding [ANR]: false Qt Version: 6.8.1 Frameworks Version: 6.10.0 Operating System: Linux 6.13.0-0.rc7.20250114gitc45323b7560e.56.fc42.x86_64 x86_64 Windowing System: Wayland Distribution: "Fedora Linux 42 (KDE Plasma Prerelease)" DrKonqi: 6.2.90 [CoredumpBackend] -- Information about the crash: I booted the Fedora Rawhide KDE live image Fedora-KDE-Desktop-Live-Rawhide-20250123.n.0.x86_64.iso on bare metal. Plasma 6.2.90 on Wayland started. I clicked on the Screen Brightness icon in the System Tray. I set the screen brightness to 20% and the Night Light to on at a manual location. I clicked on the Bluetooth icon in the System Tray. I disabled Bluetooth from the Bluetooth applet. I clicked on the Networks icon in the System Tray. The screen went black. plasmashell disappeared and reappeared automatically. drkonqi showed that plasmashell aborted with a malloc error in frame 10 in malloc_printerr "malloc(): unaligned tcache chunk detected" of the crashing thread 1. Functions like in QMap<QString, QVariant>::insert in /usr/lib64/qt6/qml/org/kde/plasma/private/batterymonitor/libbatterymonitorplugin.so were lower in the trace. plasmashell crashed with the same sort of trace when I clicked on the Networks icon in the System Tray again. I didn't see this problem with 6.2.5 or earlier. The crash can be reproduced sometimes. -- Backtrace (Reduced): #5 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 #6 0x00007fc3403f94a3 in __pthread_kill_internal (threadid=<optimized out>, signo=6) at pthread_kill.c:89 #7 0x00007fc34039fcbe in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #8 0x00007fc3403876d6 in __GI_abort () at abort.c:73 #9 0x00007fc3403886fa in __libc_message_impl (fmt=fmt@entry=0x7fc34053b48f "%s\n") at ../sysdeps/posix/libc_fatal.c:132 Reported using DrKonqi
Created attachment 177638 [details] New crash information added by DrKonqi DrKonqi auto-attaching complete backtrace.
#5 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 #6 0x00007fc3403f94a3 in __pthread_kill_internal (threadid=<optimized out>, signo=6) at pthread_kill.c:89 #7 0x00007fc34039fcbe in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #8 0x00007fc3403876d6 in __GI_abort () at abort.c:73 #9 0x00007fc3403886fa in __libc_message_impl (fmt=fmt@entry=0x7fc34053b48f "%s\n") at ../sysdeps/posix/libc_fatal.c:132 #10 0x00007fc340403635 in malloc_printerr (str=str@entry=0x7fc34053ebb8 "malloc(): unaligned tcache chunk detected") at malloc.c:5829 #11 0x00007fc340408514 in tcache_get_n (tc_idx=<optimized out>, ep=<optimized out>) at malloc.c:3185 #12 tcache_get (tc_idx=<optimized out>) at malloc.c:3201 #13 tcache_try_malloc (bytes=<optimized out>, memptr=<synthetic pointer>) at malloc.c:3364 #14 __GI___libc_malloc (bytes=<optimized out>) at malloc.c:3395 #15 0x00007fc34068e23c in operator new(unsigned long) () from /lib64/libstdc++.so.6 #16 0x00007fc2b6402302 in QMap<QString, QVariant>::detach (this=0x7ffe4347ca48) at /usr/include/qt6/QtCore/qmap.h:277 #17 QMap<QString, QVariant>::detach (this=0x7ffe4347ca48) at /usr/include/qt6/QtCore/qmap.h:272 #18 QMap<QString, QVariant>::insert(QString const&, QVariant const&) [clone .isra.0] (this=0x7ffe4347ca48, key=..., value=...) at /usr/include/qt6/QtCore/qmap.h:693 #19 0x00007fc2b6402bc8 in qDBusRegisterMetaType<QMap<QString, QVariant> >()::{lambda(QDBusArgument const&, void*)#1}::_FUN(QDBusArgument const&, void*) () at /usr/include/qt6/QtDBus/qdbusargument.h:275 #20 0x00007fc340fee47f in QDBusMetaType::demarshall (arg=..., metaType=..., data=data@entry=0x7ffe4347ca48) at /usr/src/debug/qt6-qtbase-6.8.1-11.fc42.x86_64/src/dbus/qdbusmetatype.cpp:269 #21 0x00007fc340fbc1b7 in QDBusConnectionPrivate::deliverCall (this=0x7fc32400eb80, object=0x5645d3877940, msg=..., metaTypes=..., slotIdx=4) at /usr/src/debug/qt6-qtbase-6.8.1-11.fc42.x86_64/src/dbus/qdbusintegrator.cpp:962 #22 0x00007fc340a3a29c in QObject::event (this=<optimized out>, e=<optimized out>) at /usr/src/debug/qt6-qtbase-6.8.1-11.fc42.x86_64/src/corelib/kernel/qobject.cpp:1419 #23 0x00007fc342d1beca in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt6Widgets.so.6 #24 0x00007fc3409de280 in QCoreApplication::notifyInternal2 (receiver=0x5645d3877940, event=0x7fc324063960) at /usr/src/debug/qt6-qtbase-6.8.1-11.fc42.x86_64/src/corelib/kernel/qcoreapplication.cpp:1168 #25 0x00007fc3409de4dd in QCoreApplication::sendEvent (receiver=<optimized out>, event=<optimized out>) at /usr/src/debug/qt6-qtbase-6.8.1-11.fc42.x86_64/src/corelib/kernel/qcoreapplication.cpp:1612 #26 0x00007fc3409e20d2 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, event_type@entry=32707, data=0x5645d0b72330) at /usr/src/debug/qt6-qtbase-6.8.1-11.fc42.x86_64/src/corelib/kernel/qcoreapplication.cpp:1968 #27 0x00007fc3409e3500 in QCoreApplication::sendPostedEvents (receiver=<optimized out>, event_type=32707) at /usr/src/debug/qt6-qtbase-6.8.1-11.fc42.x86_64/src/corelib/kernel/qcoreapplication.cpp:1800 #28 0x00007fc340cdf2ff in postEventSourceDispatch (s=0x5645d0b77670) at /usr/src/debug/qt6-qtbase-6.8.1-11.fc42.x86_64/src/corelib/kernel/qeventdispatcher_glib.cpp:246 #29 0x00007fc33f606f16 in g_main_context_dispatch_unlocked.lto_priv () from /lib64/libglib-2.0.so.0 #30 0x00007fc33f610068 in g_main_context_iterate_unlocked.isra () from /lib64/libglib-2.0.so.0 #31 0x00007fc33f610217 in g_main_context_iteration () from /lib64/libglib-2.0.so.0 #32 0x00007fc340cdeb43 in QEventDispatcherGlib::processEvents (this=0x5645d0b78450, flags=...) at /usr/src/debug/qt6-qtbase-6.8.1-11.fc42.x86_64/src/corelib/kernel/qeventdispatcher_glib.cpp:399 #33 0x00007fc3409ec8eb in QEventLoop::exec (this=this@entry=0x7ffe4347d110, flags=..., flags@entry=...) at /usr/src/debug/qt6-qtbase-6.8.1-11.fc42.x86_64/src/corelib/global/qflags.h:34 #34 0x00007fc3409e8555 in QCoreApplication::exec () at /usr/src/debug/qt6-qtbase-6.8.1-11.fc42.x86_64/src/corelib/kernel/qcoreapplication.cpp:1513 #35 0x0000564597f87ca6 in main ()
I don't see any KDE code in here; it may be a Qt bug.
I am not immediately able to reproduce this on git-master (I see it's reported as intermittent) 1. I set the screen brightness to 20% 2. Set Night Light to on at a manual location 3. Disabled bluetooth via the applet 4. Clicked on Networks in system tray
I reproduced the crash another two times using the same steps in Plasma 6.2.90 using Fedora-KDE-Desktop-Live-Rawhide-20250127.n.0.x86_64.iso on bare metal. I'm not sure which of those steps is necessary for the crash to happen though. The system time was set to UTC in the live image, but I set the Night Light location to UTC-05:00 (EST) .The problem might be in Qt. The original trace before I installed debuginfo packages for qt6-qtbase and glibc had QMap<QString, QVariant>::insert in /usr/lib64/qt6/qml/org/kde/plasma/private/batterymonitor/libbatterymonitorplugin.so and qDBusRegisterMetaType<QMap<QString, QVariant> >()::{lambda(QDBusArgument const&, void*)#1}::_FUN(QDBusArgument const&, void*) () from /usr/lib64/qt6/qml/org/kde/plasma/private/batterymonitor/libbatterymonitorplugin.so in frames 11 and 12. The battery monitor icon wasn't shown in the System Tray when the crashes happened because the battery was at 100% and the laptop was plugged in, so /usr/lib64/qt6/qml/org/kde/plasma/private/batterymonitor/libbatterymonitorplugin.so being there seems strange to me. Thanks. Thread 1 (Thread 0x7f559d954280 (LWP 2670)): [KCrash Handler] #4 0x00007f559ba4839c in __pthread_kill_implementation () from /lib64/libc.so.6 #5 0x00007f559b9eecbe in raise () from /lib64/libc.so.6 #6 0x00007f559b9d66d6 in abort () from /lib64/libc.so.6 #7 0x00007f559b9d76fa in __libc_message_impl.cold () from /lib64/libc.so.6 #8 0x00007f559ba525f5 in malloc_printerr () from /lib64/libc.so.6 #9 0x00007f559ba574d4 in malloc () from /lib64/libc.so.6 #10 0x00007f559bcdc4fc in operator new(unsigned long) () from /lib64/libstdc++.so.6 #11 0x00007f54e8019302 in