12:26 a.m.
PATCH 21.5
Here are some more changes from slogging through piles of reports from
various static checkers. My, our code generates a lot of false
positives! Here are the detailed explanations for each of these
changes.
device-x.c: At the top of the function we assert(d != NULL), and none of
the intervening code changes the value of d. Therefore, we don't need
to check d here; this comparison is always true. (Indeed, if it were
not, then the next line, which dereferences d, would be wrong.)
dialog-x.c: This one is easy. FRAME_X_EXTERNAL_WINDOW_P dereferences
its argument, so the condition is clearly reversed.
emacs.c: This code is in an else block attached to an if (restart), so
therefore restart == 0 always.
extents.c: Since extent_list_delete_all dereferences its argument, call
it only inside the block where we know its argument is non-NULL.
glyphs-widget.c: The early code in this function is careful to check
whether width and height are non-NULL before dereferencing them. This
part of the code ought to do the same, then.
window.c: The macro CURSIZE checks the value of widthflag. We know the
value of widthflag; it is nonzero. Therefore, it is okay to expand
CURSIZE and pull out the part that is evaluated when widthflag is
nonzero.
src/ChangeLog addition:
2006-06-19 Jerry James <james(a)xemacs.org>
* device-x.c (x_IO_error_handler): d is always non-NULL here.
* dialog-x.c (dbox_selection_callback): Ensure f is non-NULL, then
dereference it, not the other way around.
* emacs.c (main_1): restart is always 0 here.
* extents.c (detach_all_extents): Call extent_list_delete_all with
a non-NULL parameter only.
* glyphs-widget.c (widget_query_geometry): Guard against possibly
NULL width and height.
* window.c (change_window_height): CURSIZE performs an always-true
comparison; expand CURSIZE and drop the unreachable code.
xemacs-21.5 source patch:
Diff command: cvs -q diff -uN
Files affected: src/window.c src/glyphs-widget.c src/extents.c src/emacs.c src/dialog-x.c
src/device-x.c
Index: src/device-x.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/device-x.c,v
retrieving revision 1.66
diff -d -u -r1.66 device-x.c
--- src/device-x.c 2005/11/25 01:41:59 1.66
+++ src/device-x.c 2006/06/19 23:11:01
@@ -1214,8 +1214,7 @@
/* According to X specs, we should not return from this function, or
Xlib might just decide to exit(). So we mark the offending
console for deletion and throw to top level. */
- if (d)
- enqueue_magic_eval_event (io_error_delete_device, dev);
+ enqueue_magic_eval_event (io_error_delete_device, dev);
DEVICE_X_BEING_DELETED (d) = 1;
Fthrow (Qtop_level, Qnil);
Index: src/dialog-x.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/dialog-x.c,v
retrieving revision 1.15
diff -d -u -r1.15 dialog-x.c
--- src/dialog-x.c 2004/09/20 19:19:38 1.15
+++ src/dialog-x.c 2006/06/19 23:11:01
@@ -104,7 +104,7 @@
ourselves. */
#ifdef EXTERNAL_WIDGET
/* #### Not sure if this special case is necessary. */
- if (!FRAME_X_EXTERNAL_WINDOW_P (f) && f)
+ if (f && !FRAME_X_EXTERNAL_WINDOW_P (f))
#else
if (f)
#endif
Index: src/emacs.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/emacs.c,v
retrieving revision 1.167
diff -d -u -r1.167 emacs.c
--- src/emacs.c 2006/05/06 17:55:59 1.167
+++ src/emacs.c 2006/06/19 23:11:02
@@ -1395,7 +1395,7 @@
inhibit_site_modules = inhibit_site_modules_save;
if (initialized)
- run_temacs_argc = restart ? -2 : -1;
+ run_temacs_argc = -1;
else
purify_flag = 1;
}
Index: src/extents.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/extents.c,v
retrieving revision 1.65
diff -d -u -r1.65 extents.c
--- src/extents.c 2006/02/27 16:29:25 1.65
