Re: Fix for #63426 - GtkTextView core dumps on deletion

[Hans Breuer <hans breuer org>]

At 12:36 04.11.01 -0500, Havoc Pennington wrote:
>
>Hans Breuer <hans breuer org> writes: 
>> --- from-cvs/gtk+/gtk/gtktextiter.c	Sat Oct 27 02:18:26 2001
>> +++ my-gtk/gtk+/gtk/gtktextiter.c	Sun Nov 04 17:34:24 2001
>> @@ -3802,8 +3802,14 @@
>>  
>>    current_offset = gtk_text_iter_get_line_offset (iter);
>>    new_offset = find_paragraph_delimiter_for_line (iter);
>> -  
>> -  if (current_offset < new_offset)
>> +
>> +  if (0 == new_offset) 
>> +    {
>> +      while (!gtk_text_iter_ends_line (iter))
>> +        gtk_text_iter_forward_char (iter);
>> +      return FALSE;
>> +    }
>> +  else if (current_offset < new_offset)
>>      {
>>        /* Move to end of this line. */
>>        gtk_text_iter_set_line_offset (iter, new_offset);
>> 
>
>I don't understand this change; if new_offset == 0 and current_offset
>>= 0, then we should be moving to the end of the next line, because
>current_offset is already at or beyond the end of the current line.
>That's how the function docs read to me anyhow.
>
But the bug is: If there is no next line ...
And as I read the docs it than should simply move to the
end of the current line even if there is no paragraph end,
which can't be there because it was just deleted.

>Also, this change should definitely not cause a segfault to appear or
>disappear; if this affects a segfault, then the segfault bug still
>exists and hasn't been fixed. 
Don't think so, see below.

>If you can reproduce the segfault, can
>you add a backtrace to the bug report?
>
It is just simple reproduceable as described in the orignal bug report.

The backtrace (stacktrace ?) is kind of hard to export from my ide (=msvc :
I need to copy it line by line :) and it isn't complete, because the crash
is caused by a stack overflow ...

find_by_log_attrs() does the infinite recursion without my patch.

	Hans

find_by_log_attrs(_GtkTextIter * 0x009aeb44, int (const _PangoLogAttr *,
int, int, int, int *, int)* 0x101469bc find_backward_cursor_pos_func(const
_PangoLogAttr *, int, int, int, int *, int), int 0x00000000, int
0x00000000) line 2952
gtk_text_iter_backward_cursor_position(_GtkTextIter * 0x009aeb44) line 3375
+ 18 bytes
gtk_text_iter_backward_cursor_positions(_GtkTextIter * 0x009aeb44, int
0x00000001) line 3440 + 9 bytes
gtk_text_iter_forward_cursor_positions(_GtkTextIter * 0x009aeb44, int
0xffffffff) line 3400 + 15 bytes
gtk_text_view_delete_from_cursor(_GtkTextView * 0x0103cc70, int 0x00000000,
int 0xffffffff) line 4208 + 13 bytes
gtk_marshal_VOID__ENUM_INT(_GClosure * 0x01034ac0, _GValue * 0x00000000,
unsigned int 0x00000003, const _GValue * 0x009aed98, void * 0x009aece4,
void * 0x1015e6f9) line 1147 + 43 bytes
g_type_class_meta_marshal(_GClosure * 0x01034ac0, _GValue * 0x00000000,
unsigned int 0x00000003, const _GValue * 0x009aed98, void * 0x009aece4,
void * 0x00000184) line 517 + 30 bytes
g_closure_invoke(_GClosure * 0x01034ac0, _GValue * 0x00000000, unsigned int
0x00000003, const _GValue * 0x009aed98, void * 0x009aece4) line 440 + 27 bytes
signal_emit_unlocked_R(_SignalNode * 0x01034ba0, unsigned int 0x00000000,
void * 0x0103cc70, _GValue * 0x00000000, const _GValue * 0x009aed98) line
2161 + 39 bytes
g_signal_emitv(const _GValue * 0x009aed98, unsigned int 0x0000006f,
unsigned int 0x00000000, _GValue * 0x00000000) line 1804 + 25 bytes
gtk_binding_entry_activate(_GtkBindingEntry * 0x0103b990, _GtkObject *
0x0103cc70) line 414 + 17 bytes
binding_match_activate(_GSList * 0x00f08d40, _GtkObject * 0x0103cc70,
unsigned int 0x0000000b, char * 0x010321a0, char * 0x010ec9d0) line 812 +
16 bytes
[..., rest omited]

-------- Hans "at" Breuer "dot" Org -----------
Tell me what you need, and I'll tell you how to 
get along without it.                -- Dilbert