QMap<QString, QVariant>::insert(QString const&, QVariant const&) [clone .isra.0] () from /usr/lib64/qt6/qml/org/kde/plasma/private/batterymonitor/libbatterymonitorplugin.so #12 0x00007f54e8019bc8 in qDBusRegisterMetaType<QMap<QString, QVariant> >()::{lambda(QDBusArgument const&, void*)#1}::_FUN(QDBusArgument const&, void*) () from /usr/lib64/qt6/qml/org/kde/plasma/private/batterymonitor/libbatterymonitorplugin.so #13 0x00007f559c63d47f in QDBusMetaType::demarshall(QDBusArgument const&, QMetaType, void*) () from /lib64/libQt6DBus.so.6 #14 0x00007f559c60b1b7 in QDBusConnectionPrivate::deliverCall(QObject*, QDBusMessage const&, QList<QMetaType> const&, int) () from /lib64/libQt6DBus.so.6 #15 0x00007f559c08929c in QObject::event(QEvent*) () from /lib64/libQt6Core.so.6 #16 0x00007f559e36aeca in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt6Widgets.so.6 #17 0x00007f559c02d280 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib64/libQt6Core.so.6 #18 0x00007f559c0310d2 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /lib64/libQt6Core.so.6 #19 0x00007f559c32e2ff in postEventSourceDispatch(_GSource*, int (*)(void*), void*) () from /lib64/libQt6Core.so.6 #20 0x00007f559ac55f16 in g_main_context_dispatch_unlocked.lto_priv () from /lib64/libglib-2.0.so.0 #21 0x00007f559ac5f068 in g_main_context_iterate_unlocked.isra () from /lib64/libglib-2.0.so.0 #22 0x00007f559ac5f217 in g_main_context_iteration () from /lib64/libglib-2.0.so.0 #23 0x00007f559c32db43 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt6Core.so.6 #24 0x00007f559c03b8eb in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt6Core.so.6 #25 0x00007f559c037555 in QCoreApplication::exec() () from /lib64/libQt6Core.so.6 #26 0x0000560fa8bdeca6 in main ()
I had to install the powerdevil debuginfo packages in order for the frames 11 and 12 to get their source files and lines. #11 0x00007f54e8019302 in QMap<QString, QVariant>::insert(QString const&, QVariant const&) [clone .isra.0] () from /usr/lib64/qt6/qml/org/kde/plasma/private/batterymonitor/libbatterymonitorplugin.so #12 0x00007f54e8019bc8 in qDBusRegisterMetaType<QMap<QString, QVariant> >()::{lambda(QDBusArgument const&, void*)#1}::_FUN(QDBusArgument const&, void*) () from /usr/lib64/qt6/qml/org/kde/plasma/private/batterymonitor/libbatterymonitorplugin.so After powerdevil and qt6-qtbase those frames looked like: #16 0x00007f54e8019302 in QMap<QString, QVariant>::detach (this=0x7fff27ef2e28) at /usr/include/qt6/QtCore/qmap.h:277 #17 QMap<QString, QVariant>::detach (this=0x7fff27ef2e28) at /usr/include/qt6/QtCore/qmap.h:272 #18 QMap<QString, QVariant>::insert(QString const&, QVariant const&) [clone .isra.0] (this=0x7fff27ef2e28, key=..., value=...) at /usr/include/qt6/QtCore/qmap.h:693 #19 0x00007f54e8019bc8 in qDBusRegisterMetaType<QMap<QString, QVariant> >()::{lambda(QDBusArgument const&, void*)#1}::_FUN(QDBusArgument const&, void*) () at /usr/include/qt6/QtDBus/qdbusargument.h:275 It looked like the battery monitor applet might've been called when I clicked on Networks even though the battery monitor wasn't visible in the System Tray.
When I just disabled Bluetooth and then clicked on the Networks icon in Plasma 6.2.90, plasmashell crashed with a different trace which I reported at https://bugs.kde.org/show_bug.cgi?id=499218
Thanks for the additional debug info. The crash does indeed look to be happening in Qt. Nate commented in bug 499218 that this might be a compiler bug. Fedora was having issues with GCC 15 (bug 499100 has more info on that)
Indeed I expect this to be the same gcc15 bug. The stacktrace in Discover shows some QCoro frames, and indeed QCoro turned out to also break when rebuilding it with gcc15: https://github.com/qcoro/qcoro/issues/262 plasma-nm does uses QCoro but QCoro is not in the stacktrace here; still it's probably related.
The battery code crash doesn't *look* related to coroutines, but it looks like a memory corrumption, that could be caused by a lot of things