This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: Errors from cppcheck
- From: Brooks Moses <bmoses at google dot com>
- To: libc-alpha at sourceware dot org
- Date: Mon, 26 Aug 2013 11:25:27 -0700
- Subject: Re: Errors from cppcheck
- Authentication-results: sourceware.org; auth=none
- References: <20130824094123 dot GA21033 at domone dot kolej dot mff dot cuni dot cz>
On 08/24/2013 02:41 AM, OndÅej BÃlka wrote:
Hi, I ran a cppcheck to find latent bugs. Its output is quite large,
some are false positives (floats are reported because if's used were not
exhaustive...)
As noted yesterday, I've gone through these to pull out the real bugs
from the rather large quantities of noise. I'll reorder your list to
group things.
Meanwhile, what version of cppcheck did you use? Many of the false
positives look like cppcheck bugs that should be reported to that project.
======================================================================
First the actual clear real bugs, which I have filed in Bugzilla:
vim libio/memstream.c +87 # (error) Memory leak: new_f
vim libio/wmemstream.c +88 # (error) Memory leak: new_f
REAL BUG: This does look like a memory leak.
Filed as BZ/15892.
vim stdlib/isomac.c +266 # (error) Memory leak: command
REAL BUG: This does look like a memory leak.
Filed as BZ/15893.
vim stdlib/setenv.c +197 # (error) Memory leak: new_environ
REAL BUG: This does look like a memory leak (but itâs subtle; notice
that we donât want to unilaterally free new_environ depending on realloc
earlier).
Filed as BZ/15894.
vim nscd/netgroupcache.c +627 # (error) Invalid number of character ({) when these macros are defined: ''.
REAL BUG: This does look like an unclosed â}â when HAVE_SENDFILE is defined.
Filed as BZ/15895.
======================================================================
Then, some things that may or may not be real bugs, depending on
assumptions about arguments and values that may or may not actually be
completely valid. My guess is that few if any of these are real bugs,
but they are probably cases where some documentation of assumptions
would be useful -- and where we have extra conditional checks that
should be always true, so we should either remove them to help the
compiler, or add "reached 'unreachable' code" errors.
I have not filed bugs about these yet.
----------------------------------------------------------------------
Things that depend on run-time assumptions:
vim ports/sysdeps/m68k/backtrace.c +129 # (error) Uninitialized struct member: arg.lastfp
Needs evaluation: This applies if __backtrace is called with size=0. Do
we guarantee that can't happen?
vim stdio-common/printf_fphex.c +416 # (error) Uninitialized variable: exponent
vim stdio-common/printf_fphex.c +424 # (error) Uninitialized variable: exponent
vim stdio-common/printf_fphex.c +338 # (error) Uninitialized variable: zero_mantissa
Needs evaluation: This fails if the value of âinfo->is_long_double == 0
|| sizeof (double) == sizeof (long double)â is false and
PRINT_FPHEX_LONG_DOUBLE is not defined. Assume this never happens?
vim sysdeps/ieee754/dbl-64/mpa.c +183 # (error) Uninitialized variable: c
Needs evaluation: Depends on being called with p>=1, which depends on
__mp_dbl being called with p>=1.
vim sysdeps/ieee754/ldbl-128ibm/s_nearbyintl.c +113 # (error) Uninitialized variable: high
vim sysdeps/ieee754/ldbl-128ibm/s_nearbyintl.c +114 # (error) Uninitialized variable: high
vim sysdeps/ieee754/ldbl-128ibm/s_nearbyintl.c +89 # (error) Uninitialized variable: low
vim sysdeps/ieee754/ldbl-128ibm/s_nearbyintl.c +110 # (error) Uninitialized variable: low
vim sysdeps/ieee754/ldbl-128ibm/s_nearbyintl.c +113 # (error) Uninitialized variable: low
vim sysdeps/ieee754/ldbl-128ibm/s_nearbyintl.c +114 # (error) Uninitialized variable: low
Needs evaluation: We only enter this clause if u.dd[1] !=0, and low and
high are defined if u.dd[1]>0 or u.dd[1]<0. This only fails if u.dd[1]
is a NaN. Presumably that is not allowed by long-double spec?
