search

telegramdesktop / tdesktop

Telegram Desktop messaging app
https://desktop.telegram.org/
Other
25.81k stars 5.11k forks source link

Address boundary error regression in newer telegram versions #27800

Closed literallyfiro closed 4 months ago

literallyfiro commented 4 months ago

Steps to reproduce

The crash is quite random, but the most consistent way I found to make it happen is

  1. Go to a random channel or group
  2. Spam the three dots button
  3. After a while, Telegram crashes with "terminated by signal SIGSEGV (Address boundary error)"

Expected behaviour

The app should not crash

Actual behaviour

The app crashes.

While investigating, I discovered that this crash began occurring in Telegram Desktop version 4.13.0. Version 4.12.2 appears to be unaffected. Flatpak version is also affected by this crash

Operating system

Fedora 40 beta, KDE Plasma 6.0.3

Version of Telegram Desktop

4.16.8

Installation source

Static binary from official website

Crash ID

df8c02c9-1a4f-45e9-6ff5c59e-de147355

Logs

Logs show completely normal behavior

[2024.04.23 14:43:29] Launched version: 4016008, install beta: [TRUE], alpha: 0, debug mode: [FALSE]
[2024.04.23 14:43:29] Executable dir: /home/firo/Downloads/Telegram/4.14.3 crash/, name: Telegram
[2024.04.23 14:43:29] Initial working dir: /home/firo/Downloads/Telegram/4.14.3 crash/
[2024.04.23 14:43:29] Working dir: /home/firo/.local/share/TelegramDesktop/
[2024.04.23 14:43:29] Command line: /home/firo/Downloads/Telegram/4.14.3 crash/Telegram -noupdate
[2024.04.23 14:43:29] Executable path before check: /home/firo/Downloads/Telegram/4.14.3 crash/Telegram
[2024.04.23 14:43:29] Logs started
[2024.04.23 14:43:29] App ID: org.telegram.desktop._3e5f0efbb9aef6114389724eb8fc0819
[2024.04.23 14:43:29] Connecting local socket to b6742631b77e88344dd60a4c374e7361-TelegramDesktop...
[2024.04.23 14:43:29] Socket connect error 0, starting server and app...
[2024.04.23 14:43:29] Moved logging from '/home/firo/.local/share/TelegramDesktop/log_start0.txt' to '/home/firo/.local/share/TelegramDesktop/log.txt'!
[2024.04.23 14:43:29] Opened '/home/firo/.local/share/TelegramDesktop/tdata/working' for reading, the previous Telegram Desktop launch was not finished properly :( Crash log size: 0
[2024.04.23 14:43:29] Global devicePixelRatio: 1
[2024.04.23 14:43:29] QT_AUTO_SCREEN_SCALE_FACTOR: 0
[2024.04.23 14:43:29] Primary screen DPI: 96, Base: 96.
[2024.04.23 14:43:29] Computed screen scale: 100
[2024.04.23 14:43:29] DevicePixelRatio: 1
[2024.04.23 14:43:29] ScreenScale: 100
[2024.04.23 14:43:29] Icon theme: Infinity-Dark
[2024.04.23 14:43:29] Fallback icon theme: 
[2024.04.23 14:43:29] Media Info: Type Playback, default: Built-in Audio Analog Stereo, list: { "Built-in Audio Analog Stereo" <Built-in Audio Analog Stereo>, "Navi 21/23 HDMI/DP Audio Controller Digital Stereo (HDMI)" <Navi 21/23 HDMI/DP Audio Controller Digital Stereo (HDMI)> }, full list refresh: true
[2024.04.23 14:43:29] Media Info: Type Capture, default: NoiseTorch Microphone for Razer Seiren Mini Source, list: { "NoiseTorch Microphone for Razer Seiren Mini Source" <NoiseTorch Microphone for Razer Seiren Mini Source>, "Monitor of Navi 21/23 HDMI/DP Audio Controller Digital Stereo (HDMI)" <Monitor of Navi 21/23 HDMI/DP Audio Controller Digital Stereo (HDMI)>, "Monitor of Built-in Audio Analog Stereo" <Monitor of Built-in Audio Analog Stereo>, "Built-in Audio Analog Stereo" <Built-in Audio Analog Stereo>, "Razer Seiren Mini Mono" <Razer Seiren Mini Mono> }, full list refresh: true
[2024.04.23 14:43:29] Media Error: Can't sync default device for type Camera, default: , list: {  }
[2024.04.23 14:43:29] System tray available: [TRUE]
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAOpenSansRegular.ttf' loaded 'DAOpenSansRegular'
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAVazirRegular.ttf' loaded 'DAVazirRegular'
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAOpenSansRegularItalic.ttf' loaded 'DAOpenSansRegularItalic'
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAVazirRegular.ttf' loaded 'DAVazirRegular'
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAOpenSansSemiboldAsBold.ttf' loaded 'DAOpenSansSemibold'
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAVazirMediumAsBold.ttf' loaded 'DAVazirMedium'
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAOpenSansSemiboldItalicAsBold.ttf' loaded 'DAOpenSansSemiboldItalic'
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAVazirMediumAsBold.ttf' loaded 'DAVazirMedium'
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAOpenSansSemiboldAsBold.ttf' loaded 'DAOpenSansSemibold'
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAVazirMediumAsBold.ttf' loaded 'DAVazirMedium'
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAOpenSansSemiboldItalicAsBold.ttf' loaded 'DAOpenSansSemiboldItalic'
[2024.04.23 14:43:29] Font: from ':/gui/fonts/DAVazirMediumAsBold.ttf' loaded 'DAVazirMedium'
[2024.04.23 14:43:29] App Info: reading settings...
[2024.04.23 14:43:29] App Info: reading encrypted settings...
[2024.04.23 14:43:29] Lang Info: Loaded cached, keys: 6803
[2024.04.23 14:43:29] OpenAL Logging Level: (not set)
[2024.04.23 14:43:29] OpenGL Profile: Compatibility.
[2024.04.23 14:43:29] OpenGL Renderer: AMD Radeon RX 6600 (radeonsi, navi23, LLVM 18.1.1, DRM 3.57, 6.8.7-300.fc40.x86_64)
[2024.04.23 14:43:29] OpenGL Vendor: AMD
[2024.04.23 14:43:29] OpenGL Version: 4.6 (Compatibility Profile) Mesa 24.0.5
[2024.04.23 14:43:29] OpenGL Extensions: GL_EXT_framebuffer_sRGB, GL_ARB_map_buffer_alignment, GL_EXT_point_parameters, GL_ARB_vertex_array_bgra, GL_ARB_texture_float, GL_ARB_shadow, GL_EXT_copy_texture, GL_ARB_polygon_offset_clamp, GL_ARB_shader_draw_parameters, GL_EXT_texture_edge_clamp, GL_AMD_shader_trinary_minmax, GL_ARB_sample_shading, GL_ARB_shading_language_packing, GL_ARB_transform_feedback_instanced, GL_ARB_shader_stencil_export, GL_ATI_texture_env_combine3, GL_SGIS_generate_mipmap, GL_ARB_compressed_texture_pixel_storage, GL_ARB_framebuffer_sRGB, GL_EXT_texture3D, GL_ARB_sparse_texture2, GL_ARB_shader_image_size, GL_ARB_sampler_objects, GL_KHR_context_flush_control, GL_EXT_texture_lod_bias, GL_ARB_texture_barrier, GL_AMD_vertex_shader_layer, GL_ARB_multisample, GL_ARB_vertex_program, GL_ARB_vertex_type_10f_11f_11f_rev, GL_ARB_shader_viewport_layer_array, GL_EXT_subtexture, GL_EXT_framebuffer_multisample, GL_ARB_robust_buffer_access_behavior, GL_ARB_compute_variable_group_size, GL_KHR_parallel_shader_compile, GL_ARB_draw_buffers, GL_ARB_ES3_compatibility, GL_ARB_fragment_program, GL_NV_copy_image, GL_EXT_blend_func_separate, GL_ARB_compatibility, GL_EXT_texture_shared_exponent, GL_ARB_vertex_array_object, GL_ATI_blend_equation_separate, GL_ARB_multi_draw_indirect, GL_ARB_vertex_attrib_binding, GL_EXT_shader_samples_identical, GL_ARB_shader_storage_buffer_object, GL_ARB_texture_compression_rgtc, GL_NV_fog_distance, GL_EXT_shader_image_load_formatted, GL_EXT_texture_sRGB_decode, GL_OES_read_format, GL_ARB_texture_cube_map, GL_ARB_texture_env_add, GL_NV_depth_clamp, GL_EXT_compiled_vertex_array, GL_KHR_robustness, GL_ARB_gl_spirv, GL_EXT_texture_array, GL_ARB_texture_mirrored_repeat, GL_ARB_fragment_program_shadow, GL_ARB_texture_cube_map_array, GL_ARB_shader_objects, GL_ARB_parallel_shader_compile, GL_EXT_demote_to_helper_invocation, GL_ARB_texture_buffer_object, GL_NV_texture_barrier, GL_AMD_multi_draw_indirect, GL_ARB_texture_storage, GL_EXT_packed_pixels, GL_EXT_secondary_color, GL_KHR_no_error, GL_NV_texture_env_combine4, GL_NV_primitive_restart, GL_SUN_multi_draw_arrays, GL_ATI_texture_mirror_once, GL_EXT_shader_integer_mix, GL_ARB_vertex_shader, GL_ATI_draw_buffers, GL_EXT_texture_rectangle, GL_EXT_texture_env_dot