search

harfbuzz / harfbuzz_rs

A fully safe Rust wrapper for the harfbuzz text shaping library.
MIT License
51 stars 22 forks source link

"unsafe precondition(s) violated" querying tables from "Apple Color Emoji" #40

Open SamRodri opened 1 month ago

SamRodri commented 1 month ago

This code panics on macOS:

use std::sync::Arc;

fn main() {
    let (font, i) = find_system_font("Apple Color Emoji");
    let face = harfbuzz_rs::Face::from_bytes(&font, i);
    let _ = face.table_with_tag(b"GSUB").is_some();
}

fn find_system_font(name: &str) -> (Arc<Vec<u8>>, u32) {
    let font = font_kit::source::SystemSource::new()
        .select_best_match(
            &[font_kit::family_name::FamilyName::Title(name.to_owned())],
            &font_kit::properties::Properties::new(),
        )
        .unwrap();
    match font {
        font_kit::handle::Handle::Path { .. } => panic!("did not expect path"),
        font_kit::handle::Handle::Memory { bytes, font_index } => (bytes, font_index),
    }
}

Panic:

unsafe precondition(s) violated: slice::from_raw_parts requires the pointer to be aligned and non-null, and the total size of the slice not to exceed `isize::MAX`
stack backtrace:
   0: rust_begin_unwind
             at /rustc/9b00956e56009bab2aa15d7bff10916599e3d6d6/library/std/src/panicking.rs:645:5
   1: core::panicking::panic_nounwind_fmt::runtime
             at /rustc/9b00956e56009bab2aa15d7bff10916599e3d6d6/library/core/src/panicking.rs:110:18
   2: core::panicking::panic_nounwind_fmt
             at /rustc/9b00956e56009bab2aa15d7bff10916599e3d6d6/library/core/src/panicking.rs:123:9
   3: core::panicking::panic_nounwind
             at /rustc/9b00956e56009bab2aa15d7bff10916599e3d6d6/library/core/src/panicking.rs:156:5
   4: core::slice::raw::from_raw_parts::precondition_check
   5: core::slice::raw::from_raw_parts
   6: harfbuzz_rs::blob::Blob::get_data
   7: <harfbuzz_rs::blob::Blob as core::ops::deref::Deref>::deref
   8: harfbuzz_rs::face::Face::table_with_tag
   9: harfbuzz_issue::main
  10: core::ops::function::FnOnce::call_once

I think "Apple Color Emoji" does not have GSUB, so I expected false there.

I first encountered the issue here: https://github.com/zng-ui/zng/issues/242

Minimized issue crate here: https://github.com/SamRodri/harfbuzz-issue

SamRodri commented 1 month ago

I worked around the issue by not using harfbuzz_rs to query