Thanks to visit codestin.com
Credit goes to Github.com

Skip to content

[Windows] Fl_Menu_Item::pulldown can sometimes null-crash #1335

New issue
New issue
Open
Open
[Windows] Fl_Menu_Item::pulldown can sometimes null-crash#1335
Assignees
MatthiasWM
Labels
activeSomebody is working on it
@ioan-chera

Description

@ioan-chera
ioan-chera
opened on Nov 22, 2025

Description of the Bug Report
In Fl_Menu.cxx, in Fl_Menu_Item::pulldown after the STARTUP: label, at lines 1067-1068, it's possible for const Fl_Menu_Item *m = pp.current_item to be null, making the next m->activevisible() expression crash the application.

To Reproduce
I was able to reproduce it a few times using my app (https://github.com/ioan-chera/eureka-editor/) from commit 7a727e6c5be6dabb8cf0a607297f15c89ebb8afb. However, I haven't found a reliable pattern to trigger it. If I remember correctly, it happened when clicking the Fl_Choice or when selecting an item. The Fl_Choice with this menu is in https://github.com/ioan-chera/eureka-editor/blob/7a727e6c5be6dabb8cf0a607297f15c89ebb8afb/src/ui_browser.h#L108. I'm attaching the crash call stack to this ticket.

eureka-call-stack.txt

More info: the initial_item variable was nullptr at that point, but I can't tell if it entered that way into the function or was altered during pulldown.

To be able to try it in the app I linked to, you'd need Doom or Freedoom IWAD, go into thing mode (pressing 't'), place some monsters (pressing 'space' when pointing mouse, then selecting the new 'things' and changing type, which will open the panel with the problem Fl_Choice, then change the category to something else, place other thing types, then change back. But it's really random and unreliable.

My action
Since this bug seems pretty vague, I'm planning to make a fork off FLTK where I check m for null and break out of the loop, with a debug assertion failure (since it's not supposed to happen). I plan to stick this fork branch of mine over your tagged releases, in order to keep in sync.

Expected behavior
No crash

Screenshots
I don't know if there's anything to show.

FLTK Version
1.4.4. I used FetchContent in CMake with tag release-1.4.4.

FLTK Configure / Build Options
Defaults as provided by Windows CMake GUI v4.1.2 with the Visual Studio 2022 IDE generated project files. The FetchContent_Declare command has EXCLUDE_FROM_ALL.

Operating System / Platform:

  • OS: Windows 11 (not sure if it behaves the same everywhere)
  • OS Version: 10.0.26200
  • Processor if relevant Intel(R) Core(TM) i9-9900 @ 3.1GHz 3096 MHz 8 cores 16 processors

Linux/Unix Runtime, if applicable:

  • Didn't reproduce it yet there, though I use Linux less.

Metadata

Metadata

Assignees

Labels

activeSomebody is working on it

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions