From b6c1fae6a94d01024d30c24c32e99ec78b4b2517 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Tue, 4 Nov 2014 15:41:35 +0100 Subject: [PATCH 01/16] Fix warnings: cursor_shape.c: parse_shape_opt(): Garbage value: FP. Problem: Assigned value is garbage or undefined @ 187. http://neovim.org/doc/reports/clang/report-7b7d61.html#EndPath. Diagnostic: False positive. Rationale : `colonp`, must be `>= modep, or null` by `vim_strchr` postcondition. At this point we also it's not null and it's not equal to `modep`, by previous code. So, it must be `> modep`. Resolution: Assert `colonp > modep`. --- src/nvim/cursor_shape.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/nvim/cursor_shape.c b/src/nvim/cursor_shape.c index 9992fbdfcf28e7..328b7516939e1d 100644 --- a/src/nvim/cursor_shape.c +++ b/src/nvim/cursor_shape.c @@ -1,3 +1,4 @@ +#include #include "nvim/vim.h" #include "nvim/ascii.h" #include "nvim/cursor_shape.h" @@ -76,6 +77,7 @@ char_u *parse_shape_opt(int what) * For the 'a' mode, we loop to handle all the modes. */ all_idx = -1; + assert(modep < colonp); while (modep < colonp || all_idx >= 0) { if (all_idx < 0) { /* Find the mode. */ From a32442db8559de722bee39f9614e9041c6f3782b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Tue, 4 Nov 2014 15:41:37 +0100 Subject: [PATCH 02/16] Fix warnings: screen.c: redraw_asap(): Various (6): MI. Problems: Argument with 'nonnull' attribute passed null @ 277. http://neovim.org/doc/reports/clang/report-9c3614.html#EndPath Result of operation is garbage or undefined @ 281. http://neovim.org/doc/reports/clang/report-45efbf.html#EndPath Argument with 'nonnull' attribute passed null @ 306. http://neovim.org/doc/reports/clang/report-ffb84f.html#EndPath Result of operation is garbage or undefined @ 311. http://neovim.org/doc/reports/clang/report-d04333.html#EndPath Argument with 'nonnull' attribute passed null @ 315. http://neovim.org/doc/reports/clang/report-786819.html#EndPath Uninitialized argument value @ 328. http://neovim.org/doc/reports/clang/report-2a5506.html#EndPath Diagnostic: Multithreading issues. Rationale : All reported problems can only occur if accesed globals change state while executing function, which could only happen in a multithreaded environment. Resolution: Use local variables. Note that this change alters function semantics, as now function only depends on global values at entry time. This shouldn't be a problem, though, as new semantics should be in fact better. --- src/nvim/screen.c | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/src/nvim/screen.c b/src/nvim/screen.c index ac726f79880432..450ea5e3f10cfa 100644 --- a/src/nvim/screen.c +++ b/src/nvim/screen.c @@ -244,6 +244,9 @@ int redraw_asap(int type) u8char_T *screenlineUC = NULL; /* copy from ScreenLinesUC[] */ u8char_T *screenlineC[MAX_MCO]; /* copy from ScreenLinesC[][] */ schar_T *screenline2 = NULL; /* copy from ScreenLines2[] */ + const bool l_enc_utf8 = enc_utf8; + const int l_enc_dbcs = enc_dbcs; + const long l_p_mco = p_mco; redraw_later(type); if (msg_scrolled || (State != NORMAL && State != NORMAL_BUSY)) @@ -254,14 +257,14 @@ int redraw_asap(int type) screenline = xmalloc((size_t)(rows * Columns * sizeof(schar_T))); screenattr = xmalloc((size_t)(rows * Columns * sizeof(sattr_T))); - if (enc_utf8) { + if (l_enc_utf8) { screenlineUC = xmalloc((size_t)(rows * Columns * sizeof(u8char_T))); - for (i = 0; i < p_mco; ++i) { + for (i = 0; i < l_p_mco; ++i) { screenlineC[i] = xmalloc((size_t)(rows * Columns * sizeof(u8char_T))); } } - if (enc_dbcs == DBCS_JPNU) { + if (l_enc_dbcs == DBCS_JPNU) { screenline2 = xmalloc((size_t)(rows * Columns * sizeof(schar_T))); } @@ -273,16 +276,16 @@ int redraw_asap(int type) memmove(screenattr + r * Columns, ScreenAttrs + LineOffset[cmdline_row + r], (size_t)Columns * sizeof(sattr_T)); - if (enc_utf8) { + if (l_enc_utf8) { memmove(screenlineUC + r * Columns, ScreenLinesUC + LineOffset[cmdline_row + r], (size_t)Columns * sizeof(u8char_T)); - for (i = 0; i < p_mco; ++i) + for (i = 0; i < l_p_mco; ++i) memmove(screenlineC[i] + r * Columns, ScreenLinesC[r] + LineOffset[cmdline_row + r], (size_t)Columns * sizeof(u8char_T)); } - if (enc_dbcs == DBCS_JPNU) + if (l_enc_dbcs == DBCS_JPNU) memmove(screenline2 + r * Columns, ScreenLines2 + LineOffset[cmdline_row + r], (size_t)Columns * sizeof(schar_T)); @@ -302,16 +305,16 @@ int redraw_asap(int type) memmove(ScreenAttrs + off, screenattr + r * Columns, (size_t)Columns * sizeof(sattr_T)); - if (enc_utf8) { + if (l_enc_utf8) { memmove(ScreenLinesUC + off, screenlineUC + r * Columns, (size_t)Columns * sizeof(u8char_T)); - for (i = 0; i < p_mco; ++i) + for (i = 0; i < l_p_mco; ++i) memmove(ScreenLinesC[i] + off, screenlineC[i] + r * Columns, (size_t)Columns * sizeof(u8char_T)); } - if (enc_dbcs == DBCS_JPNU) + if (l_enc_dbcs == DBCS_JPNU) memmove(ScreenLines2 + off, screenline2 + r * Columns, (size_t)Columns * sizeof(schar_T)); @@ -322,12 +325,12 @@ int redraw_asap(int type) free(screenline); free(screenattr); - if (enc_utf8) { + if (l_enc_utf8) { free(screenlineUC); - for (i = 0; i < p_mco; ++i) + for (i = 0; i < l_p_mco; ++i) free(screenlineC[i]); } - if (enc_dbcs == DBCS_JPNU) + if (l_enc_dbcs == DBCS_JPNU) free(screenline2); /* Show the intro message when appropriate. */ From 1eb46675b7f755526f588c495fd4f4409f646a67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Tue, 4 Nov 2014 15:41:38 +0100 Subject: [PATCH 03/16] Fix warnings: screen.c: win_line(): Dead initialization: HI. Problem: Dead initialization @ 3477. http://neovim.org/doc/reports/clang/report-94b736.html#EndPath Diagnostic: Harmless issue. Rationale : `len` is assigned a new value just some lines below. So, this just seems something due to old-style variable declarations. Resolution: We could just remove initialization, but prefer moving declaration down to point of initialization. --- src/nvim/screen.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/nvim/screen.c b/src/nvim/screen.c index 450ea5e3f10cfa..7fd44d80f09a77 100644 --- a/src/nvim/screen.c +++ b/src/nvim/screen.c @@ -3477,7 +3477,6 @@ win_line ( n_extra = tab_len; } else { char_u *p; - int len = n_extra; int i; int saved_nextra = n_extra; @@ -3488,7 +3487,7 @@ win_line ( /* if n_extra > 0, it gives the number of chars to use for * a tab, else we need to calculate the width for a tab */ - len = (tab_len * mb_char2len(lcs_tab2)); + int len = (tab_len * mb_char2len(lcs_tab2)); if (n_extra > 0) { len += n_extra - tab_len; } From 04b4658978fd6e34d2c8e018bd58a9f74880d4be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Tue, 4 Nov 2014 15:41:39 +0100 Subject: [PATCH 04/16] Fix warnings: screen.c: win_line(): Dead assigment: HI. Problem: Dead assigment. http://neovim.org/doc/reports/clang/report-7362ba.html#EndPath Diagnostic: Harmless issue. Rationale : `boguscols` is in fact unread by downstream code. Resolution: Comment out. This is preferred here over just removing the line because involved logic is complex, and future readers of this code could find this extra knowledge useful to understand what the code is doing. --- src/nvim/screen.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/nvim/screen.c b/src/nvim/screen.c index 7fd44d80f09a77..52b0cf3c2987d4 100644 --- a/src/nvim/screen.c +++ b/src/nvim/screen.c @@ -3867,7 +3867,7 @@ win_line ( /* Get rid of the boguscols now, we want to draw until the right * edge for 'cursorcolumn'. */ col -= boguscols; - boguscols = 0; + // boguscols = 0; // Disabled because value never read after this if (draw_color_col) draw_color_col = advance_color_col(VCOL_HLC, &color_cols); From cc996e748db6d367aacea0fbe985f5568c5d9909 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Tue, 4 Nov 2014 15:41:41 +0100 Subject: [PATCH 05/16] Fix warnings: screen.c: showmode(): Dead assignment: HI. Problem: Dead assignment @ 7535. http://neovim.org/doc/reports/clang/report-19a5cd.html#EndPath Diagnostic: Harmless issue. Rationale : `length = msg_col;` is unconditionally executed after this. Resolution: Remove assignment. --- src/nvim/screen.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/nvim/screen.c b/src/nvim/screen.c index 52b0cf3c2987d4..439fe14e8607b2 100644 --- a/src/nvim/screen.c +++ b/src/nvim/screen.c @@ -7534,7 +7534,6 @@ int showmode(void) msg_puts_attr(edit_submode_extra, sub_attr); } } - length = 0; } else { if (State & VREPLACE_FLAG) MSG_PUTS_ATTR(_(" VREPLACE"), attr); From bd7ee7d6a95d8d2fa1162c4169418e0ed13af7a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Tue, 4 Nov 2014 15:41:42 +0100 Subject: [PATCH 06/16] Fix warnings: screen.c: draw_tabline(): Dead assignment: HI. Problem: Dead assignment @ 7711. http://neovim.org/doc/reports/clang/report-835eb6.html#EndPath Diagnostic: Harmless issue. Rationale : `scol` is only used within `FOR_ALL_TABS` body, which assigns another value to `scol` at the beginning of each iteration. If `FOR_ALL_TABS` body would not execute (no tabs) nothing harmful would happen, as code following `FOR_ALL_TABS` doesn't use `scol`. Resolution: Remove. --- src/nvim/screen.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/nvim/screen.c b/src/nvim/screen.c index 439fe14e8607b2..e217945ac3c657 100644 --- a/src/nvim/screen.c +++ b/src/nvim/screen.c @@ -7709,7 +7709,6 @@ static void draw_tabline(void) attr = attr_nosel; tabcount = 0; - scol = 0; FOR_ALL_TABS(tp) { if (col >= Columns - 4) { From 0c135a2ff40d18ef5cfeb5a0233475ab49ae4973 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Tue, 4 Nov 2014 15:41:44 +0100 Subject: [PATCH 07/16] Fix warnings: ops.c: do_join(): Nonnull violation: FP. Problem: Argument with 'nonnull' attribute passed null @ 3540. http://neovim.org/doc/reports/clang/report-fc14e0.html#EndPath. Diagnostic: False potitive. Rationale : `count` should be >= 2 by function precondition. Resolution: Assert precondition. --- src/nvim/ops.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/nvim/ops.c b/src/nvim/ops.c index e74fcef8d978a8..a8b0420fca6a3f 100644 --- a/src/nvim/ops.c +++ b/src/nvim/ops.c @@ -11,6 +11,7 @@ * op_change, op_yank, do_put, do_join */ +#include #include #include #include @@ -3436,7 +3437,7 @@ int do_join(long count, && has_format_option(FO_REMOVE_COMS); int prev_was_comment; - + assert(count > 1); if (save_undo && u_save((linenr_T)(curwin->w_cursor.lnum - 1), (linenr_T)(curwin->w_cursor.lnum + count)) == FAIL) return FAIL; From 9de544c785aa11a9edf380bc8aeaabad75357aa9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Tue, 4 Nov 2014 15:41:45 +0100 Subject: [PATCH 08/16] Fix warnings: ops.c: cursor_pos_info(): Various (2): MI. Problems: Result of operation is garbage or undefined @ 5087. http://neovim.org/doc/reports/clang/report-2e3118.html#EndPath Result of operation is garbage or undefined @ 5149. Diagnostic: Multithreading issues. Rationale : All reported problems can only occur if accesed globals change state while executing function, which could only happen in a multithreaded environment. Resolution: Use local variables (copy globals on entry). Note that this change alters function semantics, as now function only depends on global values at entry time. This shouldn't be a problem, though, as new semantics should be in fact better. --- src/nvim/ops.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/src/nvim/ops.c b/src/nvim/ops.c index a8b0420fca6a3f..e7079e02d0daa0 100644 --- a/src/nvim/ops.c +++ b/src/nvim/ops.c @@ -5028,6 +5028,8 @@ void cursor_pos_info(void) pos_T min_pos, max_pos; oparg_T oparg; struct block_def bd; + const int l_VIsual_active = VIsual_active; + const int l_VIsual_mode = VIsual_mode; /* * Compute the length of the file in characters. @@ -5040,7 +5042,7 @@ void cursor_pos_info(void) else eol_size = 1; - if (VIsual_active) { + if (l_VIsual_active) { if (lt(VIsual, curwin->w_cursor)) { min_pos = VIsual; max_pos = curwin->w_cursor; @@ -5051,7 +5053,7 @@ void cursor_pos_info(void) if (*p_sel == 'e' && max_pos.col > 0) --max_pos.col; - if (VIsual_mode == Ctrl_V) { + if (l_VIsual_mode == Ctrl_V) { char_u * saved_sbr = p_sbr; /* Make 'sbr' empty for a moment to get the correct size. */ @@ -5084,12 +5086,12 @@ void cursor_pos_info(void) } /* Do extra processing for VIsual mode. */ - if (VIsual_active + if (l_VIsual_active && lnum >= min_pos.lnum && lnum <= max_pos.lnum) { char_u *s = NULL; long len = 0L; - switch (VIsual_mode) { + switch (l_VIsual_mode) { case Ctrl_V: virtual_op = virtual_active(); block_prep(&oparg, &bd, lnum, 0); @@ -5142,8 +5144,8 @@ void cursor_pos_info(void) if (!curbuf->b_p_eol && curbuf->b_p_bin) byte_count -= eol_size; - if (VIsual_active) { - if (VIsual_mode == Ctrl_V && curwin->w_curswant < MAXCOL) { + if (l_VIsual_active) { + if (l_VIsual_mode == Ctrl_V && curwin->w_curswant < MAXCOL) { getvcols(curwin, &min_pos, &max_pos, &min_pos.col, &max_pos.col); vim_snprintf((char *)buf1, sizeof(buf1), _("%" PRId64 " Cols; "), From 336aab5eef68a493dcd1ddc2dfe6405b6ee7a0a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Tue, 4 Nov 2014 15:41:46 +0100 Subject: [PATCH 09/16] Fix warnings: regexp.c: skip_regexp: Np dereference: FP. Problem: Derefence of null pointer @ 1208. http://neovim.org/doc/reports/clang/report-24b5ca.html#Path10 Diagnostic: False positive. Rationale : Error is reported to happen if after `if (*newp == NULL) {` body, `*newp` continues being NULL, and false branch of following `if (*newp != NULL)` is taken. Now, `vim_strsave` cannot return NULL, so error cannot happen. Resolution: Remove dead code (leftover since OOM refactors). --- src/nvim/regexp.