It's crashing before the call to g_type_check_instance_is_a. The stack trace in https://lists.gnucash.org/pipermail/gnucash-user/2023-November/109345.html points to offset 1374 in gnc_plugin_page_report_focus_widget. Here's the disassembly: tub for: gnc_window_set_progressbar_window libgnc-gnome.dylib[0x7c30e] <+1406>: testl %eax, %eax libgnc-gnome.dylib[0x7c310] <+1408>: jne 0x7c05c ; <+716> libgnc-gnome.dylib[0x7c316] <+1414>: movq %r15, %rdi libgnc-gnome.dylib[0x7c319] <+1417>: callq 0x8fa5e ; symbol stub for: gtk_widget_grab_focus libgnc-gnome.dylib[0x7c31e] <+1422>: jmp 0x7c05c ; <+716> libgnc-gnome.dylib[0x7c323] <+1427>: callq 0x8d520 ; symbol stub for: __stack_chk_fail libgnc-gnome.dylib[0x7c328] <+1432>: nopl (%rax,%rax)
G_ > On Nov 2, 2023, at 02:04, Geert Janssens <geert.gnuc...@kobaltwit.be> wrote: > > This seems to point at a regression in Gtk. > > From what I understand GTK_IS_WIDGET should return FALSE if widget is NULL. > > It's defined here: > https://gitlab.gnome.org/GNOME/gtk/-/blob/main/gtk/gtkwidget.h? > ref_type=heads#L46 > > It's a macro that calls G_TYPE_CHECK_INSTANCE_TYPE, which is defined here: > https://gitlab.gnome.org/GNOME/glib/-/blob/main/gobject/gtype.h? > ref_type=heads#L541 > > The comment above this definition states G_TYPE_CHECK_INSTANCE_TYPE should > return FALSE if instance is NULL. > > So I'm rather surprised this use of GTK_IS_WIDGET crashes gnucash. Hmm. It does indeed look properly null-checked. G_TYPE_CHECK_INSTANCE_TYPE just forwards to _G_TYPE_CIT at https://gitlab.gnome.org/GNOME/glib/-/blame/main/gobject/gtype.h?page=3#L2671 (# define _G_TYPE_CIT(ip, gt) (G_GNUC_EXTENSION ({ \ GTypeInstance *__inst = (GTypeInstance*) ip; GType __t = gt; gboolean __r; \ if (!__inst) \ __r = FALSE; \ else if (__inst->g_class && __inst->g_class->g_type == __t) \ __r = TRUE; \ else \ __r = g_type_check_instance_is_a (__inst, __t); \ __r; \ })) The disassembly of gnc_plugin_page_report_focus_widget: libgnc-gnome.dylib[0x7c2d8] <+1352>: callq 0x8fa4c ; symbol stub for: gtk_widget_get_type libgnc-gnome.dylib[0x7c2dd] <+1357>: testq %r15, %r15 <<< if (!__inst) libgnc-gnome.dylib[0x7c2e0] <+1360>: je 0x7c05c ; <+716> libgnc-gnome.dylib[0x7c2e6] <+1366>: movq (%r15), %rcx libgnc-gnome.dylib[0x7c2e9] <+1369>: testq %rcx, %rcx <<<< if (__inst->g_class libgnc-gnome.dylib[0x7c2ec] <+1372>: je 0x7c2f3 ; <+1379> libgnc-gnome.dylib[0x7c2ee] <+1374>: cmpq %rax, (%rcx) <<<<< && __inst->g_class->g_type == __t *** Crash is here *** libgnc-gnome.dylib[0x7c2f1] <+1377>: je 0x7c306 ; <+1398> libgnc-gnome.dylib[0x7c2f3] <+1379>: movq %r15, %rdi libgnc-gnome.dylib[0x7c2f6] <+1382>: movq %rax, %rsi libgnc-gnome.dylib[0x7c2f9] <+1385>: callq 0x8da0c ; symbol stub for: g_type_check_instance_is_a libgnc-gnome.dylib[0x7c2d1] <+1345>: movq -0x98(%rbp), %r15 libgnc-gnome.dylib[0x7c2fe] <+1390>: testl %eax, %eax libgnc-gnome.dylib[0x7c300] <+1392>: je 0x7c05c ; <+716> libgnc-gnome.dylib[0x7c306] <+1398>: movq %r15, %rdi libgnc-gnome.dylib[0x7c309] <+1401>: callq 0x8fa7c ; symbol stub for: gtk_widget_is_focus It's crashing dereferencing __inst->g_class->g_type, and the diagnostic says it's a nullptr: VM Region Info: 0 is not in any region. Bytes before following region: 4537495552 I've asked Michael for the register block to confirm that %rcx contains nullptr, but I'm baffled how it can go from not null at 1369 to null at 1374. Regards, John Ralls _______________________________________________ gnucash-devel mailing list gnucash-devel@gnucash.org https://lists.gnucash.org/mailman/listinfo/gnucash-devel
