After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 659782 - crash when I change chat theme
crash when I change chat theme
Status: RESOLVED NOTGNOME
Product: empathy
Classification: Core
Component: Chat themes
3.1.x
Other Linux
: Normal critical
: 3.2
Assigned To: empathy-maint
Depends on:
Blocks:
 
 
Reported: 2011-09-22 01:58 UTC by Fabio Durán Verdugo
Modified: 2011-09-22 08:24 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Fabio Durán Verdugo 2011-09-22 01:58:04 UTC 
steps for reproduce

go to Edit - Preferences - themes

change the theme (I have Ubuntu theme)
from Ubuntu theme to clean theme and back to ubuntu theme and crash

+ Trace 228530

Thread 1 (Thread 0xb7183880 (LWP 20466))

  • #0 WebKit::core
    at ../Source/WebKit/gtk/webkit/webkitwebview.cpp line 5168
  • #1 WebKit::GtkAdjustmentWatcher::adjustmentValueChanged
    at ../Source/WebKit/gtk/WebCoreSupport/GtkAdjustmentWatcher.cpp line 119
  • #2 WebKit::adjustmentValueChangedCallback
    at ../Source/WebKit/gtk/WebCoreSupport/GtkAdjustmentWatcher.cpp line 92
  • #3 g_cclosure_marshal_VOID__VOID
    at /build/buildd/glib2.0-2.29.92/./gobject/gmarshal.c line 85
  • #4 g_closure_invoke
    at /build/buildd/glib2.0-2.29.92/./gobject/gclosure.c line 774
  • #5 signal_emit_unlocked_R
    at /build/buildd/glib2.0-2.29.92/./gobject/gsignal.c line 3272
  • #6 g_signal_emit_valist
    at /build/buildd/glib2.0-2.29.92/./gobject/gsignal.c line 3003
  • #7 g_signal_emit
    at /build/buildd/glib2.0-2.29.92/./gobject/gsignal.c line 3060
  • #8 gtk_adjustment_value_changed
    at /build/buildd/gtk+3.0-3.1.90/./gtk/gtkadjustment.c line 764
  • #9 gtk_adjustment_set_value
    at /build/buildd/gtk+3.0-3.1.90/./gtk/gtkadjustment.c line 445
  • #10 gtk_text_view_set_vadjustment_values
    at /build/buildd/gtk+3.0-3.1.90/./gtk/gtktextview.c line 7492
  • #11 gtk_text_view_set_vadjustment
    at /build/buildd/gtk+3.0-3.1.90/./gtk/gtktextview.c line 7424
  • #12 gtk_text_view_set_property
    at /build/buildd/gtk+3.0-3.1.90/./gtk/gtktextview.c line 3157
  • #13 object_set_property
    at /build/buildd/glib2.0-2.29.92/./gobject/gobject.c line 1199
  • #14 g_object_set_valist
    at /build/buildd/glib2.0-2.29.92/./gobject/gobject.c line 1727
  • #15 g_object_set
    at /build/buildd/glib2.0-2.29.92/./gobject/gobject.c line 1833
  • #16 gtk_scrolled_window_add
    at /build/buildd/gtk+3.0-3.1.90/./gtk/gtkscrolledwindow.c line 1985
  • #17 g_cclosure_marshal_VOID__OBJECT
    at /build/buildd/glib2.0-2.29.92/./gobject/gmarshal.c line 644
  • #18 g_type_class_meta_marshal
    at /build/buildd/glib2.0-2.29.92/./gobject/gclosure.c line 885
  • #19 g_closure_invoke
    at /build/buildd/glib2.0-2.29.92/./gobject/gclosure.c line 774
  • #20 signal_emit_unlocked_R
    at /build/buildd/glib2.0-2.29.92/./gobject/gsignal.c line 3202
  • #21 g_signal_emit_valist
  • #22 g_signal_emit
    at /build/buildd/glib2.0-2.29.92/./gobject/gsignal.c line 3060
  • #23 gtk_container_add
    at /build/buildd/gtk+3.0-3.1.90/./gtk/gtkcontainer.c line 1531
  • #24 preferences_preview_theme_changed_cb
    at empathy-preferences.c line 720
  • #25 g_cclosure_marshal_VOID__VOID
    at /build/buildd/glib2.0-2.29.92/./gobject/gmarshal.c line 85
  • #26 g_closure_invoke
    at /build/buildd/glib2.0-2.29.92/./gobject/gclosure.c line 774
  • #27 signal_emit_unlocked_R
    at /build/buildd/glib2.0-2.29.92/./gobject/gsignal.c line 3272
  • #28 g_signal_emit_valist
    at /build/buildd/glib2.0-2.29.92/./gobject/gsignal.c line 3003
  • #29 g_signal_emit
    at /build/buildd/glib2.0-2.29.92/./gobject/gsignal.c line 3060
  • #30 theme_manager_emit_changed_idle_cb
    at empathy-theme-manager.c line 92
  • #31 g_idle_dispatch
    at /build/buildd/glib2.0-2.29.92/./glib/gmain.c line 4801
  • #32 g_main_dispatch
    at /build/buildd/glib2.0-2.29.92/./glib/gmain.c line 2441
  • #33 g_main_context_dispatch
    at /build/buildd/glib2.0-2.29.92/./glib/gmain.c line 3011
  • #34 g_main_context_iterate
    at /build/buildd/glib2.0-2.29.92/./glib/gmain.c line 3089
  • #35 g_main_loop_run
    at /build/buildd/glib2.0-2.29.92/./glib/gmain.c line 3297
  • #36 gtk_main
    at /build/buildd/gtk+3.0-3.1.90/./gtk/gtkmain.c line 1367
  • #37 gtk_application_run_mainloop
    at /build/buildd/gtk+3.0-3.1.90/./gtk/gtkapplication.c line 115
  • #38 g_application_run
    at /build/buildd/glib2.0-2.29.92/./gio/gapplication.c line 1323
  • #39 main
    at empathy.c line 838 

	Inferior 1 [process 20466] will be killed.

