GNOME Bugzilla – Bug 351319
crash on Terminal
Last modified: 2006-08-31 23:33:58 UTC
What were you doing when the application crashed? Distribution: Gentoo Base System version 1.12.4 Gnome Release: 2.15.90 2006-08-02 (Gentoo) BugBuddy Version: 2.15.90 Memory status: size: 45559808 vsize: 0 resident: 45559808 share: 0 rss: 17244160 rss_rlim: 0 CPU usage: start_time: 1155140562 rtime: 0 utime: 481 stime: 0 cutime:407 cstime: 0 timeout: 74 it_real_value: 0 frequency: 0 Backtrace was generated from '/usr/bin/gnome-terminal' (no debugging symbols found) Using host libthread_db library "/lib/libthread_db.so.1". (no debugging symbols found) [Thread debugging using libthread_db enabled] [New Thread -1226520896 (LWP 9850)] [New Thread -1230513248 (LWP 9855)] _______________________________________________________________________________ eax:FFFFFE00 ebx:00004808 ecx:BFBD5DE8 edx:00000000 eflags:00000293 esi:BFBD610C edi:B7076FF4 esp:BFBD5D10 ebp:BFBD5DF8 eip:FFFFE410 cs:0073 ds:007B es:007B fs:0000 gs:0033 ss:007B o d I t S z A p C [007B:BFBD5D10]---------------------------------------------------------[stack] BFBD5D40 : F8 42 0E 08 80 81 07 B7 - F4 6F 07 B7 80 81 07 B7 .B.......o...... BFBD5D30 : E8 5D BD BF 00 00 00 00 - 64 EF FB B6 00 00 00 00 .]......d....... BFBD5D20 : 74 59 F8 B7 00 00 00 00 - 99 72 F5 B7 08 48 00 00 tY.......r...H.. BFBD5D10 : F8 5D BD BF 00 00 00 00 - E8 5D BD BF EB EF 36 B7 .].......]....6. [007B:BFBD610C]---------------------------------------------------------[ data] BFBD610C : 20 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ............... BFBD611C : 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ [0073:FFFFE410]---------------------------------------------------------[ code] 0xffffe410 <__kernel_vsyscall+16>: pop %ebp 0xffffe411 <__kernel_vsyscall+17>: pop %edx 0xffffe412 <__kernel_vsyscall+18>: pop %ecx 0xffffe413 <__kernel_vsyscall+19>: ret 0xffffe414 <__kernel_vsyscall+20>: nop 0xffffe415 <__kernel_vsyscall+21>: nop ------------------------------------------------------------------------------ 0xffffe410 in __kernel_vsyscall ()
+ Trace 70430
*** Bug 351320 has been marked as a duplicate of this bug. ***
Did you build this with any particular build flags?
*** Bug 351518 has been marked as a duplicate of this bug. ***
*** Bug 352742 has been marked as a duplicate of this bug. ***
*** Bug 351179 has been marked as a duplicate of this bug. ***
Steps to reproduce: 0) Start g-t 1) Open so many tabs that they overflow and the scroll buttons appear 2) Drag-move the active tab (which is the last tab) one position to the left with the mouse 3) Close this tab with its close button 4) Close the window with the window border close button Trace:
+ Trace 71192
$1 = {object = {parent_instance = {g_type_instance = {g_class = 0x810a0e0}, ref_count = 3, qdata = 0x8464a20}, flags = 2164304}, private_flags = 15872, state = 0 '\0', saved_state = 0 '\0', name = 0x0, style = 0x810c220, requisition = {width = 642, height = 410}, allocation = {x = 0, y = 0, width = 646, height = 442}, window = 0x8605218, parent = 0x0} (gdb) p gtk_widget_get_name (widget) $2 = (const gchar *) 0x80fe180 "TerminalWindow"
Created attachment 71959 [details] [review] proposed fix The problem was the following: Destroying the TerminalWindow removes all tabs from it (terminal_window_destroy). That causes the notebook_page_selected_callback to run, which realizes the terminal screen while the containing window is unrealized. That is illegal.
I cannot reproduce, but the patch looks harmless. Requesting for commit in freeze.
