Bug 99915 - general_composite_rect(): 'Conditional jump or move depends on uninitialised value(s)' when loading a svg file
Summary: general_composite_rect(): 'Conditional jump or move depends on uninitialised ...
Status: RESOLVED MOVED
Alias: None
Product: pixman
Classification: Unclassified
Component: pixman (show other bugs)
Version: 0.34.x
Hardware: Other Linux (All)
: medium normal
Assignee: Oded Gabbay
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-02-22 21:45 UTC by Roland Clobus
Modified: 2018-06-05 15:27 UTC (History)
0 users

See Also:
i915 platform:
i915 features:

Attachments
Source, image and minimal Makefile (10.00 KB, application/x-tar)
2017-02-22 21:45 UTC, Roland Clobus 		Details
View All

Description Roland Clobus 2017-02-22 21:45:21 UTC 
Created attachment 129849 [details]
Source, image and minimal Makefile

Hello,

I was testing Pioneers with new artwork and with valgrind I found uninitialised values. The image renders OK, both in my application and Inkscape.
The original image can be found at https://sourceforge.net/p/pio/code/HEAD/tree/trunk/pioneers/client/gtk/data/themes/Nouvellia/brick.svg

I have tried to reduce the test case as much as I could, see the attachment.
The minimal image needs both objects and the topmost object cannot be sized similar to the other one. Also the filling appears to be important.

In total, the function general_composite_rect is entered 14 times in this example code. I don't know how to proceed to further minimise the test case.

I hope this information is sufficient to be reproduced.

With kind regards,
Roland Clobus
Developer of Pioneers

<pre>
$ make
$ valgrind --track-origins=yes ./a.out
==10414== Memcheck, a memory error detector
==10414== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==10414== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==10414== Command: ./a.out
==10414== 
==10414== Conditional jump or move depends on uninitialised value(s)
==10414==    at 0x9CDDFBE: core_combine_over_u_sse2_mask (pixman-sse2.c:587)
==10414==    by 0x9CDDFBE: sse2_combine_over_u (pixman-sse2.c:738)
==10414==    by 0x9CC1E1A: general_composite_rect (pixman-general.c:223)
==10414==    by 0x9C7D6E0: pixman_image_composite32 (pixman.c:700)
==10414==    by 0x888B69A: _inplace_spans (cairo-image-compositor.c:2514)
==10414==    by 0x88D0999: blit_a8 (cairo-tor-scan-converter.c:1643)
==10414==    by 0x88D0999: glitter_scan_converter_render (cairo-tor-scan-converter.c:1794)
==10414==    by 0x88D0999: _cairo_tor_scan_converter_generate (cairo-tor-scan-converter.c:1857)
==10414==    by 0x88C2C3D: composite_polygon.isra.9 (cairo-spans-compositor.c:801)
==10414==    by 0x88C36B2: clip_and_composite_polygon (cairo-spans-compositor.c:967)
==10414==    by 0x88C45C2: _cairo_spans_compositor_fill (cairo-spans-compositor.c:1174)
==10414==    by 0x887EBAF: _cairo_compositor_fill (cairo-compositor.c:203)
==10414==    by 0x88902C6: _cairo_image_surface_fill (cairo-image-surface.c:985)
==10414==    by 0x88C7816: _cairo_surface_fill (cairo-surface.c:2341)
==10414==    by 0x888728B: _cairo_gstate_fill (cairo-gstate.c:1317)
==10414==  Uninitialised value was created by a stack allocation
==10414==    at 0x9CC1B20: general_composite_rect (pixman-general.c:129)
==10414== 
==10414== Conditional jump or move depends on uninitialised value(s)
==10414==    at 0x9CDE20E: core_combine_over_u_sse2_mask (pixman-sse2.c:649)
==10414==    by 0x9CDE20E: sse2_combine_over_u (pixman-sse2.c:738)
==10414==    by 0x9CC1E1A: general_composite_rect (pixman-general.c:223)
==10414==    by 0x9C7D6E0: pixman_image_composite32 (pixman.c:700)
==10414==    by 0x888B69A: _inplace_spans (cairo-image-compositor.c:2514)
==10414==    by 0x88D0999: blit_a8 (cairo-tor-scan-converter.c:1643)
==10414==    by 0x88D0999: glitter_scan_converter_render (cairo-tor-scan-converter.c:1794)
==10414==    by 0x88D0999: _cairo_tor_scan_converter_generate (cairo-tor-scan-converter.c:1857)
==10414==    by 0x88C2C3D: composite_polygon.isra.9 (cairo-spans-compositor.c:801)
==10414==    by 0x88C36B2: clip_and_composite_polygon (cairo-spans-compositor.c:967)
==10414==    by 0x88C45C2: _cairo_spans_compositor_fill (cairo-spans-compositor.c:1174)
==10414==    by 0x887EBAF: _cairo_compositor_fill (cairo-compositor.c:203)
==10414==    by 0x88902C6: _cairo_image_surface_fill (cairo-image-surface.c:985)
==10414==    by 0x88C7816: _cairo_surface_fill (cairo-surface.c:2341)
==10414==    by 0x888728B: _cairo_gstate_fill (cairo-gstate.c:1317)
==10414==  Uninitialised value was created by a stack allocation
==10414==    at 0x9CC1B20: general_composite_rect (pixman-general.c:129)
</pre>

My environment:
Debian 9.0 (dated 2017-02-22)
libpixman 0.34.0-1
librsvg 2.40.16-1
libgdk-pixbuf2.0-0 2.36.4-1
Comment 1 GitLab Migration User 2018-06-05 15:27:12 UTC 
-- GitLab Migration Automatic Message --

This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/pixman/pixman/issues/9.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.