Page MenuHomePhabricator
Create Task
Maniphest T8576

edje_object_message_signal_process cause lifetime issues
Open, HighPublic
Actions

Description

Sometimes you want to delete a object in a CLICKED event. Which is fine. However, due to the fact that CLICKED events are sometimes emitted as a reaction to edje signals, calling edje_object_message_signal_process (or the unified variant) does cause lifetime issues.

Solutions to this i am seeing:

  • Equip every single edje_object_message_signal_process call with a check if the object is invalidated after it
  • Defer the CLICKED event emission in efl_action_connector.c (line 20,29,38), into a job.
  • Call edje_object_message_signal_process before critical efl_invalidate checks, in order to prevent the object from beeing invalidated due to a later call to edje_object_message_signal_process

If you want to see this happening, apply: D11072, start ./src/bin/elementary/elementary_test -to "Efl.Ui.Textbox" select a text, and press Cut. The problem is, that the clicked event is deleting the popup, which is basically fine. However, due to a call to edje_object_message_signal_process in efl_ui_layout.c:681 the object dies in the middle of the callstack, which results in errors.

Related Objects

bu5hm4n created this task.Jan 14 2020, 10:28 PM
bu5hm4n triaged this task as High priority.
zmike added a comment.Jan 15 2020, 7:56 AM

I'm a little confused; can you post a slightly more detailed list of the current event/call sequence?

bu5hm4n added a comment.Jan 16 2020, 1:11 AM

So starting the textbox widget and rightclicking on the widget will bring up a popup with a list list and a few items (one of them has the label "cut"). The cut item has a CLICKED handler that will delete the entire popup.

When the Cut item is clicked, the following sequence of signals is set to the theme object: press, clicked, unpress. in the same moment, the unpress event is also emitted on the widget. Which will set focus onto the cut item.
While setting the focus to the cut item. _efl_ui_layout_base_efl_ui_focus_object_on_focus_update is going to be called. While this call is going, edje_object_message_signal_process is getting executed, which (due to the earlier sequence of signals to the theme object) will result in a the CLICKED event beeing emitted on the Item, which will (at first) invalidate the item. That means, every call after edje_object_message_signal_process is beeing called on a invalidated object, which is causing issues (as you can see the errors there).

What this sequence of unlucky calls shows is: after a call to edje_object_message_signal_process, we can never be sure, that the object is still alive.