On Mon, Sep 12, 2016 at 05:01:33AM +0200, Enrico Forestieri wrote:
> On Sun, Sep 11, 2016 at 09:04:56PM +0100, Guillaume Munch wrote:
> > Le 11/09/2016 à 11:05, Enrico Forestieri a écrit :
> >
> > >Please give
> > >steps or test cases for reproducing the crash and I will have a look.
> > >
> >
> > It usually takes some effort. I'll try to find the time.
>
> You can spare your time as I think I found the problem. The patch simply
> uncovered a latent bug. The crash only occurs when there is a user
> defined math macro. In this case, d->macro_->symbol() may return bogus
> values. For a user defined macro it should always return a null pointer,
> but for unknown reasons it sometimes returns strange values, which are
> clearly bogus and cause a crash when dereferenced.
>
> I did not succeed in understanding why this occurs.
I have found that this occurs because of some missing metric updates.
The attached alternative patch covers all cases except one. This is the
case in which user defined math macros are present _and_ instant preview
is active. I did not find a solution for this case, so the previous patch
is better. However, there are other cases in the sources in which the
sym_ member of MacroData (the one returned by d->macro_->symbol()) is
used. In these cases it is accessed only after checking that it is not
null, but, as this case shows, this does not gaurantee that it is usable
and a crash would occur. However, these cases are mainly related to the
xhtml output, so they are not as frequent, possibly.
--
Enrico
diff --git a/src/BufferView.cpp b/src/BufferView.cpp
index 0212b16..b4564b4 100644
--- a/src/BufferView.cpp
+++ b/src/BufferView.cpp
@@ -495,7 +495,7 @@ void BufferView::processUpdateFlags(Update::flags flags)
// updateMetrics() does not update paragraph position
// This is done at draw() time. So we need a redraw!
- buffer_.changed(false);
+ buffer_.changed(true);
if (needsFitCursor()) {
// The cursor is off screen so ensure it is visible.
@@ -2181,7 +2181,7 @@ void BufferView::updateHoveredInset() const
// This event (moving without mouse click) is not passed
further.
// This should be changed if it is further utilized.
- buffer_.changed(false);
+ buffer_.changed(true);
}
}
