[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#49066: 26.3; Segmentation fault on specific utf8 string
From: |
handa |
Subject: |
bug#49066: 26.3; Segmentation fault on specific utf8 string |
Date: |
Sun, 27 Jun 2021 11:29:28 +0900 |
Hi,
> (gdb) pp lgstring
> [[#<font-object "-GOOG-Noto Sans
> Bengali-normal-normal-normal-*-19-*-*-*-*-0-iso10646-1"> 2453 8204] nil [0 0
> 2453 20 16 -1 17 12 0 nil] [1 1 8204 658 0 -1 1 15 4 nil] nil nil nil [5 5 0
> 3039 11 0 12 7 5 nil] [6 6 1606 1044 11 0 11 8 3 nil] nil] ^^^
> I think this is a bug in that loop: it should actually exit whenever
> it finds the first LGLYPH that is nil, and update gstring.used
> accordingly. Something like this:
> for (i = 0; i < gstring.used; i++)
> {
> MFLTGlyphFT *g = (MFLTGlyphFT *) (gstring.glyphs) + i;
> if (NILP (LGSTRING_GLYPH (lgstring, g->g.from))
> || NILP (LGSTRING_GLYPH (lgstring, g->g.to)))
> break;
> g->g.from = LGLYPH_FROM (LGSTRING_GLYPH (lgstring, g->g.from));
> g->g.to = LGLYPH_TO (LGSTRING_GLYPH (lgstring, g->g.to));
> }
> gstring.used = i;
I don't think so because glyphs of indices g->g.from and g->g.to should
not be nil.
> > This is enough to cause the crash: ক
As I surely remember that rendering that string with m17n-flt had no
problem before, I suspect that some change after I wrote the code has a
problem.
So, I tried to restore the old code as the attached patch, and then the
patched emacs has no problem of rendering the above Bengali string.
The patch cancels this change:
------------------------------------------------------------
commit 04ac097f34d887e1ae8dea1e884118728e931c7a
Author: Paul Eggert <eggert@cs.ucla.edu>
Date: Fri Nov 13 12:02:21 2015 -0800
Spruce up ftfont.c memory allocation
* src/ftfont.c (setup_otf_gstring):
Avoid O(N**2) behavior when reallocating.
(ftfont_shape_by_flt): Prefer xpalloc to xrealloc when
reallocating buffers; this simplifies the code. Do not trust
mflt_run to leave the output areas unchanged on failure, as
this isn’t part of its interface spec.
------------------------------------------------------------
But, at the moment I don't know why the new code does not work.
---
K. Handa
handa@gnu.org
diff --git a/src/ftfont.c b/src/ftfont.c
index 0603dd9ce6..26198928d8 100644
--- a/src/ftfont.c
+++ b/src/ftfont.c
@@ -2720,6 +2720,37 @@ ftfont_shape_by_flt (Lisp_Object lgstring, struct font
*font,
}
}
+#define RESTORE_OLD_CODE
+#ifdef RESTORE_OLD_CODE
+ if (gstring.allocated == 0)
+ {
+ gstring.glyph_size = sizeof (MFLTGlyph);
+ gstring.glyphs = xnmalloc (len * 2, sizeof *gstring.glyphs);
+ gstring.allocated = len * 2;
+ }
+ else if (gstring.allocated < len * 2)
+ {
+ gstring.glyphs = xnrealloc (gstring.glyphs, len * 2,
+ sizeof *gstring.glyphs);
+ gstring.allocated = len * 2;
+ }
+ memset (gstring.glyphs, 0, len * sizeof *gstring.glyphs);
+ for (i = 0; i < len; i++)
+ {
+ Lisp_Object g = LGSTRING_GLYPH (lgstring, i);
+
+ gstring.glyphs[i].c = LGLYPH_CHAR (g);
+ if (with_variation_selector)
+ {
+ gstring.glyphs[i].code = LGLYPH_CODE (g);
+ gstring.glyphs[i].encoded = 1;
+ }
+ }
+
+ gstring.used = len;
+ gstring.r2l = 0;
+#endif
+
{
Lisp_Object family = Ffont_get (LGSTRING_FONT (lgstring), QCfamily);
@@ -2763,6 +2794,20 @@ ftfont_shape_by_flt (Lisp_Object lgstring, struct font
*font,
return make_fixnum (0);
}
+#ifdef RESTORE_OLD_CODE
+ for (i = 0; i < 3; i++)
+ {
+ int result = mflt_run (&gstring, 0, len, &flt_font_ft.flt_font, flt);
+ if (result != -2)
+ break;
+ int len2;
+ if (INT_MULTIPLY_WRAPV (gstring.allocated, 2, &len2))
+ memory_full (SIZE_MAX);
+ gstring.glyphs = xnrealloc (gstring.glyphs,
+ gstring.allocated, 2 * sizeof (MFLTGlyphFT));
+ gstring.allocated = len2;
+ }
+#else
MFLTGlyphFT *glyphs = (MFLTGlyphFT *) gstring.glyphs;
ptrdiff_t allocated = gstring.allocated;
ptrdiff_t incr_min = len - allocated;
@@ -2795,6 +2840,7 @@ ftfont_shape_by_flt (Lisp_Object lgstring, struct font
*font,
gstring.r2l = 0;
}
while (mflt_run (&gstring, 0, len, &flt_font_ft.flt_font, flt) == -2);
+#endif
if (gstring.used > LGSTRING_GLYPH_LEN (lgstring))
return Qnil;
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Miguel V. S. Frasson, 2021/06/16
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Lars Ingebrigtsen, 2021/06/16
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Eli Zaretskii, 2021/06/17
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Robert Pluim, 2021/06/17
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Eli Zaretskii, 2021/06/17
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Robert Pluim, 2021/06/17
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Eli Zaretskii, 2021/06/17
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Eli Zaretskii, 2021/06/17
- bug#49066: 26.3; Segmentation fault on specific utf8 string,
handa <=
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Eli Zaretskii, 2021/06/27
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Paul Eggert, 2021/06/27
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Eli Zaretskii, 2021/06/27
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Robert Pluim, 2021/06/28
- bug#49066: 26.3; Segmentation fault on specific utf8 string, Eli Zaretskii, 2021/06/28
bug#49066: file foo, Miguel V. S. Frasson, 2021/06/16