This is the mail archive of the newlib@sourceware.org mailing list for the newlib project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Use of initialized variable in strtod.c

From: Corinna Vinschen <vinschen at redhat dot com>
To: newlib at sourceware dot org
Date: Thu, 16 Mar 2017 09:31:56 +0100
Subject: Re: Use of initialized variable in strtod.c
Authentication-results: sourceware.org; auth=none
Authentication-results: ext-mx09.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-results: ext-mx09.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=vinschen at redhat dot com
Dkim-filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 2D3F261988
Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 2D3F261988
References: <788987e9-9b0d-4bfd-b40a-38c219bd8a17@oarcorp.com> <f5733072-1409-c9cd-6c6d-c564a9e62551@LGSInnovations.com> <47ea65c0-130a-e138-3c7c-0c1a636d87fd@oarcorp.com> <2264cd14-0e03-2aad-f95e-562394435c0b@LGSInnovations.com>
Reply-to: newlib at sourceware dot org

On Mar 15 14:56, Craig Howland wrote:
> On 03/15/2017 02:38 PM, Joel Sherrill wrote:
> > 
> > 
> > On 3/15/2017 1:34 PM, Craig Howland wrote:
> > > On 03/15/2017 02:16 PM, Joel Sherrill wrote:
> > > > ...
> > > > 
> > > > Basically if (bb) is false, then bits is not set
> > > > and it is used as input to ULtod.
> > > > 
> > > > 334                                if (bb) {
> > > > 335                                        copybits(bits, fpi.nbits, bb);
> > > > 336                                        Bfree(ptr,bb);
> > > > 337                                        }
> > > > 
> > > > CID 175379 (#1 of 1): Uninitialized scalar variable (UNINIT)
> > > > 10. uninit_use_in_call: Using uninitialized element of array bits when calling
> > > > ULtod. [show details]
> > > > 338                                ULtod(rv.i, bits, exp, i);
> > > > 
> > > I took a quick look, and I think (it's been ages since I had to do some editing
> > > in strtod.c) it is OK.  Specifically, it does appear that bb is only ever
> > > returned as 0 in a case when ULtod does not need the value of bits.  So while
> > > Coverity it right that it could be a problem, it is not really.
> > 
> > Would it be better to initialize bb to 0? Or assign it on
> > the else to "if (bb)". If that's correct, it would make
> > the intent clearer and eliminate the use of an uninitialized
> > variable.
> > 
> > FWIW I am a firm believer in not marking issues as false
> > positive. In this case, there really is a use of an
> > uninitialized variable. So we might as well address that.
> > 
> I disagree that there really is use of an uninitialized variable. There is
> not.  It just appears to the tool that there is.  (This is a tough case, so
> it's not a surprise that it misses it and gives a false indictment.)
> 
> Does Coverity have a way in which in the code it can be marked as OK?  (I'd
> expect some '#pragma CoverityIgnore(bits)' or the like ought to be
> available.)  I agree with trying to get rid of the message, but it is worth
> bloat to do it?

Just mark it as false positive in coverity.  We should not change the
code in this area too much.  It's basically David M. Gay's gdtoa code
and we should keep it in a shape easier comparable with upstream.


Corinna

-- 
Corinna Vinschen
Cygwin Maintainer
Red Hat

Attachment: signature.asc
Description: PGP signature

References:
- Use of initialized variable in strtod.c
  - From: Joel Sherrill
- Re: Use of initialized variable in strtod.c
  - From: Craig Howland
- Re: Use of initialized variable in strtod.c
  - From: Joel Sherrill
- Re: Use of initialized variable in strtod.c
  - From: Craig Howland

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]