vim sysdeps/ieee754/dbl-64/e_j0.c +306 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j0.c +307 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j0.c +308 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j0.c +310 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j0.c +311 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j0.c +312 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j0.c +414 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j0.c +415 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j0.c +416 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j0.c +418 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j0.c +419 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j0.c +420 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j0.c +421 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j0.c +303 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j0.c +304 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j0.c +411 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j0.c +412 # (error) Uninitialized variable: q
Needs evaluation: Depends on GET_HIGH_WORD always returning a value
greater than or equal to 0x4000000.
vim sysdeps/ieee754/dbl-64/e_j1.c +304 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j1.c +305 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j1.c +306 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j1.c +308 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j1.c +309 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j1.c +310 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j1.c +413 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j1.c +414 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j1.c +415 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j1.c +417 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j1.c +418 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j1.c +419 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j1.c +420 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j1.c +301 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j1.c +302 # (error) Uninitialized variable: q
vim sysdeps/ieee754/dbl-64/e_j1.c +410 # (error) Uninitialized variable: p
vim sysdeps/ieee754/dbl-64/e_j1.c +411 # (error) Uninitialized variable: q
Needs evaluation: Depends on GET_HIGH_WORD always returning a value
greater than or equal to 0x4000000.
vim sysdeps/ieee754/flt-32/e_j0f.c +236 # (error) Uninitialized variable: p
vim sysdeps/ieee754/flt-32/e_j0f.c +237 # (error) Uninitialized variable: q
vim sysdeps/ieee754/flt-32/e_j0f.c +332 # (error) Uninitialized variable: p
vim sysdeps/ieee754/flt-32/e_j0f.c +333 # (error) Uninitialized variable: q
Needs evaluation: Depends on GET_HIGH_WORD always returning a value
greater than or equal to 0x4000000.
vim sysdeps/ieee754/flt-32/e_j1f.c +233 # (error) Uninitialized variable: p
vim sysdeps/ieee754/flt-32/e_j1f.c +234 # (error) Uninitialized variable: q
vim sysdeps/ieee754/flt-32/e_j1f.c +330 # (error) Uninitialized variable: p
vim sysdeps/ieee754/flt-32/e_j1f.c +331 # (error) Uninitialized variable: q
Needs evaluation: Depends on GET_HIGH_WORD always returning a value
greater than or equal to 0x4000000.
vim sysdeps/ieee754/ldbl-96/e_j0l.c +385 # (error) Uninitialized variable: p
vim sysdeps/ieee754/ldbl-96/e_j0l.c +386 # (error) Uninitialized variable: p
vim sysdeps/ieee754/ldbl-96/e_j0l.c +388 # (error) Uninitialized variable: q
vim sysdeps/ieee754/ldbl-96/e_j0l.c +522 # (error) Uninitialized variable: p
vim sysdeps/ieee754/ldbl-96/e_j0l.c +523 # (error) Uninitialized variable: p
vim sysdeps/ieee754/ldbl-96/e_j0l.c +525 # (error) Uninitialized variable: q
vim sysdeps/ieee754/ldbl-96/e_j0l.c +526 # (error) Uninitialized variable: q
vim sysdeps/ieee754/ldbl-96/e_j0l.c +527 # (error) Uninitialized variable: q
Needs evaluation: Depends on GET_LDOUBLE_WORDS always returning a value
greater than or equal to 0x4000.
vim sysdeps/ieee754/ldbl-96/e_j1l.c +383 # (error) Uninitialized variable: p
vim sysdeps/ieee754/ldbl-96/e_j1l.c +384 # (error) Uninitialized variable: p
vim sysdeps/ieee754/ldbl-96/e_j1l.c +385 # (error) Uninitialized variable: q
vim sysdeps/ieee754/ldbl-96/e_j1l.c +530 # (error) Uninitialized variable: p
vim sysdeps/ieee754/ldbl-96/e_j1l.c +531 # (error) Uninitialized variable: p
vim sysdeps/ieee754/ldbl-96/e_j1l.c +533 # (error) Uninitialized variable: q
vim sysdeps/ieee754/ldbl-96/e_j1l.c +534 # (error) Uninitialized variable: q
vim sysdeps/ieee754/ldbl-96/e_j1l.c +535 # (error) Uninitialized variable: q
Needs evaluation: Depends on GET_LDOUBLE_WORDS always returning a value
greater than or equal to 0x4000.
