valgrind: invalid read errors in widget_notify_cb()

using the current natty version (which is basically a trunk build)

* run gconf-editor
* use the appmenu to open a new dialog
* close the dialog using the menu entry (valgrind slow down things enough that you can do that before the dialog has actually open if that makes a difference)

the valgrind log:

"==18129== Invalid read of size 4
==18129== at 0x45819D6: g_type_check_instance_is_a (gtype.c:3952)
==18129== by 0x6640EFD: widget_notify_cb (parser.c:807)
==18129== by 0x4577E47: g_cclosure_marshal_VOID__PARAM (gmarshal.c:533)
==18129== by 0x455B351: g_closure_invoke (gclosure.c:767)
==18129== by 0x456E047: signal_emit_unlocked_R (gsignal.c:3252)
==18129== by 0x4576B28: g_signal_emit_valist (gsignal.c:2983)
==18129== by 0x4576CC1: g_signal_emit (gsignal.c:3040)
==18129== by 0x455D0C0: g_object_dispatch_properties_changed (gobject.c:925)
==18129== by 0x455C3CE: g_object_notify_dispatcher (gobject.c:330)
==18129== by 0x45601E0: g_object_thaw_notify (gobjectnotifyqueue.c:132)
==18129== by 0x42EAC2C: gtk_widget_unparent (gtkwidget.c:3129)
==18129== by 0x41C4899: gtk_menu_shell_remove (gtkmenushell.c:1146)
==18129== by 0x41B6A2F: gtk_menu_remove (gtkmenu.c:1312)
==18129== by 0x4578087: g_cclosure_marshal_VOID__OBJECT (gmarshal.c:638)
==18129== by 0x4559CA6: g_type_class_meta_marshal (gclosure.c:878)
==18129== by 0x455B351: g_closure_invoke (gclosure.c:767)
==18129== by 0x456D7B5: signal_emit_unlocked_R (gsignal.c:3182)
==18129== by 0x4576B28: g_signal_emit_valist (gsignal.c:2983)
==18129== by 0x4576CC1: g_signal_emit (gsignal.c:3040)
==18129== by 0x4123C90: gtk_container_remove (gtkcontainer.c:1260)
==18129== by 0x42EDE7C: gtk_widget_dispose (gtkwidget.c:8763)
==18129== by 0x41C180F: gtk_menu_item_dispose (gtkmenuitem.c:482)
==18129== by 0x455EBEE: g_object_run_dispose (gobject.c:945)
==18129== by 0x41DCB4D: gtk_object_destroy (gtkobject.c:406)
==18129== by 0x41C4016: gtk_menu_shell_forall (gtkmenushell.c:1171)
==18129== by 0x4124873: gtk_container_foreach (gtkcontainer.c:1554)
==18129== by 0x412594D: gtk_container_destroy (gtkcontainer.c:1093)
==18129== by 0x41BC9DC: gtk_menu_destroy (gtkmenu.c:1141)
==18129== by 0x457748B: g_cclosure_marshal_VOID__VOID (gmarshal.c:79)
==18129== by 0x4559CA6: g_type_class_meta_marshal (gclosure.c:878)
==18129== by 0x455B27F: g_closure_invoke (gclosure.c:767)
==18129== by 0x456DA48: signal_emit_unlocked_R (gsignal.c:3368)
==18129== by 0x4576B28: g_signal_emit_valist (gsignal.c:2983)
==18129== by 0x4576CC1: g_signal_emit (gsignal.c:3040)
==18129== by 0x41DBF90: gtk_object_dispose (gtkobject.c:421)
==18129== by 0x42EDEA3: gtk_widget_dispose (gtkwidget.c:8771)
==18129== Address 0x7c48f08 is 0 bytes inside a block of size 40 free'd
==18129== at 0x40259E0: free (vg_replace_malloc.c:366)
==18129== by 0x45DDDE5: g_free (gmem.c:263)
==18129== by 0x45F5D12: g_slice_free1 (gslice.c:907)
==18129== by 0x4580857: g_type_free_instance (gtype.c:1934)
==18129== by 0x455C976: g_object_unref (gobject.c:2747)
==18129== by 0x66497C1: dbusmenu_menuitem_dispose (menuitem.c:330)
==18129== by 0x455C8A2: g_object_unref (gobject.c:2697)
==18129== by 0x664F7F9: dbusmenu_server_dispose (server.c:376)
==18129== by 0x455C8A2: g_object_unref (gobject.c:2697)
==18129== by 0x6444115: toplevel_destroyed (bridge.c:176)
==18129== by 0x457748B: g_cclosure_marshal_VOID__VOID (gmarshal.c:79)
==18129== by 0x455B351: g_closure_invoke (gclosure.c:767)
==18129== by 0x456E047: signal_emit_unlocked_R (gsignal.c:3252)
==18129== by 0x4576B28: g_signal_emit_valist (gsignal.c:2983)
==18129== by 0x4576CC1: g_signal_emit (gsignal.c:3040)
==18129== by 0x41DBF90: gtk_object_dispose (gtkobject.c:421)
==18129== by 0x42EDEA3: gtk_widget_dispose (gtkwidget.c:8771)
==18129== by 0x42F8E85: gtk_window_dispose (gtkwindow.c:2290)
==18129== by 0x455EBEE: g_object_run_dispose (gobject.c:945)
==18129== by 0x41DCB4D: gtk_object_destroy (gtkobject.c:406)
==18129== by 0x457748B: g_cclosure_marshal_VOID__VOID (gmarshal.c:79)
==18129== by 0x455B351: g_closure_invoke (gclosure.c:767)
==18129== by 0x456E047: signal_emit_unlocked_R (gsignal.c:3252)
==18129== by 0x4576B28: g_signal_emit_valist (gsignal.c:2983)
==18129== by 0x4576CC1: g_signal_emit (gsignal.c:3040)
==18129== by 0x40D8BE4: _gtk_action_emit_activate (gtkaction.c:794)
==18129== by 0x40D960C: gtk_action_activate (gtkaction.c:824)
==18129== by 0x457748B: g_cclosure_marshal_VOID__VOID (gmarshal.c:79)
==18129== by 0x4559CA6: g_type_class_meta_marshal (gclosure.c:878)
==18129== by 0x455B351: g_closure_invoke (gclosure.c:767)
==18129== by 0x456D7B5: signal_emit_unlocked_R (gsignal.c:3182)
==18129== by 0x4576B28: g_signal_emit_valist (gsignal.c:2983)
==18129== by 0x4576CC1: g_signal_emit (gsignal.c:3040)
==18129== by 0x41C1ED9: gtk_menu_item_activate (gtkmenuitem.c:917)
==18129== by 0x6641283: item_activated (parser.c:736)
==18129== by 0x4577847: g_cclosure_marshal_VOID(unsigned intXX_t) (gmarshal.c:253)"