From b91fc17a1911a479e058d1df3a24486faa473290 Mon Sep 17 00:00:00 2001 From: Daniel Boles Date: Thu, 18 Jan 2018 00:51:24 +0000 Subject: [PATCH] =?UTF-8?q?Widget:=20Don=E2=80=99t=20call=20reset()=20on?= =?UTF-8?q?=20NULL=20EventController?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit GtkGesture is a GtkEventController. gtk_event_controller_dispose() calls _gtk_widget_remove_controller(). That NULLs the pointer-to-Controller in our EventControllerData but does not delete said ECData from our GList. Subsequently, if that same Widget gets unparent()ed, that method calls unset_state_flags(), which leads to doing reset_controllers() if we are insensitive. Now, unlike most most other loops over the GList of ECData, reset_controllers() does not skip nodes whose pointer-to-Controller is NULL. So, we call gtk_event_controller_reset(NULL) and get a CRITICAL. This surfaced in a gtkmm program. The Gesture is destroyed before the Widget. The Widget then gets dispose()d, which calls unparent()… boom. I didn’t find an MCVE yet but would hope this logic is correct anyway: The simplest fix is to make the loop in gtk_widget_reset_controllers() skip GList nodes with a NULL Controller pointer, like most other such loops, so we avoid passing the NULL to gtk_event_controller_reset(). In other, live cases, _gtk_widget_run_controllers() loops over the GList and removes/frees nodes having NULL Controllers, so that should suffice. But this clearly was not getting a chance to happen in the failing case. https://bugzilla.gnome.org/show_bug.cgi?id=792624 --- gtk/gtkwidget.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/gtk/gtkwidget.c b/gtk/gtkwidget.c index 4ae273036e..b1386298bf 100644 --- a/gtk/gtkwidget.c +++ b/gtk/gtkwidget.c @@ -13891,6 +13891,10 @@ gtk_widget_reset_controllers (GtkWidget *widget) for (l = priv->event_controllers; l; l = l->next) { controller_data = l->data; + + if (controller_data->controller == NULL) + continue; + gtk_event_controller_reset (controller_data->controller); } }