Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash with -f sixels #210

Closed
chrisant996 opened this issue Aug 17, 2024 · 17 comments
Closed

Crash with -f sixels #210

chrisant996 opened this issue Aug 17, 2024 · 17 comments

Comments

@chrisant996
Copy link

Repro steps:

  • Using chafa v1.14.2
  • Download the photo "911 Row - redacted.jpg" from below (a row of cars in a parking garage)
  • Run chafa -f sixels "911 Row - redacted.jpg"
  • Crash

I'm able to reproduce crashes with -f sixels on many different input .jpg files, but also many other input .jpg files do not crash.

The input photo:

911 Row - redacted
@hpjansson
Copy link
Owner

Thanks for reporting this. I can't repro so far, and ASAN/Valgrind are coming up empty-handed. Could you please specify:

  • Which platform you're on (e.g. Linux distro, MacOS or Windows version).
  • CPU arch (especially if not Intel).
  • How you obtained Chafa (e.g. package manager, official binary, built from source..).

@chrisant996
Copy link
Author

chrisant996 commented Aug 17, 2024
edited
Loading

Oh that's interesting...

Field Value
Platform Windows 11 Pro, 23H2, 22631.4037
CPU Intel Core Ultra 9 185H 2.30 Ghz
Arch x64
Obtained winget install hpjansson.Chafa
Version Chafa version 1.14.2

Here is a minidump without heap:
chafa_dump_no_heap.zip

I'm working on finding a good way to upload a dump with heap, but it's 26 MB when compressed with zip deflate level 9, and GitHub only allows <= 25 MB.

@chrisant996
Copy link
Author

chrisant996 commented Aug 17, 2024
edited
Loading

Rar compresses it to 19 MB, but GitHub doesn't accept .rar files.

So, here is a .rar file, which I've renamed to .zip to placate GitHub's filter.
[Chafa_sixel_crash___with_heap.zip] -- removed to reclaim space, and because it wasn't useful without symbols.

To extract it, download it and rename it to .rar -- I tried that and on my machine it was able to successfully download and extract the file.

@j4james
Copy link

j4james commented Aug 17, 2024

You may want to double check that the test image you pasted here actually matches your local copy. I think it's quite possible that github recompresses images that it hosts, and if that's the case, the github version wouldn't necessarily reproduce the crash that you're seeing on your local copy.

@chrisant996
Copy link
Author

You may want to double check that the test image you pasted here actually matches your local copy. I think it's quite possible that github recompresses images that it hosts, and if that's the case, the github version wouldn't necessarily reproduce the crash that you're seeing on your local copy.

When I right-click on the image and download it, it comes down byte for byte identical to the source image.

And I'm able to repro the crash when using the downloaded copy.

The two dump files I uploaded should be useful in debugging, without needing a local repro.

@hpjansson
Copy link
Owner

Thanks, that helped a lot. I was able to take a peek with WinDbg and confirmed it's crashing on a vmovdqa instruction with bad data alignment (16 bytes where 32 is needed). I can repro this with the Windows binary, but not with any of the Linux builds.

Since I'm cross-compiling with gcc, I don't have a PDB, so no backtrace yet -- but there aren't too many candidates to check manually.

@chrisant996
Copy link
Author

Anything further I can do to help?

I'm also happy to test a pre-release prototype fix.

@hpjansson
Copy link
Owner

Can't think of anything right now, but might take you up on the testing offer once I have something running here.

@chrisant996
Copy link
Author

Is it a case of gcc bug 15795?
Might C++17 or -faligned-new help? (See comment 45 in bug 15795.)

@hpjansson
Copy link
Owner

hpjansson commented Aug 18, 2024
edited
Loading

I doubt it -- the code I'm suspicious of is just plain C, and heap allocations are aligned manually to 64 bytes. It's most likely just doing _mm256_store_si256() through an unaligned pointer somewhere. Probably in smolscale-avx2.c.

chafa-debug-1
chafa-debug-2

The asm looks familiar and could match in a couple of places. I just have to narrow it down.

@hpjansson
Copy link
Owner

Figured it out. It's actually gcc bug 54412. We have code that looks like this:

__m256i func_b (void) {
    __m256i v;
    ...
    return v;
}

void func_a (void) {
    __m256i u;
    u = func_b ();
    ...
}

func_b() tries to pass the return value on the stack by storing it with vmovdqa. This requires 32-byte alignment. However, the stack pointer is not necessarily aligned, even though the local variables are. Changing the code to this fixes the problem:

void func_b (__m256i *o) {
    __m256i v;
    ...
    *o = v;
}

void func_a (void) {
    __m256i u;
    func_b (&u);
    ...
}

I'm attaching a test binary wrapped in a zip file. It works for me -- @chrisant996, care to test?

chafa-test.zip

@chrisant996
Copy link
Author

Bingo! 😎💪

Screenshot for visual confirmation, in Windows Terminal Canary 1.22.240815001-llm:

image

@veltza
Copy link

veltza commented Aug 19, 2024

I tried chafa-test.zip on my Windows 10 machine with a nightly build of Windows Terminal Canary and noticed that the -s option doesn't work properly. It prints a sixel that's way too small.

chafa

@chrisant996
Copy link
Author

I tried chafa-test.zip on my Windows 10 machine with a nightly build of Windows Terminal Canary and noticed that the -s option doesn't work properly. It prints a sixel that's way too small.

chafa

That doesn't seem related to the crash.

Have you considered opening a separate issue? That's probably better than appending to an unrelated issue.

@hpjansson
Copy link
Owner

Thanks @veltza -- I think it's a real issue, but I suspect it's not a Chafa bug, but rather the terminal misreporting its pixel dimensions. Please open a new issue so we can investigate :-)

@veltza
Copy link

veltza commented Aug 19, 2024

Have you considered opening a separate issue? That's probably better than appending to an unrelated issue.

Thanks @veltza -- I think it's a real issue, but I suspect it's not a Chafa bug, but rather the terminal misreporting its pixel dimensions. Please open a new issue so we can investigate :-)

Sure, I'll do that. I apologize for disturbing you here.

@veltza veltza mentioned this issue Aug 19, 2024
Closed
@hpjansson
Copy link
Owner

Thanks for testing!

@hpjansson hpjansson mentioned this issue Aug 30, 2024
Closed
hpjansson added a commit that referenced this issue Sep 9, 2024
@hpjansson
smolscale-avx2: Pass YMM return values by reference
7a0ea95 
Workaround for GCC bug #54412:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=54412

GCC does not enforce 32-byte alignment for return values placed on the
stack in 64-bit MS Windows builds, yet it emits vmovdqa instructions
that require alignment. This would cause crashes when resampling big
images.

Fixes #210 (GitHub).
@hpjansson hpjansson mentioned this issue Sep 11, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@hpjansson @j4james @chrisant996 @veltza