3, GL_ARB_texture_rgb10_a2ui, GL_SGIS_texture_border_clamp, GL_EXT_framebuffer_multisample_blit_scaled, GL_EXT_stencil_two_side, GL_ARB_texture_rectangle, GL_AMD_draw_buffers_blend, GL_ARB_shader_texture_lod, GL_ARB_ES3_1_compatibility, GL_ARB_framebuffer_object, GL_ARB_transpose_matrix, GL_ARB_pixel_buffer_object, GL_EXT_texture_object, GL_ARB_sparse_texture_clamp, GL_ANGLE_texture_compression_dxt3, GL_ARB_gpu_shader_int64, GL_ARB_timer_query, GL_SGIS_texture_lod, GL_ARB_viewport_array, GL_ARB_depth_clamp, GL_EXT_blend_minmax, GL_ARB_draw_buffers_blend, GL_ARB_texture_filter_anisotropic, GL_KHR_texture_compression_astc_ldr, GL_ARB_conditional_render_inverted, GL_ARB_gpu_shader_fp64, GL_ARB_color_buffer_float, GL_EXT_framebuffer_object, GL_ARB_fragment_layer_viewport, GL_ARB_transform_feedback3, GL_ARB_texture_rg, GL_MESA_shader_integer_functions, GL_EXT_vertex_array, GL_ARB_debug_output, GL_ARB_clip_control, GL_ARB_pipeline_statistics_query, GL_EXT_texture_env_combine, GL_SGIS_texture_edge_clamp, GL_ARB_base_instance, GL_ARB_clear_buffer_object, GL_IBM_multimode_draw_arrays, GL_IBM_texture_mirrored_repeat, GL_ARB_sparse_buffer, GL_AMD_conservative_depth, GL_IBM_rasterpos_clip, GL_ARB_texture_query_lod, GL_EXT_texture_compression_s3tc, GL_ARB_half_float_vertex, GL_ARB_bindless_texture, GL_ARB_stencil_texturing, GL_ARB_seamless_cube_map, GL_NV_half_float, GL_EXT_texture_compression_latc, GL_ARB_texture_buffer_range, GL_EXT_blend_subtract, GL_ARB_multi_bind, GL_MESA_framebuffer_flip_y, GL_ARB_texture_multisample, GL_ARB_robustness, GL_ARB_get_program_binary, GL_ARB_texture_query_levels, GL_ARB_vertex_attrib_64bit, GL_EXT_gpu_shader4, GL_ARB_depth_buffer_float, GL_ARB_multitexture, GL_ARB_sync, GL_ARB_depth_texture, GL_EXT_texture, GL_ARB_fragment_coord_conventions, GL_EXT_draw_instanced, GL_NV_light_max_exponent, GL_NV_vdpau_interop, GL_INGR_blend_func_separate, GL_EXT_memory_object_fd, GL_NV_ES1_1_compatibility, GL_AMD_seamless_cubemap_per_texture, GL_EXT_texture_compression_dxt1, GL_ARB_draw_elements_base_vertex, GL_ARB_copy_buffer, GL_ARB_window_pos, GL_ARB_derivative_control, GL_ARB_copy_image, GL_EXT_vertex_attrib_64bit, GL_ARB_buffer_storage, GL_ARB_shader_atomic_counters, GL_EXT_texture_snorm, GL_MESA_texture_const_bandwidth, GL_ARB_uniform_buffer_object, GL_ARB_texture_swizzle, GL_NVX_gpu_memory_info, GL_AMD_shader_stencil_export, GL_ATI_meminfo, GL_ARB_arrays_of_arrays, GL_ARB_shader_texture_image_samples, GL_ARB_occlusion_query, GL_ARB_texture_env_crossbar, GL_EXT_texture_env_add, GL_ARB_conservative_depth, GL_EXT_memory_object, GL_EXT_vertex_array_bgra, GL_ARB_sparse_texture, GL_ARB_shader_atomic_counter_ops, GL_ARB_draw_indirect, GL_MESA_pack_invert, GL_ARB_texture_mirror_clamp_to_edge, GL_EXT_separate_specular_color, GL_APPLE_packed_pixels, GL_EXT_packed_float, GL_KHR_texture_compression_astc_sliced_3d, GL_AMD_depth_clamp_separate, GL_EXT_texture_sRGB, GL_EXT_texture_sRGB_RG8, GL_ARB_indirect_parameters, GL_EXT_EGL_sync, GL_ARB_texture_view, GL_ARB_seamless_cubemap_per_texture, GL_AMD_performance_monitor, GL_ARB_explicit_uniform_location, GL_ARB_instanced_arrays, GL_EXT_texture_shadow_lod, GL_ARB_shader_group_vote, GL_ARB_provoking_vertex, GL_ARB_explicit_attrib_location, GL_ARB_vertex_buffer_object, GL_ARB_transform_feedback_overflow_query, GL_ARB_point_sprite, GL_EXT_texture_integer, GL_ARB_separate_shader_objects, GL_ATI_texture_compression_3dc, GL_EXT_blend_equation_separate, GL_EXT_texture_swizzle, GL_EXT_blend_color, GL_ARB_fragment_shader, GL_ARB_shader_clock, GL_EXT_draw_range_elements, GL_ARB_ES2_compatibility, GL_EXT_draw_buffers2, GL_AMD_texture_texture4, GL_ARB_compute_shader, GL_EXT_shader_image_load_store, GL_EXT_semaphore, GL_EXT_depth_bounds_test, GL_ARB_texture_gather, GL_KHR_blend_equation_advanced, GL_ARB_shading_language_420pack, GL_ARB_clear_texture, GL_ARB_spirv_extensions