GNU bug report logs - #11541
24.0.97; Crash when visiting file on OS X 10.7.3

Previous Next

Packages: emacs, ns;

Reported by: Florian Ebeling <florian.ebeling <at> gmail.com>

Date: Tue, 22 May 2012 16:20:02 UTC

Severity: important

Merged with 11684, 11792, 11801

Found in versions 24.0.97, 24.1.50, 24.1

Done: Jan Djärv <jan.h.d <at> swipnet.se>

Bug is archived. No further changes may be made.

Full log

Message #38 received at 11541 <at> debbugs.gnu.org (full text, mbox):

From: Florian Ebeling <florian.ebeling <at> gmail.com>
To: Chong Yidong <cyd <at> gnu.org>
Cc: 11541 <at> debbugs.gnu.org
Subject: Re: bug#11541: 24.0.97; Crash when visiting file on OS X 10.7.3
Date: Wed, 30 May 2012 16:39:21 +0200

On Wed, May 30, 2012 at 3:36 PM, Chong Yidong <cyd <at> gnu.org> wrote:
> Interesting.  We need to pin down where the stack clobbering is taking
> place; I don't see an obvious problem in the code, so let's just do it
> by brute force.  Could you apply the following patch (which adds three
> abort conditions to the code), trigger the bug again, then see where the
> abort takes place?

It still stops at the same location, which is 531 after the patch.
Here is the debugger session output:

#16 0x00007fff89e8a587 in TDescriptor::CreateMatchingDescriptors ()
#17 0x0000000100a32599 in -[NSCTFontDescriptor
matchingFontDescriptorsWithMandatoryKeys:] ()
#18 0x00000001001a1c70 in ns_findfonts (font_spec=140734799760960,
isMatch=0 '\0') at nsfont.m:531
(More stack frames follow...)
(gdb) f 18
#18 0x00000001001a1c70 in ns_findfonts (font_spec=140734799760960,
isMatch=0 '\000') at nsfont.m:531
531	    matchingDescs = [fdesc matchingFontDescriptorsWithMandatoryKeys: fkeys];
Current language:  auto; currently objective-c
(gdb) li ns_findfonts
492	/* Implementation for list() and match().  List() can return nil, match()
493	must return something.  Strategy is to drop family name from attribute
494	matching set for match. */
495	static Lisp_Object
496	ns_findfonts (Lisp_Object font_spec, BOOL isMatch)
497	{
498	    Lisp_Object tem, list = Qnil;
499	    NSFontDescriptor *fdesc, *desc;
500	    NSMutableSet *fkeys;
501	    NSArray *matchingDescs;
(gdb)
502	    NSEnumerator *dEnum;
503	    NSString *family;
504	    NSSet *cFamilies;
505	    BOOL foundItal = NO;
506	
507	    if (NSFONT_TRACE)
508	      {
509		fprintf (stderr, "nsfont: %s for fontspec:\n    ",
510			 (isMatch ? "match" : "list"));
511		debug_print (font_spec);
(gdb)
512	      }
513	
514	    if (!FONT_SPEC_P (font_spec))
515	      abort ();
516	
517	    cFamilies = ns_get_covering_families (ns_get_req_script
(font_spec), 0.90);
518	
519	    if (!FONT_SPEC_P (font_spec))
520	      abort ();
521	
(gdb)
522	    fdesc = ns_spec_to_descriptor (font_spec);
523	
524	    if (!FONT_SPEC_P (font_spec))
525	      abort ();
526	
527	    fkeys = [NSMutableSet setWithArray: [[fdesc fontAttributes] allKeys]];
528	    if (isMatch)
529		[fkeys removeObject: NSFontFamilyAttribute];
530	
531	    matchingDescs = [fdesc matchingFontDescriptorsWithMandatoryKeys: fkeys];
(gdb) p font_spec
$1 = 140734799760960
(gdb) xtype
Lisp_Int0
This bug report was last modified 12 years and 255 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.