enlightenment/terminology
enlightenment
/
terminology
9
6
Fork 7
Code Issues 7 Pull Requests Projects Releases Wiki Activity

reflow: fix segv sometimes when vertically shrinking

This commit is contained in:
Boris Faure 2013-04-20 17:37:16 +02:00
parent 3c5eb88047
commit 07f4b23b16
1 changed files with 16 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
src/bin/termpty.c
View File

@ -766,49 +766,6 @@ static void
_termpty_vertically_shrink(Termpty *ty, int old_w, int old_h,
Termcell *old_screen)
{
/* See the XXX: below - disable this line of protection:
* if (offset < 0) offset = 0;
* and we get the following crash:
*
* - Open terminology
* - Maximize (with Ctrl+Alt+n)
* - Choose some repo
* - git log | head -n 1000000
* - Minimize (with Ctrl+Alt+n)
* - Crash
*
* ==18772== Invalid read of size 4
* ==18772== at 0x432774: termpty_cell_copy (termpty.c:1347)
* ==18772== by 0x430EA7: _termpty_vertically_shrink (termpty.c:831)
* ==18772== by 0x431FCC: termpty_resize (termpty.c:1163)
* ==18772== by 0x425764: _smart_size (termio.c:1179)
* ==18772== by 0x425852: _smart_cb_delayed_size (termio.c:1200)
* ==18772== by 0x62AFFB4: _ecore_call_task_cb (ecore_private.h:303)
* ==18772== by 0x62B1918: _ecore_timer_expired_call (ecore_timer.c:912)
* ==18772== by 0x62B1794: _ecore_timer_expired_timers_call (ecore_timer.c:866)
* ==18772== by 0x62AD66D: _ecore_main_loop_iterate_internal (ecore_main.c:1832)
* ==18772== by 0x62ABAD4: ecore_main_loop_begin (ecore_main.c:963)
* ==18772== by 0x4F8A1C8: elm_run (elm_main.c:967)
* ==18772== by 0x4161D0: elm_main (main.c:2932)
* ==18772== by 0x4162B0: main (main.c:2956)
* ==18772== Address 0x1a29d048 is 556,040 bytes inside a block of size 560,056 free'd
* ==18772== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
* ==18772== by 0x5F68419: _size_set (evas_object_textgrid.c:1050)
* ==18772== by 0x806AE75: _eo_op_internal (eo.c:328)
* ==18772== by 0x806AFBC: _eo_dov_internal (eo.c:362)
* ==18772== by 0x806B245: eo_do_internal (eo.c:391)
* ==18772== by 0x5F682DF: evas_object_textgrid_size_set (evas_object_textgrid.c:1026)
* ==18772== by 0x4256B7: _smart_size (termio.c:1170)
* ==18772== by 0x425852: _smart_cb_delayed_size (termio.c:1200)
* ==18772== by 0x62AFFB4: _ecore_call_task_cb (ecore_private.h:303)
* ==18772== by 0x62B1918: _ecore_timer_expired_call (ecore_timer.c:912)
* ==18772== by 0x62B1794: _ecore_timer_expired_timers_call (ecore_timer.c:866)
* ==18772== by 0x62AD66D: _ecore_main_loop_iterate_internal (ecore_main.c:1832)
* ==18772== by 0x62ABAD4: ecore_main_loop_begin (ecore_main.c:963)
* ==18772== by 0x4F8A1C8: elm_run (elm_main.c:967)
* ==18772== by 0x4161D0: elm_main (main.c:2932)
* ==18772== by 0x4162B0: main (main.c:2956)
*/
int to_history,
real_h = old_h,
old_circular_offset,
@ -866,17 +823,20 @@ _termpty_vertically_shrink(Termpty *ty, int old_w, int old_h,
len = real_h - to_history;
pos = (len + ty->circular_offset) % old_h;
offset = len - pos;
// XXX: this is a segv protection... it may cause mis-drawing?
if (offset < 0) offset = 0;
/* 2 times */
for (y = pos - 1; y >= 0; y--)
if (offset > 0)
{
src = &(old_screen[y * old_w]);
dst = &(old_screen[(y + offset) * old_w]);
termpty_cell_copy(ty, src, dst, old_w);
for (y = pos - 1; y >= 0; y--)
{
src = &(old_screen[y * old_w]);
dst = &(old_screen[(y + offset) * old_w]);
termpty_cell_copy(ty, src, dst, old_w);
}
}
else
offset = len;
for (y = 0; y < offset; y++)
{
src = &(old_screen[(ty->circular_offset + y) * old_w]);
@ -887,9 +847,11 @@ _termpty_vertically_shrink(Termpty *ty, int old_w, int old_h,
len = ty->h - len;
if (len)
termpty_cell_fill(ty, NULL,
&old_screen[(old_h - len) * old_w],
len * old_w);
{
termpty_cell_fill(ty, NULL,
&old_screen[(old_h - len) * old_w],
len * old_w);
}
}
}