Page MenuHomePhabricator
Create Task
Maniphest T3335

Segmentation Fault on copying group to new.
Closed, ResolvedPublic4 Story Points
Actions

Description

Reproduce:

  1. Load default Elementary theme
  2. Add new layout, that will be a copy of "e/shelf/default/base"

Result: SegFault
This SegFault caused not every time.

Here is a BT:
#0 0x00007fffed5f7f3a in __strcmp_sse2_unaligned () from /usr/lib/libc.so.6
#1 0x000000000042178d in _find_item (item=0x40000302f000a383, item@entry=0x400000c7b0056e87, name=0x23c7a78 "translucent") at ../../src/bin/ui/project_navigator.c:298
#2 0x00000000004222d2 in _group_add (data=<optimized out>, obj=<optimized out>, event_info=0x2be8210) at ../../src/bin/ui/project_navigator.c:355
#3 0x00007ffff2c00dfa in _eo_evas_smart_cb (data=<optimized out>, event=<optimized out>) at lib/evas/canvas/evas_object_smart.c:67
#4 0x00007fffee8f2675 in _eo_base_event_callback_call (obj_id=<optimized out>, pd=0x878250, desc=0xac6e10, event_info=<optimized out>) at lib/eo/eo_base_class.c:715
#5 0x00007fffee8f149b in eo_event_callback_call (obj=0x4000000210000022, desc=0xac6e10, event_info=event_info@entry=0x2be8210) at lib/eo/eo_base.eo.c:94
#6 0x00007ffff2c02932 in evas_object_smart_callback_call (eo_obj=<optimized out>, event=event@entry=0x49fa5d "SIGNAL_GROUP_ADDED", event_info=event_info@entry=0x2be8210) at lib/evas/canvas/evas_object_smart.c:817
#7 0x0000000000472772 in gm_group_add (pro=0x7fffd40019a0, group_name=0x23e90dc "e/shelf/translucent/base") at ../../src/bin/project_manager/group_manager.c:374
#8 0x0000000000421faa in _btn_add_group_cb (data=<optimized out>, obj=<optimized out>, event_info=<optimized out>) at ../../src/bin/ui/project_navigator.c:485
#9 0x00007ffff2c00dfa in _eo_evas_smart_cb (data=<optimized out>, event=<optimized out>) at lib/evas/canvas/evas_object_smart.c:67
#10 0x00007fffee8f2675 in _eo_base_event_callback_call (obj_id=<optimized out>, pd=0xa3fe40, desc=0x7ffff2f89a80 <_EVAS_CLICKABLE_INTERFACE_EVENT_CLICKED>, event_info=<optimized out>) at lib/eo/eo_base_class.c:715
#11 0x00007fffee8f149b in eo_event_callback_call (obj=0x40000009c000009d, desc=0x7ffff2f89a80 <_EVAS_CLICKABLE_INTERFACE_EVENT_CLICKED>, event_info=0x0) at lib/eo/eo_base.eo.c:94
#12 0x00007ffff525c657 in edje_match_callback_exec_check_finals (prop=<optimized out>, ed=0xaaaaaaaaaaaaaaab, source=0x7fffee6d143e "", sig=0xa34a8c "elm,action,click", source_states=<optimized out>, signal_states=<optimized out>,

matches=<optimized out>, ssp=0xa83100) at lib/edje/edje_match.c:556

#13 edje_match_callback_exec (ssp=ssp@entry=0xa83100, matches=<optimized out>, sig=sig@entry=0xa34a8c "elm,action,click", source=source@entry=0x7fffee6d143e "", ed=ed@entry=0xa40500, prop=prop@entry=0 '\000') at lib/edje/edje_match.c:711
#14 0x00007ffff526281f in _edje_emit_cb (prop=0 '\000', data=0x0, src=0x7fffee6d143e "", sig=0xa34a8c "elm,action,click", ed=0xa40500) at lib/edje/edje_program.c:1461
#15 _edje_emit_handle (ed=0xa40500, sig=0xa34a8c "elm,action,click", src=0x7fffee6d143e "", sdata=0x0, prop=0 '\000') at lib/edje/edje_program.c:1413
#16 0x00007ffff525d9ff in _edje_message_queue_process () at lib/edje/edje_message_queue.c:787
#17 0x00007ffff525dbb7 in _edje_job (data=<optimized out>) at lib/edje/edje_message_queue.c:154
#18 0x00007fffef2417eb in _ecore_job_event_handler (data=<optimized out>, type=<optimized out>, ev=<optimized out>) at lib/ecore/ecore_job.c:121
#19 0x00007fffef23c196 in _ecore_call_handler_cb (event=<optimized out>, type=<optimized out>, data=<optimized out>, func=<optimized out>) at lib/ecore/ecore_private.h:316
#20 _ecore_event_call () at lib/ecore/ecore_events.c:518
#21 0x00007fffef243ef8 in _ecore_main_loop_iterate_internal (once_only=once_only@entry=0) at lib/ecore/ecore_main.c:2339
#22 0x00007fffef244267 in ecore_main_loop_begin () at lib/ecore/ecore_main.c:1284
#23 0x00007ffff7851595 in elm_run () at elm_main.c:1106
#24 0x00000000004174d9 in elm_main (argc=argc@entry=1, argv=argv@entry=0x7fffffffe608) at ../../src/bin/main.c:185
#25 0x00000000004170fc in main (argc=1, argv=0x7fffffffe608) at ../../src/bin/main.c:194

I think need add NULL check for a strcmp function arguments.

Related Objects

NikaWhite triaged this task as High priority.Mar 22 2016, 6:52 PM
NikaWhite updated the task description. (Show Details)
an.kroitor added a comment.Mar 22 2016, 11:02 PM

can't find 'e/shelf/base/default' in default elementary theme. What version are you using?

NikaWhite added a comment.Mar 22 2016, 11:12 PM

Of course "e/shelf/default/base"
My mistake.

NikaWhite updated the task description. (Show Details)Mar 22 2016, 11:13 PM
an.kroitor added a comment.Mar 22 2016, 11:47 PM

Hm.. I can't reproduce your segfault, but after 2-4 copies of that group i'm getting another one on cahsh_flush:

Program received signal SIGSEGV, Segmentation fault.
_edje_collection_free_part_description_clean (type=1, desc=0x2438810, free_strings=<optimized out>) at lib/edje/edje_load.c:2007
(gdb) bt
#0 _edje_collection_free_part_description_clean (type=1, desc=0x2438810, free_strings=<optimized out>) at lib/edje/edje_load.c:2007
#1 0x00007ffff60aa7c7 in _edje_collection_free (edf=edf@entry=0x1a177a0, ec=ec@entry=0x1ef1420, ce=0x243b6d0) at lib/edje/edje_load.c:1937
#2 0x00007ffff604b9c4 in _edje_cache_coll_flush (edf=edf@entry=0x1a177a0) at lib/edje/edje_cache.c:551
#3 0x00007ffff60a754c in _edje_file_free (edf=0x1a177a0) at lib/edje/edje_load.c:1755
#4 0x00007ffff6049eee in _edje_cache_file_clean () at lib/edje/edje_cache.c:600
#5 0x00007ffff604bbb6 in edje_file_cache_flush () at lib/edje/edje_cache.c:662
#6 0x00007ffff7849c2b in elm_cache_all_flush () at elm_main.c:1334
#7 0x00007ffff77afa19 in _elm_cache_flush_cb (data=<optimized out>) at elm_config.c:1584
#8 0x00007ffff695c375 in _ecore_poller_cb_timer (data=<optimized out>) at lib/ecore/ecore_poller.c:148
#9 0x00007ffff695e730 in _ecore_call_task_cb (data=<optimized out>, func=<optimized out>) at lib/ecore/ecore_private.h:282
#10 _ecore_timer_expired_call (when=178529,97901310099) at lib/ecore/ecore_timer.c:692
#11 0x00007ffff695e8eb in _ecore_timer_expired_timers_call (when=178529,97901310099) at lib/ecore/ecore_timer.c:646
#12 0x00007ffff695a5e5 in _ecore_main_loop_iterate_internal (once_only=1) at lib/ecore/ecore_main.c:2226
#13 0x00007ffff695ab57 in ecore_main_loop_iterate_may_block (may_block=may_block@entry=0) at lib/ecore/ecore_main.c:1250
#14 0x0000000000416c07 in eflete_main_loop_begin () at ../../src/bin/eflete.c:59
#15 0x000000000041ed26 in popup_want_action (title=0x4a25ff "Create a new layout", msg=msg@entry=0x0, content=content@entry=0x400002a1400130f2, to_focus=to_focus@entry=0x400002a3a00130fb, popup_btns=popup_btns@entry=(BTN_OK | BTN_C
ANCEL), func=func@entry=0x0, data=0x400002a3a00130fb) at ../../src/bin/ui/popup.c:132
#16 0x0000000000422123 in _btn_add_group_cb (data=<optimized out>, obj=<optimized out>, event_info=<optimized out>) at ../../src/bin/ui/project_navigator.c:469
#17 0x00007ffff6c0a1ca in _eo_evas_smart_cb (data=<optimized out>, event=<optimized out>) at lib/evas/canvas/evas_object_smart.c:67
#18 0x00007ffff5e15e65 in _eo_base_event_callback_call (obj_id=<optimized out>, pd=0x9bc500, desc=0x7ffff6f95680 <_EVAS_CLICKABLE_INTERFACE_EVENT_CLICKED>, event_info=<optimized out>) at lib/eo/eo_base_class.c:715
#19 0x00007ffff5e14c5b in eo_event_callback_call (obj=0x40000009d000009e, desc=0x7ffff6f95680 <_EVAS_CLICKABLE_INTERFACE_EVENT_CLICKED>, event_info=0x0) at lib/eo/eo_base.eo.c:94
#20 0x00007ffff60b22fb in edje_match_callback_exec_check_finals (prop=<optimized out>, ed=<optimized out>, source=0x7ffff7483afe "", sig=0x9b2ffc "elm,action,click", source_states=<optimized out>, signal_states=<optimized out>, mat
ches=<optimized out>, ssp=0xa208d0) at lib/edje/edje_match.c:556
#21 edje_match_callback_exec (ssp=0xa208d0, matches=<optimized out>, sig=0x9b2ffc "elm,action,click", source=0x7ffff7483afe "", ed=<optimized out>, prop=0 '\000') at lib/edje/edje_match.c:711
#22 0x00007ffff60b86d9 in _edje_emit_cb (prop=<optimized out>, data=<optimized out>, src=<optimized out>, sig=<optimized out>, ed=<optimized out>) at lib/edje/edje_program.c:1461
#23 _edje_emit_handle (ed=0x9bcbc0, sig=0x9b2ffc "elm,action,click", src=0x7ffff7483afe "", sdata=0x9, prop=0 '\000') at lib/edje/edje_program.c:1413
#24 0x00007ffff60b367f in _edje_message_queue_process () at lib/edje/edje_message_queue.c:787
#25 0x00007ffff60b3827 in _edje_job (data=<optimized out>) at lib/edje/edje_message_queue.c:154
#26 0x00007ffff6957d8b in _ecore_job_event_handler (data=<optimized out>, type=<optimized out>, ev=<optimized out>) at lib/ecore/ecore_job.c:121
#27 0x00007ffff6952516 in _ecore_call_handler_cb (event=<optimized out>, type=<optimized out>, data=<optimized out>, func=<optimized out>) at lib/ecore/ecore_private.h:316
#28 _ecore_event_call () at lib/ecore/ecore_events.c:518
#29 0x00007ffff695a880 in _ecore_main_loop_iterate_internal (once_only=0) at lib/ecore/ecore_main.c:2339
#30 0x00007ffff695ac27 in ecore_main_loop_begin () at lib/ecore/ecore_main.c:1284
#31 0x0000000000416ac9 in elm_main (argc=0, argv=0x7fffffffdd78) at ../../src/bin/main.c:185
#32 0x00000000004166cc in main (argc=1, argv=0x7fffffffdd78) at ../../src/bin/main.c:194

NikaWhite added a comment.Mar 22 2016, 11:54 PM

Oh, yes. I have this crash too, some days ago but it really depends from edje cache flushing mechanism. We also should think about this. Actually after disabling flush edje collections - this crash going a rare. I think you should create another ticket in 3rd party/pending column with High priority, And we can discuss about possible way to solve it in relative ticket.

But I still receive segfault that reported in this ticket. But it happens randomly. I hate the random.

rimmed added a comment.Mar 25 2016, 5:54 AM

I spent an hour trying to reproduce this crash, but Eflete still working.

My configuration
Render: OpenGL
Cache Flush interval: 512 ticks
Font Cache Size: 0.5MB
Image Cache Size: 4 MB
Edje Files to Cache: 32
Edje Collection to Cache: 64

NikaWhite added a comment.Mar 25 2016, 7:51 AM

Anyway, in case if some one will have steps to reproduce this issue please notify. Right now i move this ticket to the 3rd party/pending column with the same priority.

NikaWhite renamed this task from Eflete v0.6.2 - Segmentation Fault on copying group to new. to Segmentation Fault on copying group to new..Mar 25 2016, 7:52 AM
NikaWhite moved this task from v0.6.2 to Pending/3rd party on the Eflete board.
NikaWhite lowered the priority of this task from High to Pending on user input.
NikaWhite claimed this task.
FurryMyad claimed this task.Jun 14 2016, 6:55 AM
FurryMyad set the point value for this task to 4.
FurryMyad moved this task from Pending/3rd party to Eflete (v0.6.2-RC2) on the Eflete board.
FurryMyad edited projects, added Eflete (Eflete (v0.6.2-RC2)); removed Eflete.
FurryMyad raised the priority of this task from Pending on user input to Incoming Queue.
FurryMyad added a comment.EditedJun 14 2016, 12:38 PM

Testification for testing genlist

fff.patch1 KBDownload

Things I found could make better but.... I am not sure since they are dated by 2015 year. So I am not sure absolutely:

MAIN0011-genlist_problem.c1 KBDownload

I think I need poke upstream people, should I?

FurryMyad moved this task from Doing to Review on the Eflete (Eflete (v0.6.2-RC2)) board.Jun 14 2016, 12:39 PM
FurryMyad triaged this task as Normal priority.
FurryMyad raised the priority of this task from Normal to Showstopper Issues.
FurryMyad moved this task from Review to Done on the Eflete (Eflete (v0.6.2-RC2)) board.Jun 15 2016, 8:15 AM
FurryMyad lowered the priority of this task from Showstopper Issues to Incoming Queue.
NikaWhite closed this task as Resolved.Jun 21 2016, 4:12 AM