bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#70385: Crash in note_fringe_highlight

From: Po Lu
Subject: bug#70385: Crash in note_fringe_highlight
Date: Mon, 15 Apr 2024 21:58:15 +0800
User-agent: Gnus/5.13 (Gnus v5.13) 
Eli Zaretskii <eliz@gnu.org> writes:

> I think this should be
>
>   if ((window_outdated (w)
>        || !w->window_end_valid
>        || !MATRIX_ROW_DISPLAYS_TEXT_P (MATRIX_ROW (w->current_matrix,
>                                                  vpos)))

Yes, sorry.

> I'm not sure it will help, because it seems the segfault happens in
> the MATRIX_ROW_DISPLAYS_TEXT_P macro.  So I think we are somehow
> dealing with w->current_matrix whose 'nrows' is too small.  The
> mouse-highlight code detects that case in x_y_to_hpos_vpos.

Right.  What about this?

diff --git a/src/xdisp.c b/src/xdisp.c
index d984c12d1aa..dcecc2b09d4 100644
--- a/src/xdisp.c
+++ b/src/xdisp.c
@@ -35772,6 +35772,7 @@ note_fringe_highlight (struct frame *f, Lisp_Object 
window, int x, int y,
   /* Don't access the TEXT_AREA of a row that does not display text, or
      when the window is outdated.  (bug#70385) */
   if (window_outdated (w)
+      || (vpos >= w->current_matrix->nrows)
       || !MATRIX_ROW_DISPLAYS_TEXT_P (MATRIX_ROW (w->current_matrix,
                                                  vpos)))
     return;

It's the same test x_y_to_hpos_vpos applies to decide whether to punt
and return NULL.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]