Not all the time, but sometimes, when you hit 'V' to toggle Message View, Claws will crash. Usually it's while toggling *off* message view (i.e. getting a full window summary). I haven't been able to associate the action with anything else Claws is doing at the time. I don't have a stack trace available at the moment.
I can pretty reliably reproduce this on FreeBSD with malloc debugging enabled by pressing V immediately after selecting a different message than the currently selected one. The backtraces differ but generally seem to indicate that Claws is dereferencing pointers located in structures that have already been freed: (gdb) r Starting program: /usr/obj/usr/ports/mail/claws-mail/work/claws-mail-3.7.9/src/claws-mail [New LWP 100988] [New Thread 807c07400 (LWP 100988/initial thread)] (claws-mail:12120): Gtk-CRITICAL **: IA__gtk_text_layout_get_iter_location: assertion `GTK_IS_TEXT_LAYOUT (layout)' failed Program received signal SIGBUS, Bus error. [Switching to Thread 807c07400 (LWP 100988/initial thread)] 0x00000008058f0ecb in g_node_traverse_in_order (node=0x5a5a5a5a5a5a5a5a, flags=G_TRAVERSE_ALL, func=0x50fad0 <find_broken_func>, data=0x7fffffffa648) at gnode.c:698 698 if (node->children) (gdb) where #0 0x00000008058f0ecb in g_node_traverse_in_order (node=0x5a5a5a5a5a5a5a5a, flags=G_TRAVERSE_ALL, func=0x50fad0 <find_broken_func>, data=0x7fffffffa648) at gnode.c:698 #1 0x00000008058f1439 in g_node_traverse (root=0x5a5a5a5a5a5a5a5a, order=G_IN_ORDER, flags=G_TRAVERSE_ALL, depth=-1, func=0x50fad0 <find_broken_func>, data=0x7fffffffa648) at gnode.c:908 #2 0x000000000050fb71 in find_broken_part (rootinfo=0x8084e5f00) at messageview.c:1106 #3 0x00000000005102e8 in messageview_show (messageview=0x8085350c0, msginfo=0x808759100, all_headers=0) at messageview.c:1276 #4 0x00000000005af330 in summary_display_msg_full (summaryview=0x807c59d00, row=0x80875e600, new_window=0, all_headers=0) at summaryview.c:3471 #5 0x00000000005ae897 in summary_display_msg (summaryview=0x807c59d00, row=0x80875e600) at summaryview.c:3283 #6 0x00000000005ba2fd in summary_selected (ctree=0x807f84470, row=0x80875e600, column=-1, summaryview=0x807c59d00) at summaryview.c:6851 #7 0x0000000000661d52 in claws_marshal_VOID__POINTER_INT (closure=0x8084d4df0, return_value=0x0, n_param_values=3, param_values=0x80863d540, invocation_hint=0x7fffffffab80, marshal_data=0x0) at claws-marshal.c:348 #8 0x0000000805649766 in g_closure_invoke (closure=0x8084d4df0, return_value=0x0, n_param_values=3, param_values=0x80863d540, invocation_hint=0x7fffffffab80) at gclosure.c:766 #9 0x0000000805664537 in signal_emit_unlocked_R (node=0x807f29c90, detail=0, instance=0x807f84470, emission_return=0x0, instance_and_params=0x80863d540) at gsignal.c:3252 #10 0x00000008056632b2 in g_signal_emit_valist (instance=0x807f84470, signal_id=117, detail=0, var_args=0x7fffffffaf00) at gsignal.c:2983 #11 0x0000000805663899 in g_signal_emit (instance=0x807f84470, signal_id=117, detail=0) at gsignal.c:3040 #12 0x00000000006235ed in real_select_row (clist=0x807f84470, row=43, column=-1, event=0x0) at gtkcmctree.c:3368 #13 0x000000000066190d in claws_marshal_VOID__INT_INT_BOXED (closure=0x807f287e0, return_value=0x0, n_param_values=4, param_values=0x8084f3f60, invocation_hint=0x7fffffffb3f0, marshal_data=0x6234e0) at claws-marshal.c:160 #14 0x0000000805649ab2 in g_type_class_meta_marshal (closure=0x807f287e0, return_value=0x0, n_param_values=4, param_values=0x8084f3f60, invocation_hint=0x7fffffffb3f0, marshal_data=0x348) at