Bug 687459

Summary: gs 8.14 or later gets segv when it tries to render the 2nd page of the Japanese PS w/ Japanese TrueType fonts
Product: Ghostscript Reporter: Masayuki Hatta <mhatta>
Component: Font APIAssignee: Ray Johnston <ray.johnston>
Status: NOTIFIED FIXED    
Severity: critical CC: gsview, ralph.giles
Priority: P2    
Version: master   
Hardware: PC   
OS: Linux   
Customer: Word Size: ---
Attachments: Sample Japanese PS
Sample cidfmap

Description Masayuki Hatta 2004-05-08 09:05:18 UTC 
Seems very similar to Bug 687063, but I got different error.  I set the severity
"major" since this bug makes gs8 almost useless for most of Japanese (or maybe
other CJKV people) since many people only own TrueType fonts, not CID ones.

The situation: When I give Japanese PS files to gs 8.14 (or CVS HEAD), it can
render the 1st page of the document nicely.  However, if I tap Enter and make gs
render the 2nd page, gs got "Memory fault".  This happens only when I use
Japanese TrueType fonts (notably ms*.ttc).  w/ CID fonts seems work.

gdb shows:

Program received signal SIGSEGV, Segmentation fault.
0x0823df2d in gs_get_glyph_data_cached (pfont=0x850a004, glyph_index=10735,
    pgd=0xbfffe380) at src/gsgcache.c:168
168                 e->gd.procs->free(&e->gd, "gs_get_glyph_data_cached");

And the backtrace goes like this:

#0  0x0823df2d in gs_get_glyph_data_cached (pfont=0x850a004,
    glyph_index=10735, pgd=0xbfffe380) at src/gsgcache.c:168
#1  0x08070e40 in gs_type42_default_get_metrics (pfont=0x850a004,
    glyph_index=10735, wmode=0, sbw=0xbfffe410) at src/gstype42.c:655
#2  0x08070fa2 in gs_type42_wmode_metrics (pfont=0x850a004, glyph_index=10735,
    wmode=0, sbw=0xbfffe410) at src/gstype42.c:687
#3  0x0806e41f in zchar42_set_cache (i_ctx_p=0x83995c0, pbfont=0x850a004,
    cnref=0x838dd1c, glyph_index=10735, cont=0x806e7d3 <type42_fill>,
    exec_cont=0xbfffe4ac, put_lsb=1) at src/zchar42.c:56
#4  0x0806e7ab in ztype42execchar (i_ctx_p=0x83995c0) at src/zchar42.c:144
#5  0x080bbe5e in interp (pi_ctx_p=0x8376224, pref=0xbfffeb28,
    perror_object=0xbfffebe8) at src/interp.c:1492
#6  0x080b9b6f in gs_call_interp (pi_ctx_p=0x8376224, pref=0xbfffeb28,
    user_errors=1, pexit_code=0xbfffebf4, perror_object=0xbfffebe8)
    at src/interp.c:487
#7  0x080b9a1f in gs_interpret (pi_ctx_p=0x8376224, pref=0xbfffeb28,
    user_errors=1, pexit_code=0xbfffebf4, perror_object=0xbfffebe8)
    at src/interp.c:445

Let me know if you need more information.  I'm using Debian GNU/Linux.
Comment 1 Jack Moffitt 2004-05-12 08:43:25 UTC 
We'll need a sample file in order to reproduce this.  Please attach one here.
Comment 2 Masayuki Hatta 2004-05-12 17:15:44 UTC 
Created attachment 660 [details]
Sample Japanese PS

A sample Japanese PS file (11 pages long).  GNU GS 7.07 and ESP GS 7.07.1 can
handle it  (GPL GS 8.01 doesn't have any CJK TTF support, so it can't), but
AFPL GS 8.14 or CVS HEAD (pre 8.30) can only render the 1st page and gets SEGV
when it tries to render the 2nd.
Comment 3 Masayuki Hatta 2004-05-12 17:20:21 UTC 
Created attachment 661 [details]
Sample cidfmap

Here's a sample cidfmap I'm using.
Comment 4 Masayuki Hatta 2004-05-12 17:24:37 UTC 
OK, I submitted sample files.  Do you also need Japanese TrueType fonts?  I can
lend them if you need.
Anyway, looks like garbage collecting got corrupted at somewhere...
Comment 5 Russell Lang 2004-10-28 23:35:06 UTC 
I can reproduce this on Windows with CVS HEAD (just after 8.32 release) 
compiled with MSVC++ 6.  I get the same stack trace as mhatta.
Using -Z$@? will cause it to crash earlier during a restore.
Comment 6 Ray Johnston 2004-11-13 11:57:40 UTC 
Lots of problems turned up with this.

I've fixed them now and will commit after a regression run (since the
changes were rather widely dispersed in the font machinery).
Comment 7 Ray Johnston 2004-11-14 21:03:44 UTC 
OK. I've developed the fix(es) for this. There were several problems, in layers,
that I had to address. The patch is described in the CVS commit:

   http://ghostscript.com/pipermail/gs-cvs/2004-November/005016.html

I did run regression tests, but please let me know of any problems.