Comment 0 for bug 926889

In Bluefish we get a lot of bugreports from users on Ubuntu 11.10 that have a segfault and all backtraces have something weird: a GtkTreeModelSort is calling it's sort function after the model has been unreffed by bluefish already.

This behaviour cannot be reproduced on Fedora 16 which also has Gtk-3.2.

Checking with libgobject-list (from http://people.gnome.org/~mortenw/gobject-list.c) reveals that on Ubuntu there is a GtkTreeModelSort leaking, that is not leaking on Fedora 16.

After a gdb breakpoint g_object_ref and g_object_unref with a condition object == 0x123123123 (the pointer of the GtkTreeModelSort) and doing a backtrace for each break, I found which function does not clean it's reference count:

Breakpoint 2, g_object_ref (object=0xaebbb0) at gobject-list.c:642
642 GObject *obj = G_OBJECT (object);
#0 g_object_ref (object=0xaebbb0) at gobject-list.c:642
#1 0x00007ffff7548abd in gtk_tree_row_reference_new_proxy (proxy=0xaebbb0,
    model=0xaebbb0, path=0x1942660)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtktreemodel.c:2300
#2 0x00007ffff75dae49 in cell_info_new (accessible=0x196f820, tree_model=0xaebbb0,
    path=0x1942660, tv_col=0x746bc0, cell=0x1908dc0)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/a11y/gtktreeviewaccessible.c:3227
#3 0x00007ffff75de929 in gtk_tree_view_accessible_ref_child (obj=0x196f820, i=18)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/a11y/gtktreeviewaccessible.c:563
#4 0x00007ffff75de608 in focus_in (widget=0xaba3c0)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/a11y/gtktreeviewaccessible.c:1939
#5 0x00007ffff7456f08 in _gtk_marshal_BOOLEAN__BOXED (closure=0x1930ca0,
    return_value=0x7fffffffd640, n_param_values=<optimized out>, param_values=0x1720980,
    invocation_hint=<optimized out>, marshal_data=<optimized out>)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmarshalers.c:85
#6 0x00007ffff61d00a4 in g_closure_invoke (closure=0x1930ca0,
    return_value=0x7fffffffd640, n_param_values=2, param_values=0x1720980,
    invocation_hint=<optimized out>)
    at /build/buildd/glib2.0-2.30.0/./gobject/gclosure.c:774
#7 0x00007ffff61e202a in signal_emit_unlocked_R (node=<optimized out>, detail=0,
    instance=0xaba3c0, emission_return=0x7fffffffd7a0, instance_and_params=0x1720980)
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3272
#8 0x00007ffff61eb483 in g_signal_emit_valist (instance=<optimized out>,
    signal_id=<optimized out>, detail=<optimized out>, var_args=<optimized out>)
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3013
#9 0x00007ffff61eb852 in g_signal_emit (instance=<optimized out>,
    signal_id=<optimized out>, detail=<optimized out>)
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3060
#10 0x00007ffff7584fe9 in gtk_widget_event_internal (widget=0xaba3c0, event=0x1912930)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwidget.c:6132
#11 0x00007ffff7591492 in gtk_widget_send_focus_change (widget=0xaba3c0, event=0x1912930)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwidget.c:14204
#12 0x00007ffff75968d0 in do_focus_change (widget=0xaba3c0, in=1)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c:6009
#13 0x00007ffff75a2149 in _gtk_window_set_is_active (window=0x6fa170, is_active=1)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c:9377
#14 0x00007ffff75a25ea in gtk_window_focus_in_event (widget=0x6fa170,
    event=<optimized out>) at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c:6063
#15 gtk_window_focus_in_event (widget=0x6fa170, event=<optimized out>)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwindow.c:6049
#16 0x00007ffff7456f08 in _gtk_marshal_BOOLEAN__BOXED (closure=0x6d5a90,
    return_value=0x7fffffffdb80, n_param_values=<optimized out>, param_values=0x1944010,
    invocation_hint=<optimized out>, marshal_data=<optimized out>)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmarshalers.c:85
#17 0x00007ffff61d00a4 in g_closure_invoke (closure=0x6d5a90,
    return_value=0x7fffffffdb80, n_param_values=2, param_values=0x1944010,
    invocation_hint=<optimized out>)
    at /build/buildd/glib2.0-2.30.0/./gobject/gclosure.c:774
#18 0x00007ffff61e1e5f in signal_emit_unlocked_R (node=<optimized out>, detail=0,
    instance=0x6fa170, emission_return=0x7fffffffdce0, instance_and_params=0x1944010)
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3310
#19 0x00007ffff61eb483 in g_signal_emit_valist (instance=<optimized out>,
    signal_id=<optimized out>, detail=<optimized out>, var_args=<optimized out>)
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3013
#20 0x00007ffff61eb852 in g_signal_emit (instance=<optimized out>,
    signal_id=<optimized out>, detail=<optimized out>)
    at /build/buildd/glib2.0-2.30.0/./gobject/gsignal.c:3060
#21 0x00007ffff7584fe9 in gtk_widget_event_internal (widget=0x6fa170, event=0x1912bb0)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkwidget.c:6132
#22 0x00007ffff7456da3 in gtk_main_do_event (event=0x1912bb0)
    at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmain.c:1835
#23 0x00007ffff70cf102 in gdk_event_source_dispatch (source=<optimized out>,
    callback=<optimized out>, user_data=<optimized out>)
    at /build/buildd/gtk+3.0-3.2.0/./gdk/x11/gdkeventsource.c:360
#24 0x00007ffff55a0a5d in g_main_dispatch (context=0x709090)
    at /build/buildd/glib2.0-2.30.0/./glib/gmain.c:2441
#25 g_main_context_dispatch (context=0x709090)
    at /build/buildd/glib2.0-2.30.0/./glib/gmain.c:3011
#26 0x00007ffff55a1258 in g_main_context_iterate (context=0x709090,
    block=<optimized out>, dispatch=1, self=<optimized out>)
    at /build/buildd/glib2.0-2.30.0/./glib/gmain.c:3089
#27 0x00007ffff55a1792 in g_main_loop_run (loop=0x7fde50)
    at /build/buildd/glib2.0-2.30.0/./glib/gmain.c:3297
#28 0x00007ffff7455ecd in gtk_main () at /build/buildd/gtk+3.0-3.2.0/./gtk/gtkmain.c:1367
#29 0x0000000000422aff in main (argc=1, argv=0x7fffffffe218) at bluefish.c:402

I don't know what causes this leak. It might be Ubuntu specific patches on gtk, the gtk theme that Ubuntu is using, or accesibility settings that default to a different value on Ubuntu (both on Ubuntu and Fedora I did not change any accessibility option from the default setting).