Ah, I actually can. I didn't get a crash because I have warnings enabled: (gnome-terminal:6748): Gtk-CRITICAL **: gtk_style_detach: assertion `style->attach_count > 0' failed
I would think a bit about how to solve this: introducing state flags is usually a kludge, and you end up with state machines. Maybe doing things in the correct order so that this does not happen, or even stopping the page-selected signal whenthe window is being destroyed or...
I want to fix the crasher for the release. If someone comes up with a better patch, the better. Otherwise, we'll commit and fix properly later. How's that?
Can you add a FIXME if you commit this patch? :-)
This can be reproduced as follows: run gnome-terminal --disable-factory --tab --active --tab and now close the window (in any way). I instrumented the gtk_widget_unrealize function to trace the calls to gtk_style_detach, and this is what I get (all fields are right before the call to gtk_style_detach): widget: 0xa0e1750; widget type: GtkImage; widget->style: 0xa16c500; widget->style->attach_count: 30 widget: 0x9fc65f0; widget type: GtkLabel; widget->style: 0xa1f0380; widget->style->attach_count: 1 widget: 0x9fc6578; widget type: GtkLabel; widget->style: 0xa16c500; widget->style->attach_count: 29 widget: 0x9fc7788; widget type: GtkVBox; widget->style: 0xa16c500; widget->style->attach_count: 28 widget: 0x9fc78c0; widget type: GtkHBox; widget->style: 0xa16c500; widget->style->attach_count: 27 widget: 0x9fc66e0; widget type: GtkLabel; widget->style: 0xa16c500; widget->style->attach_count: 26 widget: 0xa078cb0; widget type: GtkButton; widget->style: 0xa1ef000; widget->style->attach_count: 2 widget: 0xa0e16e8; widget type: GtkImage; widget->style: 0xa16c500; widget->style->attach_count: 25 widget: 0x9fc6668; widget type: GtkLabel; widget->style: 0xa16c500; widget->style->attach_count: 24 widget: 0x9fc7558; widget type: GtkHBox; widget->style: 0xa16c500; widget->style->attach_count: 23 widget: 0xa0bfa70; widget type: GtkAlignment; widget->style: 0xa16c500; widget->style->attach_count: 22 widget: 0xa078c40; widget type: GtkButton; widget->style: 0xa1ef000; widget->style->attach_count: 1 widget: 0x9fd71f0; widget type: GtkHButtonBox; widget->style: 0xa16c500; widget->style->attach_count: 21 widget: 0x9fc7910; widget type: GtkVBox; widget->style: 0xa16c500; widget->style->attach_count: 20 widget: 0xa1ec808; widget type: GtkMessageDialog; widget->style: 0xa16c500; widget->style->attach_count: 19widget: 0x9fcf028; widget type: GtkAccelLabel; widget->style: 0xa167400; widget->style->attach_count: 6 widget: 0x9fcb808; widget type: GtkMenuItem; widget->style: 0xa1e0958; widget->style->attach_count: 6 widget: 0x9fcf3b8; widget type: GtkAccelLabel; widget->style: 0xa167400; widget->style->attach_count: 5 widget: 0x9fcbb08; widget type: GtkMenuItem; widget->style: 0xa1e0958; widget->style->attach_count: 5 widget: 0x9fcf748; widget type: GtkAccelLabel; widget->style: 0xa167400; widget->style->attach_count: 4 widget: 0x9fcbd30; widget type: GtkMenuItem; widget->style: 0xa1e0958; widget->style->attach_count: 4 widget: 0x9fd4b20; widget type: GtkAccelLabel; widget->style: 0xa167400; widget->style->attach_count: 3 widget: 0x9fcbdf0; widget type: GtkMenuItem; widget->style: 0xa1e0958; widget->style->attach_count: 3 widget: 0x9fd4eb0; widget type: GtkAccelLabel; widget->style: 0xa167400; widget->style->attach_count: 2 widget: 0x9fd6cc8; widget type: GtkMenuItem; widget->style: 0xa1e0958; widget->style->attach_count: 2 widget: 0x9fd7a60; widget type: GtkAccelLabel; widget->style: 0xa167400; widget->style->attach_count: 1 widget: 0x9fd7070; widget type: GtkMenuItem; widget->style: 0xa1e0958; widget->style->attach_count: 