, GL_EXT_bgra, GL_EXT_debug_label, GL_EXT_stencil_wrap, GL_ATI_separate_stencil, GL_EXT_texture_sRGB_R8, GL_ARB_map_buffer_range, GL_ARB_vertex_type_2_10_10_10_rev, GL_EXT_rescale_normal, GL_ARB_texture_border_clamp, GL_ARB_transform_feedback2, GL_MESA_texture_signed_rgba, GL_EXT_EGL_image_storage, GL_NV_conditional_render, GL_EXT_window_rectangles, GL_ARB_enhanced_layouts, GL_EXT_framebuffer_blit, GL_EXT_pixel_buffer_object, GL_EXT_shadow_funcs, GL_ARB_texture_env_combine, GL_ARB_gpu_shader5, GL_ARB_invalidate_subdata, GL_NV_copy_depth_to_color, GL_EXT_texture_cube_map, GL_ARB_half_float_pixel, GL_ARB_tessellation_shader, GL_ARB_texture_stencil8, GL_EXT_gpu_program_parameters, GL_EXT_direct_state_access, GL_ARB_post_depth_coverage, GL_KHR_robust_buffer_access_behavior, GL_ARB_shader_bit_encoding, GL_EXT_texture_compression_rgtc, GL_AMD_framebuffer_multisample_advanced, GL_ARB_internalformat_query, GL_EXT_packed_depth_stencil, GL_NV_shader_atomic_int64, GL_NV_alpha_to_coverage_dither_control, GL_OES_EGL_image, GL_ARB_point_parameters, GL_ARB_shader_subroutine, GL_ARB_shading_language_100, GL_NV_compute_shader_derivatives, GL_ARB_shader_ballot, GL_NV_blend_square, GL_ARB_get_texture_sub_image, GL_EXT_semaphore_fd, GL_ARB_occlusion_query2, GL_ARB_draw_instanced, GL_ARB_blend_func_extended, GL_ARB_shading_language_include, GL_EXT_texture_mirror_clamp, GL_ARB_internalformat_query2, GL_EXT_fog_coord, GL_EXT_provoking_vertex, GL_ARB_texture_non_power_of_two, GL_ATI_texture_float, GL_ARB_cull_distance, GL_ARB_direct_state_access, GL_EXT_transform_feedback, GL_NV_packed_depth_stencil, GL_AMD_pinned_memory, GL_EXT_texture_filter_anisotropic, GL_ARB_texture_env_dot3, GL_AMD_vertex_shader_viewport_index, GL_ARB_texture_compression, GL_NV_texgen_reflection, GL_ATI_fragment_shader, GL_ARB_texture_compression_bptc, GL_EXT_texture_buffer_object, GL_ARB_program_interface_query, GL_EXT_multi_draw_arrays, GL_MESA_window_pos, GL_ARB_texture_storage_multisample, GL_ARB_ES3_2_compatibility, GL_ARB_shader_image_load_store, GL_ARB_query_buffer_object, GL_ARB_shader_precision, GL_NV_texture_rectangle, GL_KHR_debug, GL_EXT_abgr, GL_EXT_polygon_offset_clamp, GL_S3_s3tc, GL_ARB_framebuffer_no_attachments, GL_AMD_query_buffer_object, GL_EXT_timer_query, GL_ANGLE_texture_compression_dxt5, GL_ARB_texture_buffer_object_rgb32, GL_INTEL_blackhole_render
[2024.04.23 14:43:29] OpenGL: QOpenGLContext created, version: 4.4.
[2024.04.23 14:43:29] App Info: reading accounts info...
[2024.04.23 14:43:29] App Info: reading encrypted info...
[2024.04.23 14:43:29] App Info: reading map...
[2024.04.23 14:43:29] App Info: reading encrypted map...
[2024.04.23 14:43:29] App Info: reading encrypted user settings...
[2024.04.23 14:43:29] App Info: encrypted user settings read.
[2024.04.23 14:43:29] App Info: reading encrypted mtp data...
[2024.04.23 14:43:29] MTP Info: read keys, current: 5, to destroy: 0
[2024.04.23 14:43:29] Map read time: 0
[2024.04.23 14:43:29] App Info: reading encrypted mtp config...
[2024.04.23 14:43:29] Export Info: Destroy top bar by controller removal.
[2024.04.23 14:43:29] OpenGL: [TRUE] (Window)
[2024.04.23 14:43:30] Notification daemon product name: Plasma
[2024.04.23 14:43:30] Notification daemon vendor name: KDE
[2024.04.23 14:43:30] Notification daemon version: 6.0.3
[2024.04.23 14:43:30] Notification daemon specification version: 1.2
[2024.04.23 14:43:30] Notification daemon capabilities: body, body-hyperlinks, body-markup, body-images, icon-static, actions, persistence, inline-reply, x-kde-urls, x-kde-origin-name, x-kde-display-appname, inhibitions
[2024.04.23 14:43:30] API Warning: not loaded minimal channel applied.
[2024.04.23 14:44:08] RPC Error: request 104 got fail with code 400, error WEBFILE_NOT_AVAILABLE
[2024.04.23 14:45:06] API Warning: not loaded minimal channel applied.
ilya-fedin commented 4 months ago

