[Pkg-fonts-bugs] Bug#594629: fontforge loops indefinetly on some fonts on s390 and sparc

Niko Tyni ntyni at debian.org
Tue Nov 16 22:39:32 UTC 2010


On Fri, Aug 27, 2010 at 01:06:46PM -0700, Don Armstrong wrote:
> Package: fontforge
> Version: 0.0.20100501-1
> Severity: important
> 
> The new version of fontforge has introduced a new bug where fontforge
> loops indefinetly while compiling fonts on some architecures. This is
> easily demonstrated on the s390 and sparc porterboxes with the
> attached font. This bug is causing lilypond to FTBFS on those
> architecures.
> 
> You can demonstrate the failure by running:
> 
> $ fontforge -script feta20.pe feta20.pfb

> which then loops endlessly. The working squeeze version does the
> following for the exact same input.

Your testcase doesn't seem to loop anymore on zelenka.d.o with
0.0.20100501-2, but the attached (somewhat reduced) version does and
lilypond still failed to build with -2.

The endless loop happens around

#0  0x77af91c4 in ActiveEdgesRefigure (es=0x7fa197e4, active=0x84b590, i=1) at splinefill.c:520
#1  0x77b6f876 in SplineSetsCorrect (base=0x94293c, changed=0x7fa198d8) at splineutil2.c:4850
#2  0x77a77626 in bCorrectDirection (c=0x7fa19974) at scripting.c:5077
#3  0x77a88aac in docall (c=0x7fa1a30c, name=0x7fa19cd7 "CorrectDirection", val=0x7fa1a28c)
    at scripting.c:8791
#4  0x77a89114 in handlename (c=0x7fa1a30c, val=0x7fa1a28c) at scripting.c:8875
#5  0x77a8a8b8 in term (c=0x7fa1a30c, val=0x7fa1a28c) at scripting.c:9118
#6  0x77a8b2d4 in mul (c=0x7fa1a30c, val=0x7fa1a28c) at scripting.c:9263
#7  0x77a8b604 in add (c=0x7fa1a30c, val=0x7fa1a28c) at scripting.c:9308
#8  0x77a8bae8 in comp (c=0x7fa1a30c, val=0x7fa1a28c) at scripting.c:9383
#9  0x77a8bec4 in _and (c=0x7fa1a30c, val=0x7fa1a28c) at scripting.c:9426
#10 0x77a8c0ec in _or (c=0x7fa1a30c, val=0x7fa1a28c) at scripting.c:9457
#11 0x77a8c33c in assign (c=0x7fa1a30c, val=0x7fa1a28c) at scripting.c:9489
#12 0x77a8ca9c in expr (c=0x7fa1a30c, val=0x7fa1a28c) at scripting.c:9567
#13 0x77a8d8d6 in ff_statement (c=0x7fa1a30c) at scripting.c:9776
#14 0x77a8e24a in ProcessNativeScript (argc=4, argv=0x7fa1ac54, script=0x0) at scripting.c:9887
#15 0x77a8e950 in _CheckIsScript (argc=4, argv=0x7fa1ac54) at scripting.c:9979
#16 0x77a8eb44 in CheckIsScript (argc=4, argv=0x7fa1ac54) at scripting.c:10017
#17 0x0063b98a in main (argc=4, argv=0x7fa1ac54) at startui.c:1200

because it's trying to order NaN values, for which comparison is not
well defined if I understand correctly.

I think I've traced this to a use of an uninitialized variable
in ForceEndPointExtrema() / SPAdjustControl().  The relevant
part of the code has been modified upstream:

 http://fontforge.cvs.sourceforge.net/viewvc/fontforge/fontforge/fontforge/splineutil2.c?r1=1.172&r2=1.173

I'm attaching a patch derived from this. I have no idea if the other
changes in the same upstream commit are necessary.

As it's rather hard to test this properly on the porter box without
root access, I only checked that the test case stopped looping with the
patch. I don't pretend to understand the code and I don't see a test
suite, so this might just as well break everything for all I know.
Upstream should probably be involved.

Just in case anybody wants to conduct similar tests on zelenka.d.o:
beware of the RPATH setting in the objects in the build directory. I
managed to get debug symbols with
 CFLAGS="-g -O0" debian/rules build
or something like that, and then run the test case with

zelenka% chrpath -d /home/ntyni/fontforge-0.0.20100501/fontforge/.libs/fontforge
zelenka% LD_LIBRARY_PATH=/home/ntyni/fontforge-0.0.20100501/.libs   /home/ntyni/fontforge-0.0.20100501/fontforge/.libs/fontforge -script feta20.pe feta20.pfb

Hope this helps,
-- 
Niko Tyni   ntyni at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fontforge_failure.new.tgz
Type: application/x-gtar
Size: 132200 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-fonts-bugs/attachments/20101117/9b28a703/attachment-0001.tgz>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 594629.patch
Type: text/x-diff
Size: 443 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-fonts-bugs/attachments/20101117/9b28a703/attachment-0001.patch>


More information about the Pkg-fonts-bugs mailing list