GNU bug report logs -
#8227
possibly uninitialized variables in update_window_fringes
Previous Next
Reported by: Paul Eggert <eggert <at> cs.ucla.edu>
Date: Thu, 10 Mar 2011 23:46:02 UTC
Severity: minor
Done: Paul Eggert <eggert <at> cs.ucla.edu>
Bug is archived. No further changes may be made.
Full log
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Severity: minor
I found this problem by compiling Emacs with GCC's -Wuninitialized flag.
The following code in the Emacs trunk src/fringe.c's
update_window_fringes function might be using uninitialized
variables:
int top_row_ends_at_zv_p, bot_row_ends_at_zv_p;
...
if (top_ind_rn >= 0)
{
...
top_row_ends_at_zv_p = row->ends_at_zv_p;
}
...
for (y = w->vscroll, rn = 0;
y < yb && rn < nrows;
y += row->height, rn++)
{
...
if (WINDOW_LEFT_FRINGE_WIDTH (w) == 0)
...
else if (row->left_user_fringe_bitmap != NO_FRINGE_BITMAP)
...
else if ((!row->reversed_p && row->truncated_on_left_p)
|| (row->reversed_p && row->truncated_on_right_p))
...
else if (row->indicate_bob_p && EQ (boundary_top, Qleft))
{
left = ((row->indicate_eob_p && EQ (boundary_bot, Qleft))
? LEFT_FRINGE (1, Qtop_bottom, top_row_ends_at_zv_p)
: LEFT_FRINGE (2, Qtop, 0));
...
}
The last assignment uses top_row_ends_at_zv_p, but it's not clear
from the previous tests that top_row_ends_at_zv_p must be initialized.
There is a similar issue with bot_row_ends_at_zv_p.
I'm filing a bug report so that someone who is more expert in this
code can take a look at it. In the meantime, I plan to work around
the problem by initializing the two local variables to 0, with a FIXME
explaining the situation: this shouldn't introduce a bug, because at
worst it will replace undefined behavior with defined behavior.
I'm CC'ing this to YAMAMOTO Mitsuharu, who committed the code in
question.
This bug report was last modified 14 years and 136 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.