From: Eli Zaretskii <eliz@gnu.org>
To: Dan Nicolaescu <dann@gnu.org>
Cc: 9990@debbugs.gnu.org
Subject: bug#9990: valgrind warning in add_row_entry
Date: Fri, 11 Nov 2011 17:30:58 +0200 [thread overview]
Message-ID: <83zkg2fzgt.fsf@gnu.org> (raw)
In-Reply-To: <yxqpqgzrym5.fsf@fencepost.gnu.org>
> From: Dan Nicolaescu <dann@gnu.org>
> Cc: 9990@debbugs.gnu.org
> Date: Fri, 11 Nov 2011 00:56:18 -0500
>
> I got another (maybe) similar one. For this one I had the option that
> shows the location of uninitialized variable. This happened after doing C-h H.
Is this reproducible? If so, can you tell how to reproduce it?
> ==4752== Conditional jump or move depends on uninitialised value(s)
> ==4752== at 0x4137ED: update_window (dispnew.c:1276)
> ==4752== by 0x414F02: update_window_tree (dispnew.c:3326)
> ==4752== by 0x4181CD: update_frame (dispnew.c:3253)
> ==4752== by 0x440E7B: redisplay_internal (xdisp.c:13175)
> ==4752== by 0x4F0A87: read_char (keyboard.c:2443)
> ==4752== by 0x4F2F46: read_key_sequence.constprop.14 (keyboard.c:9290)
> ==4752== by 0x4F4C14: command_loop_1 (keyboard.c:1447)
> ==4752== by 0x559B55: internal_condition_case (eval.c:1499)
> ==4752== by 0x4E7FED: command_loop_2 (keyboard.c:1158)
> ==4752== by 0x559A37: internal_catch (eval.c:1256)
> ==4752== by 0x4E94EE: recursive_edit_1 (keyboard.c:1123)
> ==4752== by 0x515CFB: read_minibuf (minibuf.c:677)
> ==4752== Uninitialised value was created by a heap allocation
> ==4752== at 0x4A0649D: malloc (vg_replace_malloc.c:236)
> ==4752== by 0x5407CF: xrealloc (alloc.c:742)
> ==4752== by 0x411001: adjust_glyph_matrix (dispnew.c:580)
> ==4752== by 0x41148C: allocate_matrices_for_window_redisplay (dispnew.c:1838)
> ==4752== by 0x4119DC: adjust_frame_glyphs (dispnew.c:2167)
> ==4752== by 0x416BC9: adjust_glyphs (dispnew.c:1860)
> ==4752== by 0x4686A7: Fdelete_other_windows_internal (window.c:2809)
> ==4752== by 0x55B9FB: Ffuncall (eval.c:2977)
> ==4752== by 0x593BE5: exec_byte_code (bytecode.c:785)
> ==4752== by 0x55AE2A: eval_sub (eval.c:2328)
> ==4752== by 0x559A37: internal_catch (eval.c:1256)
> ==4752== by 0x594567: exec_byte_code (bytecode.c:966)
It seems to tell that some glyph row(s) whose glyphs are reallocated
here:
while (row < end)
{
row->glyphs[LEFT_MARGIN_AREA]
= xnrealloc (row->glyphs[LEFT_MARGIN_AREA], <<<<<<<<<<<
dim.width, sizeof (struct glyph));
don't have their hash values initialized, and so this comparison
within row_equal_p:
if (a == b)
return 1;
else if (a->hash != b->hash) <<<<<<<<<<<<<<<<<<<<<
return 0;
else
{
uses uninitialized value.
The strange thing is, the above xnrealloc is not supposed to affect
the row's hash value in any way, it just reallocates its glyphs. So I
cannot make heads or tails out of this. And the hash value is
initialized to zero for additional glyph rows added to a glyph matrix,
in this fragment:
/* Enlarge MATRIX->rows if necessary. New rows are cleared. */
if (matrix->rows_allocated < dim.height)
{
int old_alloc = matrix->rows_allocated;
new_rows = dim.height - matrix->rows_allocated;
matrix->rows = xpalloc (matrix->rows, &matrix->rows_allocated,
new_rows, INT_MAX, sizeof *matrix->rows);
memset (matrix->rows + old_alloc, 0,
(matrix->rows_allocated - old_alloc) * sizeof *matrix->rows);
}
The call to `memset' should zero out all the fields of each glyph_row
that were just added to enlarge the matrix.
However, I spotted something strange related to the call to
row_equal_p, here:
/* Skip over rows equal at the bottom. */
i = last_new;
j = last_old;
while (i - 1 > first_new
&& j - 1 > first_old
&& MATRIX_ROW (current_matrix, i - 1)->enabled_p
&& (MATRIX_ROW (current_matrix, i - 1)->y
== MATRIX_ROW (desired_matrix, j - 1)->y)
&& !MATRIX_ROW (desired_matrix, j - 1)->redraw_fringe_bitmaps_p
&& row_equal_p (MATRIX_ROW (desired_matrix, i - 1),
MATRIX_ROW (current_matrix, j - 1), 1))
--i, --j;
Some of these conditions use incorrect indices to access the glyph
matrices: `i' should be used for the current matrix and `j' for the
desired matrix. Some of these conditions use `i' and `j' correctly,
some don't. So it's possible, for example, that the test of the
enabled_p flag produces incorrect results, and we then proceed calling
row_equal_p on a row which is not enabled and whose hash was not
computed by redisplay.
next prev parent reply other threads:[~2011-11-11 15:30 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-08 14:27 bug#9990: valgrind warning in add_row_entry Dan Nicolaescu
2011-11-08 17:17 ` Eli Zaretskii
2011-11-08 18:44 ` Andreas Schwab
2011-11-08 20:35 ` Eli Zaretskii
2011-11-11 5:56 ` Dan Nicolaescu
2011-11-11 15:30 ` Eli Zaretskii [this message]
2011-11-11 15:59 ` Eli Zaretskii
2011-11-11 20:20 ` Dan Nicolaescu
2011-11-12 12:04 ` Eli Zaretskii
2011-11-15 16:58 ` Dan Nicolaescu
2011-11-15 17:44 ` Eli Zaretskii
2011-11-18 12:44 ` Eli Zaretskii
2011-11-18 19:40 ` Dan Nicolaescu
2011-11-18 21:08 ` Eli Zaretskii
2011-11-18 21:43 ` Dan Nicolaescu
2011-11-19 8:28 ` Eli Zaretskii
2011-11-20 21:30 ` Dan Nicolaescu
2011-11-15 17:21 ` Dan Nicolaescu
2011-11-15 17:49 ` Eli Zaretskii
2011-11-11 20:17 ` Dan Nicolaescu
2020-08-17 22:34 ` Stefan Kangas
2020-10-01 1:55 ` Lars Ingebrigtsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=83zkg2fzgt.fsf@gnu.org \
--to=eliz@gnu.org \
--cc=9990@debbugs.gnu.org \
--cc=dann@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).