[cairo] crash with pixman-0.17.4

Siarhei Siamashka siarhei.siamashka at gmail.com
Fri Jan 22 06:47:04 PST 2010 

On Friday 22 January 2010, Yogish Kulkarni wrote:
> I got crash in neon_composite_src_0565_8888 with latest pixman version.
> I have done some analysis,
>
> [1] No crash before commit 6bd17f1e9861693262fa88bfeff5d3279b3f6e7d
> [2] If reverted commits 6bd17f1e9861693262fa88bfeff5d3279b3f6e7d &
> c7b84f8b043018368fade4ad13730cfcaaf5c8cc from pixman-0.17.4 NO crash
>
> I guess this crash is related to pixman out of bound work around.
> Anyone has clue ?

Thanks for reporting the problem. Out of bound workaround was added
quite a long time ago, that's why it's a bit surprising to see this
problem showing up only now.

Just because NEON optimization for this particular function (16bpp to 32bpp
color format conversion) was added only in pixman-0.17.4, could you also try
downgrading to pixman-0.17.2 to see if it changes anything?

> Program received signal SIGSEGV, Segmentation fault.
> 0x4019dbdc in pixman_composite_src_0565_8888_asm_neon () at
> pixman-arm-neon-asm.h:565
> 565 */
> Current language:  auto; currently asm
> (gdb) bt
> #0  0x4019dbdc in pixman_composite_src_0565_8888_asm_neon () at
> pixman-arm-neon-asm.h:565
> #1  0x4019ca70 in neon_composite_src_0565_8888 (imp=<value optimized
> out>, op=<value optimized out>, src_image=0x247538, mask_image=<value
> optimized out>, dst_image=0x2475f8,
>     src_x=108, src_y=930, mask_x=0, mask_y=0, dest_x=0, dest_y=0,
> width=263, height=74) at pixman-arm-neon.c:257
> #2  0x40196d9c in walk_region_internal (imp=0x15ad40, op=PIXMAN_OP_SRC,
> src_image=0x247538, mask_image=0x0, dst_image=0x2475f8, src_x=108,
> src_y=930, mask_x=0, mask_y=0,
>     dest_x=0, dest_y=0, width=263, height=74, src_repeat=0,
> mask_repeat=0, region=0xbe8ac234, composite_rect=0x4019ca0c
> <neon_composite_src_0565_8888>) at pixman-utils.c:444
[snip]

If out of bound workaround was at fault, I would expect the bug to be
rather 'crossplatform', but apparently it was caught on ARM.

Could you please provide some more details about the steps needed to
reproduce the problem? What version of xserver do you have, what is the
desktop color depth (is it 32bpp?), screen resolution, what application are 
you running before crash and what are you trying to do with it.

If the crash turns out to be hard to reproduce, additionally the output
of 'info registers' and 'disassemble' (the snippet of code which includes
the address from PC register) gdb commands would be helpful.

-- 
Best regards,
Siarhei Siamashka

More information about the cairo mailing list