[gs-bugs] [Bug 689756] process CPU spin then SIGSEGV when rendering user defined font

bugzilla-daemon at ghostscript.com bugzilla-daemon at ghostscript.com
Sat May 8 13:26:09 UTC 2010


--- Comment #13 from James Cloos <cloos at jhcloos.com> 2010-05-08 13:26:03 UTC ---
I forgot to add:

I also dont see why you see different font usage.

And running the icc_work branch with -dDisableFAPI=true also generates a SEGV,
after recursing through those same two functions, but with the extra bit at the
top (this particular build was configured with -O2 -ggdb):

#0  gdev_mem_open_scan_lines (mdev=0x89ca46c, setup_height=39) at
#1  0x08484512 in mem_open (dev=0x0) at ./base/gdevmem.c:400
#2  0x08436183 in gx_open_cache_device (dev=0x89ca46c, cc=0x8979c20) at
#3  0x08436820 in gx_alloc_char_bits (dir=0x8807bd4, dev=0x89ca46c, dev2=0x0,
    iheight=39, pscale=0xbf608c0c, depth=1, pcc=0xbf608c14) at
#4  0x08438704 in set_cache_device (penum=0x8998ccc, pgs=0x880f5d4,
    lly=-1035, urx=1891.0880296074722, ury=1703) at ./base/gxchar.c:605
#5  0x08438cdf in gx_show_text_set_cache (pte=0x8998ccc, pw=0xbf608d30, 
    control=TEXT_SET_CACHE_DEVICE) at ./base/gxchar.c:354
#6  0x084323f2 in gs_text_setcachedevice (pte=0x8998ccc, wbox=0xbf608d30)
    at ./base/gstext.c:641
#7  0x080b1b35 in zchar_set_cache (i_ctx_p=0x881fcf8, pbfont=0x89769dc,
    psb=0x0, pwidth=0xbf60b81c, pbbox=0xbf60b830, cont=0x80affe0
    exec_cont=0xbf60b8ec, Metrics2_sbw_default=0x0) at ./psi/zcharout.c:276
#8  0x080af916 in type1exec_bbox (i_ctx_p=0x881fcf8, penum=<value optimized
    pcxs=<value optimized out>, pfont=0x89769dc, exec_cont=0xbf60b8ec) at
#9  0x080b033b in bbox_draw (i_ctx_p=0x881fcf8, draw=<value optimized out>, 
    exec_cont=0xbf60b8ec) at ./psi/zchar1.c:661
#10 0x080b0450 in bbox_stroke (i_ctx_p=0x881fcf8) at ./psi/zchar1.c:682
#11 0x080b0012 in bbox_finish_stroke (i_ctx_p=0x881fcf8) at ./psi/zchar1.c:500
#12 0x080b0462 in bbox_stroke (i_ctx_p=0x881fcf8) at ./psi/zchar1.c:684
#13 0x080b0012 in bbox_finish_stroke (i_ctx_p=0x881fcf8) at ./psi/zchar1.c:500
#14 0x080b0462 in bbox_stroke (i_ctx_p=0x881fcf8) at ./psi/zchar1.c:684

One interesting point I noticed looking at bbox_stroke() and
bbox_finish_stoke() is that the former calls the function pointed to by
exec_cont like:

        code = (*exec_cont)(i_ctx_p);

whereas the latter uses:

        code = exec_cont(i_ctx_p);

The fill functions do the same thing.


Configure bugmail: http://bugs.ghostscript.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

More information about the gs-bugs mailing list