Closed
Bug 106891
Opened 23 years ago
Closed 23 years ago
enable-optimize=-O2 crash in imgContainer::AppendFrame
Categories
(Core :: Graphics: ImageLib, defect)
Tracking
()
VERIFIED
FIXED
People
(Reporter: spam, Assigned: pavlov)
Details
(Keywords: crash)
Attachments
(3 files)
1.70 KB,
patch
|
pavlov
:
review+
|
Details | Diff | Splinter Review |
2.02 KB,
patch
|
brendan
:
review+
brendan
:
superreview+
|
Details | Diff | Splinter Review |
2.18 KB,
patch
|
pavlov
:
review+
brendan
:
superreview+
|
Details | Diff | Splinter Review |
my CVS build has been crashing since around the checkin for bug 106212 The crash occures when attempting to load any webpage. A current clobbered build still crashes. Building on RH7.1 with all erratas and config. I'm aware that gcc 2.96-85 is considered rouge, and is unsupported by the project. Thus I'm filing this with severity trivial. The bug prevents me from using Mozilla, however, so to me it's a complete blocker. ac_add_options --disable-accessibility ac_add_options --disable-bidi ac_add_options --enable-strip ac_add_options --disable-ldap ac_add_options --disable-dtd-debug ac_add_options --disable-debug ac_add_options --disable-tests ac_add_options --disable-logging ac_add_options --enable-crypto ac_add_options --enable-optimize=-O2 ac_add_options --disable-jsd ac_add_options --disable-venkman mk_add_options --mcpu=i686 mk_add_options --march=i686 Backtrace from non-debug: #0 0x41025909 in imgContainer::AppendFrame () from libimglib2.so #1 0x41ff5aac in HaveDecodedRow () from libimggif.so #2 0x41ff3f2c in output_row () from libimggif.so #3 0x41ff427e in do_lzw () from libimggif.so #4 0x41ff46ec in gif_write () from libimggif.so #5 0x41ff57b6 in nsGIFDecoder2::ProcessData () from libimggif.so #6 0x41ff5647 in ReadDataOut () from libimggif.so #7 0x40121d4f in nsPipe::nsPipeInputStream::ReadSegments () at eval.c:41 #8 0x41ff5819 in nsGIFDecoder2::WriteFrom () from libimggif.so #9 0x4102921b in imgRequest::OnDataAvailable () from libimglib2.so #10 0x41027ea1 in ProxyListener::OnDataAvailable () from libimglib2.so #11 0x408306fb in nsJARChannel::OnDataAvailable () from libnecko.so #12 0x407fafaa in nsOnDataAvailableEvent::HandleEvent () from libnecko.so #13 0x407ee5c3 in nsARequestObserverEvent::HandlePLEvent () from libnecko.so #14 0x40137f3b in PL_HandleEvent () at eval.c:41 #15 0x4013834b in PL_ProcessEventsBeforeID () at eval.c:41 #16 0x40c985e3 in processQueue () from libwidget_gtk.so #17 0x4010896f in nsVoidArray::EnumerateForwards () at eval.c:41 #18 0x40c98620 in nsAppShell::ProcessBeforeID () from libwidget_gtk.so #19 0x40c9eb86 in handle_gdk_event () from libwidget_gtk.so #20 0x4034816b in gdk_event_dispatch (source_data=0x0, current_time=0xbffff300, user_data=0x0) at gdkevents.c:2139 #21 0x40379055 in g_main_dispatch (dispatch_time=0xbffff300) at gmain.c:656 #22 0x40379659 in g_main_iterate (block=1, dispatch=1) at gmain.c:877 #23 0x403797e8 in g_main_run (loop=0x8169de0) at gmain.c:935 #24 0x4028d65b in gtk_main () at gtkmain.c:524 #25 0x40c98365 in nsAppShell::Run () from libwidget_gtk.so #26 0x40728492 in nsAppShellService::Run () from libnsappshell.so #27 0x08050880 in main1 () at eval.c:41 #28 0x0805117d in main () at eval.c:41 #29 0x404c1627 in __libc_start_main (main=0x8051044 <main>, argc=1, ubp_av=0xbffff714, init=0x804b5cc <_init>, fini=0x8051e8c <_fini>, rtld_fini=0x4000dcd4 <_dl_fini>, stack_end=0xbffff70c) at ../sysdeps/generic/libc-start.c:129
I'm seeing this with gcc 3.0.1, with -O2, but not in a -g without optimization. Putting printfs at various points caused the crash to go away. I did have a printf at one point confirm that a getter_AddRefs() passed to an inline function was ending up with null when it shouldn't have, though.