df8c02c9-1a4f-45e9-6ff5c59e-de147355

No crash report with such crash id present. Looks like you forgot to click send.

literallyfiro commented 4 months ago

df8c02c9-1a4f-45e9-6ff5c59e-de147355

No crash report with such crash id present. Looks like you forgot to click send.

I am unable to send any crash report with the latest versions (Same issue as https://github.com/telegramdesktop/tdesktop/issues/27760)

ilya-fedin commented 4 months ago

that's sad... I can't reproduce this issue, though

literallyfiro commented 4 months ago

This is how I can more or less consistently reproduce it, even if (as I said before) it's quite random

https://github.com/telegramdesktop/tdesktop/assets/56583784/88b36662-dad3-43d8-9d67-4d848ef73c10

Also, this is the plasma wayland session

ilya-fedin commented 4 months ago

No, I don't have a crash when clicking there :(

ilya-fedin commented 4 months ago

Can you send a crash report with 4.16.10?

literallyfiro commented 4 months ago

Can you send a crash report with 4.16.10?

Crash reporter is now working correctly

This is the crash id: f69ded30-dbcd-42e3-d5eac1bb-6310b36b

ilya-fedin commented 4 months ago

It seem to crash in your OpenGL driver:

Crash reason:  SIGSEGV /SEGV_MAPERR
Crash address: 0x7f66761b1ae0
Process uptime: not available