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/nvim/regexp.c b/src/nvim/regexp.c index 90da02bb1b36e7..4e5ae403d69103 100644 --- a/src/nvim/regexp.c +++ b/src/nvim/regexp.c @@ -1199,10 +1199,7 @@ char_u *skip_regexp(char_u *startp, int dirc, int magic, char_u **newp) *newp = vim_strsave(startp); p = *newp + (p - startp); } - if (*newp != NULL) - STRMOVE(p, p + 1); - else - ++p; + STRMOVE(p, p + 1); } else ++p; /* skip next character */ if (*p == 'v') From 22475b5ae80b5c08115677b9abc5c62258716c08 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Tue, 4 Nov 2014 15:41:48 +0100 Subject: [PATCH 10/16] Fix warnings: regexp.c: br_regcomp(): Np dereference: MI. Problem: Dereference of null pointer @ 1312. http://neovim.org/doc/reports/clang/report-b1d09a.html#EndPath Diagnostic: Multithreading issue. Rationale : Suggested error path contains two succesive calls to `regnext(scan)`, first of which returning nonnull, the second one returning null. This can only occur if global `reg_toolong` accesed in `regnext()` changes between the calls. Resolution: Use local variable to cache first `regnext(scan)` result. Note that this change alters function semantics, as now function only issues one call instead of two, reusing the result for the second time. This shouldn't be a problem, though, as new semantics should be in fact be better. --- src/nvim/regexp.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/src/nvim/regexp.c b/src/nvim/regexp.c index 4e5ae403d69103..93fc5c62efd837 100644 --- a/src/nvim/regexp.c +++ b/src/nvim/regexp.c @@ -1297,16 +1297,18 @@ static regprog_T *bt_regcomp(char_u *expr, int re_flags) r->regstart = (*mb_ptr2char)(OPERAND(scan)); else r->regstart = *OPERAND(scan); - } else if ((OP(scan) == BOW - || OP(scan) == EOW - || OP(scan) == NOTHING - || OP(scan) == MOPEN + 0 || OP(scan) == NOPEN - || OP(scan) == MCLOSE + 0 || OP(scan) == NCLOSE) - && OP(regnext(scan)) == EXACTLY) { - if (has_mbyte) - r->regstart = (*mb_ptr2char)(OPERAND(regnext(scan))); - else - r->regstart = *OPERAND(regnext(scan)); + } else if (OP(scan) == BOW + || OP(scan) == EOW + || OP(scan) == NOTHING + || OP(scan) == MOPEN + 0 || OP(scan) == NOPEN + || OP(scan) == MCLOSE + 0 || OP(scan) == NCLOSE) { + char_u *regnext_scan = regnext(scan); + if (OP(regnext_scan) == EXACTLY) { + if (has_mbyte) + r->regstart = (*mb_ptr2char)(OPERAND(regnext_scan)); + else + r->regstart = *OPERAND(regnext_scan); + } } /* From 997c0b3939f6da8c32672bb4e640ebc86b167be0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Tue, 4 Nov 2014 15:41:49 +0100 Subject: [PATCH 11/16] Fix warnings: regexp.c: match_with_backref(): Nonnull violation: FP. Problem: Argument with 'nonnull' attribute passed null @ 5632. http://neovim.org/doc/reports/clang/report-041a0e.html#EndPath. Diagnostic: False positive. Rationale : `p = reg_getline(clnum)` above should not be null, because `clnum` starts at `start_lnum` and only increments after that. Resolution: Assert p not null. --- src/nvim/regexp.