https://bugs.kde.org/show_bug.cgi?id=466183
Bug ID: 466183
Summary: x11 nested kwin_wayland crashes on exit
Classification: Plasma
Product: kwin
Version: unspecified
Platform: Other
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: core
Assignee: kwin-bugs-n...@kde.org
Reporter: sit...@kde.org
Target Milestone: ---
STEPS TO REPRODUCE
1. be on x11
2. kwin_wayland --no-global-shortcuts
3. close window using window decoration, or INT it, or TERM it, or QUIT it
OBSERVED RESULT
Crash about half the time
EXPECTED RESULT
No crash
SOFTWARE/OS VERSIONS
Operating System: KDE neon Unstable Edition
KDE Plasma Version: 5.27.80
KDE Frameworks Version: 5.104.0
Qt Version: 5.15.8
Kernel Version: 5.19.0-28-generic (64-bit)
Graphics Platform: X11
Processors: 12 × AMD Ryzen 5 3600X 6-Core Processor
Memory: 31,3 GiB of RAM
Graphics Processor: AMD Radeon RX 5700 XT
ADDITIONAL INFORMATION
kwin(97496)/(kwin_wayland_x11windowed)
KWin::X11WindowedBackend::handleClientMessage: Backend window is going to be
closed, shutting down.
corrupted double-linked list
Process 97496 stopped
* thread #1, name = 'kwin_wayland', stop reason = signal SIGABRT
frame #0: 0x00007f8876a96a7c libc.so.6`__GI___pthread_kill at
pthread_kill.c:44:76
(lldb) bt all
* thread #1, name = 'kwin_wayland', stop reason = signal SIGABRT
* frame #0: 0x00007f8876a96a7c libc.so.6`__GI___pthread_kill at
pthread_kill.c:44:76
frame #1: 0x00007f8876a96a30 libc.so.6`__GI___pthread_kill [inlined]
__pthread_kill_internal(signo=6, threadid=140224031688128) at
pthread_kill.c:78:10
frame #2: 0x00007f8876a96a30
libc.so.6`__GI___pthread_kill(threadid=140224031688128, signo=6) at
pthread_kill.c:89:10
frame #3: 0x00007f8876a42476 libc.so.6`__GI_raise(sig=6) at raise.c:26:13
frame #4: 0x00007f8876a287f3 libc.so.6`__GI_abort at abort.c:79:7
frame #5: 0x00007f8876a896f6 libc.so.6`__libc_message(action=do_abort,
fmt="%s\n") at libc_fatal.c:155:5
frame #6: 0x00007f8876aa0d7c libc.so.6`malloc_printerr(str="corrupted
double-linked list") at malloc.c:5664:3
frame #7: 0x00007f8876aa184c libc.so.6`unlink_chunk(p=<unavailable>,
av=<unavailable>) at malloc.c:1635:5
frame #8: 0x00007f8876aa19e9
libc.so.6`malloc_consolidate(av=0x00007f8876c19c80) at malloc.c:4780:6
frame #9: 0x00007f8876aa2f20 libc.so.6`_int_free(av=0x00007f8876c19c80,
p=0x0000556159d1ea40, have_lock=<unavailable>) at malloc.c:4674:2
frame #10: 0x00007f8876aa54d3 libc.so.6`__GI___libc_free(mem=<unavailable>)
at malloc.c:3391:7
frame #11: 0x00007f887a3e258f
libkwin.so.5`QTypedArrayData<char>::deallocate(data=0x0000556159d20060) at
qarraydata.h:240:9
frame #12: 0x00007f887a3de000
libkwin.so.5`QByteArray::~QByteArray(this=0x00005561592579a8) at
qbytearray.h:495:57
frame #13: 0x00007f887a943848
libkwin.so.5`KWaylandServer::KeyboardInterfacePrivate::~KeyboardInterfacePrivate(this=0x0000556159257940)
at keyboard_interface_p.h:20:7
frame #14: 0x00007f887a943889
libkwin.so.5`KWaylandServer::KeyboardInterfacePrivate::~KeyboardInterfacePrivate(this=0x0000556159257940)
at keyboard_interface_p.h:20:7
frame #15: 0x00007f887a9442fc
libkwin.so.5`std::default_delete<KWaylandServer::KeyboardInterfacePrivate>::operator(this=0x00005561592578d0,
__ptr=0x0000556159257940)(KWaylandServer::KeyboardInterfacePrivate*) const at
unique_ptr.h:95:2
frame #16: 0x00007f887a9436c3
libkwin.so.5`std::unique_ptr<KWaylandServer::KeyboardInterfacePrivate,
std::default_delete<KWaylandServer::KeyboardInterfacePrivate>>::~unique_ptr(this=0x556159257940)
