[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Devel] Memory corruption [Symbian]?
From: |
Fernando Papa |
Subject: |
Re: [Devel] Memory corruption [Symbian]? |
Date: |
Sun, 12 Sep 2004 05:21:02 -0300 |
*****
You may want to skip to the last few lines.
*****
>Have you read the file docs/DEBUG? Maybe you can use
>some of the tracing utilities.
Here is the log. Can't find anything wrong, but don't
understand a thing, either.
Sorry about the format, no printf here, I had to plug
my logging code. Hope I got the maximum trace level
right, as I had to make some changes in order to get
rid of the non-const un/initialized-data used by the
debugging code.
ft-current-20040910.
ftmodule.h:
FT_USE_MODULE(tt_driver_class)
FT_USE_MODULE(ft_raster1_renderer_class)
FT_USE_MODULE(sfnt_module_class)
FT_USE_MODULE(ft_smooth_renderer_class)
trebuc.ttf 65100 bytes long, from w2k pro "Trebuchet MSVersion 1.15"
(here is Nokia 3650's output; scroll 100 lines to
see the simulator's output)
*****NEXT LINE: FT_Init_FreeType(&library).
FT_Alloc:
size = 196, block = 0x0x40bc2c, ref = 0x0x403f20.
FT_Alloc:
size = 16384, block = 0x0x40bcf4, ref = 0x0x40bcd8.
FT_Alloc:
size = 76, block = 0x0x40fcf8, ref = 0x0x403f10.
FT_Alloc:
size = 88, block = 0x0x40fd48, ref = 0x0x403efc.
FT_Alloc:
size = 0, block = 0x0x000000, ref = 0x0x40fd70.
FT_Alloc:
size = 72, block = 0x0x40fda4, ref = 0x0x403f10.
FT_Alloc:
size = 12, block = 0x0x405a34, ref = 0x0x403ef0.
FT_Alloc:
size = 2060, block = 0x0x40fdf0, ref = 0x0x403ed8.
FT_Alloc:
size = 20, block = 0x0x40711c, ref = 0x0x403f10.
FT_Alloc:
size = 72, block = 0x0x410600, ref = 0x0x403f10.
FT_Alloc:
size = 12, block = 0x0x41064c, ref = 0x0x403ef0.
FT_Alloc:
size = 1388, block = 0x0x41065c, ref = 0x0x403edc.
*****NEXT LINE: FT_New_Memory_Face(library, trebuc, 65100, 0, &face).
FT_Alloc:
size = 40, block = 0x0x410bcc, ref = 0x0x403ec4.
FT_Alloc:
size = 708, block = 0x0x410bf8, ref = 0x0x403eb8.
FT_Alloc:
size = 52, block = 0x0x410ec0, ref = 0x0x403eb4.
tt_face_load_sfnt_header: 0x410bf8, 0.
tt_face_load_directory: 0x410bf8.
-- Tables count: 19.
-- Format version: 00010000.
FT_QAlloc:
size = 304, block = 0x0x410ef8, ref = 0x0x410c94.
DSIG - 0000ea2c - 00001420.
LTSH - 0000132c - 00000139.
OS/2 - 000001b8 - 00000056.
VDMX - 00001468 - 000005e0.
cmap - 00000ca8 - 00000416.
cvt - 0000211c - 0000013c.
fpgm - 00001bdc - 00000540.
gasp - 00000210 - 00000010.
glyf - 00004cfc - 00009654.
hdmx - 0000272c - 000025d0.
head - 0000013c - 00000036.
hhea - 00000174 - 00000024.
hmtx - 00002258 - 000004d4.
kern - 0000e754 - 000002d6.
loca - 000010c0 - 0000026c.
maxp - 00000198 - 00000020.
name - 00000220 - 00000a85.
post - 0000e350 - 00000401.
prep - 00001a48 - 00000192.
Directory loaded..
tt_face_lookup_table: 0x410bf8, `glyf' --
found table..
tt_face_load_generic_header: 0x410bf8, looking up font table `head'..
tt_face_lookup_table: 0x410bf8, `head' --
found table..
Units per EM: 2048.
IndexToLoc: 0.
tt_face_load_generic_header: Font table loaded..
Load_TT_MaxProfile: 0x410bf8.
tt_face_lookup_table: 0x410bf8, `maxp' --
found table..
MAXP loaded..
tt_face_lookup_table: 0x410bf8, `cmap' --
found table..
`cmap' table loaded.
Names
tt_face_lookup_table: 0x410bf8, `name' --
found table..
FT_Alloc:
size = 860, block = 0x0x41102c, ref = 0x0x410d60.
loaded.
PostScript
tt_face_lookup_table: 0x410bf8, `post' --
found table..
loaded.
Horizontal header
tt_face_lookup_table: 0x410bf8, `hhea' --
found table..
loaded.
TT_Load_Horizontal_Metrics: 0x410bf8.
tt_face_lookup_table: 0x410bf8, `hmtx' --
found table..
