| Anonymous | Login | 08-21-2019 06:59 UTC |
| Main | My View | View Issues | Change Log | Docs |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | |||||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | |||||||
| 0005236 | [Squeak] VM | crash | always | 10-14-06 09:42 | 01-09-11 22:48 | |||||||
| Reporter | johnmci | View Status | public | |||||||||
| Assigned To | lewis | |||||||||||
| Priority | normal | Resolution | open | |||||||||
| Status | assigned | Product Version | 3.9 | |||||||||
| Summary | 0005236: Vm crashs in BitBltPlugin.c trying to access word in tail end of copyLoop() due to memory read failure | |||||||||||
| Description |
If you have a surface, then data for the surface if nicely divisibile by the host os page size can end on a page boundary, and the next page may not be readable by you. copyLoop() when preload is true preloads the nextWord of the nextscanline, however say for example your image is 384*512, after you copy over the last word this code runs {Say you do fooform displayOn: Display} if (nWords > 1 ) { destMask = mask2; /* begin srcLongAt: */ idx9 = sourceIndex; thisWord = long32At(idx9); The long32At(idx9) actually is trying to get the word after the last word on the surface, this causes a vm read protection page fault, and we die. The solution??? Is to write some slang that alters the C code to match something like if (nWords > 1 && (!(preload && i == bbH))) { Thus on preload we don't do it if i == bbh so we don't trigger the issue with reading over the page frame boundary |
|||||||||||
| Additional Information | ||||||||||||
| Attached Files | ||||||||||||
|
|
||||||||||||
Notes |
|
|
(0011124 - 277 - 277 - 277 - 277 - 277 - 277) johnmci 09-13-07 03:25 |
This is harder that you think, in sophie we tried the suggestion above, but then the last pixel in some masks (like the cursor) didn't copy right and would leave a mouse dropping kind of trail of the wrong color. Very annoying. Still the Operating system page fault *is* fatal. |
|
(0011599 - 254 - 254 - 254 - 254 - 254 - 254) tim 12-28-07 01:19 |
Hmm. Should only be an issue on the last line of a copyLoop since the other copying loops don't use preload. Any fix will need to cope with there only being a single word width (could be a tall narrow form) and must of course not ruin normal performance. |
|
(0012191 - 63 - 63 - 63 - 63 - 63 - 63) tim 05-27-08 18:20 |
Reminder sent to: iho Any thoughts on this? Andreas, perhaps you could ask Eliot too? |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 10-14-06 09:42 | johnmci | New Issue | |
| 09-12-07 00:41 | tim | Status | new => assigned |
| 09-12-07 00:41 | tim | Assigned To | => tim |
| 09-13-07 03:25 | johnmci | Note Added: 0011124 | |
| 09-13-07 23:59 | tim | Relationship added | child of 0006671 |
| 12-28-07 01:19 | tim | Note Added: 0011599 | |
| 05-27-08 18:20 | tim | Issue Monitored: iho | |
| 05-27-08 18:20 | tim | Note Added: 0012191 | |
| 01-30-10 22:27 | lewis | Issue Monitored: lewis | |
| 01-09-11 22:48 | lewis | Assigned To | tim => lewis |
| Mantis 1.0.8[^]
Copyright © 2000 - 2007 Mantis Group
54 total queries executed. 37 unique queries executed. |  |
