I got a test version of orca froim Willie and I can reproduce what I think is the same problem on Solaris x86. The stack trace is a bit different.

bash-3.00# pstack `pgrep gnome-panel`
22673:  gnome-panel
 fef48667 waitid   (0, 58b5, 8045aa0, 3)
 fef3c34d waitpid  (58b5, 8045bb4, 0) + 97
 feae7dc6 libgnomeui_segv_handle (b, 0, 8045c54) + ba
 fef4776f __sighndlr (b, 0, 8045c54, feae7d0c) + f
 fef3cfbb call_user_handler (b, 0, 8045c54) + 2b8
 fef3d162 sigacthandler (b, 0, 8045c54) + c2
 --- called from signal handler with signal 11 (SIGSEGV) ---
 fb796595 gail_window_ref_relation_set (82cc838) + 109
 fbdfa9c6 atk_object_ref_relation_set (82cc838) + 36
 fbe7dc89 impl_accessibility_accessible_get_relation_set (82ca8d4, 80460ac) + 31
 fbe7b43d _ORBIT_skel_small_Accessibility_Accessible_getRelationSet (82ca8d4, 8045fb0, 0, 8045f60, 80460ac, fbe7dc58) + 11
 fed8112a ORBit_POAObject_invoke (82cc7d0, 8045fb0, 0, 8045f60, 8045fe8, 80460ac) + 22
 fed85519 ORBit_OAObject_invoke (82cc7d0, 8045fb0, 0, 8045f60, 8045fe8, 80460ac) + 21
 fed72f1b ORBit_small_invoke_adaptor (82cc7d0, 82d2668, fbea0ad0, 8045fe8, 80460ac) + 2b3
 fed81562 ORBit_POAObject_handle_request (82cc7d0, 82d3ad4, 0, 0, 0, 82d2668) + 32a
 fed81960 ORBit_POAObject_invoke_incoming_request (82cc7d0, 82d2668, 80460ac) + 54
 fed81de6 ORBit_POA_handle_request (80f1080, 82d2668, 82d2680) + 2ea
 fed85317 ORBit_handle_request (80f1008, 82d2668) + 4b
 fed7014a giop_connection_handle_input (8246c00) + 2e2
 fed8b4e9 link_connection_io_handler (0, 1, 8246c00) + 55
 fed8d10d link_source_dispatch (82c96f8, fed8b494, 8246c00) + 41
 fecd3615 g_main_dispatch (80f04e8) + 1d9
 fecd4705 g_main_context_dispatch (80f04e8) + 85
 fecd4b22 g_main_context_iterate (80f04e8, 1, 1, 80d37b0) + 3ce
 fecd4d7b g_main_context_iteration (80f04e8, 1) + 87
 fed899a5 link_main_iteration (1) + 21
 fed6f617 giop_recv_buffer_get (8046368) + 5f
 fed72b95 ORBit_small_invoke_stub (8163258, fbea0480, 0, 804645c, 0, fb714fe0) + 139
 fed72a3d ORBit_small_invoke_stub_n (8163258, fbea0460, 0, 0, 804645c, 0) + 3d
 fed841ea ORBit_c_stub_invoke (8163258, fbea0460, 0, 0, 804645c, 0) + 12e
 fbe6a0b8 Accessibility_EventListener_notifyEvent (8163258, 8046484, fb714fe0) + 4c
 fb703519 spi_atk_emit_eventv (82cc838, 0, 0, 0, 82cbfc8) + 1b1
 fb703b37 spi_atk_bridge_state_event_listener (804653c, 3, 80465dc, 8161ab8) + 77
 fec61b28 signal_emit_unlocked_R (815f3a0, 3e7, 82cc838, 0, 80465dc) + 5a0
 fec60fe0 g_signal_emit_valist (82cc838, 75, 3e7, 8046854) + 8c4
 fec61175 g_signal_emit (82cc838, 75, 3e7, fbe04000, 0, 0) + 25
 fbdfb04f atk_object_notify_state_change (82cc838, d, 0, 0, 82bb0a8) + 3f
 fb7968c8 gail_window_state_event_gtk (82bb0a8, 80ec9f0, 0) + 3c
 fc75cca8 _gtk_marshal_BOOLEAN__BOXED (82cf808, 8046960, 2, 8046a1c, 804697c, 0) + 70
 fec4e073 g_closure_invoke (82cf808, 8046960, 2, 8046a1c, 804697c) + 107
 fec61cce signal_emit_unlocked_R (80d8ca8, 0, 82bb0a8, 8046b9c, 8046a1c) + 746
 fec60d7e g_signal_emit_valist (82bb0a8, 55, 0, 8046c90) + 662
 fec61175 g_signal_emit (82bb0a8, 55, 0, 80ec9f0, 8046cb4) + 25
 fc85ecfb gtk_widget_event_internal (82bb0a8, 80ec9f0) + 20f
 fc85e98d gtk_widget_event (82bb0a8, 80ec9f0) + 99
 fc75a9b4 gtk_main_do_event (80ec9f0, 0) + 3d8
 fee14f7a gdk_event_dispatch (80eedb8, 0, 0) + 56
 fecd3615 g_main_dispatch (80ef990) + 1d9
 fecd4705 g_main_context_dispatch (80ef990) + 85
 fecd4b22 g_main_context_iterate (80ef990, 1, 1, 80d37b0) + 3ce
 fecd5124 g_main_loop_run (82688f0) + 1b8
 fc75a2ba gtk_main (8046e90, feffa7c0, feffa7c0, 8046e90, 8046fc4, 8046ec8) + b2
 08075390 main     (1, 8046ed4, 8046edc) + 130
 08071aa6 _start   (1, 804702c, 0, 8047038, 804704f, 804709e) + 7a

