After any complex call on the window, a foreign evas/efl callback may be triggered that could delete the window object. This leads to crashes in queued jobs or even immediately after said callback (right now EO prevents immediate memory free using eina_freeq or eina_trash so the effects aren't immediate).
Funnily enough, this was a known issue according to some comments, but no one bothered fixing it...
In this particular instance, a focus_out job was crashing while trying to access now-invalid sd data.
I believe some uses of ELM_WIN_DATA_GET() may still be slightly unsafe but most look like they should be the result of an EO call on the object (eg. a call to efl_event_callback_call), which ensures the object is alive.
39c791d win: Prevent crash inside ecore evas callbacks
src/lib/elementary/efl_ui_win.c | 41 +++++++++++++++++++++++++++++++++--------
1 file changed, 33 insertions(+), 8 deletions(-)