[Bug 926889] Re: Ubuntu gtk leaks references in GtkTreeView / GtTreeModelSort which cause segfault in bluefish

Chris Halse Rogers raof at ubuntu.com
Fri Feb 17 01:49:32 UTC 2012 

That commit message does not exactly inspire confidence ☺.

Can we please get a SRU request roughly following
https://wiki.ubuntu.com/StableReleaseUpdates#Procedure ?  In particular
- how widespread is this problem, and what's the regression-potential?

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/926889

Title:
  Ubuntu gtk leaks references in GtkTreeView / GtTreeModelSort which
  cause segfault in bluefish

Status in GTK+ GUI Toolkit:
  Fix Released
Status in “gtk+3.0” package in Ubuntu:
  Fix Released
Status in “gtk+3.0” source package in Oneiric:
  Triaged

Bug description:
  In Bluefish we get a lot of bugreports from users on Ubuntu 11.10 that
  have a segfault and all backtraces have something weird: a
  GtkTreeModelSort is calling it's sort function after the model has
  been unreffed by bluefish already.

  This behaviour cannot be reproduced on Fedora 16 which also has
  Gtk-3.2.

  Checking with libgobject-list (from http://people.gnome.org/~mortenw
  /gobject-list.c) reveals that on Ubuntu there is a GtkTreeModelSort
  leaking, that is not leaking on Fedora 16.

  After a gdb breakpoint g_object_ref and g_object_unref with a
  condition object == 0x123123123 (the pointer of the GtkTreeModelSort)
  and doing a backtrace for each break, I found which function does not
  clean it's reference count:

