crash in glib 2.32 relating to use of Gtk file chooser dialogs

[David Andruczyk <dandruczyk gmail com>]

I'm trying to debug a crash users are reporting with my app on glib 2.32.1  (gtk+-2.24.10-0ubuntu6) (what's is installed by default on ubuntu 12.04) gtk3.x is not possible with this app due to other conflicting requirements. The issues also occurs in an identical fashion on debian sid using glib 2.32.3 (gtk+2.24.10-1).  The app makes use of GtkFileChooserDialogs which is where the crash occurs, specifically on the second one used,  the first one called by my app, always works, the subsequent ones tends to crash in lib with:

GLib (gthread-posix.c): Unexpected error from C library during 'pthread_setspecific': Invalid argument.  Aborting.

Tracing with installation of debug symbols  goes to glib/gthread-posix.c around line 1024 shows where the abort within glib is coming from.  I dl'd and built a "local" edition of glib matching the OS release and added some printf's to g_private_set in glib/gthread-posix.c to spit out the key and value addresses, to see if anything looked out of the ordinary.  Commenting out the abort, allows the application to run seemingly normally with no further issues. I also enabled threadpool debugging (glib/gthreadpool.c) via uncommenting the working "DEBUG_MSG" macro and comment out the dummy one above it) as well which generates a LOT of additional logging output in the hopes of trying to figure out what glib/gtk+ is doing that causes the crash. 

The logging at the point where the second filechooser is being called shows this (NOTE this is code where the abort in g_private_set is commented out) :

MTXDBG: calling gtk_file_chooser_dialog_new

g_private_set, Address of key: 0x38ae38 , Address of value: 0xb1400e88

pthread_setspecific status != 0, BAD KEY!!! Abort commented out

g_private_set, Address of key: 0x9839e0 , Address of value: 0x1

g_private_set, Address of key: 0x9839e0 , Address of value: (nil)

g_private_set, Address of key: 0x38ae38 , Address of value: 0xb1400e18

g_private_set, Address of key: 0x38ae38 , Address of value: (nil)

dialog created

g_private_set, Address of key: 0x38ae38 , Address of value: 0xb1400dd8

g_private_set, Address of key: 0x38ae38 , Address of value: (nil)

initiating dialog to run

Based on the manpages for pthread_setspecific():

The pthread_setspecific() function shall fail if:

[ENOMEM]

Insufficient memory exists to associate the non-NULL value with the key.

The pthread_setspecific() function may fail if:

[EINVAL]

The key value is invalid.

These functions shall not return an error code of [EINTR].

There isn't any really checking for whether the issue is an ENOMEM or EINVAL (just a zero or nonzero in g_private_set()) , though the abort message say's its an EINVAL which means a bad key, perhaps a race where the key hasn't yet been created with pthread_key_create someplace else within glib?

I have an open bug filed with the Gnome bugzilla (though I can not retrieve the number at the moment),  however it hasn't received any attention yet, and as of now (june 3rd 2012, 14:43 EST) the bugzilla web page is returning and Error 500 Internal Server Error.

Once the bugzilla is available again I'll try to attach the detailed execution log with the instrumented glib for perusal.

Thoughts?

--

-- David J Andruczyk