GNOME Bugzilla – Bug 78764
bogus widget on event ...
Last modified: 2004-12-22 21:47:04 UTC
Ran nautilus; while it's starting up and can't really respond to events right clicked on the desktop paused, did again, then several times. When it got to rendering stuff (or later at least) I got: (lt-nautilus:12991): Gtk-CRITICAL **: file gtkwidget.c: line 2933 (gtk_widget_event): assertion `WIDGET_REALIZED_FOR_EVENT (widget, event)' failed Segmentation fault (core dumped) With this:
+ Trace 20854
$3 = {type = GDK_MAP, any = {type = GDK_MAP, window = 0x84d20b0, send_event = 0 '\000'}, expose = {type = GDK_MAP, window = 0x84d20b0, send_event = 0 '\000', area = {x = 972977176, y = 0, width = 1082370048,height = 0}, region = 0x4058c000, count = 0}, no_expose = {type = GDK_MAP, window = 0x84d20b0, send_event = 0 '\000'}, visibility = {type = GDK_MAP, window = 0x84d20b0, send_event = 0 '\000', state = 972977176}, motion = { type = GDK_MAP, window = 0x84d20b0, send_event = 0 '\000', time = 972977176, x = 629, y = 99, axes = 0x0, state = 1024, is_hint = 0, device = 0x80d0848, x_root = 629, y_root = 99}, button = {type = GDK_MAP, window = 0x84d20b0, send_event = 0 '\000', time = 972977176, x = 629, y = 99, axes = 0x0, state = 1024, button = 0, device = 0x80d0848, x_root = 629, y_root = 99} etc....
Nothing I can do with theis bug within the context of GTK+ gtk_widget_get_toplevel() basically can't segfault unless the widget tree is corrupted; it reads: while (widget->parent) widget = widget->parent;
Well - the thing is that the widget pointer came from Gtk+ / Gdk, examining the stack trace:
+ Trace 20900
ie. the bogus widget is obtained from the gdk event: event_widget = gtk_get_event_widget (event); or code like that in gtk_main_do_event, and that widget pointer is dead on arrival. No nautilus code is involved with this AFAICS, it's pure Gtk+, presumably some sort of race / re-enterancy with a destroyed widget getting a map event.
Ok, so this is really trivially repeatable, by doing the right click thing on the root window a load of times. The event_widget pointer at gtk_main_do_event is full of 0xaa, so it looks as if someone is not setting the user_data correctly on the GdkWindow on unrealize.
Just read all the 'unrealize' handlers in eel/nautilus, they all chain to the parent handler seemingly correctly - which should unset the gdk window's user_data.
It appears michael meant to reassign to gtk; I'm clearing milestones/priorities etc. but adding the gnome2.0.0 keyword.
I suspect this would get fixed faster if it was assigned to nautilus. While it might (or might not) be a GTK+ bug, as long as debugging it requires debugging nautilus, it's better off IMO being with the other bugs that require debugging nautilus. I doubt anything will be done to it while it is assigned to GTK+ ... we have a lot of other bugs with less than 100,000 line test cases.
Not going to be fixed for 2.0.3 from our end. (or most likely 2.0.4, or ...)
Pushing out to 2.0.1 and moving all the way back to nautilus.
hopefully the warning will get fixed in Gtk+, and perhaps the root cause of this.
Michael: well, the gtk warning is not going to get fixed if this is assigned to nautilus, no? [honest question, did I miss something somewhere?]
Yes - Owen removed the dependency of a Gtk+ bug, involving this warning on this one - without comment, and without explanation, at least that's what it looked like to me; Whatsup Owen ?
the bug is #82366, and attempts to provoke the warning we get before the crash, presumably exposing a false assumption in some Gtk+ / X interaction. But perhaps not.
I have not removed any dependences (what???)
Strange; I got this mail: which makes it look like you removed the dependency. From: bugzilla-daemon@widget.gnome.org To: nautilus-maint@bugzilla.gnome.org, michael@ximian.com, nautilus-qa-maint@bugzilla.gnome.org Subject: [Bug 78764] Changed - bogus widget on event ... Date: 20 May 2002 11:27:18 -0400 Please do not reply to this email- if you want to comment on the bug, go to the URL shown below and enter your comments there. http://bugzilla.gnome.org/show_bug.cgi?id=78764 Changed by otaylor@redhat.com. --- shadow/78764 Mon May 20 11:26:12 2002 +++ shadow/78764.tmp.32749 Mon May 20 11:27:18 2002 @@ -12,13 +12,12 @@ ReportedBy: michael@ximian.com QAContact: nautilus-qa-maint@bugzilla.gnome.org TargetMilestone: 1.1.x URL: Cc: Summary: bogus widget on event ... -BugsThisDependsOn: 82366 Ran nautilus; while it's starting up and can't really respond to events right clicked on the desktop paused, did again, then several times. When it got to rendering stuff (or later at least) I got:
Possible it happened accidentally; browsers are sometimes funny about 'intelligently' clearing fields. I've readded it if no one objects.
It is a crasher after all ... it looks like the gtk_widget_sink in eel_popup_context_menu is the root of the problems.
So; you can repeat this by right clicking repeatedly in a nautilus window itself as well - it seems the bug is in Gtk+ which fails to destroy the transfer_window if a grab fails. Patch on the Gtk+ bug shortly.
Fixed in Gtk+ now, on both branches.
*** Bug 83733 has been marked as a duplicate of this bug. ***