Discussion:
One more crash
Andrius
2013-10-23 15:02:06 UTC
Permalink
This one will be difficult to reproduce and fix. Something similar I was getting with old version of filebrowser, but it a little bit different situation.

On my system I am getting it by following sequence:
1. Start bf without project (I mean do not open any project, just go to main bf window). Filebrowser should be in tree mode, if not, switch to it.
2. From dir menu select some new directory, different from $HOME. The directory should contain mixed content - directories and files. The more files, the better.

3. Set selected directory as new basedir. Now without doing anything else exit bf.
4. Now start bf without project -> there is crash.

The crash does not happens every time I start bf. Probability is something like 50%, I guess it might depend on content of directory. With gdb the crash does not happens. Its really weird.
In the log file I am seeing:


** (bluefish-bin:23335): WARNING **: filetreemodel_get_value, called with invalid iter 0x7fff5ae54808


(bluefish-bin:23335): GLib-GObject-WARNING **: gtype.c:4215: type id '0' is invalid

(bluefish-bin:23335): GLib-GObject-WARNING **: can't peek value table for type '<invalid>' which is not currently referenced


Backtrace is:


0   libgtk-3.0.dylib                  0x0000000105219307 gtk_tree_model_get_valist + 583
1   libgtk-3.0.dylib                  0x00000001052190aa gtk_tree_model_get + 554
2   bluefish-bin                      0x00000001049eaefe tree_model_filter_func + 110
3   libgtk-3.0.dylib                  0x000000010521d11e gtk_tree_model_filter_real_visible + 78
4   libgtk-3.0.dylib                  0x000000010521d221 gtk_tree_model_filter_visible + 65
5   libgtk-3.0.dylib                  0x000000010521d56b gtk_tree_model_filter_check_ancestors + 331
6   libgtk-3.0.dylib                  0x000000010521fd9e gtk_tree_model_filter_row_deleted + 1486
7   libgobject-2.0.0.dylib            0x0000000105b6114d g_cclosure_marshal_VOID__BOXED + 237
8   libgobject-2.0.0.dylib            0x0000000105b5b1f2 g_closure_invoke + 546
9   libgobject-2.0.0.dylib            0x0000000105b81de8 signal_emit_unlocked_R + 1816
10  libgobject-2.0.0.dylib            0x0000000105b80a98 g_signal_emit_valist + 6072
11  libgobject-2.0.0.dylib            0x0000000105b81404 g_signal_emit + 372
12  libgtk-3.0.dylib                  0x0000000105219d05 gtk_tree_model_row_deleted + 261
13  bluefish-bin                      0x00000001049e7194 ftm_remove + 196
14  bluefish-bin                      0x00000001049e7554 ftm_delete_children + 116
15  bluefish-bin                      0x00000001049e7677 enumerator_close_lcb + 119
16  libgio-2.0.0.dylib                0x00000001056d047d close_async_callback_wrapper + 157
17  libgio-2.0.0.dylib                0x00000001057237d3 g_task_return_now + 67
18  libgio-2.0.0.dylib                0x0000000105723808 complete_in_idle_cb + 24
19  libglib-2.0.0.dylib               0x0000000105c1873b g_idle_dispatch + 91
Andrius
2013-10-23 20:26:57 UTC
Permalink
Did some investigation by putting extra checks in filetreemodel_get_value() and found following:
The warning message is caused by iter->stamp being zero and not equal to treemodel stamp.
If I put around line 1213 in file_treemodel.c :

g_value_init(value, filetreemodel(tree_model)->column_types[column]);

before return statement, then crash no longer happens, even if there still is warning.
Seems some iters are getting wrong stamp...
Andrius
________________________________
Sent: Wednesday, October 23, 2013 6:02 PM
Subject: One more crash
This one will be difficult to reproduce and fix. Something similar I was getting with old version of filebrowser, but it a little bit different situation.
1. Start bf without project (I mean do not open any project, just go to main bf window). Filebrowser should be in tree mode, if not, switch to it.
2. From dir menu select some new directory, different from $HOME. The directory should contain mixed content - directories and files. The more files, the better.
3. Set selected directory as new basedir. Now without doing anything else exit bf.
4. Now start bf without project -> there is crash.
The crash does not happens every time I start bf. Probability is something like 50%, I guess it might depend on content of directory. With gdb the crash does not happens. Its really weird.
** (bluefish-bin:23335): WARNING **: filetreemodel_get_value, called with invalid iter 0x7fff5ae54808
(bluefish-bin:23335): GLib-GObject-WARNING **: gtype.c:4215: type id '0' is invalid
(bluefish-bin:23335): GLib-GObject-WARNING **: can't peek value table for type '<invalid>' which is not currently referenced
0   libgtk-3.0.dylib                  0x0000000105219307 gtk_tree_model_get_valist + 583
1  
libgtk-3.0.dylib                  0x00000001052190aa gtk_tree_model_get + 554
2   bluefish-bin                      0x00000001049eaefe tree_model_filter_func + 110
3   libgtk-3.0.dylib                  0x000000010521d11e gtk_tree_model_filter_real_visible + 78
4   libgtk-3.0.dylib                  0x000000010521d221 gtk_tree_model_filter_visible + 65
5   libgtk-3.0.dylib                  0x000000010521d56b gtk_tree_model_filter_check_ancestors + 331
6  
libgtk-3.0.dylib                  0x000000010521fd9e gtk_tree_model_filter_row_deleted + 1486
7   libgobject-2.0.0.dylib            0x0000000105b6114d g_cclosure_marshal_VOID__BOXED + 237
8   libgobject-2.0.0.dylib            0x0000000105b5b1f2 g_closure_invoke + 546
9   libgobject-2.0.0.dylib            0x0000000105b81de8 signal_emit_unlocked_R + 1816
10  libgobject-2.0.0.dylib            0x0000000105b80a98 g_signal_emit_valist + 6072
11  libgobject-2.0.0.dylib            0x0000000105b81404 g_signal_emit + 372
12 
libgtk-3.0.dylib                  0x0000000105219d05 gtk_tree_model_row_deleted + 261
13  bluefish-bin                      0x00000001049e7194 ftm_remove + 196
14  bluefish-bin                      0x00000001049e7554 ftm_delete_children + 116
15  bluefish-bin                      0x00000001049e7677 enumerator_close_lcb + 119
16  libgio-2.0.0.dylib                0x00000001056d047d close_async_callback_wrapper + 157
17 
libgio-2.0.0.dylib                0x00000001057237d3 g_task_return_now + 67
18  libgio-2.0.0.dylib                0x0000000105723808 complete_in_idle_cb + 24
19  libglib-2.0.0.dylib               0x0000000105c1873b g_idle_dispatch + 91
Olivier Sessink
2013-10-24 19:27:30 UTC
Permalink
Post by Andrius
Did some investigation by putting extra checks in
The warning message is caused by iter->stamp being zero and not equal to treemodel stamp.
g_value_init(value, filetreemodel(tree_model)->column_types[column]);
before return statement, then crash no longer happens, even if there still is warning.
Seems some iters are getting wrong stamp...
I've added more debug code to see what is happening with iters. I've
also added more checks for return values that may have caused this issue.