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/nvim/regexp.c b/src/nvim/regexp.c index 93fc5c62efd837..cef2e6d9bf57e4 100644 --- a/src/nvim/regexp.c +++ b/src/nvim/regexp.c @@ -43,6 +43,7 @@ /* #undef REGEXP_DEBUG */ /* #define REGEXP_DEBUG */ +#include #include #include #include @@ -5625,6 +5626,8 @@ static int match_with_backref(linenr_T start_lnum, colnr_T start_col, linenr_T e /* Get the line to compare with. */ p = reg_getline(clnum); + assert(p); + if (clnum == end_lnum) len = end_col - ccol; else From 0bda79a847112702adc07eea03105da26fdef89f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Wed, 5 Nov 2014 21:44:19 +0100 Subject: [PATCH 12/16] Fix warnings: edit.c: ins_compl_next_buf(): Np dereference: FP. Problem : Dereference of null pointer @ 3234. Diagnostic : False positive. Rationale : `wp` is local static, so maintains value between calls. First time function is called for a given flag will have `buf == curbuf`, implying `wp` initialization. Resolution : Assert variable always having been initialized. --- src/nvim/edit.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/nvim/edit.c b/src/nvim/edit.c index 1d5e1a51cfeca0..31683c1a109bb0 100644 --- a/src/nvim/edit.c +++ b/src/nvim/edit.c @@ -3231,6 +3231,7 @@ static buf_T *ins_compl_next_buf(buf_T *buf, int flag) if (flag == 'w') { /* just windows */ if (buf == curbuf) /* first call for this flag/expansion */ wp = curwin; + assert(wp); while ((wp = (wp->w_next != NULL ? wp->w_next : firstwin)) != curwin && wp->w_buffer->b_scanned) ; From da4c9447a4174dc9c9f15802e8e85cc6e4130f93 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Wed, 5 Nov 2014 21:54:30 +0100 Subject: [PATCH 13/16] Fix warnings: edit.c: ins_compl_get_exp(): Np dereference (2): FP. Problems : Dereference of null pointer @ 3615. Dereference of null pointer @ 3764. Diagnostic : False positives. Rationale : `ins_buf` is local static, so maintains value between calls. This function will be called first when `compl_started` is false, and in that case it initializes `ins_buf`. After that, it can be called multiple times with `compl_started` true, where `ins_buf` will be updated but not to null. So, when arriving to both points, `ins_buf` should never be null. Resolution : Assert `ins_buf` at both points. --- src/nvim/edit.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/nvim/edit.c b/src/nvim/edit.c index 31683c1a109bb0..fba8246218f129 100644 --- a/src/nvim/edit.c +++ b/src/nvim/edit.c @@ -3613,6 +3613,7 @@ static int ins_compl_get_exp(pos_T *ini) * If 'infercase' is set, don't use 'smartcase' here */ save_p_scs = p_scs; + assert(ins_buf); if (ins_buf->b_p_inf) p_scs = FALSE; @@ -3761,8 +3762,10 @@ static int ins_compl_get_exp(pos_T *ini) compl_started = TRUE; } else { /* Mark a buffer scanned when it has been scanned completely */ - if (type == 0 || type == CTRL_X_PATH_PATTERNS) + if (type == 0 || type == CTRL_X_PATH_PATTERNS) { + assert(ins_buf); ins_buf->b_scanned = TRUE; + } compl_started = FALSE; } From cefc26ab63382ce7eb0db7b4b3704ef1f5c3b14b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Wed, 5 Nov 2014 22:21:42 +0100 Subject: [PATCH 14/16] Fix warnings: edit.c: mb_replace_pop_ins(): Unitilialized arg: FP. Problem : Uninitialized argument value @ 6296. Diagnostic : False positive. Rationale : Error occurs if n <= 1. That's not possible because n >= 1 due to `MB_BYTE2LEN` postcondition and n != 1 because we are in the else branch. Resolution : Assert n > 1. --- src/nvim/edit.