1 widget: 0x9fc6410; widget type: GtkMenuBar; widget->style: 0xa16c500; widget->style->attach_count: 18 widget: 0xa016808; widget type: GtkVScrollbar; widget->style: 0xa0312e8; widget->style->attach_count: 2 widget: 0x9fc7418; widget type: GtkHBox; widget->style: 0xa16c500; widget->style->attach_count: 16 widget: 0x9f7d338; widget type: TerminalScreen; widget->style: 0xa16c500; widget->style->attach_count: 15 widget: 0x9fc6488; widget type: GtkLabel; widget->style: 0xa16c500; widget->style->attach_count: 14 widget: 0x9fc7508; widget type: GtkEventBox; widget->style: 0xa16c500; widget->style->attach_count: 13 widget: 0x9f89208; widget type: GtkImage; widget->style: 0xa16c500; widget->style->attach_count: 12 widget: 0x9f842d8; widget type: GtkButton; widget->style: 0xa0e76a8; widget->style->attach_count: 1 widget: 0x9fc74b8; widget type: GtkHBox; widget->style: 0xa16c500; widget->style->attach_count: 11 widget: 0xa016890; widget type: GtkVScrollbar; widget->style: 0xa0312e8; widget->style->attach_count: 1 widget: 0x9fc7648; widget type: GtkHBox; widget->style: 0xa16c500; widget->style->attach_count: 9 widget: 0x9fc75a8; widget type: TerminalScreen; widget->style: 0xa16c500; widget->style->attach_count: 8 widget: 0x9fc6500; widget type: GtkLabel; widget->style: 0xa16c500; widget->style->attach_count: 7 widget: 0x9fc76e8; widget type: GtkEventBox; widget->style: 0xa16c500; widget->style->attach_count: 6 widget: 0xa0bfee0; widget type: GtkImage; widget->style: 0xa16c500; widget->style->attach_count: 5 widget: 0x9f84348; widget type: GtkButton; widget->style: 0xa0e2680; widget->style->attach_count: 1 widget: 0x9fc7698; widget type: GtkHBox; widget->style: 0xa16c500; widget->style->attach_count: 4 widget: 0x9fca850; widget type: TerminalNotebook; widget->style: 0xa07b240; widget->style->attach_count: 1 widget: 0x9f7d298; widget type: GtkVBox; widget->style: 0xa16c500; widget->style->attach_count: 3 widget: 0x9fc2800; widget type: TerminalWindow; widget->style: 0xa16c500; widget->style->attach_count: 2 widget: 0x9fc7648; widget type: GtkHBox; widget->style: 0xa16c500; widget->style->attach_count: 5 widget: 0x9fc75a8; widget type: TerminalScreen; widget->style: 0xa16c500; widget->style->attach_count: 4 widget: 0x9fca850; widget type: TerminalNotebook; widget->style: 0xa07b240; widget->style->attach_count: 1 widget: 0x9f7d298; widget type: GtkVBox; widget->style: 0xa16c500; widget->style->attach_count: 3 widget: 0x9fc2800; widget type: TerminalWindow; widget->style: 0x9fc40a0; widget->style->attach_count: 0 (gnome-terminal:17683): Gtk-CRITICAL **: gtk_style_detach: assertion `style->attach_count > 0' failed Notice how the TerminalWindow, the Notebook et al. get its style detached twice.
Created attachment 71989 [details] [review] a possibly saner patch? [from IRC, mildly edited] <mariano> behdad, re: 351319: if you comment the while loop in terminal_window_destroy (which is actually not needed, because the screens will get killed by the usual GtkContainer destroy) the warning is gone <mariano> that looks like a «better» fix ;-)
Ok, agreed that it's a better fix. Now I have to go back to the release-team again :)
(06:35:45 PM) Behdad Esfahbod: vuntz, elijah: mariano has submitted a better patch: http://bugzilla.gnome.org/show_bug.cgi?id=351319 (06:35:51 PM) Behdad Esfahbod: care to rereview? (06:36:11 PM) vuntz: behdad: clicking on the link (06:36:58 PM) vuntz: 1 approval from me
1 of 2.
Sums up to 2 of 2. Thanks.
2006-08-31 Behdad Esfahbod <behdad@gnome.org> Bug 351319 – crash on Terminal Patch from Mariano Suárez-Alvarez * src/terminal-window.c (terminal_window_destroy): Don't remove screens, let the container take care of them.