Closed Bug 1424206 Opened 7 years ago Closed 6 years ago

thunderbird-52.5.0/mozilla/gfx/2d/DrawTargetTiled.cpp:162:1: internal compiler error: Segmentation fault

Categories

(Core :: Graphics: Canvas2D, defect, P3)

Product:
Core
Component:
Graphics: Canvas2D
Version:
52 Branch
Type:
defect

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: mmokrejs, Unassigned)

Details

(Whiteboard: [gfx-noted])

Attachments

(2 files)

Bug 1424206 - Do not use __builtin_expect when compiling with GCC < 6
59 bytes, text/x-review-board-request
Details
Workaround approach #2
1.02 KB, patch
Details | Diff | Splinter Review
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0 Build ID: 20171022220103 Steps to reproduce: Hi, I cannot compile seamonkey/firefox with gcc-4.9.4 with -O2 as it is crashing: /usr/bin/x86_64-pc-linux-gnu-g++ -std=gnu++11 -o Unified_cpp_gfx_2d0.o -c -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/seamonk/dist/stl_wrappers -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/seamonk/dist/system_wrappers -include /scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/config/gcc_hidden.h -DDEBUG=1 -DTRACING=1 -DUSE_SSE2 -DOS_POSIX=1 -DOS_LINUX=1 -DUSE_CAIRO -DMOZ2D_HAS_MOZ_CAIRO -DMOZ_ENABLE_FREETYPE -DSTATIC_EXPORTABLE_JS_API -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/2d -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/seamonk/gfx/2d -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/seamonk/ipc/ipdl/_ipdlheaders -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/ipc/chromium/src -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/ipc/glue -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/skia -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/skia/skia/include/config -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/skia/skia/include/core -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/skia/skia/include/gpu -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/skia/skia/include/utils -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/skia/skia/include/private -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/skia/skia/src/core -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/skia/skia/src/image -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/skia/skia/src/gpu -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/seamonk/dist/include -I/usr/include/nspr -I/usr/include/nss -fPIC -DMOZILLA_CLIENT -include /scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/seamonk/mozilla-config.h -MD -MP -MF .deps/Unified_cpp_gfx_2d0.o.pp -Wall -Wc++11-compat -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wsign-compare -Wtype-limits -Wunreachable-code -Wwrite-strings -Wno-invalid-offsetof -Wno-error=maybe-uninitialized -Wno-error=deprecated-declarations -Wno-error=array-bounds -pipe -mpclmul -mpopcnt -march=native -ftree-vectorize -mno-avx -fno-exceptions -fno-strict-aliasing -fno-rtti -fno-exceptions -fno-math-errno -pthread -pipe -g -O2 -fno-omit-frame-pointer -Wno-error=shadow -I/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/seamonk/dist/include/cairo -I/usr/include/freetype2 -I/usr/include/freetype2 /scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/seamonk/gfx/2d/Unified_cpp_gfx_2d0.cpp In file included from /scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/seamonk/gfx/2d/Unified_cpp_gfx_2d0.cpp:92:0: /scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/2d/DrawTargetTiled.cpp: In member function 'virtual void mozilla::gfx::DrawTargetTiled::PopClip()': /scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/gfx/2d/DrawTargetTiled.cpp:162:1: internal compiler error: Segmentation fault DrawTargetTiled::PopClip() ^ Please submit a full bug report, with preprocessed source if appropriate. See <https://bugs.gentoo.org/> for instructions. make[4]: *** [/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/config/rules.mk:953: Unified_cpp_gfx_2d0.o] Error 1 make[4]: Leaving directory '/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/seamonk/gfx/2d' make[3]: *** [/scratch/var/tmp/portage/www-client/seamonkey-2.49.5.0_p0/work/thunderbird-52.5.0/mozilla/config/recurse.mk:71: gfx/2d/target] Error 2 Expected results: This exploits a known bug in gcc before 5.4, see earlier reports at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805616 and https://www.mail-archive.com/gcc-bugs@gcc.gnu.org/msg530246.html Please adjust the code so that it does not trigger the crash. Not everybody can upgrade a compiler to a version which received a patch from GCC people.
Component: Untriaged → General
Product: Firefox → SeaMonkey
Version: 52 Branch → unspecified
This happens is core code not comm-central code. The official builders are not affected. Thunderbird and SeaMonkey build using "gcc 4.9.4 + PR64905" See workaround: > can be worked around by using -O1.
Component: General → Canvas: 2D
Product: SeaMonkey → Core
Version: unspecified → 52 Branch
Botond, anything pops out by code inspection that would let us alleviate this problem?
Flags: needinfo?(botond)
Priority: -- → P3
Whiteboard: [gfx-noted]
(In reply to Milan Sreckovic [:milan] from comment #2) > Botond, anything pops out by code inspection that would let us alleviate > this problem? Playing around with the reduced testcase here [1], I noticed that removing the use of __builtin_expect in RefPtr::operator-> makes the crash go away, so one workaround approach might be to do that. We probably wouldn't want to land a patch that does that, but Martin may be happy with applying one locally. [1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68470#c2
Flags: needinfo?(botond)