Quit anyway? (y or n)
Comment 1 Guillaume Desmottes 2011-09-22 07:58:15 UTC 
I can reproduce this with WebKit 1.5.2.

I seems to happen when switching from a WebKit theme to a classic one.


==24172== Invalid read of size 8
==24172==    at 0xBACE007: WebKit::core(_WebKitWebView*) (in /home/cassidy/usr/lib64/libwebkitgtk-3.0.so.0.9.0)
==24172==    by 0xBAADC45: WebKit::GtkAdjustmentWatcher::adjustmentValueChanged(_GtkAdjustment*) (in /home/cassidy/usr/lib64/libwebkitgtk-3.0.so.0.9.0)
==24172==    by 0xF62B543: g_cclosure_marshal_VOID__VOID (gmarshal.c:85)
==24172==    by 0xF62998A: g_closure_invoke (gclosure.c:774)
==24172==    by 0xF6454DA: signal_emit_unlocked_R (gsignal.c:3272)
==24172==    by 0xF64441C: g_signal_emit_valist (gsignal.c:3003)
==24172==    by 0xF644985: g_signal_emit (gsignal.c:3060)
==24172==    by 0xCF8C1BE: gtk_adjustment_value_changed (gtkadjustment.c:764)
==24172==    by 0xCF8B729: gtk_adjustment_set_value (gtkadjustment.c:445)
==24172==    by 0x50124B: chat_text_view_scroll_cb (empathy-chat-text-view.c:687)
==24172==    by 0xFED4012: g_timeout_dispatch (gmain.c:3907)
==24172==    by 0xFED0A22: g_main_dispatch (gmain.c:2441)
==24172==    by 0xFED1F68: g_main_context_dispatch (gmain.c:3011)
==24172==    by 0xFED2415: g_main_context_iterate (gmain.c:3089)
==24172==    by 0xFED2B6E: g_main_loop_run (gmain.c:3297)
==24172==    by 0xD0C0F60: gtk_main (gtkmain.c:1362)
==24172==    by 0xCF9591D: gtk_application_run_mainloop (gtkapplication.c:115)
==24172==    by 0xF34AEC8: g_application_run (gapplication.c:1323)
==24172==    by 0x4594C4: main (empathy.c:838)
==24172==  Address 0x224a3f38 is 40 bytes inside a block of size 656 free'd
==24172==    at 0x4C282ED: free (vg_replace_malloc.c:366)
==24172==    by 0xFEDA7BD: g_free (gmem.c:263)
==24172==    by 0xFEF3E03: g_slice_free1 (gslice.c:907)
==24172==    by 0xF64A875: g_type_free_instance (gtype.c:1930)
==24172==    by 0xF63359A: g_object_unref (gobject.c:2759)
==24172==    by 0xF62E5E2: g_object_run_dispose (gobject.c:947)
==24172==    by 0xD26C429: gtk_widget_destroy (gtkwidget.c:3837)
==24172==    by 0x45420A: preferences_preview_theme_changed_cb (empathy-preferences.c:717)
==24172==    by 0xF62B543: g_cclosure_marshal_VOID__VOID (gmarshal.c:85)
==24172==    by 0xF62998A: g_closure_invoke (gclosure.c:774)
==24172==    by 0xF6454DA: signal_emit_unlocked_R (gsignal.c:3272)
==24172==    by 0xF64441C: g_signal_emit_valist (gsignal.c:3003)
==24172==    by 0xF644985: g_signal_emit (gsignal.c:3060)
==24172==    by 0x46D479: theme_manager_emit_changed_idle_cb (empathy-theme-manager.c:92)
==24172==    by 0xFED516E: g_idle_dispatch (gmain.c:4801)
==24172==    by 0xFED0A22: g_main_dispatch (gmain.c:2441)
==24172==    by 0xFED1F68: g_main_context_dispatch (gmain.c:3011)
==24172==    by 0xFED2415: g_main_context_iterate (gmain.c:3089)
==24172==    by 0xFED2B6E: g_main_loop_run (gmain.c:3297)
==24172==    by 0xD0C0F60: gtk_main (gtkmain.c:1362)
Comment 2 Xavier Claessens 2011-09-22 08:17:09 UTC 
same on ubuntu oneiric, webkit 1.4.3
Comment 3 Guillaume Desmottes 2011-09-22 08:24:37 UTC 
Looks like a WebKit regression. I opened https://bugs.webkit.org/show_bug.cgi?id=68600

Kov: any chance you could take a look on this? It's pretty critical, we should fix it for 3.2.