Mantis Bugtracker
  

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0005236 [Squeak] VM crash always 10-14-06 09:42 01-09-11 22:48
Reporter johnmci View Status public  
Assigned To lewis
Priority normal Resolution open  
Status assigned   Product Version 3.9
Summary 0005236: Vm crashs in BitBltPlugin.c trying to access word in tail end of copyLoop() due to memory read failure
Description If you have a surface, then data for the surface if nicely divisibile by the host os page size can end on a page boundary, and the next page may not be readable by you. copyLoop() when preload is true preloads the nextWord of the nextscanline, however say for example your image is 384*512, after you copy over the last word this code runs {Say you do fooform displayOn: Display}

        if (nWords > 1 ) {
            destMask = mask2;
            /* begin srcLongAt: */
            idx9 = sourceIndex;
            thisWord = long32At(idx9);


The long32At(idx9) actually is trying to get the word after the last word on the surface, this causes a vm read protection page fault, and we die.

The solution??? Is to write some slang that alters the C code to match something like

        if (nWords > 1 && (!(preload && i == bbH))) {

Thus on preload we don't do it if i == bbh so we don't trigger the issue with reading over the page frame boundary
Additional Information
Attached Files

- Relationships
child of 0006671closed tim Build VMMaker for 3.9 

- Notes
(0011124 - 277 - 277 - 277 - 277 - 277 - 277)
johnmci
09-13-07 03:25

This is harder that you think, in sophie we tried the suggestion above, but then the last pixel in some masks (like the cursor) didn't copy right and would leave a mouse dropping kind of trail of the wrong color. Very annoying. Still the Operating system page fault *is* fatal.
 
(0011599 - 254 - 254 - 254 - 254 - 254 - 254)
tim
12-28-07 01:19

Hmm. Should only be an issue on the last line of a copyLoop since the other copying loops don't use preload. Any fix will need to cope with there only being a single word width (could be a tall narrow form) and must of course not ruin normal performance.
 
(0012191 - 63 - 63 - 63 - 63 - 63 - 63)
tim
05-27-08 18:20

Reminder sent to: iho

Any thoughts on this? Andreas, perhaps you could ask Eliot too?
 

- Issue History
Date Modified Username Field Change
10-14-06 09:42 johnmci New Issue
09-12-07 00:41 tim Status new => assigned
09-12-07 00:41 tim Assigned To  => tim
09-13-07 03:25 johnmci Note Added: 0011124
09-13-07 23:59 tim Relationship added child of 0006671
12-28-07 01:19 tim Note Added: 0011599
05-27-08 18:20 tim Issue Monitored: iho
05-27-08 18:20 tim Note Added: 0012191
01-30-10 22:27 lewis Issue Monitored: lewis
01-09-11 22:48 lewis Assigned To tim => lewis


Mantis 1.0.8[^]
Copyright © 2000 - 2007 Mantis Group
54 total queries executed.
37 unique queries executed.
Powered by Mantis Bugtracker