Page MenuHomePhabricator

Wayland mode - e client destruction is broken
Closed, ResolvedPublic

Description

Start a client in e in wayland mode. eg terminology. run another. then another. close the first. crash. use valgrind to really catch it but:

==20648== Invalid read of size 8
==20648==    at 0xE944519: eina_inlist_remove (eina_inlist.c:348)
==20648==    by 0x47ACF5: _e_comp_object_layers_remove (e_comp_object.c:326)
==20648==    by 0x47ACF5: _e_comp_smart_del (e_comp_object.c:2436)
==20648==    by 0x7A7EE23: evas_object_smart_del (evas_object_smart.c:1095)
==20648==    by 0x7A6DC97: _efl_canvas_object_efl_object_destructor (evas_object_main.c:1088)
==20648==    by 0xE7145CC: efl_destructor (efl_object.eo.c:58)
==20648==    by 0x7A7F2B3: _efl_canvas_group_efl_object_destructor (evas_object_smart.c:631)
==20648==    by 0xE7145CC: efl_destructor (efl_object.eo.c:58)
==20648==    by 0xE70E5E4: _efl_del_internal (eo_private.h:248)
==20648==    by 0xE70E5E4: _efl_unref_internal (eo_private.h:323)
==20648==    by 0xE70E5E4: _efl_object_call_end (eo.c:620)
==20648==    by 0xE4D18D0: efl_gfx_visible_set (efl_gfx.eo.c:19)
==20648==    by 0x5EB9AA0: edje_match_callback_exec_check_finals (edje_match.c:556)
==20648==    by 0x5EB9AA0: edje_match_callback_exec (edje_match.c:711)
==20648==    by 0x5EC36ED: _edje_emit_cb (edje_program.c:1645)
==20648==    by 0x5EC36ED: _edje_emit_handle (edje_program.c:1597)
==20648==    by 0x5EBBE9C: _edje_message_process (edje_message_queue.c:684)
==20648==    by 0x5EBBE9C: _edje_message_queue_process (edje_message_queue.c:787)
==20648==    by 0x5EBC126: _edje_job (edje_message_queue.c:154)
==20648==    by 0xDD64BBA: _ecore_job_event_handler (ecore_job.c:98)
==20648==    by 0xDD5FE1C: _ecore_call_handler_cb (ecore_private.h:317)
==20648==    by 0xDD5FE1C: _ecore_event_call (ecore_events.c:518)
==20648==    by 0xDD67CEE: _ecore_main_loop_iterate_internal (ecore_main.c:2384)
==20648==    by 0xDD67CEE: ecore_main_loop_begin (ecore_main.c:1292)
==20648==    by 0x43F7F8: main (e_main.c:1089)
==20648==  Address 0x1ec4d678 is 88 bytes inside a block of size 1,424 free'd
==20648==    at 0x4C2BD3A: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==20648==    by 0x50D539: e_object_free (e_object.c:119)
==20648==    by 0x50D539: e_object_unref (e_object.c:152)
==20648==    by 0x7A386EF: _eo_evas_object_cb (evas_callbacks.c:193)
==20648==    by 0xE719051: _event_callback_call (eo_base_class.c:1445)
==20648==    by 0xE719051: _efl_object_event_callback_legacy_call (eo_base_class.c:1514)
==20648==    by 0xE715C63: efl_event_callback_legacy_call (efl_object.eo.c:146)
==20648==    by 0xE715C63: efl_event_callback_legacy_call (efl_object.eo.c:146)
==20648==    by 0x7A38F31: evas_object_event_callback_call (evas_callbacks.c:380)
==20648==    by 0x7A745B3: evas_object_inform_call_hide (evas_object_inform.c:23)
==20648==    by 0xE4D18C8: efl_gfx_visible_set (efl_gfx.eo.c:19)
==20648==    by 0x7A75A65: evas_object_intercept_call_hide (evas_object_intercept.c:72)
==20648==    by 0x7A75A65: _evas_object_intercept_call_internal (evas_object_intercept.c:104)
==20648==    by 0x7A75A65: _evas_object_intercept_call_evas (evas_object_intercept.c:236)
==20648==    by 0x7A6F256: _efl_canvas_object_efl_gfx_visible_set (evas_object_main.c:1809)
==20648==    by 0xE4D18C8: efl_gfx_visible_set (efl_gfx.eo.c:19)
==20648==    by 0x5EB9AA0: edje_match_callback_exec_check_finals (edje_match.c:556)
==20648==    by 0x5EB9AA0: edje_match_callback_exec (edje_match.c:711)
==20648==    by 0x5EC36ED: _edje_emit_cb (edje_program.c:1645)
==20648==    by 0x5EC36ED: _edje_emit_handle (edje_program.c:1597)
==20648==    by 0x5EBBE9C: _edje_message_process (edje_message_queue.c:684)
==20648==    by 0x5EBBE9C: _edje_message_queue_process (edje_message_queue.c:787)
==20648==    by 0x5EBC126: _edje_job (edje_message_queue.c:154)
==20648==    by 0xDD64BBA: _ecore_job_event_handler (ecore_job.c:98)
==20648==    by 0xDD5FE1C: _ecore_call_handler_cb (ecore_private.h:317)
==20648==    by 0xDD5FE1C: _ecore_event_call (ecore_events.c:518)
==20648==    by 0xDD67CEE: _ecore_main_loop_iterate_internal (ecore_main.c:2384)
==20648==    by 0xDD67CEE: ecore_main_loop_begin (ecore_main.c:1292)
==20648==    by 0x43F7F8: main (e_main.c:1089)
==20648==  Block was alloc'd at
==20648==    at 0x4C2CA40: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==20648==    by 0x50D1F7: e_object_alloc (e_object.c:20)
==20648==    by 0x463523: e_client_new (e_client.c:2581)
==20648==    by 0x5708EF: _e_comp_wl_compositor_cb_surface_create (e_comp_wl.c:1858)
==20648==    by 0x1114A1C7: ffi_call_unix64 (in /usr/lib/libffi.so.6.0.4)
==20648==    by 0x11149C29: ffi_call (in /usr/lib/libffi.so.6.0.4)
==20648==    by 0xAD3BABD: ??? (in /usr/lib/libwayland-server.so.0.1.0)
==20648==    by 0xAD37CB6: ??? (in /usr/lib/libwayland-server.so.0.1.0)
==20648==    by 0xAD39D31: wl_event_loop_dispatch (in /usr/lib/libwayland-server.so.0.1.0)
==20648==    by 0xAB26396: _cb_create_data (ecore_wl2_display.c:242)
==20648==    by 0xDD675F1: _ecore_call_fd_cb (ecore_private.h:333)
==20648==    by 0xDD675F1: _ecore_main_fd_handlers_call (ecore_main.c:1992)
==20648==    by 0xDD67CD5: _ecore_main_loop_iterate_internal (ecore_main.c:2379)
==20648==    by 0xDD67CD5: ecore_main_loop_begin (ecore_main.c:1292)
==20648==    by 0x43F7F8: main (e_main.c:1089)

it looks like your evas object refcounting is all going bad somehow. i really suggest not doing that... make it work without that. the e client and the evas object are loosely linked and all sorts of bad stuff happens... :(

this doesn't seem to trigger in x11 so something else is up.

also run terminology ... the busy "i'm launching" animation stays on in ibar until you run a 2nd terminology... then it goes away...

we've regressed in wayland land... :(