Carl Worth wrote:
> On Thu, 27 Jul 2006 01:06:43 +0200, Attilio Fiandrotti wrote:
>
>>I think cairodfb or gdkdfb must previously have corrupted memory
>>somewhere, but i can't detect when nor where: can anyone reproduce this
>>or give me an hint about how to catch it?
>
>
> Have you tried running the program under valgrind? Something like:
yes, and below is what vg tells me.
From a previous test using gdb (see log under vg's log) i noticed the
stack was messed up, and going back from gtk_target_table_free() i found
the gtk_text_layout_set_buffer() problem i reported about.
Note i often (but not always) get other strange crashes, like when i
resize a window and the gtk app was linked using efence (i think efence
unveils silent memory corruptions)
Attilio
*** vg output ***
==5444== Invalid free() / delete / delete[]
==5444== at 0x401D139: free (vg_replace_malloc.c:233)
==5444== by 0x45A0320: g_free (gmem.c:187)
==5444== by 0x4233ADC: gtk_target_table_free (gtkselection.c:621)
==5444== by 0x4271C64: gtk_text_buffer_free_target_lists
(gtktextbuffer.c:3927)
==5444== by 0x426C406: gtk_text_buffer_finalize (gtktextbuffer.c:592)
==5444== by 0x4546EED: g_object_unref (gobject.c:1762)
==5444== by 0x42804D2: gtk_text_layout_set_buffer (gtktextlayout.c:312)
==5444== by 0x4280203: gtk_text_layout_finalize (gtktextlayout.c:245)
==5444== by 0x4546EED: g_object_unref (gobject.c:1762)
==5444== by 0x4295D30: gtk_text_view_destroy_layout (gtktextview.c:5953)
==5444== by 0x4290397: gtk_text_view_destroy (gtktextview.c:2540)
==5444== by 0x4553D67: g_cclosure_marshal_VOID__VOID (gmarshal.c:77)
==5444== by 0x45418E8: g_type_class_meta_marshal (gclosure.c:567)
==5444== by 0x4541614: g_closure_invoke (gclosure.c:490)
==5444== by 0x4553507: signal_emit_unlocked_R (gsignal.c:2554)
==5444== by 0x455295B: g_signal_emit_valist (gsignal.c:2197)
==5444== by 0x4552BE5: g_signal_emit (gsignal.c:2241)
==5444== by 0x41F7C94: gtk_object_dispose (gtkobject.c:418)
==5444== by 0x42F80A3: gtk_widget_dispose (gtkwidget.c:6873)
==5444== by 0x4543A80: g_object_run_dispose (gobject.c:571)
==5444== by 0x41F7C0A: gtk_object_destroy (gtkobject.c:403)
==5444== by 0x42F1294: gtk_widget_destroy (gtkwidget.c:2158)
==5444== by 0x410027B: gtk_bin_forall (gtkbin.c:133)
==5444== by 0x423203B: gtk_scrolled_window_forall
(gtkscrolledwindow.c:986)
==5444== by 0x41414B9: gtk_container_foreach (gtkcontainer.c:1288)
==5444== by 0x414070D: gtk_container_destroy (gtkcontainer.c:825)
==5444== by 0x4231964: gtk_scrolled_window_destroy
(gtkscrolledwindow.c:780)
==5444== by 0x4553D67: g_cclosure_marshal_VOID__VOID (gmarshal.c:77)
==5444== by 0x45418E8: g_type_class_meta_marshal (gclosure.c:567)
==5444== by 0x4541614: g_closure_invoke (gclosure.c:490)
==5444== by 0x4553507: signal_emit_unlocked_R (gsignal.c:2554)
==5444== by 0x455295B: g_signal_emit_valist (gsignal.c:2197)
==5444== by 0x4552BE5: g_signal_emit (gsignal.c:2241)
==5444== by 0x41F7C94: gtk_object_dispose (gtkobject.c:418)
==5444== by 0x42F80A3: gtk_widget_dispose (gtkwidget.c:6873)
==5444== by 0x4543A80: g_object_run_dispose (gobject.c:571)
==5444== by 0x41F7C0A: gtk_object_destroy (gtkobject.c:403)
==5444== by 0x42F1294: gtk_widget_destroy (gtkwidget.c:2158)
==5444== by 0x410027B: gtk_bin_forall (gtkbin.c:133)
==5444== by 0x41414B9: gtk_container_foreach (gtkcontainer.c:1288)
==5444== by 0x414070D: gtk_container_destroy (gtkcontainer.c:825)
==5444== by 0x4300129: gtk_window_destroy (gtkwindow.c:3954)
==5444== by 0x4553D67: g_cclosure_marshal_VOID__VOID (gmarshal.c:77)
==5444== by 0x45418E8: g_type_class_meta_marshal (gclosure.c:567)
==5444== by 0x4541614: g_closure_invoke (gclosure.c:490)
==5444== by 0x4553507: signal_emit_unlocked_R (gsignal.c:2554)
==5444== by 0x455295B: g_signal_emit_valist (gsignal.c:2197)
==5444== by 0x4552BE5: g_signal_emit (gsignal.c:2241)
==5444== by 0x41F7C94: gtk_object_dispose (gtkobject.c:418)
==5444== by 0x42F80A3: gtk_widget_dispose (gtkwidget.c:6873)
==5444== Address 0x43C28A7 is not stack'd, malloc'd or (recently) free'd
** gdb trace **
Breakpoint 1, 0xa7cf2aa6 in IA__gtk_target_table_free
(targets=0x8162f58, n_targets=135671640) at gtkselection.c:615
615 {
p n_targets -> $14 = 135671640
#0 0xa7cf2aa6 in IA__gtk_target_table_free (targets=0x8162f58,
n_targets=135671640) at gtkselection.c:615
#1 0xa7d30c65 in gtk_text_buffer_free_target_lists (buffer=0x8162f58)
at gtktextbuffer.c:3927
(More stack frames follow...)
#1 0xa7d30c65 in gtk_text_buffer_free_target_lists (buffer=0x8162f58)
at gtktextbuffer.c:3927
3927 gtk_target_table_free (priv->paste_target_entries,
3922 if (priv->paste_target_list)
3923 {
3924 gtk_target_list_unref (priv->paste_target_list);
3925 priv->paste_target_list = NULL;
3926
3927 gtk_target_table_free (priv->paste_target_entries,
3928 priv->n_paste_target_entries);
3929 priv->paste_target_entries = NULL;
3930 priv->n_paste_target_entries = 0;
3931 }
p priv->n_paste_target_entries -> $15 = 8
p &priv->n_paste_target_entries -> $16 = (gint *) 0x8185ad4
#0 0xa7cf2aa6 in IA__gtk_target_table_free (targets=0x8162f58,
n_targets=135671640) at gtkselection.c:615
615 {
Stack level 0, frame at 0xafb41bf0:
eip = 0xa7cf2aa6 in IA__gtk_target_table_free (gtkselection.c:615);
saved eip 0xa7d30c65
called by frame at 0xafb41c10
source language c.
Arglist at 0xafb41be8, args: targets=0x8162f58, n_targets=135671640
Locals at 0xafb41be8, Previous frame's sp is 0xafb41bf0
Saved registers:
ebp at 0xafb41be8, eip at 0xafb41bec
_______________________________________________
gtk-devel-list mailing list
gtk-devel-list@gnome.org
http://mail.gnome.org/mailman/listinfo/gtk-devel-list
