GitLab

Galacritty is my terminal emulator (GTK shell for Alacritty, basically). I can close it with the X button just fine, but abruptly terminating it with something like killall galacritty causes a Weston crash:

==1666==ERROR: AddressSanitizer: SEGV on unknown address 0x61705c80031d (pc 0x00080037d1e4 bp 0x7fffffffc390 sp 0x7fffffffc370 T0)
==1666==The signal is caused by a READ memory access.
    #0 0x80037d1e3 in weston_surface_is_mapped /home/greg/src/gitlab.freedesktop.org/wayland/weston/libweston/compositor.c:1740:18
    #1 0x8003b6d85 in pointer_unmap_sprite /home/greg/src/gitlab.freedesktop.org/wayland/weston/libweston/input.c:1184:6
    #2 0x8003bda84 in pointer_set_cursor /home/greg/src/gitlab.freedesktop.org/wayland/weston/libweston/input.c:2746:4
    #3 0x800cd12e7 in ffi_call_unix64 (/usr/local/lib/libffi.so.6+0x62e7)

(lldb) fr sel 8
frame #8: 0x00000008003b6d86 libweston-5.so.0`pointer_unmap_sprite(pointer=0x00006120001b6040) at input.c:1184
   1181 {
   1182         struct weston_surface *surface = pointer->sprite->surface;
   1183
-> 1184         if (weston_surface_is_mapped(surface))
   1185                 weston_surface_unmap(surface);
   1186
   1187         wl_list_remove(&pointer->sprite_destroy_listener.link);
(lldb) fr v
(weston_pointer *) pointer = 0x00006120001b6040
(weston_surface *) surface = 0x000061705c800051

The surface address that we got (from libwayland-server's resource thing I guess) seems completely bogus, it's not a freed surface. ASan did not report a use-after-free in this case, and my logging of surface creation did not show any addresses near that surface.

UPD: I think I just reproduced that by just closing the subsurfaces demo..

UPD: even just closing gedit after a text file has been opened. This is related to the "fix" in #160 (comment 84684) but Galacritty caused Weston crashes before the "fix", maybe there's a second bug hidden by that one right now