+++ src/extents.c 2006/06/19 23:11:02
@@ -1455,11 +1455,11 @@
set_extent_start (e, -1);
set_extent_end (e, -1);
}
- }
- /* But we need to clear all the lists containing extents or
- havoc will result. */
- extent_list_delete_all (data->extents);
+ /* But we need to clear all the lists containing extents or
+ havoc will result. */
+ extent_list_delete_all (data->extents);
+ }
soe_invalidate (object);
}
}
Index: src/glyphs-widget.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/glyphs-widget.c,v
retrieving revision 1.18
diff -d -u -r1.18 glyphs-widget.c
--- src/glyphs-widget.c 2005/11/26 11:46:08 1.18
+++ src/glyphs-widget.c 2006/06/19 23:11:02
@@ -569,21 +569,21 @@
IMAGE_INSTANCE_WIDGET_FACE (ii),
&w, &h, domain);
/* Adjust the size for borders. */
- if (IMAGE_INSTANCE_SUBWINDOW_H_RESIZEP (ii))
+ if (width && IMAGE_INSTANCE_SUBWINDOW_H_RESIZEP (ii))
*width = w + 2 * widget_instance_border_width (ii);
- if (IMAGE_INSTANCE_SUBWINDOW_V_RESIZEP (ii))
+ if (height && IMAGE_INSTANCE_SUBWINDOW_V_RESIZEP (ii))
*height = h + 2 * widget_instance_border_width (ii);
}
}
/* Finish off with dynamic sizing. */
- if (!NILP (IMAGE_INSTANCE_WIDGET_WIDTH_SUBR (ii)))
+ if (width && !NILP (IMAGE_INSTANCE_WIDGET_WIDTH_SUBR (ii)))
{
dynamic_width =
eval_within_redisplay (IMAGE_INSTANCE_WIDGET_WIDTH_SUBR (ii));
if (INTP (dynamic_width))
*width = XINT (dynamic_width);
}
- if (!NILP (IMAGE_INSTANCE_WIDGET_HEIGHT_SUBR (ii)))
+ if (height && !NILP (IMAGE_INSTANCE_WIDGET_HEIGHT_SUBR (ii)))
{
dynamic_height =
eval_within_redisplay (IMAGE_INSTANCE_WIDGET_HEIGHT_SUBR (ii));
Index: src/window.c
===================================================================
RCS file: /pack/xemacscvs/XEmacs/xemacs/src/window.c,v
retrieving revision 1.91
diff -d -u -r1.91 window.c
--- src/window.c 2006/06/19 18:19:38 1.91
+++ src/window.c 2006/06/19 23:11:03
@@ -4379,7 +4379,7 @@
if (widthflag)
{
int new_pixsize;
- sizep = &CURSIZE (w);
+ sizep = &WINDOW_WIDTH (w);
dim = window_char_width (w, 0);
new_pixsize = inpixels?(*sizep + delta):(dim+delta);
set_window_pixsize (window, new_pixsize, 0, 0);
--
Jerry James, Assistant Professor james(a)xemacs.org
Computer Science Department http://www.cs.usu.edu/~jerry/
Utah State University
4 a.m.
QUERY
>>>> "Jerry" == Jerry James
<james(a)xemacs.org> writes:
Thanks for doing all this, Jerry! Despite my queries, I don't object
to a commit of the whole bunch; I can see you have some unquestionable
fixes in areas where I have experienced problems (no, I can't connect
any to crashes or bugs directly yet), so getting them committed is a
priority IMO.
If we decide it would be better style to ignore the checkers for some
of these, I can go back and revert the changes later.
Jerry> device-x.c: At the top of the function we assert(d !=
Jerry> NULL), and none of the intervening code changes the value
Jerry> of d. Therefore, we don't need to check d here; this
Jerry> comparison is always true. (Indeed, if it were not, then
Jerry> the next line, which dereferences d, would be wrong.)
Maybe it would be better to move the line that dereferences d into the
scope of the if () {...}?
The argument would be that when we are not error-checking (so asserts
expand to nothing), we may want to handle problems ourselves rather
than let X have a chance to crash us.
In this particular case, that is probably not true; but I don't think
we should let the static checker make our decision for us here.
Jerry> window.c: The macro CURSIZE checks the value of widthflag.
Jerry> We know the value of widthflag; it is nonzero. Therefore,
Jerry> it is okay to expand CURSIZE and pull out the part that is
Jerry> evaluated when widthflag is nonzero.