To debug a warnning, set this environment variable:
G_DEBUG=fatal-warnings

and now run bluefish in gdb. For every warning it will stop, and you can
either continue (c) or request a backtrace (bt). So you can continue
until you get the warning that you are interested in, and then get the
backtrace what causes this warning .

Olivier
Andrius
2013-10-25 16:28:24 UTC
Permalink
Olivier,
when I running with dbg, the crash does not happens for some reason...
I turned on DEBUG_MSG for filebrowser2 and file_treemodel files and please find final lines of log when crash happens and when it starts normally. The difference is in line 99 and line 213. When crash happens ftm_remove seems to not finish the removal operation, while when bf starts without crash removal seems to be done.
In both cases first row in the tree seems to have empty name for some reason. In fact, first row *always* have empty name for whatever directory setting. Is this normal? I think the problem happens during this first empty row removal.
Andrius
________________________________
Sent: Thursday, October 24, 2013 10:27 PM
Subject: Re: One more crash
Post by Andrius
Did some investigation by putting extra checks in
The warning message is caused by iter->stamp being zero and not equal to treemodel stamp.
g_value_init(value, filetreemodel(tree_model)->column_types[column]);
before return statement, then crash no longer happens, even if there still is warning.
Seems some iters are getting wrong stamp...
I've added more debug code to see what is happening with iters. I've
also added more checks for return values that may have caused this issue.
G_DEBUG=fatal-warnings
and now run bluefish in gdb. For every warning it will stop, and you can
either continue (c) or request a backtrace (bt). So you can continue
until you get the warning that you are interested in, and then get the
backtrace what causes this warning .
Olivier
--
To unsubscribe from this list: send the line "unsubscribe bluefish-dev" in
Bluefish web site: http://bluefish.openoffice.nl/
Olivier Sessink
2013-10-25 19:03:08 UTC
Permalink
Post by Andrius
Olivier,
when I running with dbg, the crash does not happens for some reason...
I turned on DEBUG_MSG for filebrowser2 and file_treemodel files and
please find final lines of log when crash happens and when it starts
normally. The difference is in line 99 and line 213. When crash happens
ftm_remove seems to not finish the removal operation, while when bf
starts without crash removal seems to be done.
In both cases first row in the tree seems to have empty name for some
reason. In fact, first row *always* have empty name for whatever
directory setting. Is this normal? I think the problem happens during
this first empty row removal.
Andrius
what I guess happens, is that we call row_deleted() before we have
actually removed the entry from the parent. I changed the code to first
remove the entry from the parent, and then call row_deleted(). Can you
test if that makes any difference?

Olivier
Andrius
2013-10-25 19:40:21 UTC
Permalink
You are right.
Now it seems to be fixed!

Andrius
________________________________
Sent: Friday, October 25, 2013 10:03 PM
Subject: Re: One more crash
Post by Andrius
Olivier,
when I running with dbg, the crash does not happens for some reason...
I turned on DEBUG_MSG for filebrowser2 and file_treemodel files and
please find final lines of log when crash happens and when it starts
normally. The difference is in line 99 and line 213. When crash happens
ftm_remove seems to not finish the removal operation, while when bf
starts without crash removal seems to be done.
In both cases first row in the tree seems to have empty name for some
reason. In fact, first row *always* have empty name for whatever
directory setting. Is this normal? I think the problem happens during
this first empty row removal.
Andrius
what I guess happens, is that we call row_deleted() before we have
actually removed the entry from the parent. I changed the code to first
remove the entry from the parent, and then call row_deleted(). Can you
test if that makes any difference?
Olivier
--
To unsubscribe from this list: send the line "unsubscribe bluefish-dev" in
Bluefish web site: http://bluefish.openoffice.nl/
Continue reading on narkive:
Loading...