  Breakpoint 2, g_object_ref (object=0xaebbb0) at gobject-list.c:642
  642       GObject *obj = G_OBJECT (object);
  #0  g_object_ref (object=0xaebbb0) at gobject-list.c:642
  #1  0x00007ffff7548abd in gtk_tree_row_reference_new_proxy (proxy=0xaebbb0, 
      model=0xaebbb0, path=0x1942660)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/gtktreemodel.c:2300
  #2  0x00007ffff75dae49 in cell_info_new (accessible=0x196f820, tree_model=0xaebbb0, 
      path=0x1942660, tv_col=0x746bc0, cell=0x1908dc0)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/a11y/gtktreeviewaccessible.c:3227
  #3  0x00007ffff75de929 in gtk_tree_view_accessible_ref_child (obj=0x196f820, i=18)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/a11y/gtktreeviewaccessible.c:563
  #4  0x00007ffff75de608 in focus_in (widget=0xaba3c0)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/a11y/gtktreeviewaccessible.c:1939
  #5  0x00007ffff7456f08 in _gtk_marshal_BOOLEAN__BOXED (closure=0x1930ca0, 
      return_value=0x7fffffffd640, n_param_values=<optimized out>, param_values=0x1720980, 
      invocation_hint=<optimized out>, marshal_data=<optimized out>)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmarshalers.c:85
  #6  0x00007ffff61d00a4 in g_closure_invoke (closure=0x1930ca0, 
      return_value=0x7fffffffd640, n_param_values=2, param_values=0x1720980, 
      invocation_hint=<optimized out>)
      at /build/buildd/glib2.0-2.30.0/./gobject/gclosure.c:774
  #7  0x00007ffff61e202a in signal_emit_unlocked_R (node=<optimized out>, detail=0, 
      instance=0xaba3c0, emission_return=0x7fffffffd7a0, instance_and_params=0x1720980)
      at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3272
  #8  0x00007ffff61eb483 in g_signal_emit_valist (instance=<optimized out>, 
      signal_id=<optimized out>, detail=<optimized out>, var_args=<optimized out>)
      at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3013
  #9  0x00007ffff61eb852 in g_signal_emit (instance=<optimized out>, 
      signal_id=<optimized out>, detail=<optimized out>)
      at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3060
  #10 0x00007ffff7584fe9 in gtk_widget_event_internal (widget=0xaba3c0, event=0x1912930)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwidget.c:6132
  #11 0x00007ffff7591492 in gtk_widget_send_focus_change (widget=0xaba3c0, event=0x1912930)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwidget.c:14204
  #12 0x00007ffff75968d0 in do_focus_change (widget=0xaba3c0, in=1)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c:6009
  #13 0x00007ffff75a2149 in _gtk_window_set_is_active (window=0x6fa170, is_active=1)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c:9377
  #14 0x00007ffff75a25ea in gtk_window_focus_in_event (widget=0x6fa170, 
      event=<optimized out>) at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c:6063
  #15 gtk_window_focus_in_event (widget=0x6fa170, event=<optimized out>)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c:6049
  #16 0x00007ffff7456f08 in _gtk_marshal_BOOLEAN__BOXED (closure=0x6d5a90, 
      return_value=0x7fffffffdb80, n_param_values=<optimized out>, param_values=0x1944010, 
      invocation_hint=<optimized out>, marshal_data=<optimized out>)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmarshalers.c:85
  #17 0x00007ffff61d00a4 in g_closure_invoke (closure=0x6d5a90, 
      return_value=0x7fffffffdb80, n_param_values=2, param_values=0x1944010, 
      invocation_hint=<optimized out>)
      at /build/buildd/glib2.0-2.30.0/./gobject/gclosure.c:774
  #18 0x00007ffff61e1e5f in signal_emit_unlocked_R (node=<optimized out>, detail=0, 
      instance=0x6fa170, emission_return=0x7fffffffdce0, instance_and_params=0x1944010)
      at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3310
  #19 0x00007ffff61eb483 in g_signal_emit_valist (instance=<optimized out>, 
      signal_id=<optimized out>, detail=<optimized out>, var_args=<optimized out>)
      at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3013
  #20 0x00007ffff61eb852 in g_signal_emit (instance=<optimized out>, 
      signal_id=<optimized out>, detail=<optimized out>)
      at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3060
  #21 0x00007ffff7584fe9 in gtk_widget_event_internal (widget=0x6fa170, event=0x1912bb0)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwidget.c:6132
  #22 0x00007ffff7456da3 in gtk_main_do_event (event=0x1912bb0)
      at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmain.c:1835
  #23 0x00007ffff70cf102 in gdk_event_source_dispatch (source=<optimized out>, 
      callback=<optimized out>, user_data=<optimized out>)
      at /build/buildd/gtk+3.0-3.2.0/./gdk/x11/gdkeventsource.c:360
  #24 0x00007ffff55a0a5d in g_main_dispatch (context=0x709090)
      at /build/buildd/glib2.0-2.30.0/./glib/gmain.c:2441
  #25 g_main_context_dispatch (context=0x709090)
      at /build/buildd/glib2.0-2.30.0/./glib/gmain.c:3011
  #26 0x00007ffff55a1258 in g_main_context_iterate (context=0x709090, 
      block=<optimized out>, dispatch=1, self=<optimized out>)
      at /build/buildd/glib2.0-2.30.0/./glib/gmain.c:3089
  #27 0x00007ffff55a1792 in g_main_loop_run (loop=0x7fde50)
      at /build/buildd/glib2.0-2.30.0/./glib/gmain.c:3297
  #28 0x00007ffff7455ecd in gtk_main () at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmain.c:1367
  #29 0x0000000000422aff in main (argc=1, argv=0x7fffffffe218) at bluefish.c:402

  I don't know what causes this leak. It might be Ubuntu specific
  patches on gtk, the gtk theme that Ubuntu is using, or accesibility
  settings that default to a different value on Ubuntu (both on Ubuntu
  and Fedora I did not change any accessibility option from the default
  setting).

To manage notifications about this bug go to:
https://bugs.launchpad.net/gtk/+bug/926889/+subscriptions

More information about the Ubuntu-sponsors mailing list