-
Notifications
You must be signed in to change notification settings - Fork 15k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nativeImage.createFromBuffer crashes on Windows on ARM #25069
Comments
Probably a good idea to file this against libjpeg-turbo: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/new/choose |
@nornagon I think it may actually be an implementation issue in https://source.chromium.org/chromium/chromium/src/+/master:ui/gfx/codec/jpeg_codec.cc. Eg see https://github.com/libjpeg-turbo/libjpeg-turbo/blob/master/example.txt#L311 |
Hi, @jkleinsc unfortunately I couldn't reproduce this issue on my WoA device Asus NovaGo (winver: Windows 10 Pro, OS Build 19041.450, MSVC 16.7.2). I have checked with Electron v11-0.0-nightly.20200825/20200723 ( Node v12.18.3). It could be I missed something. Many thanks, |
@kadam our CI Windows environment is a Lenovo Yoga C630 running Windows 10 Home 10.0.19041 Build 19041/10.0.19041.423. As far as GN args are concerned, they are here: We also have a Microsoft Surface Pro X in CI which is running on Windows 10 Enterprise v 10.0.18362.752. I can verify if it also fails there. |
@kaadam also tested on the Surface Pro X running on Windows 10 Enterprise v 10.0.18362.752 and I can reproduce the issue there as well. |
@jkleinsc This CL [3] causes the issue, so earlier in the build config '/guard:cf/nolongjmp' was set, which allows the users to link in object I would say we should use this ldflag option only for arm64 as a workaround to avoid this crash until it is fixed in llvm.
[3] https://chromium-review.googlesource.com/c/chromium/src/+/2298284/13/build/config/win/BUILD.gn |
LLVM/LLD issue opened: https://bugs.llvm.org/show_bug.cgi?id=47463 |
@kaadam and @richard-townsend-arm thanks for your help on this. I'll put together a PR to use the proper ldflag option only for arm64. |
Also, just to close the loop on this, https://chromium-review.googlesource.com/c/chromium/src/+/2298284/13/build/config/win/BUILD.gn was part of the chromium roll here: #24575 where we first saw this issue. |
@jkleinsc @richard-townsend-arm perhaps shoot a quick email to wfh@chromium.org with a link to the llvm bug? |
Done ✔️ I don't imagine there'll be a problem passing /guard:cf,nolongjmp temporarily until the toolchain's fixed. |
@jkleinsc : if you implement the workaround, could you reference this bug? https://bugs.chromium.org/p/chromium/issues/detail?id=1126549 Otherwise I'll get started on it tomorrow. |
@richard-townsend-arm can you verify that bug link? When I click on it, the issue listed (Issue 112654: Crash on clicking App launcher thrice) doesn't appear to relate to this issue. |
Ah think I found it: https://crbug.com/1126549 |
Ooops, apologies (edited with the fix). |
Pull request to use |
Preflight Checklist
Issue Details
This issue was discovered while working on #25018
Expected Behavior
Calling
nativeImage.createFromBuffer
with an invalid image or a bitmap image should not crash Electron on Windows on ARMActual Behavior
Calling
nativeImage.createFromBuffer
with an invalid image or a bitmap image crashes Electron on Windows on ARMTo Reproduce
The following example of calling nativeImage.createFromBuffer with a bitmap will crash:
The following example will also crash when the file passed into
nativeImage.createFromPath
isn't an image:webContents.startDrag will also cause this crash if the icon passed in isn't an image:
Additional Information
Running test cases through windbg reveals the following stack traces:
nativeImage.createFromBuffer(imageA.toBitmap()....)
webContents.startDrag
Assessment
In both cases a longjmp is failing. Apparently Windows thinks it is invalid for the process, as far as I can understand from this: https://docs.microsoft.com/en-us/windows/win32/devnotes/guardchecklongjumptarget
Here's where setjmp gets called: https://source.chromium.org/chromium/chromium/src/+/master:ui/gfx/codec/jpeg_codec.cc;l=179
and here's where longjmp gets called: https://source.chromium.org/chromium/chromium/src/+/master:ui/gfx/codec/jpeg_codec.cc;l=43
This issue was introduced in the chromium roll: #24575
In that chromium roll libjpeg_turbo was updated: https://chromium.googlesource.com/chromium/deps/libjpeg_turbo/+log/0241a1304fd183ee24fbdfe6891f18fdedea38f9..9d4f8005bc6c888e66b00fd00188531ee9bd3344?n=10000&pretty=fuller (edited)
That update includes an update to TurboJPEG 2.0.5
which includes this change: libjpeg-turbo/libjpeg-turbo@ae87a95 which may be the root of the issue.
The text was updated successfully, but these errors were encountered: