After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 562535 - Segmentation fault in GtkTrayIcon
Segmentation fault in GtkTrayIcon
Status: RESOLVED FIXED
Product: epiphany
Classification: Core
Component: Downloads
2.22.x
Other Linux
: Normal critical
: ---
Assigned To: Epiphany Maintainers
Epiphany Maintainers
Depends on:
Blocks:
 
 
Reported: 2008-11-28 07:54 UTC by Josselin Mouette
Modified: 2010-02-16 19:25 UTC
See Also:
GNOME target: ---
GNOME version: 2.21/2.22


Description Josselin Mouette 2008-11-28 07:54:30 UTC 
[ Original report: http://bugs.debian.org/507097 by Jonny Lamb ]

When using epiphany-gecko, downloading files to disk causes a tray icon
to appear to notify that file(s) are being downloaded.

However, every two or three downloads makes Epiphany segfault. I
installed the necessary debug packages and got the following backtrace:

Program received signal SIGSEGV, Segmentation fault.

+ Trace 210300

Thread 140290807519104 (LWP 10475)

  • #0 gtk_tray_icon_manager_filter
    at /scratch/build-area/gtk+2.0-2.12.11/gtk/gtktrayicon-x11.c line 236
  • #1 gdk_event_translate
    at /scratch/build-area/gtk+2.0-2.12.11/gdk/x11/gdkevents-x11.c line 345
  • #2 _gdk_events_queue
    at /scratch/build-area/gtk+2.0-2.12.11/gdk/x11/gdkevents-x11.c line 2285
  • #3 gdk_event_dispatch
    at /scratch/build-area/gtk+2.0-2.12.11/gdk/x11/gdkevents-x11.c line 2345
  • #4 g_main_context_dispatch
  • #5 ??
    from /usr/lib/libglib-2.0.so.0
  • #6 g_main_context_iteration
  • #7 nsBaseAppShell::DoProcessNextNativeEvent
    at nsBaseAppShell.cpp line 151
  • #8 nsBaseAppShell::OnProcessNextEvent
    at nsBaseAppShell.cpp line 278
  • #9 nsThread::ProcessNextEvent
    at nsThread.cpp line 497
  • #10 NS_ProcessPendingEvents_P
    at nsThreadUtils.cpp line 180
  • #11 nsBaseAppShell::NativeEventCallback
    at nsBaseAppShell.cpp line 121
  • #12 nsAppShell::EventProcessorCallback
    at nsAppShell.cpp line 69
  • #13 g_main_context_dispatch
  • #14 ??
    from /usr/lib/libglib-2.0.so.0
  • #15 g_main_loop_run
  • #16 IA__gtk_main
    at /scratch/build-area/gtk+2.0-2.12.11/gtk/gtkmain.c line 1163
  • #17 main
    at /tmp/buildd/epiphany-browser-2.22.3/src/ephy-main.c line 753 

(gdb) p icon
$1 = (GtkTrayIcon *) 0x2044220
(gdb) p icon->priv
$2 = (GtkTrayIconPrivate *) 0x0

I can reproduce this easily by simply right clicking on links and
choosing "Save Link As". It appears to work for the first 2-3
downloads and a tray icon appears, but then it segfaults in the
aforementioned fashion.

The files I downloaded to cause the segfault have all been small and
seeing that icon->priv was NULL then the download had completed and the
GtkTrayIconPrivate instance freed in the middle of something.

[ Additional comments from Joss ]

I think this is caused by the fact a new status icon is created every time the download view is started. Instead, it should probably be created once in the shell and just shown/hidden as necessary. 

The good way to fix this is probably to move the whole status icon logic to ephy-embed-shell.c. I can try to cook a patch of you agree with the idea.

Maybe there should also be an additional check in gtk_tray_icon_manager_filter to return a critical warning instead of crashing.
Comment 1 Reinout van Schouwen 2008-12-01 15:30:03 UTC 
Cosimo, you last worked on this code. What do you think?
Comment 2 Cosimo Cecchi 2008-12-01 16:49:28 UTC 
My guess is that libnotify is trying to access in some way the status icon after the view has been destroyed: this could happen, as we don't unref the notification when destroying the view.
It could be a good idea to move the status icon in a place not directly linked with the view to solve this though.
Comment 3 Santiago M. Mola 2009-03-07 11:51:33 UTC 
The bug seems to be in libnotify or gtk+, so maybe you should CC or assign this to them?

By the way, Evolution suffers this bug too (bug 569839) or very similar.
Comment 4 Diego Escalante Urrelo (not reading bugmail) 2010-02-16 19:25:33 UTC 
Our code changed to avoid this scenario. Closing.