John Ehresman: > Scintilla can segfault when scroll_to_line is called from a > NotifyPainted handler. When gtk is used, the scroll code calls down to > the Paint method and, if a line layout cache is in use, can cause > corruption because a layout object can be deleted in the inner method > while it is referenced in the outer method.
NotifyPainted is called after all painting has been performed, so any outstanding ownership of layout cache entries could be released before calling NotifyPainted rather than waiting for automatic cleanup. This is most likely the first AutoLineLayout above the NotifyPainted call. > The quick fix is not to scroll from the handler, but I'd like to prevent > this bug from happening again. The options are to detect re-entry into > the Paint method or to modify the layout cache so it handles re-entry. > My initial thought is to modify the layout cache, but it would be better > to add the re-entry check if other parts of Editor::Paint can't handle > re-entry. Which approach should I implement? Making the cache reentrant is rather messy. The simplest technique would be to hand out copies of entries rather than references into the cache but copying a cache entry is reasonably heavy: if you do this, I'd like to see a benchmark. Neil _______________________________________________ Scintilla-interest mailing list [email protected] http://mailman.lyra.org/mailman/listinfo/scintilla-interest
