Ubuntu
libdbusmenu package

indicator-applet-appmenu crashed with SIGSEGV in gtk_menu_item_paint()

Bug #758759 reported by Michael Terry
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
DBus Menu
Fix Released
Undecided
Unassigned
DBus Menu 0.4.3
libdbusmenu (Ubuntu)
Fix Released
Undecided
Michael Terry

Bug Description

Binary package hint: indicator-application

Reproduction steps (thanks to Achim):
1) Install Gnome Commander
2) Run it and maximize it
3) Ensure that you have a folder in your Bookmarks (i.e. add one if you haven't before)
4) Now in the menu (on the Panel) go with your mouse cursor to Bookmarks.
5) Nothing really appears now, wait a second (your hope, you will see something) - and: Crash.

ProblemType: Crash
DistroRelease: Ubuntu 11.04
Package: indicator-application 0.3.1-0ubuntu2
ProcVersionSignature: Ubuntu 2.6.38-8.42-generic 2.6.38.2
Uname: Linux 2.6.38-8-generic x86_64
Architecture: amd64
CrashCounter: 1
Date: Tue Apr 12 09:26:26 2011
ExecutablePath: /usr/lib/indicator-applet/indicator-applet-appmenu
ProcCmdline: /usr/lib/indicator-applet/indicator-applet-appmenu
ProcEnviron:
 SHELL=/bin/bash
 LC_MESSAGES=en_US.UTF-8
 PATH=(custom, user)
 LANGUAGE=en_US:en
 LANG=en_GB.utf8
SegvAnalysis:
 Segfault happened at: 0x7ffe85e4de9b <gtk_menu_item_expose+539>: mov 0x30(%rdx),%rdx
 PC (0x7ffe85e4de9b) ok
 source "0x30(%rdx)" (0x00000030) not located in a known VMA region (needed readable region)!
 destination "%rdx" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: indicator-application
StacktraceTop:
 gtk_menu_item_paint (widget=0xc95440, event=0xe9b670) at /build/buildd/gtk+2.0-2.24.4/gtk/gtkmenuitem.c:1284
 gtk_menu_item_expose (widget=0xc95440, event=0xe9b670) at /build/buildd/gtk+2.0-2.24.4/gtk/gtkmenuitem.c:1361
 _gtk_marshal_BOOLEAN__BOXED (closure=0xab9840, return_value=0x7fffc021d2e0, n_param_values=<value optimized out>, param_values=0xd37b20, invocation_hint=<value optimized out>, marshal_data=<value optimized out>) at /build/buildd/gtk+2.0-2.24.4/gtk/gtkmarshalers.c:86
 g_closure_invoke (closure=0xab9840, return_value=0x7fffc021d2e0, n_param_values=2, param_values=0xd37b20, invocation_hint=0x7fffc021d2a0) at /build/buildd/glib2.0-2.28.5/./gobject/gclosure.c:767
 signal_emit_unlocked_R (node=<value optimized out>, detail=0, instance=0xc95440, emission_return=0x7fffc021d450, instance_and_params=0xd37b20) at /build/buildd/glib2.0-2.28.5/./gobject/gsignal.c:3290
Title: indicator-applet-appmenu crashed with SIGSEGV in gtk_menu_item_paint()
UpgradeStatus: Upgraded to natty on 2010-09-28 (196 days ago)
UserGroups: adm admin cdrom dialout dip fax floppy fuse lpadmin plugdev sambashare tape video

