distsystem 875ca70a55 Fix crash in overlay line drawing on uninitialized linebuf view ...

screen_draw_overlay_line accessed self->linebuf->line->cpu_cells
without ever calling linebuf_init_line on the shared view. Render
paths that initialize a stack-local Line via render_line_for_virtual_y
left the view's cpu_cells as NULL (the value set by alloc_line via
PyType_GenericAlloc), and the multicell-trim loop then dereferenced
NULL + xstart * sizeof(CPUCell), producing a SIGSEGV at a small
address (e.g. 0x1e for xstart=2). The crash was reachable any time
an IME pre-edit overlay was rendered with the cursor not in column 0
on a screen whose linebuf->line had not been re-pointed by some
unrelated prior call.

Fix by initializing the view at the overlay row on entry. Add a
test_draw_overlay_line method on Screen so the behavior can be
exercised directly from a regression test.

2026-04-18 13:10:07 +08:00

26 KiB

Raw Blame History

View Raw