Created attachment 1583411 [details] trace of plasmashell segmentation fault in Plasma 5.15.5 on Wayland with Qt 5.12.4 Description of problem: I saw segmentation faults of plasmashell in wl_proxy_marshal_constructor at wayland-client.c:819 in Plasma 5.15.5 on Wayland in Fedora 30. These crashes occurred on startup of one session, and three times in another session. These crashes started right after I updated from Qt 5.12.1 to 5.12.4 from koji along with the dependent Plasma and KF5 rebuilds. drkonqi wouldn't allow me to submit the attached trace which had the following segmentation fault and crashing thread. Application: Plasma (plasmashell), signal: Segmentation fault Using host libthread_db library "/lib64/libthread_db.so.1". futex_wait_cancelable (private=0, expected=0, futex_word=0x564abb0ba9b0) at ../sysdeps/unix/sysv/linux/futex-internal.h:88 88 int err = lll_futex_timed_wait (futex_word, expected, NULL, private); [Current thread is 1 (Thread 0x7f5298ae7d00 (LWP 1518))] Thread 23 (Thread 0x7f522cff7700 (LWP 1744)): [KCrash Handler] #6 wl_proxy_marshal_constructor (proxy=0x0, opcode=opcode@entry=3, interface=0x7f5296fb8980 <wl_callback_interface>) at src/wayland-client.c:819 #7 0x00007f52867430ed in wl_surface_frame (wl_surface=<optimized out>) at ../../include/QtWaylandClient/5.12.4/QtWaylandClient/private/../../../../../src/client/wayland-wayland-client-protocol.h:2798 #8 QtWayland::wl_surface::frame (this=this@entry=0x564aba0561a8) at qwayland-wayland.cpp:1134 #9 0x00007f52867203ab in QtWaylandClient::QWaylandWindow::handleUpdate (this=0x564aba056180) at qwaylandwindow.cpp:1151 #10 0x00007f527f9a2f04 in QtWaylandClient::QWaylandGLContext::swapBuffers (this=0x564aba8448a0, surface=<optimized out>) at ../../../../hardwareintegration/client/wayland-egl/qwaylandglcontext.cpp:568 #11 0x00007f5297ac4441 in QOpenGLContext::swapBuffers (this=0x564ab9f4dc10, surface=<optimized out>) at kernel/qopenglcontext.cpp:1115 #12 0x00007f52992e3401 in QSGRenderThread::syncAndRender (this=this@entry=0x7f524801db40) at scenegraph/qsgthreadedrenderloop.cpp:652 #13 0x00007f52992e7168 in QSGRenderThread::run (this=0x7f524801db40) at scenegraph/qsgthreadedrenderloop.cpp:730 #14 0x00007f529750e786 in QThreadPrivate::start (arg=0x7f524801db40) at thread/qthread_unix.cpp:361 #15 0x00007f52969715a2 in start_thread (arg=<optimized out>) at pthread_create.c:486 #16 0x00007f5297184303 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 I think the segmentation fault might've been due to a null pointer dereference since proxy=0x0 in the wl_proxy_marshal_constructor call, and proxy was dereferenced at wayland-client.c:820 in proxy->object.interface->methods[opcode].signature The wl_proxy_marshal_constructor function was as follows 812 WL_EXPORT struct wl_proxy * 813 wl_proxy_marshal_constructor(struct wl_proxy *proxy, uint32_t opcode, 814 const struct wl_interface *interface, ...) 815 { 816 union wl_argument args[WL_CLOSURE_MAX_ARGS]; 817 va_list ap; 818 819 va_start(ap, interface); 820 wl_argument_from_va_list(proxy->object.interface->methods[opcode].signature, 821 args, WL_CLOSURE_MAX_ARGS, ap); 822 va_end(ap); 823 824 return wl_proxy_marshal_array_constructor(proxy, opcode, 825 args, interface); 826 } Functions from qt5-qtwayland at #8-10 and qt5-qtdeclarative lower in the crashing thread might be involved. I've seen a similar segmentation fault in plasmashell with qt 5.12.4 with a different trace which I might make another report for. Version-Release number of selected component (if applicable): kf5-kwayland-0:5.59.0-2.fc30.x86_64 libwayland-client-0:1.17.0-1.fc30.x86_64 plasma-workspace-0:5.15.5-1.fc30.x86_64 qt5-qtwayland-0:5.12.4-1.fc30.x86_64 How reproducible: These segmentation faults have occurred at least 4 times during two Plasma on Wayland sessions. Steps to Reproduce: 1. Boot F30 Plasma spin fully updated with updates-testing enabled 2. Log in to Plasma on Wayland from sddm 3. if qt5-qtnetworkauth is installed, sudo dnf remove qt5-qtnetworkauth (due to dnf dependency problems since qt5-qtnetworkauth-5.12.4 was not available on koji) 4. dnf upgrade to qt5 5.12.4 with dependent Plasma and kf5 rebuilds from koji 5. reboot 6. Log in to Plasma on Wayland 7. coredumpctl 8. coredumpctl debug 9. gnome-abrt Actual results: Crashes of plasmashell in Plasma on Wayland with Qt 5.12.4. Expected results: No crashes. Additional info: I haven't seen any such crashes in Plasma on X with Qt 5.12.4. I've commented on a report of a plasmashell crash with a similar trace at https://bugs.kde.org/show_bug.cgi?id=408847 The following reports have plasmashell crashes with Qt 5.12.4 with similar traces: https://bugs.kde.org/show_bug.cgi?id=408969 https://bugs.kde.org/show_bug.cgi?id=408973 https://bugs.kde.org/show_bug.cgi?id=409014 I tried to submit a report with abrt, but abrt didn't allow it with an error there wasn't enough information in the trace.
David Edmundson wrote a patch for qtwayland in Qt 5.13 to fix these crashes. https://bugs.kde.org/show_bug.cgi?id=408847#c5 https://codereview.qt-project.org/c/qt/qtwayland/+/265998 Could that patch be backported to qt5-qtwayland 5.12.4? Thanks.
FEDORA-2019-26e5d293d4 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-26e5d293d4
qt5-qtwayland-5.12.4-3.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-26e5d293d4
qt5-qtwayland-5.12.4-3.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.