jpeg pushed a commit to branch efl-1.20.
http://git.enlightenment.org/core/efl.git/commit/?id=0978787ebf55d692c40f8909ee4c652701bf78c4
commit 0978787ebf55d692c40f8909ee4c652701bf78c4
Author: Jean-Philippe Andre <jp.an...@samsung.com>
Date: Tue Sep 26 17:00:27 2017 +0900
eo: Fix crashes with call cache after init cycle
It's not enough to check the init generation count, if the cache data is
not reset properly.
This patch adds safety in two ways:
1. Actually reset the op call cache when we detect a new generation
2. Verify that we don't return NULL function pointer
The 1st point is absolutely necessary, 2nd is optional (extra cost of
one if()).
@fix
---
src/lib/eo/Eo.h | 1 +
src/lib/eo/eo.c | 1 +
2 files changed, 2 insertions(+)
diff --git a/src/lib/eo/Eo.h b/src/lib/eo/Eo.h
index 5f97d1b46d..c7a26f67d2 100644
--- a/src/lib/eo/Eo.h
+++ b/src/lib/eo/Eo.h
@@ -977,6 +977,7 @@ typedef struct _Efl_Object_Call_Cache
// hits.
#define EFL_FUNC_COMMON_OP_END(Obj, Name, DefRet) \
__##Name##_op_create: \
+ if (EINA_UNLIKELY(___cache.op != EFL_NOOP)) memset(&___cache, 0,
sizeof(___cache)); \
___cache.op = _efl_object_op_api_id_get(EFL_FUNC_COMMON_OP_FUNC(Name), Obj,
#Name, __FILE__, __LINE__); \
if (___cache.op == EFL_NOOP) return DefRet; \
___cache.generation = _efl_object_init_generation; \
diff --git a/src/lib/eo/eo.c b/src/lib/eo/eo.c
index b759f38429..55fbbbc962 100644
--- a/src/lib/eo/eo.c
+++ b/src/lib/eo/eo.c
@@ -485,6 +485,7 @@ ok_klass_back:
call->func = func->func;
if (is_obj)
call->data = (char *)obj + cache->off[i].off;
+ if (EINA_UNLIKELY(!call->func)) goto err_cache_op;
return EINA_TRUE;
}
}
--
