[BUG] gtk4::EntryCompletion::new().insert_prefix(); cause crash

[qarmin]

System:    Host: rafalkom Kernel: 5.13.0-28-generic x86_64 bits: 64 compiler: gcc v: 11.2.0 Desktop: GNOME 40.5 
           tk: GTK 3.24.30 wm: gnome-shell dm: GDM3 Distro: Ubuntu 21.10 (Impish Indri) 

RUST_BACKTRACE=full RUSTFLAGS=-Zsanitizer=address RUSTDOCFLAGS=-Zsanitizer=address cargo run  -Zbuild-std --target x86_64-unknown-linux-gnu

Bug description

gtk4::EntryCompletion::new().insert_prefix();

cause crash:

AddressSanitizer:DEADLYSIGNAL
=================================================================
==31352==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000038 (pc 0x7f60f653ba50 bp 0x000000000028 sp 0x7ffd9f720c30 T0)
==31352==The signal is caused by a READ memory access.
==31352==Hint: address points to the zero page.
    #0 0x7f60f653ba50  (/lib/x86_64-linux-gnu/libgtk-4.so.1+0x143a50)
    gtk-rs/gtk-rs-core#1 0x560e2b56e9fd  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x33b9fd)
    gtk-rs/gtk-rs-core#2 0x560e2b559e9d  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x326e9d)
    gtk-rs/gtk-rs-core#3 0x560e2b557607  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x324607)
    gtk-rs/gtk-rs-core#4 0x560e2b56261a  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x32f61a)
    gtk-rs/gtk-rs-core#5 0x7f60f6bf2c0e  (/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x13c0e)
    gtk-rs/gtk-rs-core#6 0x7f60f6c0eea5  (/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x2fea5)
    gtk-rs/gtk-rs-core#7 0x7f60f6c10883  (/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x31883)
    gtk-rs/gtk-rs-core#8 0x7f60f6c10ad2  (/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x31ad2)
    gtk-rs/gtk-rs-core#9 0x7f60f612b9d7  (/lib/x86_64-linux-gnu/libgio-2.0.so.0+0xdb9d7)
    gtk-rs/gtk-rs-core#10 0x7f60f612bbb5  (/lib/x86_64-linux-gnu/libgio-2.0.so.0+0xdbbb5)
    gtk-rs/gtk-rs-core#11 0x560e2b55ade8  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x327de8)
    gtk-rs/gtk-rs-core#12 0x560e2b55a7d7  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x3277d7)
    gtk-rs/gtk-rs-core#13 0x560e2b559b36  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x326b36)
    gtk-rs/gtk-rs-core#14 0x560e2b55b89a  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x32889a)
    gtk-rs/gtk-rs-core#15 0x560e2b55f674  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x32c674)
    gtk-rs/gtk-rs-core#16 0x560e2b5587d3  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x3257d3)
    gtk-rs/gtk-rs-core#17 0x560e2bd4954d  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0xb1654d)
    gtk-rs/gtk-rs-core#18 0x560e2bd926ae  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0xb5f6ae)
    gtk-rs/gtk-rs-core#19 0x560e2bda7b7a  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0xb74b7a)
    gtk-rs/gtk-rs-core#20 0x560e2bd91972  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0xb5e972)
    gtk-rs/gtk-rs-core#21 0x560e2bb4bca9  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x918ca9)
    gtk-rs/gtk-rs-core#22 0x560e2bbc4aeb  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x991aeb)
    gtk-rs/gtk-rs-core#23 0x560e2bd924dd  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0xb5f4dd)
    gtk-rs/gtk-rs-core#24 0x560e2bda7b7a  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0xb74b7a)
    gtk-rs/gtk-rs-core#25 0x560e2bd90ceb  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0xb5dceb)
    gtk-rs/gtk-rs-core#26 0x560e2bb4b9b9  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x9189b9)
    gtk-rs/gtk-rs-core#27 0x560e2bbc43e9  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x9913e9)
    gtk-rs/gtk-rs-core#28 0x560e2b558735  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x325735)
    gtk-rs/gtk-rs-core#29 0x560e2b55a09b  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x32709b)
    gtk-rs/gtk-rs-core#30 0x7f60f5c1ffcf  (/lib/x86_64-linux-gnu/libc.so.6+0x2dfcf)
    gtk-rs/gtk-rs-core#31 0x7f60f5c2007c  (/lib/x86_64-linux-gnu/libc.so.6+0x2e07c)
    gtk-rs/gtk-rs-core#32 0x560e2b4c71e4  (/home/rafal/Projekty/Rust/gtk_rs_fuzzer/Project/target/x86_64-unknown-linux-gnu/debug/crash_thing+0x2941e4)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libgtk-4.so.1+0x143a50) 

[bilelmoussaoui]

Please open the gtk4-rs issues on https://github.com/gtk-rs/gtk4-rs

[sdroege]

Thread 1 "foo" received signal SIGSEGV, Segmentation fault.
0x00007ffff7862c51 in gtk_entry_get_text_widget (entry=<optimized out>) at ../gtk/gtkentry.c:3777
3777	  return GTK_TEXT (priv->text);
(gdb) print priv
$1 = (GtkEntryPrivate *) 0x28
(gdb) bt
#0  0x00007ffff7862c51 in gtk_entry_get_text_widget (entry=<optimized out>) at ../gtk/gtkentry.c:3777
#1  0x00007ffff7867094 in gtk_entry_completion_insert_prefix (completion=0x5555555cf240 [GtkEntryCompletion]) at ../gtk/gtkentrycompletion.c:1422
#2  0x000055555555ce7e in gtk4::auto::entry_completion::EntryCompletion::insert_prefix (self=0x7fffffffe3c0) at gtk4/src/auto/entry_completion.rs:155
#3  0x000055555555c45a in foo::main () at foo/src/main.rs:6
(gdb) print completion->entry
No symbol "completion" in current context.
(gdb) up
#1  0x00007ffff7867094 in gtk_entry_completion_insert_prefix (completion=0x5555555cf240 [GtkEntryCompletion]) at ../gtk/gtkentrycompletion.c:1422
1422	  GtkText *text = gtk_entry_get_text_widget (GTK_ENTRY (completion->entry));
(gdb) print completion->entry
$2 = 0x0

The competion has no entry and GTK assumes it does. This only happens after calling gtk_entry_set_completion(). gtk_entry_completion_get_entry() is also not annotated as (nullable) in its return value, so if anything quite a bit of API annotations are needed (and code changes to not crash!), or this is wrong usage and a programmer error (in which case some assertions should be placed into the C code instead of just segfaulting).

Again something for GTK people to decide.

[bilelmoussaoui]

I think we should at least add a check upstream so that we fail way before things break pretty badly

[sdroege]

Yes, it should at least get some assertions in C instead of randomly crashing. You create an issue?

[bilelmoussaoui]

let us see if I can make a PR instead

[bilelmoussaoui]

Opened a PR at https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/4450

[bilelmoussaoui]

Closing as it is an upstream issue, will be fixed in the future release that includes the changes I submitted once they are merged