Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 85060 - notification area segv
Summary: notification area segv
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: gnome-panel
Version: 9
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Havoc Pennington
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 79578 CambridgeBlocker
TreeView+ depends on / blocked
 
Reported: 2003-02-25 06:47 UTC by Matt Wilson
Modified: 2007-04-18 16:51 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2003-10-21 20:11:17 UTC


Attachments (Terms of Use)

Description Matt Wilson 2003-02-25 06:47:24 UTC
(gdb) bt
#0  0xffffe002 in ?? ()
#1  0x401affa7 in libgnomeui_segv_handle (signum=-512) at gnome-ui-init.c:646
#2  <signal handler called>
#3  0x40675eb9 in gdk_x11_drawable_get_xid (drawable=0x0)
    at gdkdrawable-x11.c:928
#4  0x405b6d7d in send_xembed_message (socket=0x0, message=-512, detail=-512,
    data1=-512, data2=-512, time=4294966784) at gtksocket.c:1079
#5  0x405b627c in socket_update_active (socket=0x0) at gtksocket.c:714
#6  0x408a0754 in g_cclosure_marshal_VOID__PARAM (closure=0x0,
    return_value=0x0, n_param_values=2, param_values=0x8dc,
    invocation_hint=0xbfffd9a8, marshal_data=0x0) at gmarshal.c:531
#7  0x4088ced7 in g_closure_invoke (closure=0x0, return_value=0xfffffe00,
    n_param_values=4294966784, param_values=0xfffffe00,
    invocation_hint=0xfffffe00) at gclosure.c:437
#8  0x4089f983 in signal_emit_unlocked_R (node=0x8052658, detail=517,
    instance=0x809c090, emission_return=0x0, instance_and_params=0xbfffdaa0)
    at gsignal.c:2822
#9  0x4089e9a8 in g_signal_emit_valist (instance=0x809c090, signal_id=1,
    detail=517, var_args=0xbfffdc30 "") at gsignal.c:2554
#10 0x4089ebe4 in g_signal_emit (instance=0xfffffe00, signal_id=4294966784,
    detail=4294966784) at gsignal.c:2612
#11 0x4088f1c5 in g_object_dispatch_properties_changed (object=0x809c090,
    n_pspecs=1, pspecs=0x1) at gobject.c:464
---Type <return> to continue, or q <return> to quit---
#12 0x4088e84f in g_object_notify_dispatcher (object=0x0, n_pspecs=4294966784,
    pspecs=0xfffffe00) at gobject.c:228
#13 0x40893827 in g_object_notify_queue_thaw (object=0x809c090,
    nqueue=0x80551e0) at gobjectnotifyqueue.c:123
#14 0x4088f470 in g_object_notify (object=0x809c090,
    property_name=0x4062cb92 "is_active") at gobject.c:530
#15 0x405b2ed8 in _gtk_window_set_is_active (window=0x809c090,
    is_active=-1073750880) at gtkwindow.c:6809
#16 0x405b4e25 in handle_xembed_message (plug=0x809c090, message=0,
    detail=-1073750880, data1=0, data2=0, time=0) at gtkplug.c:1008
#17 0x405b4fb0 in gtk_plug_filter_func (gdk_xevent=0x809c090,
    event=0xfffffe00, data=0x809c090) at gtkplug.c:1074
#18 0x40677048 in gdk_event_apply_filters (xevent=0xbfffdf20, event=0x809c090,
    filters=0x8055030) at gdkevents-x11.c:299
#19 0x40678c3c in gdk_event_translate (display=0x80639f8, event=0x8124878,
    xevent=0xbfffdf20, return_exposes=0) at gdkevents-x11.c:814
#20 0x40678ee6 in _gdk_events_queue (display=0x80639f8) at gdkevents-x11.c:1952
#21 0x406790ed in gdk_event_dispatch (source=0xfffffe00, callback=0,
    user_data=0x0) at gdkevents-x11.c:2012
#22 0x408e0b35 in g_main_dispatch (context=0x8065728) at gmain.c:1653
#23 0x408e1b78 in g_main_context_dispatch (context=0x80639f8) at gmain.c:2197
#24 0x408e1e8d in g_main_context_iterate (context=0x8065728, block=1,
    dispatch=1, self=0x8054c48) at gmain.c:2278
---Type <return> to continue, or q <return> to quit---
#25 0x408e258f in g_main_loop_run (loop=0x8061508) at gmain.c:2498
#26 0x40752328 in bonobo_main () from /usr/lib/libbonobo-2.so.0
#27 0x407503f4 in bonobo_generic_factory_main () from /usr/lib/libbonobo-2.so.0
#28 0x40029a4a in panel_applet_factory_main_closure ()
   from /usr/lib/libpanel-applet-2.so.0
#29 0x40029b73 in panel_applet_factory_main ()
   from /usr/lib/libpanel-applet-2.so.0
#30 0x0804b9e5 in main ()
#31 0x420154d4 in __libc_start_main () from /lib/tls/libc.so.6
(gdb)

Comment 1 Havoc Pennington 2003-02-25 06:52:41 UTC
<msw> hp: I was just sitting there
<msw> hp: it came up 1 pixel wide
<msw> hp: I right clicked on the 1 pixel in order to quit rhn
<msw> hp: then I went and added the rhn applet again
<msw> hp: and a little while later it crashed

Comment 2 Havoc Pennington 2003-02-25 06:56:03 UTC
<msw> hah!
<msw> duplicated!
<msw> I had to log in N times to get it to be 1 pixel wide again
<msw> right click on the notification icon, exit, then system
tools->notification applet

Comment 3 Havoc Pennington 2003-02-25 08:06:01 UTC
The situation seems to be a socket that's inside a plug that's inside a socket. 
Outermost socket activates the plug, which changes is_active, which then 
invokes socket_update_active(). So the innermost socket is in same process 
as the plug. The plug must be the applet and the socket is the system tray slot.

Trying to see some reason socket_update_active wouldn't be removed 
while socket was invalid. Wild theory: hierarchy-changed is not received when
destroying the system 
tray slot, because GTK_ANCHORED flag is not set on GtkPlug, and there's code
in gtk_widget_unparent() that only does the hierarchy-changed if the 
toplevel for the window (in this case the plug) has GTK_ANCHORED set.
If hierarchy-changed is not received when destroying the system tray slot 
socket, then socket_update_active() callback would not be removed
and we would get a crash like this.

That has to be crack though because it doesn't explain why it only happens
sometimes; you'd expect it to crash any time you focused the 
applet after removing a tray icon. Probably 3am nonsense.


Comment 4 Owen Taylor 2003-02-25 16:14:32 UTC
In general, the ANCHORED flag is set on GtkPlug; it inherits from
GtkWindow and GtkWindow sets it in it's _init(). There might
be some problems if you reused a plug from in-process 
out-of-process. I'm not we update the flag properly when 
we make the GtkPlug a toplevel again, but that shouldn't matter
here.

Comment 5 Alexander Larsson 2003-10-10 10:34:40 UTC
Isn't this bug just the 1 pixel wide bug which has been fixed?


Comment 6 Matt Wilson 2003-10-21 20:11:17 UTC
yea, I've not been able to reproduce it anymore.



Note You need to log in before you can comment on or make changes to this bug.