Adding to summary + default crash severity. Gcc 3.0.1 is an official release.
Severity: trivial → critical
Summary: crash in imgContainer::AppendFrame → enable-optimize=-O2 crash in imgContainer::AppendFrame
Comment 3•23 years ago
|
||
#0 0x8718e32 in _ZN12imgContainer11AppendFrameEP14gfxIImageFrame () -O3 gcc 3.0.1 over here
The problem is the inlining of inlineGetFrameAt. I'll attach a patch that un-inlines it.
Assignee | ||
Comment 6•23 years ago
|
||
Comment on attachment 55292 [details] [diff] [review] patch r=pavlov
Attachment #55292 -
Flags: review+
Comment 7•23 years ago
|
||
Hey pav, shouldn't this method be deCOMtaminated? Maybe doing so would dodge the gcc -O2 bug, in addition to making it faster. /be
Comment 8•23 years ago
|
||
Confirm that patch fixes crash problems for me with gcc 2.96-85 on RH 7.0 (thanks rkaa for pointing me to this bug ;)
Thanks to David Baron for the patch, not least. Is there any reason why this isn't checked in? It would be a good emergency fix and I suspect there is an unhappy little crowd of us "hobby builders" out there right now.
Comment 10•23 years ago
|
||
Does gcc 3.0.2 also have the bug ? (I'd check myself, but build times ...)
Comment 11•23 years ago
|
||
sr=brendan@mozilla.org on any short-term crash cure, but I think we can do better, possibly by deCOMifying. /be
Comment 12•23 years ago
|
||
Confirmed compiler bug still present with gcc 3.0.2
Checked in 2001-10-28 13:02 PDT.
Comment 15•23 years ago
|
||
Comment on attachment 55469 [details] [diff] [review] same patch, but |#ifdef __GNUC__| sr=brendan@mozilla.org with r= carried over from last attachment. /be
Attachment #55469 -
Flags: superreview+
Attachment #55469 -
Flags: review+
Comment 16•23 years ago
|
||
with gcc 3.0.2, it still crashes with -O3 but works with -O2. -however-, now here's something stupid. add "for(x=0; x<5; x++);" as shown and it will happily render webpages all day long. don't ask me why a loop that should get optimized out fixes it, just bless the chicken i waved around. (other things fix it too, printf(""), fflush(stdout), etc, etc). { *_retval = NS_STATIC_CAST(gfxIImageFrame*, mFrames.ElementAt(index)); + for(int x=1; x<10; x++); if (!*_retval) return NS_ERROR_FAILURE; return NS_OK; } i would/should take it up with the gcc folk, but i have other work to do which is getting pressing. -d p.s. i hope you enjoy the humor of this
Comment 17•23 years ago
|
||
Ulrich Drepper has posted a patch to http://bugzilla.mozilla.org/show_bug.cgi?id=94375 that fixes the -O3 problem - does anyone want to check that it doesn't break this one again?
Comment 18•23 years ago
|
||
Patch based off Ulrich Drepper work and is in the form for r/sr. This patch also removes all the ugly _GNUC_ and CANT_INLINE_GETTER hacks from the previous patches. Currently works perfectly with -O3 on gcc-3.0.2 and doesnt regress any part of this bug.
Assignee | ||
Comment 19•23 years ago
|
||
Comment on attachment 58196 [details] [diff] [review] patch to fix properly r=pavlov
Attachment #58196 -
Flags: review+
Updated•23 years ago
|
Attachment #58196 -
Flags: superreview+
Assignee | ||
Comment 20•23 years ago
|
||
fix checked in. thanks
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•