2017-07-20 2:57 GMT+09:00 Bram Moolenaar <[email protected]>: > > Patch 8.0.0737 > Problem: Crash when X11 selection is very big. > Solution: Use static items instead of allocating them. Add callbacks. > (Ozaki Kiichi) > Files: src/testdir/shared.vim, src/testdir/test_quotestar.vim, > src/ui.c > > <snip> >
Bram, I'm afraid you made a decision too early. This patch has outstanding problems. They are difficult to explain briefly, but let me try doing that. First, the patch seems to prevent Vim from crashing by simply changing the order of the calls of XCheckTypedEvent(). This happens to work for the purpose because the call for PropertyNotify happens to catch the INCL PropertyNotify which is to be sent to the requestor prior to the actual data transaction when the selection is large relative to max-request-size (implementation dependent). The event is, however, not handled properly because, according to ICCCM, the property has to be deleted, yet never by Vim actually. We have a server resource leak here. Secondly, the same manual also says that after deleting the property, the transaction of the body of the selection data begins and then finishes with the owner's sending a zero-length property to the requestor. It's requestor's responsibility to delete the zero-length property; however, Vim will never send it. Another resource leak takes place in the peer client. Lastly, since Vim didn't know what the zero-length property means, it tried to free the same memory block twice, resulting in crash. With the patch, the memory block is statically allocated to avoid the crash. However, if Vim understood the fact that it would get PropertyNotify twice per large selection at the end of the transaction, this change wouldn't be necessary at all. I think those explain well what is described in the remark made to the TODO : > X11: Putting more than about 262040 characters of text on the clipboard and > pasting it in another Vim doesn't work. (Dominique Pelle, 2008 Aug 21-23) > clip_x11_request_selection_cb() is called with zero value and length. > Also: Get an error message from free() in the process that owns the selection. > Seems to happen when the selection is requested the second time, but before > clip_x11_convert_selection_cb() is invoked, thus in X library code. I thought my comment https://github.com/vim/vim/issues/1822#issuecomment-316115383 was sufficient for people to evaluate the patch appropriately, but now I found it was not... Best regards, Kazunobu Kuriyama -- > A computer program does what you tell it to do, not what you want it to do. > > /// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net > \\\ > /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ > \\\ > \\\ an exciting new programming language -- http://www.Zimbu.org > /// > \\\ help me help AIDS victims -- http://ICCF-Holland.org > /// > > -- > -- > You received this message from the "vim_dev" maillist. > Do not top-post! Type your reply below the text you are replying to. > For more information, visit http://www.vim.org/maillist.php > > --- > You received this message because you are subscribed to the Google Groups > "vim_dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
