Hi all,
I found that toll-free bridging of NSNumber to CFNumber crashes when using a
"small object" (aka tagged pointer):
NSNumber *num = @(42);
NSLog(@"Type: %ld", (long)CFNumberGetType((__bridge CFNumberRef)num));
Crashes like this:
* thread #1: tid = 27602, 0x00007fe328027ba0
libgnustep-corebase.so.0`CFNumberGetType [inlined]
CFNumberGetType_internal(num=0x0000000000000151) at CFNumber.c:204, name =
'test', stop reason = invalid address (fault address: 0x15b)
frame #0: 0x00007fe328027ba0 libgnustep-corebase.so.0`CFNumberGetType
[inlined] CFNumberGetType_internal(num=0x0000000000000151) at CFNumber.c:204
201 CF_INLINE CFNumberType
202 CFNumberGetType_internal(CFNumberRef num)
203 {
-> 204 return (CFNumberType)num->_parent._flags.info;
205 }
206
207 CF_INLINE CFIndex
Note that 0x151 is a small int object for 42. Replacing 42 with e.g. INT_MAX
(which doesn’t fit in a small object) makes the code work fine.
Could anyone with knowledge of the corebase / small objects internals take a
look at this, or point me in the right direction how to fix this?
Related, there currently doesn’t seem to be a way to report bugs on corebase.
Would it be possible to enable the bugtracker for the corebase GitHub project?
Thanks!
Frederik