Related branches

lp:~mterry/libdbusmenu/758759
DBus Menu Team: Pending requested
Diff: 111 lines (+43/-13)
1 file modified
libdbusmenu-gtk/parser.c (+43/-13)
lp:~dbusmenu-team/libdbusmenu/ubuntu
Ken VanDine: Disapprove
Diff: 244 lines (+69/-22)
8 files modified
ChangeLog (+28/-0)
configure (+11/-11)
configure.ac (+3/-3)
debian/changelog (+10/-0)
docs/libdbusmenu-glib/reference/version.xml (+1/-1)
docs/libdbusmenu-gtk/reference/version.xml (+1/-1)
libdbusmenu-gtk/client.c (+14/-6)
libdbusmenu-gtk/genericmenuitem.c (+1/-0)
Superseded for merging into lp:libdbusmenu/0.5
Ken VanDine: Pending requested
Diff: 67319 lines (+66205/-527)
110 files modified
.bzrignore (+0/-229)
AUTHORS (+17/-0)
ChangeLog (+5918/-0)
Makefile.in (+821/-0)
aclocal.m4 (+10063/-0)
autogen.sh (+0/-12)
compile (+143/-0)
config.guess (+1502/-0)
config.h.in (+86/-0)
config.sub (+1714/-0)
configure (+16483/-0)
debian/changelog (+657/-0)
debian/control (+225/-0)
debian/copyright (+40/-0)
debian/gir1.2-dbusmenu-glib-0.4.install (+1/-0)
debian/gir1.2-dbusmenu-gtk-0.4.install (+1/-0)
debian/gir1.2-dbusmenu-gtk3-0.4.install (+1/-0)
debian/libdbusmenu-glib-dev.install (+6/-0)
debian/libdbusmenu-glib-doc.install (+1/-0)
debian/libdbusmenu-glib3.install (+1/-0)
debian/libdbusmenu-gtk-dev.install (+6/-0)
debian/libdbusmenu-gtk-doc.install (+1/-0)
debian/libdbusmenu-gtk3-3.install (+1/-0)
debian/libdbusmenu-gtk3-dev.install (+5/-0)
debian/libdbusmenu-gtk3.install (+1/-0)
debian/libdbusmenu-jsonloader-dev.install (+4/-0)
debian/libdbusmenu-jsonloader3.install (+1/-0)
debian/libdbusmenu-tools.install (+3/-0)
debian/rules (+45/-0)
debian/source/format (+1/-0)
debian/watch (+2/-0)
depcomp (+630/-0)
docs/Makefile.in (+613/-0)
docs/libdbusmenu-glib/Makefile.in (+613/-0)
docs/libdbusmenu-glib/reference/Makefile.in (+689/-0)
docs/libdbusmenu-glib/reference/html/annotation-glossary.html (+71/-0)
docs/libdbusmenu-glib/reference/html/api-index-full.html (+406/-0)
docs/libdbusmenu-glib/reference/html/ch01.html (+48/-0)
docs/libdbusmenu-glib/reference/html/index.html (+46/-0)
docs/libdbusmenu-glib/reference/html/index.sgml (+120/-0)
docs/libdbusmenu-glib/reference/html/libdbusmenu-glib-DbusmenuClient.html (+427/-0)
docs/libdbusmenu-glib/reference/html/libdbusmenu-glib-DbusmenuClientMenuitem.html (+92/-0)
docs/libdbusmenu-glib/reference/html/libdbusmenu-glib-DbusmenuMenuitem.html (+1326/-0)
docs/libdbusmenu-glib/reference/html/libdbusmenu-glib-DbusmenuMenuitemProxy.html (+154/-0)
docs/libdbusmenu-glib/reference/html/libdbusmenu-glib-DbusmenuServer.html (+260/-0)
docs/libdbusmenu-glib/reference/html/libdbusmenu-glib.devhelp (+109/-0)
docs/libdbusmenu-glib/reference/html/libdbusmenu-glib.devhelp2 (+109/-0)
docs/libdbusmenu-glib/reference/html/object-tree.html (+32/-0)
docs/libdbusmenu-glib/reference/html/style.css (+266/-0)
docs/libdbusmenu-glib/reference/tmpl/client-menuitem.sgml (+52/-0)
docs/libdbusmenu-glib/reference/tmpl/client.sgml (+168/-0)
docs/libdbusmenu-glib/reference/tmpl/menuitem-proxy.sgml (+57/-0)
docs/libdbusmenu-glib/reference/tmpl/menuitem.sgml (+520/-0)
docs/libdbusmenu-glib/reference/tmpl/server.sgml (+112/-0)
docs/libdbusmenu-glib/reference/version.xml (+1/-0)
docs/libdbusmenu-glib/reference/xml/annotation-glossary.xml (+64/-0)
docs/libdbusmenu-glib/reference/xml/api-index-deprecated.xml (+8/-0)
docs/libdbusmenu-glib/reference/xml/api-index-full.xml (+105/-0)
docs/libdbusmenu-glib/reference/xml/client-menuitem.xml (+70/-0)
docs/libdbusmenu-glib/reference/xml/client.xml (+322/-0)
docs/libdbusmenu-glib/reference/xml/menuitem-proxy.xml (+103/-0)
