Comment 8 for bug 1053862
Revision history for this message
| Michael Terry (mterry) wrote Re: nautilus crashed with SIGSEGV in g_list_foreach() | #8 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
I believe I've found why this happens. Or at least, one way it *could* happen. With a very similar stacktrace.
While a GtkUIManager is updating its dynamic elements, and it destroys a menu item, any signal handlers for that destruction might further modify the UIManager. And the current code is poorly equipped to handle the node structure changing out from under it while it is in update_node.
See attached test program. It triggers two similar bugs: (1) deleting the next sibling in the destruction handler and (2) deleting the parent node in the destruction handler.
I haven't confirmed that either of these issues is this same exact crash in nautilus yet. But it sounds reasonable, and has a similar stacktrace.
Run the program like so:
valac --pkg gtk+-3.0 test.vala && G_SLICE=
The first bug you hit will be the sibling one. Unless you comment out that function call in the test, you won't ever get to the parent bug because you'll keep crashing.