master: premature controller unreferencing in gtk_event_controller_handle_event (!4099) · Merge requests · GNOME / gtk

Maxim Zakharov requested to merge Maxime2/gtk:gtkeventcontroller.c-fix into master Oct 27, 2021

If a controller removed from a widget in event handling, that is causing GTK to crash with the trace like the following. It looks like the controller is unreferencing prematurely in gtk_event_controller_handle_event. This merge request fixes the issue.

Thread 1 (Thread 0x7fe2f50e9100 (LWP 3764766)):
#0  __libc_read (nbytes=65423, buf=0x55a002e8a070, fd=25) at ../sysdeps/unix/sysv/linux/read.c:26
#1  __libc_read (fd=25, buf=buf@entry=0x55a002e8a070, nbytes=nbytes@entry=65423) at ../sysdeps/unix/sysv/linux/read.c:24
#2  0x0000559ffe743c8f in read (__nbytes=65423, __buf=0x55a002e8a070, __fd=<optimised out>) at /usr/include/x86_64-linux-gnu/bits/unistd.h:44
#3  GenEmailLog (address=address@entry=0x0, error_class=error_class@entry=0x559ffe7f48d5 "fatal", index=index@entry=0x7ffc538a1bbc) at message.c:603
#4  0x0000559ffe7441bb in Abort (s=<optimised out>) at message.c:837
#5  <signal handler called>
#6  0x00007fe2ff7cf8b9 in g_type_check_instance_is_fundamentally_a (type_instance=type_instance@entry=0xaaaaaaaaaaaaaaaa, fundamental_type=fundamental_type@entry=80) at ../subprojects/glib/gobject/gtype.c:4091
#7  0x00007fe2ff7ac499 in g_object_unref (_object=0xaaaaaaaaaaaaaaaa) at ../subprojects/glib/gobject/gobject.c:3516
#8  0x00007fe2ffbf3cdb in gtk_event_controller_handle_event (controller=controller@entry=0x55a0045222d0, event=event@entry=0x55a0045848c0, target=target@entry=0x55a00132cff0, x=x@entry=0, y=y@entry=0) at ../gtk/gtkeventcontroller.c:372
#9  0x00007fe2ffd945a6 in gtk_widget_run_controllers (widget=widget@entry=0x55a00132cff0, event=event@entry=0x55a0045848c0, target=target@entry=0x55a00132cff0, x=0, y=0, phase=phase@entry=GTK_PHASE_BUBBLE) at ../gtk/gtkwidget.c:4569
#10 0x00007fe2ffd9ad21 in gtk_widget_event (widget=widget@entry=0x55a00132cff0, event=event@entry=0x55a0045848c0, target=target@entry=0x55a00132cff0) at ../gtk/gtkwidget.c:4763
#11 0x00007fe2ffc7386a in gtk_propagate_event_internal (widget=widget@entry=0x55a00132cff0, event=event@entry=0x55a0045848c0, topmost=0x55a0015b44f0) at ../gtk/gtkmain.c:1898
#12 0x00007fe2ffc7397a in gtk_propagate_event (widget=widget@entry=0x55a00132cff0, event=event@entry=0x55a0045848c0) at ../gtk/gtkmain.c:1948
#13 0x00007fe2ffc742c3 in gtk_main_do_event (event=0x55a0045848c0) at ../gtk/gtkmain.c:1640
#14 0x00007fe2ffda8ec0 in surface_event (surface=surface@entry=0x55a004511350, event=<optimised out>, widget=widget@entry=0x55a0015b44f0) at ../gtk/gtkwindow.c:4735
#15 0x00007fe2ffe978f9 in _gdk_marshal_BOOLEAN__POINTER (closure=closure@entry=0x55a004578340, return_value=return_value@entry=0x7ffc538a2730, n_param_values=n_param_values@entry=2, param_values=param_values@entry=0x7ffc538a2790, invocation_hint=invocation_hint@entry=0x7ffc538a2710, marshal_data=marshal_data@entry=0x0) at gdk/gdkmarshalers.c:258
#16 0x00007fe2ffec2503 in gdk_surface_event_marshaller (closure=0x55a004578340, return_value=0x7ffc538a2730, n_param_values=2, param_values=0x7ffc538a2790, invocation_hint=0x7ffc538a2710, marshal_data=0x0) at ../gdk/gdksurface.c:435
#17 0x00007fe2ff7a6f8e in g_closure_invoke (closure=0x55a004578340, return_value=0x7ffc538a2730, n_param_values=2, param_values=0x7ffc538a2790, invocation_hint=0x7ffc538a2710) at ../subprojects/glib/gobject/gclosure.c:830
#18 0x00007fe2ff7bb3fc in signal_emit_unlocked_R (node=<optimised out>, detail=detail@entry=0, instance=instance@entry=0x55a004511350, emission_return=emission_return@entry=0x7ffc538a28b0, instance_and_params=instance_and_params@entry=0x7ffc538a2790) at ../subprojects/glib/gobject/gsignal.c:3742
#19 0x00007fe2ff7c640d in g_signal_emit_valist (instance=<optimised out>, signal_id=<optimised out>, detail=<optimised out>, var_args=var_args@entry=0x7ffc538a2960) at ../subprojects/glib/gobject/gsignal.c:3507
#20 0x00007fe2ff7c7083 in g_signal_emit (instance=instance@entry=0x55a004511350, signal_id=<optimised out>, detail=detail@entry=0) at ../subprojects/glib/gobject/gsignal.c:3553
#21 0x00007fe2ffec5b5a in gdk_surface_handle_event (event=0x55a0045848c0) at ../gdk/gdksurface.c:2948
#22 0x00007fe2fff177ae in gdk_event_source_dispatch (source=<optimised out>, callback=<optimised out>, user_data=<optimised out>) at ../gdk/x11/gdkeventsource.c:425
#23 0x00007fe2ff6b075d in g_main_dispatch (context=0x55a0005b4160) at ../subprojects/glib/glib/gmain.c:3381
#24 g_main_context_dispatch (context=context@entry=0x55a0005b4160) at ../subprojects/glib/glib/gmain.c:4099
#25 0x00007fe2ff6b09e0 in g_main_context_iterate (context=0x55a0005b4160, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimised out>) at ../subprojects/glib/glib/gmain.c:4175
#26 0x00007fe2ff6b0cd3 in g_main_loop_run (loop=0x55a002853a50) at ../subprojects/glib/glib/gmain.c:4373
#27 0x0000559ffe7cdd40 in igtk_main () at cbindings.c:356
#28 0x0000559ffe7bc994 in c_intrins (icode=<optimised out>, ac=ac@entry=0, tos=0) at intrinsics.c:3736
#29 0x0000559ffe740050 in Execute (root=<optimised out>) at execute.c:3001
#30 0x0000559ffe738624 in main (ac=<optimised out>, av=<optimised out>) at sexecute.c:988
A debugging session is active.

master: premature controller unreferencing in gtk_event_controller_handle_event

Merge request reports