Page MenuHomePhabricator

Segmentation fault on close popup.
Closed, ResolvedPublic6 Story Points

Description

Reproduce:

  1. Launch Eflete with project.
  2. Open any group and select state of part
  3. In property call colorselector popup
  4. Click outside of popup.

Result: segfault

#0  0x00007fffed30c26b in malloc_consolidate () at /usr/lib/libc.so.6
#1  0x00007fffed30dd2a in _int_malloc () at /usr/lib/libc.so.6
#2  0x00007fffed31095b in calloc () at /usr/lib/libc.so.6
#3  0x00007fffee3b668c in eina_hash_add_alloc_by_hash (data=0x1, key_hash=13406, alloc_length=8, key_length=8, key=0x7fffffffdde8, hash=0x2507dc0) at lib/eina/eina_hash.c:232
#4  0x00007fffee3b668c in eina_hash_add (hash=hash@entry=0x2507dc0, key=key@entry=0x7fffffffdde8, data=data@entry=0x1) at lib/eina/eina_hash.c:936
#5  0x00007ffff3016a95 in evas_object_child_map_across_mark (eo_obj=<optimized out>, eo_obj@entry=0x400000e405c6ba94, obj=obj@entry=0x2351380, map_obj=0x0, force=force@entry=0 '\000', visited=0x2507dc0, visited@entry=0x0) at lib/evas/canvas/evas_clip.c:90
#6  0x00007ffff3016e40 in evas_object_clip_across_clippees_check (eo_obj=eo_obj@entry=0x400000e405c6ba94, obj=obj@entry=0x2351380) at lib/evas/canvas/evas_clip.c:157
#7  0x00007ffff3048c1d in _hide (obj=0x2351380, eo_obj=0x400000e405c6ba94) at lib/evas/canvas/evas_object_main.c:1710
#8  0x00007ffff3048c1d in _efl_canvas_object_efl_gfx_visible_set (eo_obj=0x400000e405c6ba94, obj=0x2351380, vis=<optimized out>) at lib/evas/canvas/evas_object_main.c:1791
#9  0x00007fffee8430e9 in efl_gfx_visible_set (obj=0x400000e405c6ba94, v=<optimized out>) at ../src/lib/efl/interfaces/efl_gfx.eo.c:20
#10 0x00007fffee8430e9 in efl_gfx_visible_set (obj=0xc00000e401c6ba93, v=v@entry=0 '\000') at ../src/lib/efl/interfaces/efl_gfx.eo.c:20
#11 0x00007ffff4bd986a in _edje_object_hide (ed=0x2556fd0, obj=0x400000e401c6ba93) at lib/edje/edje_smart.c:332
#12 0x00007ffff4bd986a in _edje_object_efl_gfx_visible_set (obj=0x400000e401c6ba93, ed=0x2556fd0, vis=<optimized out>) at lib/edje/edje_smart.c:350
#13 0x00007fffee8430e9 in efl_gfx_visible_set (obj=0x400000e401c6ba93, v=v@entry=0 '\000') at ../src/lib/efl/interfaces/efl_gfx.eo.c:20
#14 0x00007ffff7ac398d in _elm_widget_efl_gfx_visible_set (obj=0x400000e3fdc6ba92, pd=0x261b570, vis=<optimized out>) at lib/elementary/elm_widget.c:545
#15 0x00007fffee8430e9 in efl_gfx_visible_set (obj=obj@entry=0x400000e3fdc6ba92, v=v@entry=0 '\000') at ../src/lib/efl/interfaces/efl_gfx.eo.c:20
#16 0x00007ffff304587c in evas_object_hide (eo_obj=eo_obj@entry=0x400000e3fdc6ba92) at lib/evas/canvas/evas_object_main.c:1626
#17 0x00007ffff3047868 in evas_object_del (eo_obj=eo_obj@entry=0x400000e3fdc6ba92) at lib/evas/canvas/evas_object_main.c:907
#18 0x0000000000441561 in _delete_object_job (data=0x400000e3fdc6ba92) at ../../src/bin/ui/popup.c:61
#19 0x00007fffeef9f23b in _ecore_job_event_handler (data=<optimized out>, type=<optimized out>, ev=<optimized out>) at lib/ecore/ecore_job.c:98
#20 0x00007fffeef9ae1d in _ecore_call_handler_cb (event=<optimized out>, type=<optimized out>, data=<optimized out>, func=<optimized out>) at lib/ecore/ecore_private.h:317
#21 0x00007fffeef9ae1d in _ecore_event_call () at lib/ecore/ecore_events.c:518
#22 0x00007fffeefa1f38 in _ecore_main_loop_iterate_internal (once_only=once_only@entry=0) at lib/ecore/ecore_main.c:2378
#23 0x00007fffeefa2267 in ecore_main_loop_begin () at lib/ecore/ecore_main.c:1288
#24 0x00007ffff7a3e5a5 in elm_run () at lib/elementary/elm_main.c:1258
#25 0x0000000000418ffd in elm_main (argc=argc@entry=1, argv=argv@entry=0x7fffffffe2f8) at ../../src/bin/main.c:391
#26 0x000000000041871c in main (argc=1, argv=0x7fffffffe2f8) at ../../src/bin/main.c:405
raster added a subscriber: raster.Dec 28 2016, 5:13 PM

your heap is already corrupt by this point... the issue will be some time earlier - valgrind hopefully will catch it. :)

rimmed added a subscriber: rimmed.Dec 29 2016, 12:06 AM

The simple bugs we already fix. Time for interesting and hard bugs :)

NikaWhite edited projects, added Eflete (Eflete 0.7.17); removed Eflete.
NikaWhite claimed this task.

Valgrind trace:

eflete: ../../src/bin/ui/shortcuts/shortcuts.c:626: shortcuts_object_check_pop: Assertion `handlers_stack != NULL' failed.
==19335==
==19335== Process terminating with default action of signal 6 (SIGABRT): dumping core
==19335==    at 0xF61704F: raise (in /usr/lib/libc-2.24.so)
==19335==    by 0xF618479: abort (in /usr/lib/libc-2.24.so)
==19335==    by 0xF60FEA6: __assert_fail_base (in /usr/lib/libc-2.24.so)
==19335==    by 0xF60FF51: __assert_fail (in /usr/lib/libc-2.24.so)
==19335==    by 0x4465AB: shortcuts_object_check_pop (shortcuts.c:626)
==19335==    by 0x441C38: _delete_object_job (popup.c:60)
==19335==    by 0xDA5523A: _ecore_job_event_handler (ecore_job.c:98)
==19335==    by 0xDA50E1C: _ecore_call_handler_cb (ecore_private.h:317)
==19335==    by 0xDA50E1C: _ecore_event_call (ecore_events.c:518)
==19335==    by 0xDA57F37: _ecore_main_loop_iterate_internal (ecore_main.c:2378)
==19335==    by 0xDA58266: ecore_main_loop_begin (ecore_main.c:1288)
==19335==    by 0x4196EC: elm_main (main.c:391)
==19335==    by 0x418E0B: main (main.c:405)
==19335==

Tommorow will fix this.

NikaWhite moved this task from Doing to Done on the Eflete (Eflete 0.7.17) board.Jan 5 2017, 5:07 AM
NikaWhite set the point value for this task to 6.
rimmed closed this task as Resolved.Jan 10 2017, 4:26 AM