at unique_ptr.h:396:4
frame #17: 0x00007f887a94264b
libkwin.so.5`KWaylandServer::KeyboardInterface::~KeyboardInterface(this=0x00005561592578c0)
at keyboard_interface.cpp:130:39
frame #18: 0x00007f887a942679
libkwin.so.5`KWaylandServer::KeyboardInterface::~KeyboardInterface(this=0x00005561592578c0)
at keyboard_interface.cpp:130:39
frame #19: 0x00007f887a9842ac
libkwin.so.5`std::default_delete<KWaylandServer::KeyboardInterface>::operator(this=0x00005561591e1480,
__ptr=0x00005561592578c0)(KWaylandServer::KeyboardInterface*) const at
unique_ptr.h:95:2
frame #20: 0x00007f887a983c43
libkwin.so.5`std::unique_ptr<KWaylandServer::KeyboardInterface,
std::default_delete<KWaylandServer::KeyboardInterface>>::~unique_ptr(this=0x5561592578c0)
at unique_ptr.h:396:4
frame #21: 0x00007f887a982a1e
libkwin.so.5`KWaylandServer::SeatInterfacePrivate::~SeatInterfacePrivate(this=0x00005561591e1400)
at seat_interface_p.h:33:7
frame #22: 0x00007f887a982a69
libkwin.so.5`KWaylandServer::SeatInterfacePrivate::~SeatInterfacePrivate(this=0x00005561591e1400)
at seat_interface_p.h:33:7
frame #23: 0x00007f887a984bac
libkwin.so.5`std::default_delete<KWaylandServer::SeatInterfacePrivate>::operator(this=0x0000556159257350,
__ptr=0x00005561591e1400)(KWaylandServer::SeatInterfacePrivate*) const at
unique_ptr.h:95:2
frame #24: 0x00007f887a980de3
libkwin.so.5`std::unique_ptr<KWaylandServer::SeatInterfacePrivate,
std::default_delete<KWaylandServer::SeatInterfacePrivate>>::~unique_ptr(this=0x5561591e1400)
at unique_ptr.h:396:4
frame #25: 0x00007f887a97851f
libkwin.so.5`KWaylandServer::SeatInterface::~SeatInterface(this=0x0000556159257340)
at seat_interface.cpp:107:1
frame #26: 0x00007f887a978549
libkwin.so.5`KWaylandServer::SeatInterface::~SeatInterface(this=0x0000556159257340)
at seat_interface.cpp:102:1
frame #27: 0x00007f88786e711e
libQt5Core.so.5`QObjectPrivate::deleteChildren() + 110
frame #28: 0x00007f88786f21a6 libQt5Core.so.5`QObject::~QObject() + 1046
frame #29: 0x00007f887a926a30
libkwin.so.5`KWaylandServer::Display::~Display(this=0x0000556159252600) at
display.cpp:50:1
frame #30: 0x00007f887a93b354
libkwin.so.5`KWaylandServer::FilteredDisplay::~FilteredDisplay(this=0x0000556159252600)
at filtered_display.cpp:50:1
frame #31: 0x00007f887a77852b
libkwin.so.5`KWin::KWinDisplay::~KWinDisplay(this=0x0000556159252600) at
wayland_server.cpp:102:7
frame #32: 0x00007f887a778559
libkwin.so.5`KWin::KWinDisplay::~KWinDisplay(this=0x0000556159252600) at
wayland_server.cpp:102:7
frame #33: 0x00007f88786e711e
libQt5Core.so.5`QObjectPrivate::deleteChildren() + 110
frame #34: 0x00007f88786f21a6 libQt5Core.so.5`QObject::~QObject() + 1046
frame #35: 0x00007f887a76e8b5
libkwin.so.5`KWin::WaylandServer::~WaylandServer(this=0x0000556159248ca0) at
wayland_server.cpp:225:1
frame #36: 0x00007f887a76e8d9
libkwin.so.5`KWin::WaylandServer::~WaylandServer(this=0x0000556159248ca0) at
wayland_server.cpp:223:1
frame #37: 0x00007f88786e711e
libQt5Core.so.5`QObjectPrivate::deleteChildren() + 110
frame #38: 0x00007f88786f21a6 libQt5Core.so.5`QObject::~QObject() + 1046
frame #39: 0x00007f887a652a7b
libkwin.so.5`KWin::Application::~Application(this=0x00007ffe40d5a270) at
main.cpp:143:1
frame #40: 0x0000556157d344cc
kwin_wayland`KWin::ApplicationWayland::~ApplicationWayland(this=0x00007ffe40d5a270)
at main_wayland.cpp:132:1
frame #41: 0x0000556157d37a1f kwin_wayland`main(argc=2,
argv=0x00007ffe40d5a4a8) at main_wayland.cpp:617:1
frame #42: 0x00007f8876a29d90