As I mentioned elsewhere, it's not obvious to me that breaking into
such abstractions is a good idea, but if we do it, I think we should
consider eliminating the abstraction. Also, the macro is weird, as it
creates a variable lvalue for something that is only used as an rvalue.
--
School of Systems and Information Engineering http://turnbull.sk.tsukuba.ac.jp
University of Tsukuba Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Ask not how you can "do" free software business;
ask what your business can "do for" free software.
6:06 p.m.
"Stephen J. Turnbull" <stephen(a)xemacs.org> wrote:
QUERY
>>>>> "Jerry" == Jerry James <james(a)xemacs.org> writes:
Thanks for doing all this, Jerry! Despite my queries, I don't object
to a commit of the whole bunch; I can see you have some unquestionable
fixes in areas where I have experienced problems (no, I can't connect
any to crashes or bugs directly yet), so getting them committed is a
priority IMO.
If we decide it would be better style to ignore the checkers for some
of these, I can go back and revert the changes later.
I'll do the work if we make such a decision. Please, everyone, do let
me know if I'm committing some ghastly style crime.
Jerry> device-x.c: At the top of the function we assert(d !=
Jerry> NULL), and none of the intervening code changes the value
Jerry> of d. Therefore, we don't need to check d here; this
Jerry> comparison is always true. (Indeed, if it were not, then
Jerry> the next line, which dereferences d, would be wrong.)
Maybe it would be better to move the line that dereferences d into the
scope of the if () {...}?
The argument would be that when we are not error-checking (so asserts
expand to nothing), we may want to handle problems ourselves rather
than let X have a chance to crash us.
In this particular case, that is probably not true; but I don't think
we should let the static checker make our decision for us here.
Ah, good point. I had the mindset that the assertions always do
something, but of course that is not true. Hmmmmmm.... so how should we
handle situations like this? An "if (d) { ... }" is just masking the
problem, is it not? Wouldn't it be better to segfault there so we could
find out about the problem?
Jerry> window.c: The macro CURSIZE checks the value of
widthflag.
Jerry> We know the value of widthflag; it is nonzero. Therefore,
Jerry> it is okay to expand CURSIZE and pull out the part that is
Jerry> evaluated when widthflag is nonzero.
As I mentioned elsewhere, it's not obvious to me that breaking into
such abstractions is a good idea, but if we do it, I think we should
consider eliminating the abstraction. Also, the macro is weird, as it
creates a variable lvalue for something that is only used as an rvalue.
As in the other case, WINDOW_WIDTH is used all over the place in
window.c already, so I'm not sure this constitutes the breaking of an
abstraction.
--
Jerry James, Assistant Professor james(a)xemacs.org
Computer Science Department http://www.cs.usu.edu/~jerry/
Utah State University
5:37 a.m.
>>>> "Jerry" == Jerry James
<james(a)xemacs.org> writes:
Jerry> Ah, good point. I had the mindset that the assertions
Jerry> always do something, but of course that is not true.
Jerry> Hmmmmmm.... so how should we handle situations like this?
Jerry> An "if (d) { ... }" is just masking the problem, is it not?
Jerry> Wouldn't it be better to segfault there so we could find
Jerry> out about the problem?
In this case, { ... } will call the X11 error handler if !d; we don't
want that since we (presumably) know more than X11 does about what's
going on. It might be a good idea to have "else ABORT()", or we might
prefer to do an autosave, then throw an error, give _strong_ warning
to the user to consider cleaning up and restarting XEmacs ("Daisy,
Daisy, ...."), and give a Lisp backtrace.
Jerry> As in the other case, WINDOW_WIDTH is used all over the
Jerry> place in window.c already, so I'm not sure this constitutes
Jerry> the breaking of an abstraction.
OK by me, you've looked at the code more closely than I have.
--
School of Systems and Information Engineering http://turnbull.sk.tsukuba.ac.jp
University of Tsukuba Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Ask not how you can "do" free software business;
ask what your business can "do for" free software.
6788
days inactive
6790
days old
3 comments
2 participants
participants (2)
-
Jerry James -
Stephen J. Turnbull