GNU bug report logs - #8215
possibly uninitialized variable lower_xoff in produce_glyphless_glyph

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: emacs; Reported by: Paul Eggert <eggert@HIDDEN>; dated Wed, 9 Mar 2011 22:01:01 UTC; Maintainer for emacs is bug-gnu-emacs@HIDDEN.

Message received at 8215 <at> debbugs.gnu.org:


Received: (at 8215) by debbugs.gnu.org; 23 Mar 2011 23:19:35 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 23 19:19:35 2011
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1Q2XKw-00018C-N5
	for submit <at> debbugs.gnu.org; Wed, 23 Mar 2011 19:19:34 -0400
Received: from smtp.cs.ucla.edu ([131.179.128.62])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <eggert@HIDDEN>)
	id 1Q2XKt-00017n-J7; Wed, 23 Mar 2011 19:19:32 -0400
Received: from localhost (localhost.localdomain [127.0.0.1])
	by smtp.cs.ucla.edu (Postfix) with ESMTP id 6E24D39E80E0;
	Wed, 23 Mar 2011 16:19:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu
Received: from smtp.cs.ucla.edu ([127.0.0.1])
	by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id rtc05Tc4HYDm; Wed, 23 Mar 2011 16:19:25 -0700 (PDT)
Received: from [131.179.64.200] (Penguin.CS.UCLA.EDU [131.179.64.200])
	by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 1D12839E80B1;
	Wed, 23 Mar 2011 16:19:25 -0700 (PDT)
Message-ID: <4D8A7FFC.60405@HIDDEN>
Date: Wed, 23 Mar 2011 16:19:24 -0700
From: Paul Eggert <eggert@HIDDEN>
Organization: UCLA Computer Science Department
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14
	Thunderbird/3.1.9
MIME-Version: 1.0
To: 8229 <at> debbugs.gnu.org, 8215 <at> debbugs.gnu.org, 8211 <at> debbugs.gnu.org
Subject: committed the workaround
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Spam-Score: -3.2 (---)
X-Debbugs-Envelope-To: 8215
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/pipermail/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -3.2 (---)

I committed my abovementioned workaround into the
Emacs trunk on 2011-03-11 (bzr 103589).  I don't
consider this a fix, though, so I'm leaving this
bug report open.




Information forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs@HIDDEN:
bug#8215; Package emacs. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 9 Mar 2011 22:00:26 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 09 17:00:26 2011
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1PxRQg-0000tx-4L
	for submit <at> debbugs.gnu.org; Wed, 09 Mar 2011 17:00:26 -0500
Received: from eggs.gnu.org ([140.186.70.92])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <eggert@HIDDEN>) id 1PxRQe-0000tl-1A
	for submit <at> debbugs.gnu.org; Wed, 09 Mar 2011 17:00:25 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eggert@HIDDEN>) id 1PxRQY-0000db-1e
	for submit <at> debbugs.gnu.org; Wed, 09 Mar 2011 17:00:18 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_RP_MATCHES_RCVD
	autolearn=unavailable version=3.3.1
Received: from lists.gnu.org ([199.232.76.165]:37091)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eggert@HIDDEN>) id 1PxRQX-0000dX-Vf
	for submit <at> debbugs.gnu.org; Wed, 09 Mar 2011 17:00:17 -0500
Received: from [140.186.70.92] (port=46758 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PxRQW-0004lK-NG
	for bug-gnu-emacs@HIDDEN; Wed, 09 Mar 2011 17:00:17 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eggert@HIDDEN>) id 1PxRQV-0000cz-Ot
	for bug-gnu-emacs@HIDDEN; Wed, 09 Mar 2011 17:00:16 -0500
Received: from smtp.cs.ucla.edu ([131.179.128.62]:58136)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eggert@HIDDEN>) id 1PxRQV-0000cl-97
	for bug-gnu-emacs@HIDDEN; Wed, 09 Mar 2011 17:00:15 -0500
Received: from localhost (localhost.localdomain [127.0.0.1])
	by smtp.cs.ucla.edu (Postfix) with ESMTP id E4FB939E80DB;
	Wed,  9 Mar 2011 14:00:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu
Received: from smtp.cs.ucla.edu ([127.0.0.1])
	by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 96wJD0QTXzPK; Wed,  9 Mar 2011 14:00:13 -0800 (PST)
Received: from [131.179.64.200] (Penguin.CS.UCLA.EDU [131.179.64.200])
	by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 29EDF39E80F8;
	Wed,  9 Mar 2011 14:00:13 -0800 (PST)
Message-ID: <4D77F86C.9080809@HIDDEN>
Date: Wed, 09 Mar 2011 14:00:12 -0800
From: Paul Eggert <eggert@HIDDEN>
Organization: UCLA Computer Science Department
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.2.13) Gecko/20101209 Fedora/3.1.7-0.35.b3pre.fc14
	Thunderbird/3.1.7
MIME-Version: 1.0
To: bug-gnu-emacs@HIDDEN
Subject: possibly uninitialized variable lower_xoff in produce_glyphless_glyph
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2)
X-Received-From: 199.232.76.165
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: submit
Cc: Kenichi Handa <handa@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/pipermail/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -5.0 (-----)

I found this problem by compiling Emacs with GCC's -Wuninitialized flag.

The following code in the Emacs trunk src/xdisp.c's
produce_glyphless_glyph function might be using an uninitialized
variable:

       if (base_width >= width)
	{
	  /* Align the upper to the left, the lower to the right.  */
	  it->pixel_width = base_width;
	  lower_xoff = base_width - 2 - metrics_lower.width;
	}
       else
	{
	  /* Center the shorter one.  */
	  it->pixel_width = width;
	  if (metrics_upper.width >= metrics_lower.width)
	    lower_xoff = (width - metrics_lower.width) / 2;
	  else
	    upper_xoff = (width - metrics_upper.width) / 2;
	}
   ...
   if (it->glyph_row)
     append_glyphless_glyph (it, face_id, for_no_font, len,
			    upper_xoff, upper_yoff,
			    lower_xoff, lower_yoff);

The last call uses lower_xoff, but the last "else" does not initialize
lower_xoff.  The bug cannot occur if it->glyph_row is NULL, but I
don't see why that would necessarily be.  So I'm filing a bug report
so that someone who is more expert in this code can take a look at it.
In the meantime, I plan to work around the problem by initializing
lower_xoff to 0, with a FIXME explaining the situation: this shouldn't
introduce a bug, because at worst it will replace undefined behavior
with defined behavior.

I'm CC'ing this to Kenichi Handa, who committed the code in question.




Acknowledgement sent to Paul Eggert <eggert@HIDDEN>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs@HIDDEN. Full text available.
Report forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs@HIDDEN:
bug#8215; Package emacs. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Fri, 31 Oct 2014 17:00:04 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.