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/nvim/edit.c b/src/nvim/edit.c index fba8246218f129..82f9c17f3a92f2 100644 --- a/src/nvim/edit.c +++ b/src/nvim/edit.c @@ -6290,6 +6290,7 @@ static void mb_replace_pop_ins(int cc) break; } else { buf[0] = c; + assert(n > 1); for (i = 1; i < n; ++i) buf[i] = replace_pop(); if (utf_iscomposing(utf_ptr2char(buf))) From d0a0efaf32b3f42ee4ebd37ff065dea4385b998b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Wed, 5 Nov 2014 22:31:38 +0100 Subject: [PATCH 15/16] Fix warnings: edit.c: replace_do_bs(): Garbage value: MI. Problem : Assigned value is garbage or undefined @ 6359. Diagnostic : Multithreading issue. Rationale : Problem only occurs if global `State` changes while function is executing. Resolution : Use local copy of global in function. --- src/nvim/edit.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/nvim/edit.c b/src/nvim/edit.c index 82f9c17f3a92f2..c2fc2acfd173f6 100644 --- a/src/nvim/edit.c +++ b/src/nvim/edit.c @@ -6336,10 +6336,11 @@ static void replace_do_bs(int limit_col) char_u *p; int i; int vcol; + const int l_State = State; cc = replace_pop(); if (cc > 0) { - if (State & VREPLACE_FLAG) { + if (l_State & VREPLACE_FLAG) { /* Get the number of screen cells used by the character we are * going to delete. */ getvcol(curwin, &curwin->w_cursor, NULL, &start_vcol, NULL); @@ -6347,17 +6348,17 @@ static void replace_do_bs(int limit_col) } if (has_mbyte) { (void)del_char_after_col(limit_col); - if (State & VREPLACE_FLAG) + if (l_State & VREPLACE_FLAG) orig_len = (int)STRLEN(get_cursor_pos_ptr()); replace_push(cc); } else { pchar_cursor(cc); - if (State & VREPLACE_FLAG) + if (l_State & VREPLACE_FLAG) orig_len = (int)STRLEN(get_cursor_pos_ptr()) - 1; } replace_pop_ins(); - if (State & VREPLACE_FLAG) { + if (l_State & VREPLACE_FLAG) { /* Get the number of screen cells used by the inserted characters */ p = get_cursor_pos_ptr(); ins_len = (int)STRLEN(p) - orig_len; From 74817b546e6fd4c6ec6e201c1b461e6cfbf5a3be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eliseo=20Marti=CC=81nez?= Date: Wed, 5 Nov 2014 22:34:27 +0100 Subject: [PATCH 16/16] Fix warnings: edit.c: ins_bs(): Garbage result: MI. Problem : Result of operation is garbage or undefined @ 7460. Diagnostic : Multithreading issue. Rationale : Problem occurs if any of globals `enc_utf8`, `p_deco is modified while function is executing. Resolution : Use local copy of globals. --- src/nvim/edit.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/nvim/edit.c b/src/nvim/edit.c index c2fc2acfd173f6..384ca9abd8e478 100644 --- a/src/nvim/edit.c +++ b/src/nvim/edit.c @@ -7455,7 +7455,9 @@ static int ins_bs(int c, int mode, int *inserted_space_p) if (State & REPLACE_FLAG) replace_do_bs(-1); else { - if (enc_utf8 && p_deco) + const bool l_enc_utf8 = enc_utf8; + const int l_p_deco = p_deco; + if (l_enc_utf8 && l_p_deco) (void)utfc_ptr2char(get_cursor_pos_ptr(), cpc); (void)del_char(FALSE); /* @@ -7463,7 +7465,7 @@ static int ins_bs(int c, int mode, int *inserted_space_p) * move the cursor back. Don't back up before the base * character. */ - if (enc_utf8 && p_deco && cpc[0] != NUL) + if (l_enc_utf8 && l_p_deco && cpc[0] != NUL) inc_cursor(); if (revins_chars) { revins_chars--;