FT_QAlloc:
size = 1236, block = 0x0x41138c, ref = 0x0x410cf4.
FT_QAlloc:
size = 0, block = 0x0x000000, ref = 0x0x410cf8.
loaded.
Vertical header
tt_face_lookup_table: 0x410bf8, `vhea' --
could not find table!.
OS/2 Table
tt_face_lookup_table: 0x410bf8, `OS/2' --
found table..
loaded.
tt_face_lookup_table: 0x410bf8, `hdmx' --
found table..
FT_QAlloc:
size = 248, block = 0x0x411864, ref = 0x0x410e18.
FT_QAlloc:
size = 309, block = 0x0x411960, ref = 0x0x411868.
FT_QAlloc:
size = 309, block = 0x0x411a9c, ref = 0x0x411870.
FT_QAlloc:
size = 309, block = 0x0x411bd8, ref = 0x0x411878.
FT_QAlloc:
size = 309, block = 0x0x411d14, ref = 0x0x411880.
FT_QAlloc:
size = 309, block = 0x0x411e50, ref = 0x0x411888.
FT_QAlloc:
size = 309, block = 0x0x411f8c, ref = 0x0x411890.
FT_QAlloc:
size = 309, block = 0x0x4120c8, ref = 0x0x411898.
FT_QAlloc:
size = 309, block = 0x0x412204, ref = 0x0x4118a0.
FT_QAlloc:
size = 309, block = 0x0x412340, ref = 0x0x4118a8.
FT_QAlloc:
size = 309, block = 0x0x41247c, ref = 0x0x4118b0.
FT_QAlloc:
size = 309, block = 0x0x4125b8, ref = 0x0x4118b8.
FT_QAlloc:
size = 309, block = 0x0x4126f4, ref = 0x0x4118c0.
FT_QAlloc:
size = 309, block = 0x0x412830, ref = 0x0x4118c8.
FT_QAlloc:
size = 309, block = 0x0x41296c, ref = 0x0x4118d0.
FT_QAlloc:
size = 309, block = 0x0x412aa8, ref = 0x0x4118d8.
FT_QAlloc:
size = 309, block = 0x0x412be4, ref = 0x0x4118e0.
FT_QAlloc:
size = 309, block = 0x0x412d20, ref = 0x0x4118e8.
FT_QAlloc:
size = 309, block = 0x0x412e5c, ref = 0x0x4118f0.
FT_QAlloc:
size = 309, block = 0x0x412f98, ref = 0x0x4118f8.
FT_QAlloc:
size = 309, block = 0x0x4130d4, ref = 0x0x411900.
FT_QAlloc:
size = 309, block = 0x0x413210, ref = 0x0x411908.
FT_QAlloc:
size = 309, block = 0x0x41334c, ref = 0x0x411910.
FT_QAlloc:
size = 309, block = 0x0x413488, ref = 0x0x411918.
FT_QAlloc:
size = 309, block = 0x0x4135c4, ref = 0x0x411920.
FT_QAlloc:
size = 309, block = 0x0x413700, ref = 0x0x411928.
FT_QAlloc:
size = 309, block = 0x0x41383c, ref = 0x0x411930.
FT_QAlloc:
size = 309, block = 0x0x413978, ref = 0x0x411938.
FT_QAlloc:
size = 309, block = 0x0x413ab4, ref = 0x0x411940.
FT_QAlloc:
size = 309, block = 0x0x413bf0, ref = 0x0x411948.
FT_QAlloc:
size = 309, block = 0x0x413d2c, ref = 0x0x411950.
FT_QAlloc:
size = 309, block = 0x0x413e68, ref = 0x0x411958.
tt_face_load_gasp: 0x410bf8.
tt_face_lookup_table: 0x410bf8, `gasp' --
found table..
number of ranges = 3.
FT_QAlloc:
size = 12, block = 0x0x413fa4, ref = 0x0x403e4c.
[max:8 flag:2]
[max:16 flag:1]
[max:65535 flag:3]
.
GASP loaded.
tt_face_lookup_table: 0x410bf8, `kern' --
found table..
FT_QAlloc:
size = 944, block = 0x0x413fb4, ref = 0x0x410ea4.
PCLT
tt_face_lookup_table: 0x410bf8, `PCLT' --
could not find table!.
missing (optional).
FT_QAlloc:
size = 24, block = 0x0x414368, ref = 0x0x411140.
FT_Alloc:
size = 13, block = 0x0x414384, ref = 0x0x403e3c.
FT_QAlloc:
size = 14, block = 0x0x414398, ref = 0x0x411154.
FT_Alloc:
size = 8, block = 0x0x4143ac, ref = 0x0x403e3c.
FT_Alloc:
size = 20, block = 0x0x4143b8, ref = 0x0x403dc0.
FT_Alloc:
size = 4, block = 0x0x407150, ref = 0x0x410c20.
FT_Alloc:
size = 20, block = 0x0x4143d0, ref = 0x0x403dc0.
