Bug#985197: kwin-wayland: Drag and drop a file in Dolphin makes KDE Plasma Wayland crash
Hello Santos,
I tried to reproduce this issue but did not see it inside a minimal VM.
Therefore tried to some more information from the Code bytes printed in
you journal/dmesg.
This should point to this instruction:
0x00007f6e16bd5268 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+24>: 49 8b 87 c8 00 00 00 mov 0xc8(%r15),%rax
A breakpoint set to this instruction points to this source line:
0x...268 in QListData::isEmpty() const at /usr/include/x86_64-linux-gnu/qt5/QtCore/qlist.h:116
The unmangled function name should read like this:
KWaylandServer::SurfaceInterface::frameRendered(unsigned int)
Unfortunately this seems not exact enough to take further actions.
Therefore I would suggest installing, if possible, the package
systemd-coredump. That way in the journal a simple backtrace should
be printed which might give an idea which functions are involved.
(As there may crash multiple processes as the wayland server dies,
make sure to get the lines after this line:
"Process ... (kwin_wayland) of user ... dumped core"
On the other side a search in upstream bugtracker returned [1].
I could immediately reproduce that crash by dragging an icon
from the kickoff menu onto a opened konsole window, which crashed
in the exact same instruction, pointed to by the code bytes from
the bug submission. Therefore I guess chances are not too bad
this bug is related.
Kind regards,
Bernhard
[1] https://bugs.kde.org/show_bug.cgi?id=428399
# single-use Bullseye/testing amd64 qemu VM 2021-03-29
echo "set enable-bracketed-paste off" >> /etc/inputrc; bash
apt update
# to speedup testing
mv /etc/manpath.config /etc/manpath.config.renamed
apt install libeatmydata1
export LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libeatmydata.so
apt dist-upgrade
apt install systemd-coredump mc gdb rr valgrind sddm plasma-workspace-wayland dolphin konsole lilypond-doc-html \
libkwaylandserver5-dbgsym
apt build-dep libkwaylandserver5
mkdir /home/benutzer/source/libkwaylandserver5/orig -p
cd /home/benutzer/source/libkwaylandserver5/orig
apt source libkwaylandserver5
cd
cp -a /usr/share/doc/lilypond/html/Documentation/58/lily-ab77784d.ly .
# could not reproduce by drag and drop ...
https://wiki.debian.org/InterpretingKernelOutputAtProcessCrash
# By bug submitter:
kernel: kwin_wayland[12033]: segfault at e8 ip 00007fbbe21d5268 sp 00007ffe4b5000b0 error 4 in libKWaylandServer.so.5.20.5[7fbbe217d000+b6000]
kernel: Code: 00 00 48 8b 47 10 48 8b 40 48 c3 90 66 0f 1f 44 00 00 41 57 41 56 41 55 41 54 41 89 f4 55 48 89 fd 53 48 83 ec 18 4c 8b 7f 10 <49> 8b 87 c8 00 00 00 8b 48 0c 8b 58 08 89 4c 24 0c 89 5c 24 08 39
error 4 == 0b100
0: no page found
0: read access
1: user-mode access
echo -n "find /b ..., ..., 0x" && \
echo "00 00 48 8b 47 10 48 8b 40 48 c3 90 66 0f 1f 44 00 00 41 57 41 56 41 55 41 54 41 89 f4 55 48 89 fd 53 48 83 ec 18 4c 8b 7f 10 <49> 8b 87 c8 00 00 00 8b 48 0c 8b 58 08 89 4c 24 0c 89 5c 24 08 39" \
| sed 's/[<>]//g' | sed 's/ /, 0x/g'
find /b ..., ..., 0x00, 0x00, 0x48, 0x8b, 0x47, 0x10, 0x48, 0x8b, 0x40, 0x48, 0xc3, 0x90, 0x66, 0x0f, 0x1f, 0x44, 0x00, 0x00, 0x41, 0x57, 0x41, 0x56, 0x41, 0x55, 0x41, 0x54, 0x41, 0x89, 0xf4, 0x55, 0x48, 0x89, 0xfd, 0x53, 0x48, 0x83, 0xec, 0x18, 0x4c, 0x8b, 0x7f, 0x10, 0x49, 0x8b, 0x87, 0xc8, 0x00, 0x00, 0x00, 0x8b, 0x48, 0x0c, 0x8b, 0x58, 0x08, 0x89, 0x4c, 0x24, 0x0c, 0x89, 0x5c, 0x24, 0x08, 0x39
# dpkg -S libKWaylandServer.so.5.20.5
libkwaylandserver5:amd64: /usr/lib/x86_64-linux-gnu/libKWaylandServer.so.5.20.5
$ gdb -q --pid $(pidof kwin_wayland)
...
(gdb) set width 0
(gdb) set pagination off
(gdb) info share
From To Syms Read Shared Object Library
0x00007f6e16b80ff0 0x00007f6e16c32a66 Yes /lib/x86_64-linux-gnu/libKWaylandServer.so.5
...
(gdb) find /b 0x00007f6e16b80ff0, 0x00007f6e16c32a66, 0x00, 0x00, 0x48, 0x8b, 0x47, 0x10, 0x48, 0x8b, 0x40, 0x48, 0xc3, 0x90, 0x66, 0x0f, 0x1f, 0x44, 0x00, 0x00, 0x41, 0x57, 0x41, 0x56, 0x41, 0x55, 0x41, 0x54, 0x41, 0x89, 0xf4, 0x55, 0x48, 0x89, 0xfd, 0x53, 0x48, 0x83, 0xec, 0x18, 0x4c, 0x8b, 0x7f, 0x10, 0x49, 0x8b, 0x87, 0xc8, 0x00, 0x00, 0x00, 0x8b, 0x48, 0x0c, 0x8b, 0x58, 0x08, 0x89, 0x4c, 0x24, 0x0c, 0x89, 0x5c, 0x24, 0x08, 0x39
0x7f6e16bd523e
1 pattern found.
(gdb) b * (0x7f6e16bd523e + 42)
Breakpoint 1 at 0x7f6e16bd5268: file /usr/include/x86_64-linux-gnu/qt5/QtCore/qlist.h, line 116.
(gdb) info b
Num Type Disp Enb Address What
1 breakpoint keep y 0x00007f6e16bd5268 in QListData::isEmpty() const at /usr/include/x86_64-linux-gnu/qt5/QtCore/qlist.h:116
(gdb) disassemble /r 0x7f6e16bd523e, 0x7f6e16bd523e + 62
Dump of assembler code from 0x7f6e16bd523e to 0x7f6e16bd527c:
0x00007f6e16bd523e: 00 00 add %al,(%rax)
0x00007f6e16bd5240 <_ZNK14KWaylandServer16SurfaceInterface10compositorEv+0>: 48 8b 47 10 mov 0x10(%rdi),%rax
0x00007f6e16bd5244 <_ZNK14KWaylandServer16SurfaceInterface10compositorEv+4>: 48 8b 40 48 mov 0x48(%rax),%rax
0x00007f6e16bd5248 <_ZNK14KWaylandServer16SurfaceInterface10compositorEv+8>: c3 ret
0x00007f6e16bd5249: 90 nop
0x00007f6e16bd524a: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
0x00007f6e16bd5250 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+0>: 41 57 push %r15
0x00007f6e16bd5252 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+2>: 41 56 push %r14
0x00007f6e16bd5254 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+4>: 41 55 push %r13
0x00007f6e16bd5256 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+6>: 41 54 push %r12
0x00007f6e16bd5258 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+8>: 41 89 f4 mov %esi,%r12d
0x00007f6e16bd525b <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+11>: 55 push %rbp
0x00007f6e16bd525c <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+12>: 48 89 fd mov %rdi,%rbp
0x00007f6e16bd525f <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+15>: 53 push %rbx
0x00007f6e16bd5260 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+16>: 48 83 ec 18 sub $0x18,%rsp
0x00007f6e16bd5264 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+20>: 4c 8b 7f 10 mov 0x10(%rdi),%r15
-> 0x00007f6e16bd5268 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+24>: 49 8b 87 c8 00 00 00 mov 0xc8(%r15),%rax
0x00007f6e16bd526f <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+31>: 8b 48 0c mov 0xc(%rax),%ecx
0x00007f6e16bd5272 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+34>: 8b 58 08 mov 0x8(%rax),%ebx
0x00007f6e16bd5275 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+37>: 89 4c 24 0c mov %ecx,0xc(%rsp)
0x00007f6e16bd5279 <_ZN14KWaylandServer16SurfaceInterface13frameRenderedEj+41>: 89 5c 24 08 mov %ebx,0x8(%rsp)
End of assembler dump.
set width 0
set pagination off
info share
find /b 0x00007f6e16b80ff0, 0x00007f6e16c32a66, 0x00, 0x00, 0x48, 0x8b, 0x47, 0x10, 0x48, 0x8b, 0x40, 0x48, 0xc3, 0x90, 0x66, 0x0f, 0x1f, 0x44, 0x00, 0x00, 0x41, 0x57, 0x41, 0x56, 0x41, 0x55, 0x41, 0x54, 0x41, 0x89, 0xf4, 0x55, 0x48, 0x89, 0xfd, 0x53, 0x48, 0x83, 0xec, 0x18, 0x4c, 0x8b, 0x7f, 0x10, 0x49, 0x8b, 0x87, 0xc8, 0x00, 0x00, 0x00, 0x8b, 0x48, 0x0c, 0x8b, 0x58, 0x08, 0x89, 0x4c, 0x24, 0x0c, 0x89, 0x5c, 0x24, 0x08, 0x39
b * (0x7f6e16bd523e + 42)
info b
disassemble /r 0x7f6e16bd523e, 0x7f6e16bd523e + 62
https://demangler.com/
-- _ZN14KWaylandServer16SurfaceInterface13frameRenderedEj
-> KWaylandServer::SurfaceInterface::frameRendered(unsigned int)
https://sources.debian.org/src/kwayland-server/5.20.5-1/src/server/surface_interface.cpp/#L417
https://bugs.kde.org/show_bug.cgi?id=428399
Reply to: