Bug 735640 – Inappropriate unref when checking a property's value

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 735640 - Inappropriate unref when checking a property's value


Summary:	Inappropriate unref when checking a property's value


Status:	RESOLVED FIXED

Product:	vala
Classification:	Core
Component:	Code Generator
Version:	0.25.x
Hardware:	Other Linux

Importance:	Urgent normal
Target Milestone:	---
Assigned To:	Vala maintainers
QA Contact:	Vala maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2014-08-28 20:45 UTC by Robert Schroll
Modified:	2014-08-29 15:06 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
Vala test code (1.11 KB, text/x-vala) 2014-08-28 20:45 UTC, Robert Schroll	Details
C for the test program as generated by vala 0.24.0 (5.79 KB, text/x-csrc) 2014-08-28 20:46 UTC, Robert Schroll	Details
C for the test program as generated by vala 0.25.2 (5.91 KB, text/x-csrc) 2014-08-28 20:47 UTC, Robert Schroll	Details

Description Robert Schroll 2014-08-28 20:45:59 UTC

Created attachment 284755 [details]
Vala test code

Attached is a vala program that work fine under vala 0.24.0.  But when compiled under 0.25.2, it will emit critical warnings after the button is pressed several times.  With enough clicks, it will seg fault.

I've also attached the generated C code from both 0.24.0 and 0.25.2.  There seems to be an inappropriate unref on line 65 of the code generated by 0.25.2.  This code is run every time the button is clicked.  I suspect that eventually this causes the Adjustment in question to be freed, leading to the seg fault.  The 0.24.0 version does not have this line.

This problem was first detected in bug #735538.

Comment 1 Robert Schroll 2014-08-28 20:46:35 UTC

Created attachment 284756 [details]
C for the test program as generated by vala 0.24.0

Comment 2 Robert Schroll 2014-08-28 20:47:07 UTC

Created attachment 284757 [details]
C for the test program as generated by vala 0.25.2

Comment 3 Jim Nelson 2014-08-29 01:25:13 UTC

git bisect to the rescue.  For Geary, it reports the offending Vala commit as:

5cd3511d5085be43c408e5738add97fd4bd6133e is the first bad commit
commit 5cd3511d5085be43c408e5738add97fd4bd6133e
Author: Rico Tzschichholz <ricotz@ubuntu.com>
Date:   Wed Aug 20 16:01:25 2014 +0200

    gtk+-2.0, gtk+-3.0: port lots of annotations from the GIR version

:040000 040000 0afcd02e25fa397daa34a558b44044bb1d023c8c 13b29ca43e2b9667f25e589de131129b3bd74d13 M	vapi

One example we spotted in Geary was, as Robert pointed out, double-unrefs after getting vadjustments via the property.  I noticed in the above commit that the Scrollable.vadjustment property was changed to an owned get, which is not the case.  Geary has a number of other similar warnings, so I suspect there are other binding issues as well.

I'm bumping this to Urgent because the GTK+ bindings are essentially broken.

Comment 4 Jürg Billeter 2014-08-29 15:06:55 UTC

commit 227e18bdf0b626ae947ee1972c5a81d33ee6a2d9
Author: Rico Tzschichholz <ricotz@ubuntu.com>
Date:   Fri Aug 29 08:30:22 2014 +0200

    gtk+-2.0, gtk+-3.0: Fix falsely "owned"-marked properties
    
    https://bugzilla.gnome.org/show_bug.cgi?id=735538
    https://bugzilla.gnome.org/show_bug.cgi?id=735640