Created attachment 76764 [details] [review]
Proposed patch

Can you check whether this also fixes your problem?

Works great!  Thanks!  (PS - I needed to remember to log out and log back in to make sure the new libgail was being used.  D'Oh!)

Willie, could you please start running with a debug version of atk-bridge/at-spi?  We get a lot of confusing/bogus stack traces (such as the one you initially provided) that result from gdb grabbing the wrong symbols from libs that are built w/o debug support.  Thanks!

Padraig, do you still not have cvs access anymore?

also - does it strike you as a gtk+ bug that accessing tooltip info for a non-visible widget causes SEGV?  Doesn't quite seem right to me... i.e. seems like gtk+ may be at fault...

(In reply to comment #4)
> Willie, could you please start running with a debug version of
> atk-bridge/at-spi?  We get a lot of confusing/bogus stack traces (such as the
> one you initially provided) that result from gdb grabbing the wrong symbols
> from libs that are built w/o debug support.  Thanks!

As long as things are stable enough for me to use them while developing Orca, I tend to do this.  Note that the stack trace I provided certainly seems to have the right information in it:

+ Trace 87254

Line 443 of gailwindow.c is certainly where Padraig made the patch to gail_window_ref_relation_set.

> Note that the stack trace I provided certainly seems to have
>the right information in it:

well, the stack frames about it were incorrect (gnome_accessibility_module_shutdown, etc.) which makes it very hard to interpret the rest of the stack, in my experience.  In such cases it's unclear whether the root cause is much higher in the stack than where the segv occurs - there are several critical-severity bugs with such stack traces in bugzilla at the moment, which can't be dealt with due to this problem.  

regards

Bill

by the way - the request is not "run head", though that's also helpful - the request is "run a version with debug symbols", so stability should not be an issue since you can run a stable debug version).  

I do not have CVS access any more.

Although there may be a bug in gtk+ when attempting to determine for which widget a non-visible tooltip window is being displayed I believe the proposed patch is correct in that we should not be doing this for a non visible window.