docs/libdbusmenu-glib/reference/xml/menuitem.xml (+915/-0)
docs/libdbusmenu-glib/reference/xml/server.xml (+199/-0)
docs/libdbusmenu-gtk/Makefile.in (+613/-0)
docs/libdbusmenu-gtk/reference/Makefile.in (+685/-0)
docs/libdbusmenu-gtk/reference/html/api-index-full.html (+122/-0)
docs/libdbusmenu-gtk/reference/html/ch01.html (+42/-0)
docs/libdbusmenu-gtk/reference/html/index.html (+39/-0)
docs/libdbusmenu-gtk/reference/html/index.sgml (+33/-0)
docs/libdbusmenu-gtk/reference/html/libdbusmenu-gtk-DbusmenuGtkClient.html (+316/-0)
docs/libdbusmenu-gtk/reference/html/libdbusmenu-gtk-DbusmenuGtkMenu.html (+169/-0)
docs/libdbusmenu-gtk/reference/html/libdbusmenu-gtk-menuitem.html (+256/-0)
docs/libdbusmenu-gtk/reference/html/libdbusmenu-gtk.devhelp (+36/-0)
docs/libdbusmenu-gtk/reference/html/libdbusmenu-gtk.devhelp2 (+36/-0)
docs/libdbusmenu-gtk/reference/html/object-tree.html (+42/-0)
docs/libdbusmenu-gtk/reference/html/style.css (+266/-0)
docs/libdbusmenu-gtk/reference/libdbusmenu-gtk-sections.txt (+70/-0)
docs/libdbusmenu-gtk/reference/libdbusmenu-gtk.types (+3/-0)
docs/libdbusmenu-gtk/reference/tmpl/client.sgml (+115/-0)
docs/libdbusmenu-gtk/reference/tmpl/genericmenuitem.sgml (+22/-0)
docs/libdbusmenu-gtk/reference/tmpl/libdbusmenu-gtk-unused.sgml (+118/-0)
docs/libdbusmenu-gtk/reference/tmpl/menu.sgml (+67/-0)
docs/libdbusmenu-gtk/reference/tmpl/menuitem.sgml (+84/-0)
docs/libdbusmenu-gtk/reference/version.xml (+1/-0)
docs/libdbusmenu-gtk/reference/xml/api-index-deprecated.xml (+8/-0)
docs/libdbusmenu-gtk/reference/xml/api-index-full.xml (+33/-0)
docs/libdbusmenu-gtk/reference/xml/client.xml (+214/-0)
docs/libdbusmenu-gtk/reference/xml/genericmenuitem.xml (+36/-0)
docs/libdbusmenu-gtk/reference/xml/menu.xml (+118/-0)
docs/libdbusmenu-gtk/reference/xml/menuitem.xml (+165/-0)
install-sh (+520/-0)
libdbusmenu-glib/Doxyfile (+0/-257)
libdbusmenu-glib/Makefile.in (+958/-0)
libdbusmenu-glib/client-marshal.c (+131/-0)
libdbusmenu-glib/client-marshal.h (+28/-0)
libdbusmenu-glib/dbus-menu-clean.xml.c (+132/-0)
libdbusmenu-glib/dbus-menu-clean.xml.h (+1/-0)
libdbusmenu-glib/menuitem-marshal.c (+170/-0)
libdbusmenu-glib/menuitem-marshal.h (+45/-0)
libdbusmenu-glib/server-marshal.c (+164/-0)
libdbusmenu-glib/server-marshal.h (+36/-0)
libdbusmenu-gtk/Makefile.in (+1005/-0)
ltmain.sh (+8413/-0)
missing (+376/-0)
mkinstalldirs (+162/-0)
po/Makefile.in.in (+217/-0)
tests/Makefile.in (+2204/-0)
tools/Makefile.in (+858/-0)
tools/testapp/CMakeLists.txt (+0/-29)
tools/testapp/Makefile.in (+619/-0)
lp:ubuntu/natty/libdbusmenu
Revision history for this message
Michael Terry (mterry) wrote :
visibility: private → public
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 gtk_menu_item_paint (widget=0xc95440, event=0xe9b670) at /build/buildd/gtk+2.0-2.24.4/gtk/gtkmenuitem.c:1284
 gtk_menu_item_expose (widget=0xc95440, event=0xe9b670) at /build/buildd/gtk+2.0-2.24.4/gtk/gtkmenuitem.c:1361
 _gtk_marshal_BOOLEAN__BOXED (closure=0xab9840, return_value=0x7fffc021d2e0, n_param_values=<value optimized out>, param_values=0xd37b20, invocation_hint=<value optimized out>, marshal_data=<value optimized out>) at /build/buildd/gtk+2.0-2.24.4/gtk/gtkmarshalers.c:86
 g_closure_invoke (closure=0xab9840, return_value=0x7fffc021d2e0, n_param_values=2, param_values=0xd37b20, invocation_hint=0x7fffc021d2a0) at /build/buildd/glib2.0-2.28.5/./gobject/gclosure.c:767
 signal_emit_unlocked_R (node=<value optimized out>, detail=0, instance=0xc95440, emission_return=0x7fffc021d450, instance_and_params=0xd37b20) at /build/buildd/glib2.0-2.28.5/./gobject/gsignal.c:3290