I attached a proof-of-concept patch. Martin, could you apply it locally and check if it fixes the crash for you? The patch takes the heavy-handed approach of disabling use of __builtin_expect in the entire codebase for GCC < 6. If you're worried about the codegen impact of this, we could, with a bit more effort, scope the change to only RefPtr::operator->, or even just the use of RefPtr::operator-> in DrawTargetTiled::PopClip(). But we should verify that the approach works at all (i.e. solves the crash) first.
Flags: needinfo?(mmokrejs)
Actually, here's a more straightforward way to avoid the __builtin_expect call in RefPtr::operator-> in DrawTargetTiled::PopClip() - just use RefPtr::get() instead, which returns the raw pointer without the MOZ_ASSERT that calls __builtin_expect. Martin, could you try this one as well? In fact, I'd suggesting trying this first, and if this solves the fix, don't even bother with the first patch.
(In reply to Botond Ballo [:botond] from comment #6) > In fact, I'd suggesting trying this > first, and if this solves the fix "if this solves the crash"
We require a more recent version gcc now and, afaik, this isn't happening anymore. So, closing.
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
Hmm, right: 0:12.36 DEBUG: COMPILER = gcc 0:12.37 DEBUG: VERSION = 4.9.4 0:12.37 DEBUG: STDC_VERSION = 199901L 0:12.37 DEBUG: CPU = x86_64 0:12.37 DEBUG: KERNEL = Linux 0:12.37 DEBUG: ENDIANNESS = little 0:12.37 ERROR: Only GCC 6.1 or newer is supported (found version 4.9.4). 0:12.46 *** Fix above errors and then restart with\ 0:12.46 "/usr/bin/gmake -f client.mk build" 0:12.46 gmake: *** [client.mk:127: configure] Error 1 * ERROR: www-client/firefox-63.0.3::gentoo failed (configure phase): I am sorry I did not get to test the patch in time, @botond.
Flags: needinfo?(mmokrejs)
Nevertheless, I tried to reproduce the issue first but it does not manifest with g++-4.9.4 -O2 anymore. Weird. /scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/gfx/2d # make make[1]: Entering directory '/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/gfx/2d' make[1]: Nothing to be done for 'pre-export'. make[1]: Leaving directory '/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/gfx/2d' make[1]: Entering directory '/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/gfx/2d' make[1]: Nothing to be done for 'export'. make[1]: Leaving directory '/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/gfx/2d' make[1]: Entering directory '/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/gfx/2d' /usr/x86_64-pc-linux-gnu/gcc-bin/4.9.4/x86_64-pc-linux-gnu-g++ -std=gnu++14 -o Unified_cpp_gfx_2d0.o -c -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/dist/stl_wrappers -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/dist/system_wrappers -include /scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/config/gcc_hidden.h -DNDEBUG=1 -DTRIMMED=1 -DUSE_SSE2 -DOS_POSIX=1 -DOS_LINUX=1 -DUSE_CAIRO -DMOZ2D_HAS_MOZ_CAIRO -DMOZ_ENABLE_FREETYPE -DSTATIC_EXPORTABLE_JS_API -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/2d -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/gfx/2d -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/ipc/ipdl/_ipdlheaders -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/ipc/chromium/src -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/ipc/glue -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/skia -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/skia/skia/include/config -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/skia/skia/include/core -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/skia/skia/include/gpu -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/skia/skia/include/utils -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/skia/skia/include/private -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/skia/skia/src/core -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/skia/skia/src/image -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/skia/skia/src/gpu -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/dist/include -I/usr/include/nspr -I/usr/include/nss -I/usr/include/pixman-1 -fPIC -DMOZILLA_CLIENT -include /scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/mozilla-config.h -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -Wall -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wsign-compare -Wtype-limits -Wunreachable-code -Wwrite-strings -Wno-invalid-offsetof -Wno-error=maybe-uninitialized -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=free-nonheap-object -Wformat -Wformat-security -pipe -march=native -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -freorder-blocks -O2 -fomit-frame-pointer -Wno-error=shadow -I/scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/dist/include/cairo -I/usr/include/freetype2 -I/usr/include/uuid -I/usr/include/freetype2 -MD -MP -MF .deps/Unified_cpp_gfx_2d0.o.pp /scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/gfx/2d/Unified_cpp_gfx_2d0.cpp In file included from /scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/tbird/gfx/2d/Unified_cpp_gfx_2d0.cpp:65:0: /scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/2d/DrawTargetCairo.cpp: In function 'cairo_pattern_t* mozilla::gfx::GfxPatternToCairoPattern(const mozilla::gfx::Pattern&, mozilla::gfx::Float, const Matrix&)': /scratch/var/tmp/portage/mail-client/thunderbird-60.3.1/work/thunderbird-60.3.1/gfx/2d/DrawTargetCairo.cpp:498:20: warning: 'pat' may be used uninitialized in this function [-Wmaybe-uninitialized] cairo_pattern_t* pat; ^ libgfx_2d.a.desc rm -f libgfx_2d.a ...
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: