[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: BUG?: SIGSEGV in get_rotate_fontname() in omGeneric.c

No comment?

I have tried to do some debugging and anlysis - am I on the right track?

Thanks :)

David

David Greaves wrote:


Hi

I have a problem with get_rotate_fontname() in omGeneric.c.
I think there's a bug there.

I'm using libx11-6[-dbg] 4.3.0.dfsg.1-6

Line 561:
  for(field_num = 0 ; field_num < CHARSET_ENCODING_FIELD && ptr && *ptr ;
                       ptr++, field_num++) {

I've stepped here with gdb and have:
#define CHARSET_ENCODING_FIELD 14
font_name="-ttf-arial-medium-i-normal-italic-16-0-ISO8859-1"
field_num=9
ptr=0x0
The for condition looks to me like it shouldn't evaluate *ptr but I think it does as I get a SIGSEGV if I step this line. Is it possibly a gcc thing? Or is my src out of step with my library (ie is the '&& ptr' check new - in which case the bug is fixed - in which case where can I get a good library? :) ) 
I looked at a disassembly but couldn't tell.
Obviously it does this in the standard library (where I first hit the problem) and in the -dbg library too (I couldn't make XLOCALEDIR work so I symlinked them in temporarily as you may notice in the backtrace)
note that I haven't actually built a local libX11 - I just dl'ed the source to step through. (It's worth checking I have the right source, I've copied the snippet at the end) 

Backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x40be0829 in get_rotate_fontname (font_name=0x87dc5c8 "-ttf-arial-medium-i-normal-italic-16-0-ISO8859-1") at omGeneric.c:561 /amd/willow/root/share/mirror/devel/X/xfree86-4.3.0/build-tree/xc/lib/X11/omGeneric.c:561:14833:beg:0x40be0829 
(gdb) bt
#0 0x40be0829 in get_rotate_fontname (font_name=0x87dc5c8 "-ttf-arial-medium-i-normal-italic-16-0-ISO8859-1") at omGeneric.c:561 #1 0x40be0f73 in parse_fontdata (oc=0x8805410, font_set=0x87fdbf0, font_data=0x87dc5a8, font_data_count=0, name_list=0x85fc9b8, name_list_count=2, class=C_VROTATE, font_data_return=0x0) at omGeneric.c:1047 #2 0x40be11ea in parse_vw (oc=0x8805410, font_set=0x87fdbf0, name_list=0x85fc9b8, count=2) at omGeneric.c:1088 
#3  0x40be152f in parse_fontname (oc=0x8805410) at omGeneric.c:1226
#4  0x40be1868 in create_fontset (oc=0x8805410) at omGeneric.c:1361
#5 0x40be1e09 in create_oc (om=0x40be6960, args=0x0, num_args=0) at omGeneric.c:1672 
#6  0x4092a461 in XCreateOC (om=0x8805208) at OCWrap.c:50
#7 0x409297f5 in XCreateFontSet (dpy=0x0, base_font_name_list=0x0, missing_charset_list=0xbfffec20, missing_charset_count=0xbfffec24, def_string=0x0) at FSWrap.c:192 #8 0x4027b849 in getFontSet (f=@0x877d780) at kernel/qinputcontext_x11.cpp:93 #9 0x4027cc4d in QInputContext::setXFontSet (this=0x877d770, f=@0xbfffed40) at kernel/qinputcontext_x11.cpp:522 #10 0x4029b033 in QWidget::setMicroFocusHint (this=0x87dbcc8, x=14, y=4, width=0, height=21, text=true, f=0xbfffed40) at kernel/qwidget_x11.cpp:972 #11 0x404aab35 in QTextEdit::updateMicroFocusHint (this=0x87dbcc8) at widgets/qtextedit.cpp:2819 #12 0x404ab8db in QTextEdit::insert (this=0x87dbcc8, text=@0xbfffefa0, insertionFlags=5) at widgets/qtextedit.cpp:3033 #13 0x404ab2be in QTextEdit::insert (this=0x87dbcc8, text=@0xbfffefa0, indent=true, checkNewLine=false, removeSelected=true) at widgets/qtextedit.cpp:2941 #14 0x404a5124 in QTextEdit::keyPressEvent (this=0x87dbcc8, e=0xbffff2c0) at widgets/qtextedit.cpp:1460 #15 0x40b9338e in Editor::keyPressEvent (this=0x87dbcc8, e=0xbffff2c0) at editor.cpp:211 #16 0x4036dfb9 in QWidget::event (this=0x87dbcc8, e=0xbffff2c0) at kernel/qwidget.cpp:4719 #17 0x404a3fba in QTextEdit::event (this=0x87dbcc8, e=0xbffff2c0) at widgets/qtextedit.cpp:1208 #18 0x402d2485 in QApplication::internalNotify (this=0xbffff890, receiver=0x87dbcc8, e=0xbffff2c0) at kernel/qapplication.cpp:2635 #19 0x402d1b15 in QApplication::notify (this=0xbffff890, receiver=0x87dbcc8, e=0xbffff2c0) at kernel/qapplication.cpp:2392 #20 0x40266472 in QApplication::sendSpontaneousEvent (receiver=0x87dbcc8, event=0xbffff2c0) at qapplication.h:494 #21 0x40261228 in QETWidget::translateKeyEvent (this=0x87dbcc8, event=0xbffff6b0, grab=false) at kernel/qapplication_x11.cpp:5488 #22 0x4025d173 in QApplication::x11ProcessEvent (this=0xbffff890, event=0xbffff6b0) at kernel/qapplication_x11.cpp:3479 #23 0x40277997 in QEventLoop::processEvents (this=0x8322ae8, flags=4) at kernel/qeventloop_x11.cpp:192 #24 0x402e6a65 in QEventLoop::enterLoop (this=0x8322ae8) at kernel/qeventloop.cpp:198 #25 0x402e697e in QEventLoop::exec (this=0x8322ae8) at kernel/qeventloop.cpp:145 #26 0x402d25f1 in QApplication::exec (this=0xbffff890) at kernel/qapplication.cpp:2758 
#27 0x08097d62 in main (argc=1, argv=0xbffff974) at main.cpp:220


#################################
// src extract to make sure I'm not out of step:
static char *
get_rotate_fontname(font_name)
   char *font_name;
{
   char *pattern = NULL, *ptr = NULL;
   char *fields[CHARSET_ENCODING_FIELD];
   char str_pixel[32], str_point[4];
   char *rotate_font_ptr = NULL;
   int pixel_size = 0;
   int field_num = 0, len = 0;
     if(font_name == (char *) NULL || (len = strlen(font_name)) <= 0
      || len > XLFD_MAX_LEN)
       return NULL;
     pattern = (char *)Xmalloc(len + 1);
   if(!pattern)
       return NULL;
   strcpy(pattern, font_name);
     memset(fields, 0, sizeof(char *) * 14);
   ptr = pattern;
   while(isspace(*ptr)) {
       ptr++;
   }
   if(*ptr == '-')
       ptr++;
for(field_num = 0 ; field_num < CHARSET_ENCODING_FIELD && ptr && *ptr ; 
                       ptr++, field_num++) {
       fields[field_num] = ptr;
             if((ptr = strchr(ptr, '-'))) {
           *ptr = '\0';
       }
   }

David
Reply to: