Skip to content

Gamescope segfaults when switching TTY #1920

New issue
New issue
Closed
#1919
Closed
Gamescope segfaults when switching TTY#1920
#1919
@Ferdi265

Description

@Ferdi265
Ferdi265
opened on Jul 14, 2025

Is there an existing issue for this?

  • I have searched the existing issues

Are you using any gamescope patches or a forked version of gamescope?

  • The issue occurs on upstream gamescope without any modifications

Current Behavior

When switching to another TTY while gamescope is running, gamescope crashes on a nullptr access in CWaylandBackend::UpdateCursor() when accessing m_pPointer.

Steps To Reproduce

  1. run gamescope xterm (or any other application)
  2. switch to another TTY with Ctrl+Alt+F2 or similar
  3. return to the original TTY
  4. notice the segmentation fault

Hardware information

- Distro: Arch Linux
- CPU: AMD Ryzen 7 7840U
- GPU: Radeon 780M Graphics
- Driver Version: amdgpu from Linux 6.15.6.arch1-1

Software information

- Desktop environment: Sway
- Session type: Wayland
- Gamescope version: latest git commit 875a4e07
- Gamescope launch command(s): `gamescope xterm`

Arch Linux Package Versions

Sway-git: 1.12.r7583.f57c82a-1
Wlroots-git: 0.20.0.r7559.c39b3ce7a-1
Gamescope-git: 3.16.14.r5.g875a4e07-1

Which gamescope backends have the issue you are reporting?

  • Wayland (default for nested gamescope)
  • DRM (default for embedded gamescope, i.e. gamescope-session)
  • SDL
  • OpenVR

Logging, screenshots, or anything else

gamescope-crash.log

GDB bt full 
#0  wl_proxy_get_version (proxy=0x0) at ../wayland-1.23.1/src/wayland-client.c:2317
#1  0x000055a5f578a910 in wl_pointer_set_cursor
    (wl_pointer=<optimized out>, serial=<optimized out>, surface=<optimized out>, hotspot_x=7, hotspot_y=4)
    at /usr/include/wayland-client-protocol.h:5112
#2  gamescope::CWaylandBackend::UpdateCursor (this=<optimized out>) at ../src/Backends/WaylandBackend.cpp:2408
        bUseHostCursor = <optimized out>
#3  0x00007f1e8f14aac6 in ffi_call_unix64 () at ../src/x86/unix64.S:104
#4  0x00007f1e8f14776b in ffi_call_int
    (cif=cif@entry=0x7f1e4fffe360, fn=fn@entry=0x55a5f578aa10 <_FUN<wl_keyboard*, unsigned int, wl_surface*>(void*)>, rvalue=<optimized out>, rvalue@entry=0x0, avalue=avalue@entry=0x7f1e4fffe430, closure=closure@entry=0x0) at ../src/x86/ffi64.c:676
        classes = {X86_64_INTEGER_CLASS, X86_64_NO_CLASS, 2400502432, 32542}
        stack = <optimized out>
        argp = 0x7f1e4fffe1b0 ""
        arg_types = <optimized out>
        gprcount = 4
        ssecount = <optimized out>
        ngpr = 1
        nsse = 0
        i = <optimized out>
        avn = <optimized out>
        flags = <optimized out>
        reg_args = <optimized out>
#5  0x00007f1e8f14a06e in ffi_call
    (cif=cif@entry=0x7f1e4fffe360, fn=0x55a5f578aa10 <_FUN<wl_keyboard*, unsigned int, wl_surface*>(void*)>, rvalue=rvalue@entry=0x0, avalue=avalue@entry=0x7f1e4fffe430) at ../src/x86/ffi64.c:713
        arg_types = <optimized out>
        i = <optimized out>
        nargs = <optimized out>
        max_reg_struct_size = <optimized out>
#6  0x00007f1e8f86e910 in wl_closure_invoke (closure=closure@entry=0x7f1e4807a570, target=<optimized out>, 
    target@entry=0x55a63286a420, opcode=opcode@entry=2, data=<optimized out>, flags=1) at ../wayland-1.23.1/src/connection.c:1228
        count = 2
        cif = {
          abi = FFI_UNIX64,
          nargs = 4,
          arg_types = 0x7f1e4fffe380,
          rtype = 0x7f1e8f14c1a0 <ffi_type_void>,
          bytes = 0,
          flags = 0
        }
        ffi_types = {0x7f1e8f14c2a0 <ffi_type_pointer>, 0x7f1e8f14c2a0 <ffi_type_pointer>, 0x7f1e8f14c240 <ffi_type_uint32>, 0x7f1e8f14c2a0 <ffi_type_pointer>, 0x7f1e8f14c240 <ffi_type_uint32>, 0x7f1e8f14c240 <ffi_type_uint32>, 0x7f1e8f14c240 <ffi_type_uint32>, 0x55a632b5e020, 0x7f1e4fffe3e0, 0x7f1e8eab1024 <__syscall_cancel+20>, 0x2f, 0x55a632b5e020, 0x7f1e4fffe400, 0x7f1e8eb39c81 <__libc_recvmsg+33>, 0x2f, 0x7f1e8eb26902 <__GI___close+34>, 0x0, 0x7f1e8f124cb9 <_xcb_in_read+1161>, 0x2f, 0x55a632b5f0f0, 0x7f1e4fffe588, 0xffffffffffffffff}
        ffi_args = {0x7f1e4fffe340, 0x7f1e4fffe348, 0x7f1e4807a588, 0x7f1e4807a590, 0x7f1e48079028, 0x7f1e48079030, 0x7f1e48079038, 0x50, 0x0, 0x1, 0x7f1e4fffe4b0, 0x7f1e8eac1958 <_int_free_create_chunk+136>, 0x30, 0x2e0, 0x7f1e48078ff0, 0x7f1e48000030, 0x7f1e4fffe4f0, 0x7f1e8eac2dfe <_int_free_merge_chunk+174>, 0xf0, 0x7f1e4807a470, 0x0, 0xb}
        implementation = <optimized out>
#7  0x00007f1e8f86f199 in dispatch_event (display=display@entry=0x55a632869d90, queue=queue@entry=0x55a632869e88)
    at ../wayland-1.23.1/src/wayland-client.c:1674
        closure = 0x7f1e4807a570
        proxy = 0x55a63286a420
        opcode = 2
        proxy_destroyed = <optimized out>
#8  0x00007f1e8f86f573 in dispatch_queue (display=0x55a632869d90, queue=0x55a632869e88)
    at ../wayland-1.23.1/src/wayland-client.c:1820
        count = 17
        count = <optimized out>
        err = <optimized out>
#9  wl_display_dispatch_queue_pending (display=0x55a632869d90, queue=0x55a632869e88) at ../wayland-1.23.1/src/wayland-client.c:2062
        ret = <optimized out>
#10 0x000055a5f57865da in gamescope::CWaylandBackend::PollState (this=0x55a632868340) at ../src/Backends/WaylandBackend.cpp:2149
#11 0x000055a5f57e89b9 in steamcompmgr_main (argc=argc@entry=2, argv=argv@entry=0x7ffdeb3f30c8) at ../src/steamcompmgr.cpp:8154
        vblank = false
        bVRR = <optimized out>
        vblank_idx = 209
        bIsVBlankFromTimer = false
        flush_root = true
        s_eLastVirtualConnectorStrategy = gamescope::VirtualConnectorStrategies::SingleApplication
        eVirtualConnectorStrategy = <optimized out>
        bPainted = <optimized out>
        nIgnoredOverlayRepaints = 0
        readyPipeFD = <optimized out>
        o = <optimized out>
        opt_index = -1
        bForceWindowsFullscreen = <optimized out>
        subCommandArg = <optimized out>
        pchEnableVkBasalt = <optimized out>
        xwayland_server_guard = {
          _M_device = 0x55a5f5b02220 <g_SteamCompMgrXWaylandServerMutex>,
          _M_owns = true
        }
        root_server = <optimized out>
        root_ctx = <optimized out>
        res = <optimized out>
        sysfs_caps = <optimized out>
#12 0x000055a5f580d161 in steamCompMgrThreadRun (argc=2, argv=0x7ffdeb3f30c8) at ../src/main.cpp:1047
#13 0x00007f1e8eee51a4 in std::execute_native_thread_routine (__p=0x55a632b7a920)
    at /usr/src/debug/gcc/gcc/libstdc++-v3/src/c++11/thread.cc:104
        __t = std::unique_ptr<std::thread::_State> = {
          get() = <optimized out>
        }
#14 0x00007f1e8eab47eb in start_thread (arg=<optimized out>) at pthread_create.c:448
        ret = <optimized out>
        pd = <optimized out>
        out = <optimized out>
        unwind_buf = {
          cancel_jmp_buf = {{
              jmp_buf = {139768167921344, -6701559577594704885, 139768167921344, 140728550239408, 11, 140728550239671, -6701559577535984629, -6701701787235005429},
              mask_was_saved = 0
            }},
          priv = {
            pad = {0x0, 0x0, 0x0, 0x0},
            data = {
              prev = 0x0,
              cleanup = 0x0,
              canceltype = 0
            }
          }
        }
        not_first_call = <optimized out>
#15 0x00007f1e8eb3818c in __GI___clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions