[kde] [Bug 434733] New: Crash on simulated touch input via uinput at xi2ProcessTouch

bugzilla_noreply at kde.org bugzilla_noreply at kde.org
Sun Mar 21 22:00:41 GMT 2021 

https://bugs.kde.org/show_bug.cgi?id=434733

            Bug ID: 434733
           Summary: Crash on simulated touch input via uinput at
                    xi2ProcessTouch
           Product: kde
           Version: unspecified
          Platform: Archlinux Packages
                OS: Linux
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: general
          Assignee: unassigned-bugs at kde.org
          Reporter: henry at freedesk.net
  Target Milestone: ---

Created attachment 136931
  --> https://bugs.kde.org/attachment.cgi?id=136931&action=edit
libinput debug-events

SUMMARY

Simulating touch events via uinput and rapidly removing and adding a simulated
device back while sending input events crashes any KDE program (I have tested
so far at least). Programs like firefox or xterm are unaffected.

STEPS TO REPRODUCE

- Create a simulated touch screen via uinput for example like that:
https://github.com/H-M-H/Weylus/blob/1c6837d85c7bf7db3c2524f19d21cf7a4f6bf84a/lib/linux/uinput.c#L185-L247
- Delete the device.
- Create it anew.
- Send touch events all the time.

OBSERVED RESULT
Every KDE program I have tested so far crashes here (KCharSelect in this case):

#4  0x00007ff8f1e0a4f3 in QXcbConnection::xi2ProcessTouch(void*, QXcbWindow*)
() from /usr/lib/libQt5XcbQpa.so.5
#5  0x00007ff8f1ddb84f in QXcbConnection::handleXcbEvent(xcb_generic_event_t*)
() from /usr/lib/libQt5XcbQpa.so.5
#6  0x00007ff8f1ddcc69 in
QXcbConnection::processXcbEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from
/usr/lib/libQt5XcbQpa.so.5
#7  0x00007ff8f1e00164 in ?? () from /usr/lib/libQt5XcbQpa.so.5
#8  0x00007ff8f4a62b84 in g_main_context_dispatch () from
/usr/lib/libglib-2.0.so.0
#9  0x00007ff8f4ab6c21 in ?? () from /usr/lib/libglib-2.0.so.0
#10 0x00007ff8f4a613b1 in g_main_context_iteration () from
/usr/lib/libglib-2.0.so.0
#11 0x00007ff8f6283691 in
QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
from /usr/lib/libQt5Core.so.5
#12 0x00007ff8f62293ac in
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from
/usr/lib/libQt5Core.so.5
#13 0x00007ff8f6231844 in QCoreApplication::exec() () from
/usr/lib/libQt5Core.so.5
#14 0x000055db93c547c5 in ?? ()
#15 0x00007ff8f5bf0b25 in __libc_start_main () from /usr/lib/libc.so.6
#16 0x000055db93c5488e in ?? ()
[Inferior 1 (process 6631) detached]

Attached is the output of `libinput debug-events` during the crash.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the Unassigned-bugs mailing list