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in indicator-application (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace
Revision history for this message
Michael Terry (mterry) wrote :

So the problem here is:

1) GNOME Commander creates an empty GtkMenuItem and adds it to the menu then adds a manually created GtkLabel to the item.
2) dbusmenu handles situations *like* this, but not exactly this -- it isn't watching for child additions, rather it watches the "label" property of the GtkMenuItem, which isn't being set here.
3) dbusmenu ends up creating a menu item with a submenu but no actual child content itself which crashes GTK.

Working on it.

affects: indicator-application (Ubuntu) → libdbusmenu (Ubuntu)
Changed in libdbusmenu (Ubuntu):
assignee: nobody → Michael Terry (mterry)
importance: Medium → Undecided
status: New → In Progress
Ted Gould (ted)
Changed in dbusmenu:
status: New → Fix Committed
milestone: none → 0.4.3
Ted Gould (ted)
Changed in dbusmenu:
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libdbusmenu - 0.4.3-0ubuntu1

---------------
libdbusmenu (0.4.3-0ubuntu1) natty; urgency=low

  [ Ken VanDine ]
  * debian/rules
    - Fixed package names in build targets (LP: #760102)
    - Dropped makeshlibs in favor of symbols files
  * +debian/libdbusmenu-glib3.symbols
  * +debian/libdbusmenu-gtk3-3.symbols
  * +debian/libdbusmenu-gtk3.symbols

  [ Ted Gould ]
  * New upstream release.
    ∘ Handle cases where labels are added later as subwidgets
      in the menuitem (LP: #758759)
    ∘ Fix the destruction of the attached GTK menuitem (LP: #746091)
    ∘ Guard against an activation that does not actually have an
      associated menu-hide (LP: #750588)
 -- Ted Gould <email address hidden> Thu, 14 Apr 2011 16:49:13 -0500

Changed in libdbusmenu (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.