Thread 0 (crashed)
 0  libgallium_dri.so + 0x776c6
    rax = 0x00007f66761b1ac0   rdx = 0x000000003700caf0
    rcx = 0x000000003700caf0   rbx = 0x00007f6675c06ab0
    rsi = 0x00007f66761b1ac0   rdi = 0x00007f66dfd68848
    rbp = 0x00007ffd748aba60   rsp = 0x00007ffd748aba50
     r8 = 0x0000000000000000    r9 = 0x0000000000000000
    r10 = 0x0000000000000024   r11 = 0x00007f66dfd68801
    r12 = 0x0000000000000008   r13 = 0x00007f6675c06ab0
    r14 = 0x00007f6675c06b70   r15 = 0x00000000000000e0
    rip = 0x00007f66b68776c6
    Found by: given as instruction pointer in context
 1  libgallium_dri.so + 0x78247
    rbp = 0x00007ffd748abab0   rsp = 0x00007ffd748aba70
    rip = 0x00007f66b6878247
    Found by: previous frame's frame pointer
 2  libgallium_dri.so + 0x78335
    rbp = 0x00007ffd748abad0   rsp = 0x00007ffd748abac0
    rip = 0x00007f66b6878335
    Found by: previous frame's frame pointer
 3  libgallium_dri.so + 0x484a34
    rbp = 0x00007ffd748abaf0   rsp = 0x00007ffd748abae0
    rip = 0x00007f66b6c84a34
    Found by: previous frame's frame pointer
 4  libgallium_dri.so + 0x845a91
    rbp = 0x00007ffd748abe70   rsp = 0x00007ffd748abb00
    rip = 0x00007f66b7045a91
    Found by: previous frame's frame pointer
 5  libgallium_dri.so + 0x8be60f
    rbp = 0x00007ffd748abf60   rsp = 0x00007ffd748abe80
    rip = 0x00007f66b70be60f
    Found by: previous frame's frame pointer
 6  libgallium_dri.so + 0x8be8f4
    rbp = 0x00007ffd748ac070   rsp = 0x00007ffd748abf70
    rip = 0x00007f66b70be8f4
    Found by: previous frame's frame pointer
 7  libgallium_dri.so + 0x8b7218
    rbp = 0x00007ffd748ac0c0   rsp = 0x00007ffd748ac080
    rip = 0x00007f66b70b7218
    Found by: previous frame's frame pointer
 8  libgallium_dri.so + 0x8b8333
    rbp = 0x00007ffd748ac3c0   rsp = 0x00007ffd748ac0d0
    rip = 0x00007f66b70b8333
    Found by: previous frame's frame pointer
 9  libgallium_dri.so + 0x8b9bb3
    rbp = 0x00007ffd748ac430   rsp = 0x00007ffd748ac3d0
    rip = 0x00007f66b70b9bb3
    Found by: previous frame's frame pointer
10  libgallium_dri.so + 0x613b73
    rbp = 0x00007ffd748ac440   rsp = 0x00007ffd748ac440
    rip = 0x00007f66b6e13b73
    Found by: previous frame's frame pointer
11  libgallium_dri.so + 0x6148fe
    rbp = 0x00007ffd748ac490   rsp = 0x00007ffd748ac450
    rip = 0x00007f66b6e148fe
    Found by: previous frame's frame pointer
12  libgallium_dri.so + 0x615068
    rbp = 0x00007ffd748ac4c0   rsp = 0x00007ffd748ac4a0
    rip = 0x00007f66b6e15068
    Found by: previous frame's frame pointer
13  libgallium_dri.so + 0x61d758
    rbp = 0x00007ffd748ac520   rsp = 0x00007ffd748ac4d0
    rip = 0x00007f66b6e1d758
    Found by: previous frame's frame pointer
14  libgallium_dri.so + 0x10c025
    rbp = 0x00007ffd748ac570   rsp = 0x00007ffd748ac530
    rip = 0x00007f66b690c025
    Found by: previous frame's frame pointer
15  libgallium_dri.so + 0x383c9
    rbp = 0x00007ffd748ac5f0   rsp = 0x00007ffd748ac580
    rip = 0x00007f66b68383c9
    Found by: previous frame's frame pointer
16  libEGL_mesa.so.0 + 0x26778
    rbp = 0x00007ffd748ac650   rsp = 0x00007ffd748ac600
    rip = 0x00007f66ca0f1778
    Found by: previous frame's frame pointer
17  libEGL_mesa.so.0 + 0x1af9a
    rbp = 0x00007ffd748ac690   rsp = 0x00007ffd748ac660
    rip = 0x00007f66ca0e5f9a
    Found by: previous frame's frame pointer
18  libEGL_mesa.so.0 + 0xe9c8
    rbp = 0x00007ffd748ac6f0   rsp = 0x00007ffd748ac6a0
    rip = 0x00007f66ca0d99c8
    Found by: previous frame's frame pointer
19  Telegram!QtWaylandClient::QWaylandGLContext::swapBuffers(QPlatformSurface*) [qwaylandglcontext.cpp : 375 + 0x10]
