Bug 169326 – Vte widget crashes when reparented

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 169326 - Vte widget crashes when reparented


Summary:	Vte widget crashes when reparented


Status:	RESOLVED FIXED

Product:	vte
Classification:	Core
Component:	general
Version:	0.11.x
Hardware:	Other Linux

Importance:	High normal
Target Milestone:	---
Assigned To:	VTE Maintainers
QA Contact:	Nalin Dahyabhai

URL:
Whiteboard:

Duplicates:	311140 (view as bug list)
Depends on:
Blocks:

Reported:	2005-03-05 19:41 UTC by Michele Baldessari
Modified:	2005-07-22 11:00 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
Testcase (3.13 KB, text/plain) 2005-03-05 19:44 UTC, Michele Baldessari		Details
Tiny patch to clear up the segfault (674 bytes, patch) 2005-03-06 13:04 UTC, Michele Baldessari	none	Details \| Review
First tentative fix (782 bytes, patch) 2005-03-06 15:50 UTC, Michele Baldessari	none	Details \| Review

Description Michele Baldessari 2005-03-05 19:41:55 UTC

Distribution/Version: Debian sid

While working on a python app of mine, which uses python-vte I got it to crash
vte when changing the container for the vte widget.
(http://www.mail-archive.com/pygtk@daa.com.au/msg10333.html)

I've managed to create a simple .c testcase to reproduce the problem. I tend to
believe this is the same issue as
http://bugzilla.ximian.com/show_bug.cgi?id=55679 and I have found no other
references of such a problem on {ximian,gnome,redhat}.bugzilla

This is the stacktrace:
Program received signal SIGSEGV, Segmentation fault.
0xb7f61cad in _vte_draw_set_text_font (draw=0x0, fontdesc=0xb7fe0a77,
anti_alias=3086879351) at vtedraw.c:221
221             g_return_if_fail(draw->impl != NULL);
(gdb) bt

+ Trace 56469

#0 _vte_draw_set_text_font
at vtedraw.c line 221
#1 vte_terminal_set_font_full
at vte.c line 10779
#2 vte_terminal_style_changed
at vte.c line 8359
#3 IA__g_cclosure_marshal_VOID__OBJECT
at gmarshal.c line 636
#4 IA__g_closure_invoke
at gclosure.c line 437
#5 signal_emit_unlocked_R
at gsignal.c line 2485
#6 IA__g_signal_emit_valist
at gsignal.c line 2244
#7 IA__g_signal_emit
at gsignal.c line 2288
#8 gtk_widget_set_style_internal
at gtkwidget.c line 4789
#9 gtk_widget_reset_rc_style
at gtkwidget.c line 4471
#10 reset_rc_styles_recurse
at gtkwidget.c line 4948
#11 IA__gtk_widget_reset_rc_styles
at gtkwidget.c line 4961
#12 IA__gtk_widget_set_parent
at gtkwidget.c line 4349
#13 IA__gtk_table_attach
at gtktable.c line 629
#14 IA__gtk_table_attach_defaults
at gtktable.c line 640
#15 new_container
at segfault.c line 54
#16 change_container
at segfault.c line 76
#17 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#18 IA__g_closure_invoke
at gclosure.c line 437
#19 signal_emit_unlocked_R
at gsignal.c line 2485
#20 IA__g_signal_emit_valist
at gsignal.c line 2244
#21 IA__g_signal_emit
at gsignal.c line 2288
#22 IA__gtk_button_clicked
at gtkbutton.c line 782
#23 gtk_real_button_released
at gtkbutton.c line 1294
#24 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#25 g_type_class_meta_marshal
at gclosure.c line 514
#26 IA__g_closure_invoke
at gclosure.c line 437
#27 signal_emit_unlocked_R
at gsignal.c line 2415
#28 IA__g_signal_emit_valist
#29 IA__g_signal_emit
at gsignal.c line 2288
#30 IA__gtk_button_released
at gtkbutton.c line 774
#31 gtk_button_button_release
at gtkbutton.c line 1210
#32 _gtk_marshal_BOOLEAN__BOXED
at gtkmarshalers.c line 83
#33 g_type_class_meta_marshal
at gclosure.c line 514
#34 IA__g_closure_invoke
at gclosure.c line 437
#35 signal_emit_unlocked_R
at gsignal.c line 2523
#36 IA__g_signal_emit_valist
at gsignal.c line 2254
#37 IA__g_signal_emit
at gsignal.c line 2288
#38 gtk_widget_event_internal
at gtkwidget.c line 3626
#39 IA__gtk_propagate_event
at gtkmain.c line 2145
#40 IA__gtk_main_do_event
at gtkmain.c line 1383
#41 gdk_event_dispatch
at gdkevents-x11.c line 2220
#42 g_main_dispatch
at gmain.c line 1947
#43 IA__g_main_context_dispatch
at gmain.c line 2497
#44 g_main_context_iterate
at gmain.c line 2578
#45 IA__g_main_loop_run
at gmain.c line 2782
#46 IA__gtk_main
at gtkmain.c line 963
#47 main
at segfault.c line 117


I reproduce this with both 0.11.11 and the new 0.11.12. Attached is the testcase

Comment 1 Michele Baldessari 2005-03-05 19:44:00 UTC

Created attachment 38314 [details]
Testcase

This reproduces the segfault (crashes on ppc and x86 fwiw)

Comment 2 Michele Baldessari 2005-03-06 13:04:12 UTC

Created attachment 38327 [details] [review]
Tiny patch to clear up the segfault

Note that this papers over the real issue (haven't dug deeper into it ATM) but
it does fix the segfault when reparenting. Given that this isn't a clean nice
fix (I hope I can provide one later this week), I won't add the PATCH keyword.

Comment 3 Michele Baldessari 2005-03-06 15:50:42 UTC

Created attachment 38334 [details] [review]
First tentative fix

Looked at this a bit more, it seems vte_terminal_style_changed gets called when
the widget is not realized. So simply returning in such case fixes the
segfault.

Comment 4 Olav Vitters 2005-03-06 16:03:15 UTC

Unfortunately the maintainer is MIA, but marking new so this patch will be
hopefully applied anyway.

Comment 5 Michele Baldessari 2005-06-09 20:42:22 UTC

I've checked around various different gtk+ widgets (gtkcalendar.c and
gtkwidget.c for example) and before changing the style
GTK_WIDGET_REALIZE(widget) is always tested for, so this patch isn't tentative
any longer ;)

Comment 6 Kjartan Maraas 2005-06-09 21:37:11 UTC

I applied this.

Comment 7 Michele Baldessari 2005-07-22 11:00:39 UTC

*** Bug 311140 has been marked as a duplicate of this bug. ***