After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 669376 - gtk leaks references in GtkTreeView / GtTreeModelSort which cause segfault in bluefish
gtk leaks references in GtkTreeView / GtTreeModelSort which cause segfault in...
Status: RESOLVED FIXED
Product: gtk+
Classification: Platform
Component: Widget: GtkTreeView
3.2.x
Other Linux
: Normal critical
: ---
Assigned To: gtktreeview-bugs
gtktreeview-bugs
Depends on:
Blocks:
 
 
Reported: 2012-02-04 21:22 UTC by Olivier Sessink
Modified: 2012-02-07 10:07 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Olivier Sessink 2012-02-04 21:22:23 UTC 
In Bluefish we get a lot of bugreports from users on Ubuntu 11.10 that have a segfault and all backtraces have something weird: a GtkTreeModelSort is calling it's sort function after the model has been unreffed by bluefish already.

This behaviour cannot be reproduced on Fedora 16 which also has Gtk-3.2 so I don't know if this is an upstream problem at all, or if the difference is that Ubuntu has different accessibility options by default (the problem is related to accessibility it seems).

Checking with libgobject-list (from http://people.gnome.org/~mortenw/gobject-list.c) reveals that on Ubuntu there is a GtkTreeModelSort leaking, that is not leaking on Fedora 16.

After a gdb breakpoint g_object_ref and g_object_unref with a condition object == 0x123123123 (the pointer of the GtkTreeModelSort) and doing a backtrace for each break, I found which function does not clean it's reference count:

Breakpoint 2, g_object_ref (object=0xaebbb0) at gobject-list.c:642
642 GObject *obj = G_OBJECT (object);

+ Trace 229602

  • #0 g_object_ref
    at gobject-list.c line 642
  • #1 gtk_tree_row_reference_new_proxy
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtktreemodel.c line 2300
  • #2 cell_info_new
    at /build/buildd/gtk+3.0-3.2.0/./gtk/a11y/gtktreeviewaccessible.c line 3227
  • #3 gtk_tree_view_accessible_ref_child
    at /build/buildd/gtk+3.0-3.2.0/./gtk/a11y/gtktreeviewaccessible.c line 563
  • #4 focus_in
    at /build/buildd/gtk+3.0-3.2.0/./gtk/a11y/gtktreeviewaccessible.c line 1939
  • #5 _gtk_marshal_BOOLEAN__BOXED
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmarshalers.c line 85
  • #6 g_closure_invoke
    at /build/buildd/glib2.0-2.30.0/./gobject/gclosure.c line 774
  • #7 signal_emit_unlocked_R
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c line 3272
  • #8 g_signal_emit_valist
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c line 3013
  • #9 g_signal_emit
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c line 3060
  • #10 gtk_widget_event_internal
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwidget.c line 6132
  • #11 gtk_widget_send_focus_change
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwidget.c line 14204
  • #12 do_focus_change
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c line 6009
  • #13 _gtk_window_set_is_active
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c line 9377
  • #14 gtk_window_focus_in_event
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c line 6063
  • #15 gtk_window_focus_in_event
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c line 6049
  • #16 _gtk_marshal_BOOLEAN__BOXED
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmarshalers.c line 85
  • #17 g_closure_invoke
    at /build/buildd/glib2.0-2.30.0/./gobject/gclosure.c line 774
  • #18 signal_emit_unlocked_R
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c line 3310
  • #19 g_signal_emit_valist
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c line 3013
  • #20 g_signal_emit
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c line 3060
  • #21 gtk_widget_event_internal
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwidget.c line 6132
  • #22 gtk_main_do_event
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmain.c line 1835
  • #23 gdk_event_source_dispatch
    at /build/buildd/gtk+3.0-3.2.0/./gdk/x11/gdkeventsource.c line 360
  • #24 g_main_dispatch
    at /build/buildd/glib2.0-2.30.0/./glib/gmain.c line 2441
  • #25 g_main_context_dispatch
    at /build/buildd/glib2.0-2.30.0/./glib/gmain.c line 3011
  • #26 g_main_context_iterate
    at /build/buildd/glib2.0-2.30.0/./glib/gmain.c line 3089
  • #27 g_main_loop_run
    at /build/buildd/glib2.0-2.30.0/./glib/gmain.c line 3297
  • #28 gtk_main
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmain.c line 1367
  • #29 main
    at bluefish.c line 402 

I don't know what causes this leak. It might be Ubuntu specific patches on gtk, the gtk theme that Ubuntu is using, or accesibility settings that default to a different value on Ubuntu (both on Ubuntu and Fedora I did not change any accessibility option from the default setting).

I filed it in launchpad at https://bugs.launchpad.net/ubuntu/+source/gtk+3.0/+bug/926889
Comment 1 Benjamin Otte (Company) 2012-02-05 22:49:44 UTC 
This might be magically fixed by http://git.gnome.org/browse/gtk+/commit/?id=512ac214c68d7806bfab05f5311007169892d914 which appears in GTK 3.2.3. And your trace indicates Ubuntu using 3.2.0. I suppose F16 uses the most recent version?
Comment 2 Olivier Sessink 2012-02-06 15:48:20 UTC 
Fedora 16 has libgtk-3.so.0.200.3 

does that indicate GTK 3.2.3 ?
Comment 3 Benjamin Otte (Company) 2012-02-06 19:46:27 UTC 
Yeah.

Gtk version is libgtk-$MAJOR.so.0.($MINOR * 100).$MICRO for stable versions and
libgtk-$MAJOR.so.0.($MINOR * 100 + $MICRO).0 for unstable versions.
Comment 4 Olivier Sessink 2012-02-07 10:07:52 UTC 
closing the bug, I cannot reproduce it on git master anymore.