    rbp = 0x00007ffd748ac7e0   rsp = 0x00007ffd748ac700
    rip = 0x0000557ab0f3fe8e
    Found by: previous frame's frame pointer
20  Telegram!QOpenGLContext::swapBuffers(QSurface*) [qopenglcontext.cpp : 799 + 0x10]
    rbx = 0x0000000000000000   rbp = 0x00007ffd748ac850
    rsp = 0x00007ffd748ac7f0   r12 = 0x00007f66a6cd0890
    r13 = 0x00007f6686a3a480   r14 = 0x00007f6675a88a90
    r15 = 0x00007ffd748ac7f0   rip = 0x0000557ab1c4f187
    Found by: call frame info
21  Telegram!QRhiGles2::endFrame(QRhiSwapChain*, QFlags<QRhi::EndFrameFlag>) [qrhigles2.cpp : 2107 + 0xd]
    rbx = 0x00007f668ae83000   rbp = 0x00007ffd748ac8b0
    rsp = 0x00007ffd748ac860   r12 = 0x00007f66a553d700
    r13 = 0x0000000000000000   r14 = 0x0000000000000000
    r15 = 0x00007f6675e3eec0   rip = 0x0000557ab1c4f455
    Found by: call frame info
22  Telegram!QRhi::endFrame(QRhiSwapChain*, QFlags<QRhi::EndFrameFlag>) [qrhi.cpp : 10570 + 0x9]
    rbx = 0x00007f6675943298   rbp = 0x00007ffd748ac930
    rsp = 0x00007ffd748ac8c0   r12 = 0x0000000000000000
    r13 = 0x00007f668ae83000   r14 = 0x00007ffd748aca90
    r15 = 0x00007f6675a89ec8   rip = 0x0000557ab1b227d0
    Found by: call frame info
23  Telegram!QBackingStoreDefaultCompositor::flush(QPlatformBackingStore*, QRhi*, QRhiSwapChain*, QWindow*, double, QRegion const&, QPoint const&, QPlatformTextureList*, bool) [qbackingstoredefaultcompositor.cpp : 667 + 0x11]
    rbx = 0x00007f6675943298   rbp = 0x00007ffd748acba0
    rsp = 0x00007ffd748ac940   r12 = 0x0000000000000000
    r13 = 0x0000000000000000   r14 = 0x00007ffd748aca90
    r15 = 0x00007f6675a89ec8   rip = 0x0000557ab1e26014
    Found by: call frame info
24  Telegram!QPlatformBackingStore::rhiFlush(QWindow*, double, QRegion const&, QPoint const&, QPlatformTextureList*, bool) [qplatformbackingstore.cpp : 213 + 0x1f]
    rbx = 0x00007f6675a91020   rbp = 0x00007ffd748acc30
    rsp = 0x00007ffd748acbb0   r12 = 0x0000000000000001
    r13 = 0x00007f66758e6260   r14 = 0x00007f6675a89e80
    r15 = 0x00007ffd748acc70   rip = 0x0000557ab1b468df
    Found by: call frame info
25  Telegram!<name omitted> [qwidgetrepaintmanager.cpp : 1081 + 0x36]
    rbx = 0x00007f668c23de00   rbp = 0x00007ffd748acd10
    rsp = 0x00007ffd748acc40   r12 = 0x00007f6675a87b80
    r13 = 0x00007f668c23de48   r14 = 0x0000557ab7462140
    r15 = 0x00007f6675a91020   rip = 0x0000557ab1673309
    Found by: call frame info
26  Telegram!QWidgetRepaintManager::flush() [qwidgetrepaintmanager.cpp : 976 + 0x1c]
    rbx = 0x00007f668c23de00   rbp = 0x00007ffd748ace00
    rsp = 0x00007ffd748acd20   r12 = 0x0000000000000000
    r13 = 0x00007f668c23de48   r14 = 0x00007ffd748aceb0
    r15 = 0x00007f668c23de00   rip = 0x0000557ab1673844
    Found by: call frame info
27  Telegram!QWidgetRepaintManager::paintAndFlush() [qwidgetrepaintmanager.cpp : 908 + 0x8]
    rbx = 0x00007f6675979200   rbp = 0x00007ffd748ad0c0
    rsp = 0x00007ffd748ace10   r12 = 0x0000000000000000
    r13 = 0x0000000000000000   r14 = 0x00007ffd748aceb0
    r15 = 0x00007f668c23de00   rip = 0x0000557ab169102e
    Found by: call frame info
28  Telegram!QWidgetPrivate::syncBackingStore(QRegion const&) [qwidgetrepaintmanager.cpp : 628 + 0x8]
    rbx = 0x00007f668c23de00   rbp = 0x00007ffd748ad180
    rsp = 0x00007ffd748ad0d0   r12 = 0x00007f6675a87b80
    r13 = 0x00007ffd748ad500   r14 = 0x00007f6675a87b80
    r15 = 0x00000000000000ce   rip = 0x0000557ab169174a
    Found by: call frame info
29  Telegram!QWidgetWindow::event(QEvent*) [qwidgetwindow.cpp : 1044 + 0xb]

