It's crashing before the call to g_type_check_instance_is_a. The stack trace in
https://lists.gnucash.org/pipermail/gnucash-user/2023-November/109345.html
points to offset 1374 in gnc_plugin_page_report_focus_widget. Here's the
disassembly:
tub for: gnc_window_set_progressbar_window
libgnc-gnome.dylib[0x7c30e] <+1406>: testl %eax, %eax
libgnc-gnome.dylib[0x7c310] <+1408>: jne0x7c05c ; <+716>
libgnc-gnome.dylib[0x7c316] <+1414>: movq %r15, %rdi
libgnc-gnome.dylib[0x7c319] <+1417>: callq 0x8fa5e ; symbol
stub for: gtk_widget_grab_focus
libgnc-gnome.dylib[0x7c31e] <+1422>: jmp0x7c05c ; <+716>
libgnc-gnome.dylib[0x7c323] <+1427>: callq 0x8d520 ; symbol
stub for: __stack_chk_fail
libgnc-gnome.dylib[0x7c328] <+1432>: nopl (%rax,%rax)
G_
> On Nov 2, 2023, at 02:04, Geert Janssens wrote:
>
> This seems to point at a regression in Gtk.
>
> From what I understand GTK_IS_WIDGET should return FALSE if widget is NULL.
>
> It's defined here:
> https://gitlab.gnome.org/GNOME/gtk/-/blob/main/gtk/gtkwidget.h?
> ref_type=heads#L46
>
> It's a macro that calls G_TYPE_CHECK_INSTANCE_TYPE, which is defined here:
> https://gitlab.gnome.org/GNOME/glib/-/blob/main/gobject/gtype.h?
> ref_type=heads#L541
>
> The comment above this definition states G_TYPE_CHECK_INSTANCE_TYPE should
> return FALSE if instance is NULL.
>
> So I'm rather surprised this use of GTK_IS_WIDGET crashes gnucash.
Hmm. It does indeed look properly null-checked. G_TYPE_CHECK_INSTANCE_TYPE
just forwards to _G_TYPE_CIT at
https://gitlab.gnome.org/GNOME/glib/-/blame/main/gobject/gtype.h?page=3#L2671
(# define _G_TYPE_CIT(ip, gt) (G_GNUC_EXTENSION ({ \
GTypeInstance *__inst = (GTypeInstance*) ip; GType __t = gt; gboolean __r; \
if (!__inst) \
__r = FALSE; \
else if (__inst->g_class && __inst->g_class->g_type == __t) \
__r = TRUE; \
else \
__r = g_type_check_instance_is_a (__inst, __t); \
__r; \
}))
The disassembly of gnc_plugin_page_report_focus_widget:
libgnc-gnome.dylib[0x7c2d8] <+1352>: callq 0x8fa4c ; symbol
stub for: gtk_widget_get_type
libgnc-gnome.dylib[0x7c2dd] <+1357>: testq %r15, %r15
<<< if
(!__inst)
libgnc-gnome.dylib[0x7c2e0] <+1360>: je 0x7c05c ; <+716>
libgnc-gnome.dylib[0x7c2e6] <+1366>: movq (%r15), %rcx
libgnc-gnome.dylib[0x7c2e9] <+1369>: testq %rcx, %rcx
if
(__inst->g_class
libgnc-gnome.dylib[0x7c2ec] <+1372>: je 0x7c2f3 ; <+1379>
libgnc-gnome.dylib[0x7c2ee] <+1374>: cmpq %rax, (%rcx)
< &&
__inst->g_class->g_type == __t *** Crash is here ***
libgnc-gnome.dylib[0x7c2f1] <+1377>: je 0x7c306 ; <+1398>
libgnc-gnome.dylib[0x7c2f3] <+1379>: movq %r15, %rdi
libgnc-gnome.dylib[0x7c2f6] <+1382>: movq %rax, %rsi
libgnc-gnome.dylib[0x7c2f9] <+1385>: callq 0x8da0c ; symbol
stub for: g_type_check_instance_is_a
libgnc-gnome.dylib[0x7c2d1] <+1345>: movq -0x98(%rbp), %r15
libgnc-gnome.dylib[0x7c2fe] <+1390>: testl %eax, %eax
libgnc-gnome.dylib[0x7c300] <+1392>: je 0x7c05c ; <+716>
libgnc-gnome.dylib[0x7c306] <+1398>: movq %r15, %rdi
libgnc-gnome.dylib[0x7c309] <+1401>: callq 0x8fa7c ; symbol
stub for: gtk_widget_is_focus
It's crashing dereferencing __inst->g_class->g_type, and the diagnostic says
it's a nullptr:
VM Region Info: 0 is not in any region. Bytes before following region:
4537495552
I've asked Michael for the register block to confirm that %rcx contains
nullptr, but I'm baffled how it can go from not null at 1369 to null at 1374.
Regards,
John Ralls
___
gnucash-devel mailing list
gnucash-devel@gnucash.org
https://lists.gnucash.org/mailman/listinfo/gnucash-devel