From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Paul Eggert Newsgroups: gmane.emacs.bugs Subject: bug#8227: possibly uninitialized variables in update_window_fringes Date: Thu, 10 Mar 2011 15:45:19 -0800 Organization: UCLA Computer Science Department Message-ID: <4D79628F.3030106@cs.ucla.edu> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Trace: dough.gmane.org 1299802054 10154 80.91.229.12 (11 Mar 2011 00:07:34 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Fri, 11 Mar 2011 00:07:34 +0000 (UTC) To: 8227@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Mar 11 01:07:29 2011 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Pxpt9-0003St-Ir for geb-bug-gnu-emacs@m.gmane.org; Fri, 11 Mar 2011 01:07:28 +0100 Original-Received: from localhost ([127.0.0.1]:48077 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Pxpt7-0001ko-DQ for geb-bug-gnu-emacs@m.gmane.org; Thu, 10 Mar 2011 19:07:25 -0500 Original-Received: from [140.186.70.92] (port=36097 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Pxpsm-0001ZB-Un for bug-gnu-emacs@gnu.org; Thu, 10 Mar 2011 19:07:06 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Pxpsk-0007Io-9v for bug-gnu-emacs@gnu.org; Thu, 10 Mar 2011 19:07:03 -0500 Original-Received: from debbugs.gnu.org ([140.186.70.43]:49383) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Pxpsk-0007Ig-8S for bug-gnu-emacs@gnu.org; Thu, 10 Mar 2011 19:07:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.69) (envelope-from ) id 1PxpYQ-0007Kp-KB; Thu, 10 Mar 2011 18:46:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Paul Eggert Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 10 Mar 2011 23:46:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 8227 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Original-Received: via spool by submit@debbugs.gnu.org id=B.129980073528157 (code B ref -1); Thu, 10 Mar 2011 23:46:02 +0000 Original-Received: (at submit) by debbugs.gnu.org; 10 Mar 2011 23:45:35 +0000 Original-Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1PxpXy-0007K5-VT for submit@debbugs.gnu.org; Thu, 10 Mar 2011 18:45:35 -0500 Original-Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1PxpXx-0007Ju-5P for submit@debbugs.gnu.org; Thu, 10 Mar 2011 18:45:34 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1PxpXr-0003eQ-Cx for submit@debbugs.gnu.org; Thu, 10 Mar 2011 18:45:28 -0500 Original-Received: from lists.gnu.org ([199.232.76.165]:56758) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1PxpXr-0003eC-5U for submit@debbugs.gnu.org; Thu, 10 Mar 2011 18:45:27 -0500 Original-Received: from [140.186.70.92] (port=57097 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PxpXp-00029j-7Y for bug-gnu-emacs@gnu.org; Thu, 10 Mar 2011 18:45:26 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1PxpXn-0003da-5Z for bug-gnu-emacs@gnu.org; Thu, 10 Mar 2011 18:45:24 -0500 Original-Received: from smtp.cs.ucla.edu ([131.179.128.62]:34829) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1PxpXm-0003d2-T9 for bug-gnu-emacs@gnu.org; Thu, 10 Mar 2011 18:45:23 -0500 Original-Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.cs.ucla.edu (Postfix) with ESMTP id 02D3439E80F8; Thu, 10 Mar 2011 15:45:20 -0800 (PST) X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu Original-Received: from smtp.cs.ucla.edu ([127.0.0.1]) by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8GZ+vsoY788W; Thu, 10 Mar 2011 15:45:19 -0800 (PST) Original-Received: from [131.179.64.200] (Penguin.CS.UCLA.EDU [131.179.64.200]) by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 7187F39E80DF; Thu, 10 Mar 2011 15:45:19 -0800 (PST) User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101209 Fedora/3.1.7-0.35.b3pre.fc14 Thunderbird/3.1.7 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list Resent-Date: Thu, 10 Mar 2011 18:46:02 -0500 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:44890 Archived-At: Severity: minor I found this problem by compiling Emacs with GCC's -Wuninitialized flag. The following code in the Emacs trunk src/fringe.c's update_window_fringes function might be using uninitialized variables: int top_row_ends_at_zv_p, bot_row_ends_at_zv_p; ... if (top_ind_rn >= 0) { ... top_row_ends_at_zv_p = row->ends_at_zv_p; } ... for (y = w->vscroll, rn = 0; y < yb && rn < nrows; y += row->height, rn++) { ... if (WINDOW_LEFT_FRINGE_WIDTH (w) == 0) ... else if (row->left_user_fringe_bitmap != NO_FRINGE_BITMAP) ... else if ((!row->reversed_p && row->truncated_on_left_p) || (row->reversed_p && row->truncated_on_right_p)) ... else if (row->indicate_bob_p && EQ (boundary_top, Qleft)) { left = ((row->indicate_eob_p && EQ (boundary_bot, Qleft)) ? LEFT_FRINGE (1, Qtop_bottom, top_row_ends_at_zv_p) : LEFT_FRINGE (2, Qtop, 0)); ... } The last assignment uses top_row_ends_at_zv_p, but it's not clear from the previous tests that top_row_ends_at_zv_p must be initialized. There is a similar issue with bot_row_ends_at_zv_p. I'm filing a bug report so that someone who is more expert in this code can take a look at it. In the meantime, I plan to work around the problem by initializing the two local variables to 0, with a FIXME explaining the situation: this shouldn't introduce a bug, because at worst it will replace undefined behavior with defined behavior. I'm CC'ing this to YAMAMOTO Mitsuharu, who committed the code in question.