I don't have an idea what to do with that other than suggesting to disable OpenGL in settings honestly.

Vocylis commented 4 months ago

I am having this issue. Disabling the "Enable OpenGL rendering for media" setting seems to make this issue go away. I'm also using Fedora 40 and the official Telegram client from the website. Furthermore, my client is not giving me the option to send a crash report with the same issue as #27760

Edit: I reread and am going to try with 4.16.10

Update: I was able to send a crash report with the beta. This is my crash ID: f0390352-a726-4e48-52e46b9d-5780fac3

Could you please take a look? This is with the previously mentioned setting enabled.

ilya-fedin commented 4 months ago

Could you please take a look? This is with the previously mentioned setting enabled.

I'm doubt it's any different as you say disabling OpenGL helps

ilya-fedin commented 4 months ago

While investigating, I discovered that this crash began occurring in Telegram Desktop version 4.13.0. Version 4.12.2 appears to be unaffected. Flatpak version is also affected by this crash

I managed to reproduce something but the thing I reproduced happens since 4.16.8, 4.16.7 is good. Are you sure you investigated properly?

ilya-fedin commented 4 months ago

I.e. I tried to change my system scale from 135% to 100% and now I get a crash when doing like on video from https://github.com/telegramdesktop/tdesktop/issues/27800#issuecomment-2073202402 but I can't reproduce it on 4.16.7 while the issue says it's present since 4.13.0... Either it's not or I reproduced some other issue?

literallyfiro commented 4 months ago

I.e. I tried to change my system scale from 135% to 100% and now I get a crash when doing like on video from #27800 (comment) but I can't reproduce it on 4.16.7 while the issue says it's present since 4.13.0... Either it's not or I reproduced some other issue?

I tried reproducing it on 4.16.7 and it crashes. Disabling OpenGL indeed fixes the issue

fish: Job 1, './Telegram' terminated by signal SIGSEGV (Address boundary error)

ilya-fedin commented 4 months ago

idk, perhaps I still can't really reproduce... but I'm highly doubt 4.13.0 could be the first bad version as it's 3 months old and first similar report (#27736) is 18 days old.

Vocylis commented 4 months ago

Interestingly I'm still experiencing random crashes (segmentation faults) with the "Enable OpenGL rendering for media" disabled. However, I don't know of any way to reproduce it. But, I am using the beta still...

That said, as I previously mentioned, spamming the 3 dots button with this setting disabled doesn't cause a crash anymore.

ilya-fedin commented 4 months ago

but the thing I reproduced happens since 4.16.8, 4.16.7 is good.

testing it more, the first bad version seem to actually be 4.16.5

Vocylis commented 4 months ago

With version 5.0, the 3 dots issue appears to be fixed

ilya-fedin commented 4 months ago

so the issue could be closed?

literallyfiro commented 4 months ago

I'm currently on a trip and don't have access to a PC, but I used version 5.0.0 yesterday and it worked fine without crashing. So, I think the issue is basically fixed now.

github-actions[bot] commented 4 months ago

This issue has been automatically closed because no developer succeeded to reproduce the issue with the given reproduction steps. With only the information that is currently in the issue, we don't have enough information to take action. Please reach out if you find what's missing to reproduce the issue so that we can investigate further.

Note that GitHub is a developer communication platform. If you're an ordinary user seeking for help, get to support crew via Settings -> Ask question in the application.