From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andreas Enge <andreas@enge.fr>
Subject: Re: =?utf-8?B?4oCYY29yZS11cGRhdGVz?= =?utf-8?B?4oCZ?= freeze
	approaching!
Date: Thu, 17 Sep 2015 23:43:15 +0200
Message-ID: <20150917214315.GA31972@debian>
References: <87wpvy4c8q.fsf@gnu.org> <87twr08xdt.fsf@gnu.org>
	<877fntrpeb.fsf@gnu.org> <87bnd024sf.fsf@gnu.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Content-Transfer-Encoding: 8bit
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:42742)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <andreas@enge.fr>) id 1Zcgxd-0003ch-NM
	for guix-devel@gnu.org; Thu, 17 Sep 2015 17:43:22 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <andreas@enge.fr>) id 1Zcgxa-0002l0-IA
	for guix-devel@gnu.org; Thu, 17 Sep 2015 17:43:21 -0400
Content-Disposition: inline
In-Reply-To: <87bnd024sf.fsf@gnu.org>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: Ludovic =?iso-8859-15?Q?Court=E8s?= <ludo@gnu.org>
Cc: guix-devel <guix-devel@gnu.org>

On Thu, Sep 17, 2015 at 10:02:08PM +0200, Ludovic Courtès wrote:
>   https://bugs.freedesktop.org/show_bug.cgi?id=92027

The segfault and the valgrind issue happen in different files, so they
do not seem to be related.

The code before the line where gdb places the error:
Program received signal SIGSEGV, Segmentation fault.
fast_fetch_r5g6b5 (iter=0xffff5e68, mask=0x0) at pixman-fast-path.c:2191
2191		t0 = ((sr << 16) & 0x00FF0000) | ((sg << 8) & 0x0000FF00) |
(gdb) bt
#0  fast_fetch_r5g6b5 (iter=0xffff5e68, mask=0x0) at pixman-fast-path.c:2191

is the following:
    while ((w -= 2) >= 0)
    {
        uint32_t sr, sb, sg, t0, t1;
        uint32_t s = *(const uint32_t *)src;
        src += 2;
        sr = (s >> 8) & 0x00F800F8;
        sb = (s << 3) & 0x00F800F8;
        sg = (s >> 3) & 0x00FC00FC;
        sr |= sr >> 5;
        sb |= sb >> 5;
        sg |= sg >> 6;
        t0 = ((sr << 16) & 0x00FF0000) | ((sg << 8) & 0x0000FF00) |
             (sb & 0xFF) | 0xFF000000;

This looks perfectly safe; all treated variables are scalars, so the result
may be wrong, but cannot cause a segfault. A problem with optimisation in gcc?
Or gdb giving a wrong line number? Since pointers are dereferenced before and
after that line.

I also tried to cd into /tmp/nix-build-..., source the environment variables
and run "make check"; then all tests pass (but the build is for i686-linux
on an x86_64-machine, so maybe this does not mean much outside the guix build
container?).

Andreas