https://bugs.kde.org/show_bug.cgi?id=466281
--- Comment #1 from Matt Fagnani <matt.fagn...@bell.net> ---
I booted the Fedora 38 KDE Plasma live image
Fedora-KDE-Live-x86_64-38-20230221.n.1.iso in a QEMU/KVM VM using GNOME Boxes
with 3D acceleration disabled using the llvmpipe driver. I ran nested
kwin_wayland under valgrind in konsole with valgrind
--log-file=valgrind-nested-kwin_wayland-5.27.0-1.txt --enable-debuginfod=no
kwin_wayland --xwayland
The valgrind log showed the syscall param waitid(infop) pointed to
unaddressable byte(s) 0x0 and an invalid read of the address 0x4 at
UnknownInlinedFun (kwinglutils.h:421) causing the segmentation fault.
==4964== Memcheck, a memory error detector
==4964== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==4964== Using Valgrind-3.20.0 and LibVEX; rerun with -h for copyright info
==4964== Command: kwin_wayland --xwayland
==4964== Parent PID: 4142
==4964==
==4964== Syscall param waitid(infop) points to unaddressable byte(s)
==4964== at 0x78A3D2D: syscall (syscall.S:38)
==4964== by 0x666F85E: sys_waitid (forkfd_linux.c:65)
==4964== by 0x666F85E: detect_clone_pidfd_support (forkfd_linux.c:126)
==4964== by 0x666F85E: system_forkfd (forkfd_linux.c:142)
==4964== by 0x666F85E: forkfd (forkfd.c:651)
==4964== by 0x6655118: QProcessPrivate::startProcess()
(qprocess_unix.cpp:466)
==4964== by 0x2137EE: KWin::Xwl::XwaylandLauncher::startInternal() [clone
.isra.0] (xwaylandlauncher.cpp:186)
==4964== by 0x66FBF50: call (qobjectdefs_impl.h:398)
==4964== by 0x66FBF50: void doActivate<false>(QObject*, int, void**)
(qobject.cpp:3923)
==4964== by 0x4CB93BE: KWin::Compositor::setupStart() [clone .part.0]
(composite.cpp:335)
==4964== by 0x4CBAE27: KWin::WaylandCompositor::start() (composite.cpp:799)
==4964== by 0x66F303A: QObject::event(QEvent*) (qobject.cpp:1347)
==4964== by 0x6E34CE4: QApplicationPrivate::notify_helper(QObject*, QEvent*)
(in /usr/lib64/libQt5Widgets.so.5.15.8)
==4964== by 0x66C7647: QCoreApplication::notifyInternal2(QObject*, QEvent*)
(qcoreapplication.cpp:1064)
==4964== by 0x66CAAF4: QCoreApplicationPrivate::sendPostedEvents(QObject*,
int, QThreadData*) (qcoreapplication.cpp:1821)
==4964== by 0x6717370:
QEventDispatcherUNIX::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
(qeventdispatcher_unix.cpp:468)
==4964== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==4964==
==4964== Invalid read of size 8
==4964== at 0x4CC2EAD: UnknownInlinedFun (kwinglutils.h:421)
==4964== by 0x4CC2EAD: KWin::RenderTarget::size() const
(rendertarget.cpp:30)
==4964== by 0x4D69FEB: KWin::CursorScene::paint(KWin::RenderTarget*, QRegion
const&) (cursorscene.cpp:57)
==4964== by 0x4D6ED90: KWin::SceneDelegate::paint(KWin::RenderTarget*,
QRegion const&) (scene.cpp:55)
==4964== by 0x4EA4431:
KWin::Wayland::WaylandOutput::renderCursorOpengl(KWin::Wayland::WaylandEglBackend*,
KWin::CursorSource*) (wayland_output.cpp:229)
==4964== by 0x4EA4804: UnknownInlinedFun (wayland_output.cpp:191)
==4964== by 0x4EA4804:
KWin::Wayland::WaylandOutput::setCursor(KWin::CursorSource*)
(wayland_output.cpp:184)
==4964== by 0x4CB6A41:
KWin::Compositor::addOutput(KWin::Output*)::{lambda()#2}::operator()() const
(composite.cpp:455)
==4964== by 0x4CBA685: KWin::Compositor::addOutput(KWin::Output*)
(composite.cpp:471)
==4964== by 0x4CBA987: KWin::Compositor::startupWithWorkspace()
(composite.cpp:383)
==4964== by 0x66F303A: QObject::event(QEvent*) (qobject.cpp:1347)
==4964== by 0x6E34CE4: QApplicationPrivate::notify_helper(QObject*, QEvent*)
(in /usr/lib64/libQt5Widgets.so.5.15.8)
==4964== by 0x66C7647: QCoreApplication::notifyInternal2(QObject*, QEvent*)
(qcoreapplication.cpp:1064)
==4964== by 0x66CAAF4: QCoreApplicationPrivate::sendPostedEvents(QObject*,
int, QThreadData*) (qcoreapplication.cpp:1821)
==4964== Address 0x4 is not stack'd, malloc'd or (recently) free'd
==4964==
==4964==
==4964== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==4964== Access not within mapped region at address 0x4
==4964== at 0x4CC2EAD: UnknownInlinedFun (kwinglutils.h:421)
==4964== by 0x4CC2EAD: KWin::RenderTarget::size() const
(rendertarget.cpp:30)
==4964== by 0x4D69FEB: KWin::CursorScene::paint(KWin::RenderTarget*, QRegion
const&) (cursorscene.cpp:57)
==4964== by 0x4D6ED90: KWin::SceneDelegate::paint(KWin::RenderTarget*,
QRegion const&) (scene.cpp:55)
==4964== by 0x4EA4431:
KWin::Wayland::WaylandOutput::renderCursorOpengl(KWin::Wayland::WaylandEglBackend*,
KWin::CursorSource*) (wayland_output.cpp:229)
==4964== by 0x4EA4804: UnknownInlinedFun (wayland_output.cpp:191)
==4964== by 0x4EA4804:
KWin::Wayland::WaylandOutput::setCursor(KWin::CursorSource*)
(wayland_output.cpp:184)
==4964== by 0x4CB6A41:
KWin::Compositor::addOutput(KWin::Output*)::{lambda()#2}::operator()() const
(composite.cpp:455)
==4964== by 0x4CBA685: KWin::Compositor::addOutput(KWin::Output*)
(composite.cpp:471)
==4964== by 0x4CBA987: KWin::Compositor::startupWithWorkspace()
(composite.cpp:383)
==4964== by 0x66F303A: QObject::event(QEvent*) (qobject.cpp:1347)
==4964== by 0x6E34CE4: QApplicationPrivate::notify_helper(QObject*, QEvent*)
(in /usr/lib64/libQt5Widgets.so.5.15.8)
==4964== by 0x66C7647: QCoreApplication::notifyInternal2(QObject*, QEvent*)
(qcoreapplication.cpp:1064)
==4964== by 0x66CAAF4: QCoreApplicationPrivate::sendPostedEvents(QObject*,
int, QThreadData*) (qcoreapplication.cpp:1821)
==4964== If you believe this happened as a result of a stack
==4964== overflow in your program's main thread (unlikely but
==4964== possible), you can try to increase the size of the
==4964== main thread stack using the --main-stacksize= flag.
==4964== The main thread stack size used in this run was 8388608.
==4964==
==4964== HEAP SUMMARY:
==4964== in use at exit: 9,111,453 bytes in 45,025 blocks
==4964== total heap usage: 257,942 allocs, 212,917 frees, 90,565,412 bytes
allocated
==4964==
==4964== LEAK SUMMARY:
==4964== definitely lost: 256 bytes in 2 blocks
==4964== indirectly lost: 352 bytes in 2 blocks
==4964== possibly lost: 83,504 bytes in 779 blocks
==4964== still reachable: 9,025,325 bytes in 44,221 blocks
==4964== of which reachable via heuristic:
==4964== newarray : 8,488 bytes in 5 blocks
==4964== suppressed: 0 bytes in 0 blocks
==4964== Rerun with --leak-check=full to see details of leaked memory
==4964==
==4964== For lists of detected and suppressed errors, rerun with: -s
==4964== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)
--
You are receiving this mail because:
You are watching all bug changes.