[crash -- access violation -- the logging code does
not do any buffering and is writing directly to
phone RAM, so no log lines were lost]
Also tried with Tahoma, and it crashes exactly at
the same point: 7 FT_Alloc/FT_QAlloc after not
finding PCLT table. The size allocated is also
the same for the last 5 q/allocs.
Here's the output for the simulator (trebuc.ttf) :
( FT_Init_FreeType & FT_New_Memory_Face only, lowered
logging level to 6 to avoid the alloc clutter)
NEXT LINE: FT_Init_FreeType(&library)
NEXT LINE: FT_New_Memory_Face(library, trebuc, 65100, 0, &face)
tt_face_load_sfnt_header: 0x1004ea90, 0
tt_face_load_directory: 0x1004ea90
-- Tables count: 19
-- Format version: 00010000
DSIG - 0000ea2c - 00001420
LTSH - 0000132c - 00000139
OS/2 - 000001b8 - 00000056
VDMX - 00001468 - 000005e0
cmap - 00000ca8 - 00000416
cvt - 0000211c - 0000013c
fpgm - 00001bdc - 00000540
gasp - 00000210 - 00000010
glyf - 00004cfc - 00009654
hdmx - 0000272c - 000025d0
head - 0000013c - 00000036
hhea - 00000174 - 00000024
hmtx - 00002258 - 000004d4
kern - 0000e754 - 000002d6
loca - 000010c0 - 0000026c
maxp - 00000198 - 00000020
name - 00000220 - 00000a85
post - 0000e350 - 00000401
prep - 00001a48 - 00000192
Directory loaded
tt_face_lookup_table: 0x1004ea90, `glyf' --
found table.
tt_face_load_generic_header: 0x1004ea90, looking up font table `head'.
tt_face_lookup_table: 0x1004ea90, `head' --
found table.
Units per EM: 2048
IndexToLoc: 0
tt_face_load_generic_header: Font table loaded.
Load_TT_MaxProfile: 0x1004ea90
tt_face_lookup_table: 0x1004ea90, `maxp' --
found table.
MAXP loaded.
tt_face_lookup_table: 0x1004ea90, `cmap' --
found table.
`cmap' table loaded
Names
tt_face_lookup_table: 0x1004ea90, `name' --
found table.
loaded
PostScript
tt_face_lookup_table: 0x1004ea90, `post' --
found table.
loaded
Horizontal header
tt_face_lookup_table: 0x1004ea90, `hhea' --
found table.
loaded
TT_Load_Horizontal_Metrics: 0x1004ea90
tt_face_lookup_table: 0x1004ea90, `hmtx' --
found table.
loaded
Vertical header
tt_face_lookup_table: 0x1004ea90, `vhea' --
could not find table!
OS/2 Table
tt_face_lookup_table: 0x1004ea90, `OS/2' --
found table.
loaded
tt_face_lookup_table: 0x1004ea90, `hdmx' --
found table.
tt_face_load_gasp: 0x1004ea90
tt_face_lookup_table: 0x1004ea90, `gasp' --
found table.
number of ranges = 3
[max:8 flag:2]
[max:16 flag:1]
[max:65535 flag:3]
GASP loaded
tt_face_lookup_table: 0x1004ea90, `kern' --
found table.
PCLT
tt_face_lookup_table: 0x1004ea90, `PCLT' --
could not find table!
missing (optional)
Locations
tt_face_lookup_table: 0x1004ea90, `loca' --
found table.
(16bit offsets): 310
loaded
CVT
tt_face_lookup_table: 0x1004ea90, `cvt ' --
found table.
loaded
Font program
tt_face_lookup_table: 0x1004ea90, `fpgm' --
found table.
loaded, 1344 bytes
Prep program
tt_face_lookup_table: 0x1004ea90, `prep' --
found table.
loaded, 402 bytes
FT_Open_Face: New face object, adding to list
FT_Open_Face: Creating glyph slot
FT_New_GlyphSlot: Creating new slot object
FT_New_GlyphSlot: Return 0
FT_Open_Face: Creating size object
Init_Context: new object at 0x0x10053658, parent = 0x0x1004ea90
FT_Open_Face: Return 0
*****
I added a few traces and found the following:
sfobjs.c : sfnt_load_face()
.....
FT_Face root = &face->root;
..... added trace("root=%d\n", root) everywhere
the following line corrupts root :
tt_face_build_cmaps( face );
A trace(root) after that line reports a different
value (often 0) than the first one. trace(face)
reports that it has also changed... so we have stack
corruption. (sort of, seems just the sp is affected)
Just tried on VC++ and root isn't corrupted.
The setjmp stuff on tt_face_build_cmaps is causing
the trouble. I can't suggest a fix as I don't have
the slightest idea on what the code is supposed to do.
Regards,
Fernando.
[Devel] FT_PtrDist is badly defined and should be abolished, Graham Asher, 2004/09/13