libc.so.6`__libc_start_call_main(main=(kwin_wayland`main at
main_wayland.cpp:266), argc=2, argv=0x00007ffe40d5a4a8) at
libc_start_call_main.h:58:16
frame #43: 0x00007f8876a29e40
libc.so.6`__libc_start_main_impl(main=(kwin_wayland`main at
main_wayland.cpp:266), argc=2, argv=0x00007ffe40d5a4a8, init=<unavailable>,
fini=<unavailable>, rtld_fini=<unavailable>, stack_end=0x00007ffe40d5a498) at
libc-start.c:392:3
frame #44: 0x0000556157cd27d5 kwin_wayland`_start + 37
thread #2, name = 'QDBusConnection'
frame #0: 0x00007f8876b18d7f libc.so.6`__GI___poll(fds=0x00007f886c0053c0,
nfds=3, timeout=-1) at poll.c:29:10
frame #1: 0x00007f887af66666 libglib-2.0.so.0`___lldb_unnamed_symbol2709 +
390
frame #2: 0x00007f887af0f3e3 libglib-2.0.so.0`g_main_context_iteration + 51
frame #3: 0x00007f8878715ad8
libQt5Core.so.5`QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
+ 104
frame #4: 0x00007f88786ba99b
libQt5Core.so.5`QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 299
frame #5: 0x00007f88784cd4e2 libQt5Core.so.5`QThread::exec() + 98
frame #6: 0x00007f887ae41f1b libQt5DBus.so.5`___lldb_unnamed_symbol1355 +
27
frame #7: 0x00007f88784ce703 libQt5Core.so.5`___lldb_unnamed_symbol9629 +
275
frame #8: 0x00007f8876a94b43 libc.so.6`start_thread(arg=<unavailable>) at
pthread_create.c:442:8
frame #9: 0x00007f8876b26a00 libc.so.6`__clone3 at clone3.S:81
the crash doesn't always end in this trace but it seems to always be in a free.
e.g. another one:
#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=140459150689728)
at ./nptl/pthread_kill.c:44
#1 __pthread_kill_internal (signo=6, threadid=140459150689728) at
./nptl/pthread_kill.c:78
#2 __GI___pthread_kill (threadid=140459150689728, signo=signo@entry=6) at
./nptl/pthread_kill.c:89
#3 0x00007fbf34e42476 in __GI_raise (sig=sig@entry=6) at
../sysdeps/posix/raise.c:26
#4 0x00007fbf34e287f3 in __GI_abort () at ./stdlib/abort.c:79
#5 0x00007fbf34e896f6 in __libc_message (action=action@entry=do_abort,
fmt=fmt@entry=0x7fbf34fdbb8c "%s\n") at ../sysdeps/posix/libc_fatal.c:155
#6 0x00007fbf34ea0d7c in malloc_printerr (str=str@entry=0x7fbf34fde740
"free(): invalid next size (fast)") at ./malloc/malloc.c:5664
#7 0x00007fbf34ea2b1d in _int_free (av=0x7fbf35019c80 <main_arena>,
p=0x555c19d9d9a0, have_lock=0) at ./malloc/malloc.c:4522
#8 0x00007fbf34ea54d3 in __GI___libc_free (mem=<optimized out>) at
./malloc/malloc.c:3391
#9 0x00007fbf368e711e in QObjectPrivate::deleteChildren()
(this=0x555c1a0408d0) at kernel/qobject.cpp:2137
#10 0x00007fbf368f21a6 in QObject::~QObject() (this=<optimized out>,
__in_chrg=<optimized out>) at kernel/qobject.cpp:1115
#11 0x00007fbf3612713b in
KGlobalAccelSingleton::KGlobalAccelSingleton()::{lambda()#1}::_FUN() () at
./obj-x86_64-linux-gnu/src/kglobalaccel_component_interface.cpp:25
#12 0x00007fbf368be222 in qt_call_post_routines() () at
kernel/qcoreapplication.cpp:336
#13 0x00007fbf3576ce78 in QApplication::~QApplication() (this=0x7ffdeed57040,
__in_chrg=<optimized out>) at kernel/qapplication.cpp:711
#14 0x00007fbf38852a7b in KWin::Application::~Application()
(this=0x7ffdeed57040) at /home/me/src/kwin/src/main.cpp:143
#15 0x0000555c18b144cc in KWin::ApplicationWayland::~ApplicationWayland()
(this=0x7ffdeed57040) at /home/me/src/kwin/src/main_wayland.cpp:132
#16 0x0000555c18b17a1f in main(int, char**) (argc=2, argv=0x7ffdeed57278) at
/home/me/src/kwin/src/main_wayland.cpp:617
--
You are receiving this mail because:
You are watching all bug changes.
