KOReader crashes when opening epub with embedded fonts

[sladflob]

• KOReader version: v2020.06-60
• Device: Kobo Aura One

Issue

When opening some ePub with embedded fonts, KOReader crashes with the following message:

CRE: document loaded, but styles re-init needed (cause: embedded fonts) CRE: styles re-init needed after load, re-rendering Segmentation fault !!!! Uh oh, something went awry... (Crash n°1: 07/19/20 @ 14:03:07)

If I open the epub with the stable release v2020.06 the book opens fine.
If I remove the embedded font information with Calibre the book also opens fine in v2020.06-60.

Steps to reproduce

Open attached embedded_font_crash_scrambled.epub file

embedded_font_crash_scrambled.zip

crash.log (if applicable)

crash.log

[poire-z]

Thanks. Reproduced:

Invalid read of size 8
   ldomDataStorageManager::getChunk(unsigned int) (lvtinydom.cpp:2615)
   ldomDataStorageManager::setRendRectData(unsigned int, lvdomElementFormatRec const*) (lvtinydom.cpp:2719)
   ldomNode::clearRenderDataRecursive() (lvtinydom.cpp:15607)
   ldomDocument::render(LVRendPageList*, LVDocViewCallback*, int, int, bool, int, LVProtectedFastRef<LVFont>, int, LVFastRef<CRPropAccessor>) (lvtinydom.cpp:4553)
   LVDocView::Render(int, int, LVRendPageList*) (lvdocview.cpp:2780)
   renderDocument(lua_State*) (cre.cpp:674)
Address 0x0 is not stack'd, malloc'd or (recently) free'd

Process terminating with default action of signal 11 (SIGSEGV)
 Access not within mapped region at address 0x0
   ldomDataStorageManager::getChunk(unsigned int) (lvtinydom.cpp:2615)
   ldomDataStorageManager::setRendRectData(unsigned int, lvdomElementFormatRec const*) (lvtinydom.cpp:2719)
   ldomNode::clearRenderDataRecursive() (lvtinydom.cpp:15607)
   ldomDocument::render(LVRendPageList*, LVDocViewCallback*, int, int, bool, int, LVProtectedFastRef<LVFont>, int, LVFastRef<CRPropAccessor>) (lvtinydom.cpp:4553)
   LVDocView::Render(int, int, LVRendPageList*) (lvdocview.cpp:2780)
   renderDocument(lua_State*) (cre.cpp:674)

Involves a new method I added in koreader/crengine@ff3640d

[poire-z]

@Frenzie : I have some fix for this (and #6391). Not really sure when this crash triggers, as it doesn't on some of my books with embedded fonts - but it surely will on some books.
Do you want these fixes in 2020.07 ? Which will mean bumping also the FB2 tweaks from koreader/crengine#357 - which will also comes with small frontend changes - so essentially delaying 2020.07 by a few more days?
Or are we ok with 2020.07 possibly crashing on some books - and we can get all that fixed and carefully tested for 2020.08? :)

[Frenzie]

@poire-z If it's grave enough, sure.

PS I was seconds away from clicking publish.

[poire-z]

I don't know how grave - it's the first report since 14th days the impacting change is in our nightlies :)
So, dunno, I don't like much doing things in a hurry - and given the amount of recent changes, we might soon have a 2020.07.1 , so I might as well get that ready cleanly for in a few days :)

[Frenzie]

And… published. ;-)

[poire-z]

OK, I believe this crash should be rare. The book needs to have embedded font defined in the <HTML><HEAD> part of a html fragment.
This book had it in the last fragment OEBPS/Text/next-reads.xhtml:

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" lang="en-US" xml:lang="en-US">
  <head>
    <title>Scrambled</title>
    <style>
@font-face {font-family: 'Shift Light'; font-style: normal; font-weight: bold; src: url('../Fonts/Shift-Bold.otf');}
@font-face {font-family: 'Shift Light'; font-style: italic; font-weight: bold; src: url('../Fonts/Shift-BoldItalic.otf');}

Most books have them defined in some stylesheet.css, which wouldn't crash.

[sladflob]

Seems like it affects about 10% of the 200 or so books on my Kobo so not that rare, but I can work around it with Calibre.