I have found a reproducible segfault, from gtk-2.20 (probably also before, but I haven't tested that) until gtk 3.2.4 (and possibly later but I've also not tested that).

I have a GtkTextView with "has-tooltip" enabled. From a popup menu I select to collapse a text block in Bluefish. The callback from that menu item applies a GtkTextTag to the GtkTextBuffer that has "invisible" set. When the popup menu dissapears, immediately the tooltip query callback is fired. In this callback I call gtk_text_view_get_iter_at_position() #6 in the backtrace with the result as shown below.

I guess this is some kind of race condition: the query tooltip callback calls for an iter location that has a texttag with invisible applied, but is not yet truly invisible.

The workaround in bluefish is to disable the "has-tooltip" option just before applying the GtkTextTag, and enabling it again in an idle callback with lowest priority.

The backtrace:

(bluefish:9010): Gtk-WARNING **: gtktextbtree.c:4019: byte index off the end of the line

Gtk-ERROR **: Byte index 590 is off the end of the line

Program received signal SIGTRAP, Trace/breakpoint trap.
g_logv (log_domain=0x7ffff7c6dcbb "Gtk", log_level=<optimized out>, format=
    0x7ffff7d21020 "Byte index %d is off the end of the line", args1=0x7fffffffd468)
    at gmessages.c:577
577		  g_private_set (g_log_depth, GUINT_TO_POINTER (depth));
(gdb) bt

+ Trace 230160