Bug 70348

Summary: pixman_implementation_create_mmx crashes on win32
Product: pixman Reporter: M Welinder <terra>
Component: pixmanAssignee: Søren Sandmann Pedersen <soren.sandmann>
Status: RESOLVED FIXED QA Contact: Søren Sandmann Pedersen <soren.sandmann>
Severity: normal    
Priority: medium CC: mikkel
Version: 0.28.x   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:

Description M Welinder 2013-10-10 15:48:45 UTC 
See https://bugzilla.gnome.org/show_bug.cgi?id=709785 for full crash
report.  Partial stack trace reproduced below.

The code is cross-compiled from Linux with mingw.  -O0 or -O2 makes no
difference.  No crashes observed when running under wine.  Under actual
Windows (Vista -- don't ask) it reliably crashes.

Adding --disable-sse2 and --disable-mmx appears to work around the crash.

Wild guess: alignment.

Binary available at http://people.gnome.org/~mortenw/gnumeric/gnumeric-1.12.8-20131009-alpha.exe


Call stack below ---
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\Program Files\Gnumeric\1.12.8\bin\libpixman-1-0.dll - 
 # ChildEBP RetAddr  Args to Child              
WARNING: Stack unwind information not available. Following frames may be wrong.
00 045190ec 654b3699 099e80a8 0451914c 04519188 libpixman_1_0!pixman_implementation_create_mmx+0x3c3d9
01 045191ec 654b37c6 058917a0 058c1db8 00000000 libpixman_1_0!pixman_composite_glyphs_no_mask+0x746
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\Program Files\Gnumeric\1.12.8\bin\libcairo-2.dll - 
02 0451923c 68de89f6 00000003 058c1cf0 058c3d58 libpixman_1_0!pixman_composite_glyphs+0x9e
03 04519aec 68e4c5ca 058d18a8 00000002 058c1bd0 libcairo_2!cairo_font_options_get_hint_metrics+0x856f
04 04519b2c 68e49eda 68eb4160 058d18a8 04519bd4 libcairo_2!cairo_toy_font_face_get_weight+0x7f58
05 04519b9c 68e4c6c3 68eb4160 04519c44 68e4c560 libcairo_2!cairo_toy_font_face_get_weight+0x5868
06 04519bfc 68dd99f3 68eb4160 04519c44 05464c28 libcairo_2!cairo_toy_font_face_get_weight+0x8051
07 04519eec 68df0020 68eb4160 058d18a8 00000002 libcairo_2!cairo_rectangle_list_destroy+0x3a4b
08 04519f2c 68e33f5f 058d18a8 00000002 0451a074 libcairo_2!cairo_image_surface_get_stride+0x82d
09 04519fec 68e3a075 058d18a8 00000002 0451a074 libcairo_2!cairo_surface_has_show_text_glyphs+0x387
Comment 1 Søren Sandmann Pedersen 2013-10-10 16:12:25 UTC 
Can you try this branch:

    http://cgit.freedesktop.org/~sandmann/pixman/log/?h=stackrealign

If that fixes it, it's probably a dup of 

    https://bugs.freedesktop.org/show_bug.cgi?id=68300

and is indeed caused by stack alignment.
Comment 2 M Welinder 2013-10-10 16:39:44 UTC 
That looks promising, thanks.  Actually testing it will probably happen
mid-next-week.
Comment 3 Søren Sandmann Pedersen 2013-10-10 20:18:24 UTC 
Actually, please test this branch:

    http://cgit.freedesktop.org/~sandmann/pixman/log/?h=stackrealign2

instead.
Comment 4 M Welinder 2013-10-11 01:22:32 UTC 
Blindly relying on -mstackrealign might not be the way to go.  Here's a report
from 2011 that it causes stack corruption with -O.

http://lists.freedesktop.org/archives/mesa-commit/2011-February/028770.html
Comment 5 Søren Sandmann Pedersen 2013-10-12 19:37:02 UTC 
The only references to that stack corruption bug I can all ultimately come from the Mesa bug, so I'm not convinced it's a real issue. However, there are some other reasons that -mstackrealign may not be the way to go, so now I intend to just add more __force_align_arg_pointer__ attributes.

This branch, specifically:

    http://cgit.freedesktop.org/~sandmann/pixman/log/?h=stackrealign3
Comment 6 Fredy Paquet 2013-10-13 09:27:00 UTC 
I can confirm a similar crash running cross-compiled 32-Bit MinGW code on Windows XP with PIXMAN 0.30.2 / CAIRO 1.12.16.

Stack trace ends up in sse2_composite_add(). 
With the proposed workaround --disable-sse2 --disable-mmx the crash disappears.

The crash doesn't show up with PIXMAN 0.26.2.
Comment 7 Søren Sandmann Pedersen 2013-10-13 23:59:55 UTC 
(In reply to comment #6)
> I can confirm a similar crash running cross-compiled 32-Bit MinGW code on
> Windows XP with PIXMAN 0.30.2 / CAIRO 1.12.16.
> 
> Stack trace ends up in sse2_composite_add(). 
> With the proposed workaround --disable-sse2 --disable-mmx the crash
> disappears.
> 
> The crash doesn't show up with PIXMAN 0.26.2.

Please test this branch:


    http://cgit.freedesktop.org/~sandmann/pixman/log/?h=stackrealign3
Comment 8 M Welinder 2013-10-17 12:53:48 UTC 
confirming that adding just this patch from the stackrealign3 fixes
all crashes I can find:

http://cgit.freedesktop.org/~sandmann/pixman/commit/?h=stackrealign3&id=4978392c6d6d6e69bef3bb66ea53f41a58e8eafc
Comment 9 Søren Sandmann Pedersen 2013-10-17 15:16:53 UTC 
Fixed in master
Comment 10 Søren Sandmann Pedersen 2013-10-17 15:17:40 UTC 
*** Bug 68300 has been marked as a duplicate of this bug. ***

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.