[cfe-dev] Inconsistent report by ccc-analyzer
Oliver Schneider
oliver at f-prot.com
Mon Mar 17 06:07:18 PDT 2014
Hello again,
I think I understand it better now. The function itself was recursive.
The code approximates to:
----
int foobar(ctx_t* ctx, int parent, unsigned int id)
{
item_t item;
int index;
/* some sanity checking removed for brevity */
item = ctx->items[id];
if (is_item_empty(&item)) /* function call */
return false;
if (ctx->num_refs < ctx->num_items)
{
/* assign other ctx_t members */
ctx->num_refs++;
index = ctx->num_refs;
}
if (ctx->num_refs > ctx->num_items)
return false;
if (!foobar(ctx, parent, id1)) /* id1 assigned in if() above */
return false;
if (!foobar(ctx, parent, id2)) /* id2 assigned in if() above */
return false;
if (barbaz(&item))
{
if (!foobar(ctx, index, id3)) /* id3 assigned in if() above */
return false;
}
return true;
}
----
The error was produced on the last recursive call to foobar(), on the
variable named 'index', tracing back to the uninitialized declaration.
However, I think this is a false positive (the first I have found with
ccc-analyzer, unless I have overlooked something here).
Since ctx->num_refs is incremented, the following condition will bail
out and the code couldn't conceivably reach the error location.
Or could it? Am I overlooking something here?
Thanks,
// Oliver
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20140317/f5ce21c3/attachment.sig>
More information about the cfe-dev
mailing list