gclosure.c:877 #15 0x0000000805649766 in g_closure_invoke (closure=0x807f287e0, return_value=0x0, n_param_values=4, param_values=0x8084f3f60, invocation_hint=0x7fffffffb3f0) at gclosure.c:766 #16 0x00000008056640b6 in signal_emit_unlocked_R (node=0x807f29330, detail=0, instance=0x807f84470, emission_return=0x0, instance_and_params=0x8084f3f60) at gsignal.c:3182 #17 0x00000008056632b2 in g_signal_emit_valist (instance=0x807f84470, signal_id=93, detail=0, var_args=0x7fffffffb770) at gsignal.c:2983 #18 0x0000000805663899 in g_signal_emit (instance=0x807f84470, signal_id=93, detail=0) at gsignal.c:3040 #19 0x0000000000641c60 in scroll_vertical (clist=0x807f84470, scroll_type=GTK_SCROLL_STEP_FORWARD, position=0) at gtkcmclist.c:7075 #20 0x0000000000661c75 in claws_marshal_VOID__ENUM_FLOAT (closure=0x807f28b60, return_value=0x7fffffffbe30, n_param_values=3, param_values=0x80874ff10, invocation_hint=0x7fffffffbc70, marshal_data=0x641840) at claws-marshal.c:311 #21 0x0000000805649ab2 in g_type_class_meta_marshal (closure=0x807f28b60, return_value=0x7fffffffbe30, n_param_values=3, param_values=0x80874ff10, invocation_hint=0x7fffffffbc70, marshal_data=0x3b0) at gclosure.c:877 #22 0x0000000805649766 in g_closure_invoke (closure=0x807f28b60, return_value=0x7fffffffbe30, n_param_values=3, param_values=0x80874ff10, invocation_hint=0x7fffffffbc70) at gclosure.c:766 #23 0x00000008056647a6 in signal_emit_unlocked_R (node=0x807f29740, detail=0, instance=0x807f84470, emission_return=0x7fffffffbe30, instance_and_params=0x80874ff10) at gsignal.c:3290 #24 0x00000008056626d7 in g_signal_emitv (instance_and_params=0x80874ff10, signal_id=106, detail=0, return_value=0x7fffffffbe30) at gsignal.c:2888 #25 0x0000000800c3a895 in gtk_binding_entry_activate (entry=0x807db57c0, object=0x807f84470) at gtkbindings.c:537 #26 0x0000000800c3bae4 in binding_match_activate (pspec_list=0x8087554b0, object=0x807f84470, path_length=10, path=0x807c965b0 "GtkCMCList", path_reversed=0x807c965c0 "tsiLCMCktG", unbound=0x7fffffffbf10) at gtkbindings.c:1124 #27 0x0000000800c3bed3 in gtk_bindings_activate_list (object=0x807f84470, entries=0x808755450, is_release=0) at gtkbindings.c:1269 #28 0x0000000800c3c284 in IA__gtk_bindings_activate_event (object=0x807f84470, event=0x808681070) at gtkbindings.c:1364 ---Type <return> to continue, or q <return> to quit--- #29 0x0000000800ec8e0d in gtk_widget_real_key_press_event (widget=0x807f84470, event=0x808681070) at gtkwidget.c:4711 #30 0x0000000800d37f13 in _gtk_marshal_BOOLEAN__BOXED (closure=0x807db4c80, return_value=0x7fffffffc3f0, n_param_values=2, param_values=0x8084ca960, invocation_hint=0x7fffffffc420, marshal_data=0x800ec8de0) at gtkmarshalers.c:86 #31 0x0000000805649ab2 in g_type_class_meta_marshal (closure=0x807db4c80, return_value=0x7fffffffc3f0, n_param_values=2, param_values=0x8084ca960, invocation_hint=0x7fffffffc420, marshal_data=0x190) at gclosure.c:877 #32 0x0000000805649766 in g_closure_invoke (closure=0x807db4c80, return_value=0x7fffffffc3f0, n_param_values=2, param_values=0x8084ca960, invocation_hint=0x7fffffffc420) at gclosure.c:766 #33 0x00000008056647a6 in signal_emit_unlocked_R (node=0x807db63d0, detail=0, instance=0x807f84470, emission_return=0x7fffffffc6a0, instance_and_params=0x8084ca960) at gsignal.c:3290 #34 0x0000000805663339 in g_signal_emit_valist (instance=0x807f84470, signal_id=50, detail=0, var_args=0x7fffffffc7a0) at gsignal.c:2993 #35 0x0000000805663899 in g_signal_emit (instance=0x807f84470, signal_id=50, detail=0) at gsignal.c:3040 #36 0x0000000800ec9474 in gtk_widget_event_internal (widget=0x807f84470, event=0x808681070) at gtkwidget.c:4977 #37 0x0000000800ec8f89 in IA__gtk_widget_event (widget=0x807f84470, event=0x808681070) at gtkwidget.c:4774 #38 0x0000000800ee0b8a in IA__gtk_window_propagate_key_event (window=0x807e0c000, event=0x808681070) at gtkwindow.c:5199 #39 0x0000000800ee0c55 in gtk_window_key_press_event (widget=0x807e0c000, event=0x808681070) at gtkwindow.c:5229 #40 0x0000000800d37f13 in _gtk_marshal_BOOLEAN__BOXED (closure=0x807db4c80, return_value=0x7fffffffcd60, n_param_values=2, param_values=0x80875f160, invocation_hint=0x7fffffffcd90, marshal_data=0x800ee0c00) at gtkmarshalers.c:86 #41 0x0000000805649ab2 in g_type_class_meta_marshal (closure=0x807db4c80, return_value=0x7fffffffcd60, n_param_values=2, param_values=0x80875f160, invocation_hint=0x7fffffffcd90, marshal_data=0x190) at gclosure.c:877 #42 0x0000000805649766 in g_closure_invoke (closure=0x807db4c80, return_value=0x7fffffffcd60, n_param_values=2, param_values=0x80875f160, invocation_hint=0x7fffffffcd90) at gclosure.c:766 #43 0x00000008056647a6 in signal_emit_unlocked_R (node=0x807db63d0, detail=0, instance=0x807e0c000, emission_return=0x7fffffffd010, instance_and_params=0x80875f160) at gsignal.c:3290 #44 0x0000000805663339 in g_signal_emit_valist (instance=0x807e0c000, signal_id=50, detail=0, var_args=0x7fffffffd110) at gsignal.c:2993 #45 0x0000000805663899 in g_signal_emit (instance=0x807e0c000, signal_id=50, detail=0) at gsignal.c:3040 #46 0x0000000800ec9474 in gtk_widget_event_internal (widget=0x807e0c000, event=0x808681070) at gtkwidget.c:4977 #47 0x0000000800ec8f89 in IA__gtk_widget_event (widget=0x807e0c000, event=0x808681070) at gtkwidget.c:4774 #48 0x0000000800d360bf in IA__gtk_propagate_event (widget=0x807e0c000, event=0x808681070) at gtkmain.c:2434 #49 0x0000000800d34b22 in IA__gtk_main_do_event (event=0x808681070) at gtkmain.c:1665 #50 0x000000080135c211 in gdk_event_dispatch (source=0x807d874e0, callback=0, user_data=0x0) at gdkevents-x11.c:2377 #51 0x00000008058e2d9d in g_main_dispatch (context=0x807c8ab00) at gmain.c:2149 #52 0x00000008058e45d5 in g_main_context_dispatch (context=0x807c8ab00) at gmain.c:2702 #53 0x00000008058e4ba6 in g_main_context_iterate (context=0x807c8ab00, block=1, dispatch=1, self=0x807c17740) at gmain.c:2780 #54 0x00000008058e5443 in g_main_loop_run (loop=0x807c3c2a0) at gmain.c:2988 #55 0x0000000800d3412c in IA__gtk_main () at gtkmain.c:1237 #56 0x00000000004edee6 in main (argc=1, argv=0x7fffffffd850) at main.c:1680 Reproducing this in valgrind would probable be useful, but unfortunately the FreeBSD port isn't robust enough to run Claws, yet.
It could also be a lost reference, fail: void foo_new(Foo* foo) { foo = g_new0(Foo, 1); foo->bar = g_strdup("rubbish"); } Good: void foo_new(Foo** foo) { Foo* new = *foo; new = g_new0(Foo, 1); new->bar = g_strdup("rubbish"); }
Changes related to this bug have been committed. Please check latest CVS and update the bug accordingly. You can also get the patch from: http://www.colino.net/claws-mail/ 2011-11-08 [pawel] 3.7.10cvs80 * src/summaryview.c Fix bug #2422 'Toggle Message View w/ V crashes Claws' Fix race condition - don't try to hide messageview while being in the middle of message displaying routine.
Works for me. Thanks.