[libvirt] [PATCH] build: detect potentential uninitialized variables
Matthias Bolte
matthias.bolte at googlemail.com
Sat Apr 2 06:15:13 UTC 2011
2011/4/1 Eric Blake <eblake at redhat.com>:
> Even with -Wuninitialized (which is part of autobuild.sh
> --enable-compile-warnings=error), gcc does NOT catch this
> use of an uninitialized variable:
>
> {
> if (cond)
> goto error;
> int a = 1;
> error:
> printf("%d", a);
> }
>
> which prints 0 (if the stack was previously wiped) if cond
> was true. Clang will catch it, but we dont' use clang as
> often. Using gcc -Wjump-misses-init gives false positives:
>
> {
> if (cond)
> goto error;
> int a = 1;
> return a;
> error:
> return 0;
> }
>
> Here, a was never used in the scope of the error block, so
> declaring it after goto is technically fine (and clang agrees);
> however, given that our HACKING already documents a preference
> to C89 decl-before-statement, the false positive warning is
> enough of a prod to comply with HACKING.
>
> [Personally, I'd _really_ rather use C99 decl-after-statement
> to minimize scope, but until gcc can efficiently and reliably
> catch scoping and uninitialized usage bugs, I'll settle with
> the compromise of enforcing a coding standard that rejects
> false positives.]
> diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
> index 9082515..b03f774 100644
> --- a/src/qemu/qemu_hotplug.c
> +++ b/src/qemu/qemu_hotplug.c
> @@ -51,8 +51,8 @@ int qemuDomainChangeEjectableMedia(struct qemud_driver *driver,
> int i;
> int ret;
> char *driveAlias = NULL;
> + qemuDomainObjPrivatePtr priv;
>
> - origdisk = NULL;
> for (i = 0 ; i < vm->def->ndisks ; i++) {
> if (vm->def->disks[i]->bus == disk->bus &&
> STREQ(vm->def->disks[i]->dst, disk->dst)) {
I had to look it up in the source, as it is not visible in the context
that it's okay to remove origdisk = NULL, but origdisk is already
initialized to NULL, so this second assignment is not necessary.
ACK.
Matthias
More information about the libvir-list
mailing list