----------------------------------------------------------------------
Likewise, some things that depend on interactions between macros. I
presume these are false positives, but it would be good for someone who
knows the code to confirm:
vim nscd/nscd_helper.c +186 # (error) Uninitialized variable: sock
Needs evaluation: This is uninitialized if __ASSUME_SOCK_CLOEXEC is true
and SOCK_CLOEXEC is false, but the macro names imply that wonât happen.
vim sysdeps/unix/sysv/linux/futimes.c +107 # (error) Uninitialized variable: result
vim sysdeps/unix/sysv/linux/opensock.c +84 # (error) Uninitialized variable: result
Needs evaluation: Relies on __ASSUME_UTIMES not being defined if
__NR_utimes is not defined.
----------------------------------------------------------------------
And a few things in the soft-float code that depend on chasing down
macro values that I didn't have time to do:
vim soft-fp/fmadf4.c +43 # (error) Uninitialized variable: TD_f0
vim soft-fp/fmadf4.c +43 # (error) Uninitialized variable: TD_f1
vim soft-fp/fmadf4.c +43 # (error) Uninitialized variable: RD_f0
vim soft-fp/fmadf4.c +43 # (error) Uninitialized variable: RD_f1
vim soft-fp/fmasf4.c +43 # (error) Uninitialized variable: TD_f
Needs evaluation: This depends on macro chains that I didn't track down,
but look unlikely to contain real bugs.
vim soft-fp/adddf3.c +43 # (error) Uninitialized variable: R_f
vim soft-fp/addsf3.c +43 # (error) Uninitialized variable: R_f
vim soft-fp/fixtfdi.c +41 # (error) Uninitialized variable: r
vim soft-fp/fixtfsi.c +41 # (error) Uninitialized variable: r
vim soft-fp/fixunstfdi.c +44 # (error) Uninitialized variable: r
vim soft-fp/fixunstfsi.c +44 # (error) Uninitialized variable: r
vim soft-fp/subdf3.c +43 # (error) Uninitialized variable: R_f
vim soft-fp/subsf3.c +43 # (error) Uninitialized variable: R_f
Needs evaluation: This depends on macro chains that I didn't track down,
but look unlikely to contain real bugs.
----------------------------------------------------------------------
Last of the maybe-bugs: A block of code that left me totally confused:
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +58 # (error) Uninitialized struct member: aixtermios.c_iflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +59 # (error) Uninitialized struct member: aixtermios.c_iflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +61 # (error) Uninitialized struct member: aixtermios.c_iflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +63 # (error) Uninitialized struct member: aixtermios.c_iflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +67 # (error) Uninitialized struct member: aixtermios.c_oflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +70 # (error) Uninitialized struct member: aixtermios.c_oflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +72 # (error) Uninitialized struct member: aixtermios.c_oflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +83 # (error) Uninitialized struct member: aixtermios.c_oflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +86 # (error) Uninitialized struct member: aixtermios.c_oflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +88 # (error) Uninitialized struct member: aixtermios.c_oflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +90 # (error) Uninitialized struct member: aixtermios.c_oflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +94 # (error) Uninitialized struct member: aixtermios.c_cflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +100 # (error) Uninitialized struct member: aixtermios.c_cflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +104 # (error) Uninitialized struct member: aixtermios.c_cflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +106 # (error) Uninitialized struct member: aixtermios.c_cflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +112 # (error) Uninitialized struct member: aixtermios.c_cflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcgetattr.c +114 # (error) Uninitialized struct member: aixtermios.c_cflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcsetattr.c +115 # (error) Uninitialized struct member: aixtermios.c_cflag
vim sysdeps/unix/sysv/linux/powerpc/aix/tcsetattr.c +120 # (error) Uninitialized struct member: aixtermios.c_cflag
Needs evaluation: I donât understand what is going on with this code at
all. It starts with "result = /* make syscall */;" which doesn't even
look like valid C.
======================================================================
And the things that are clear false positives in cppcheck:
----------------------------------------------------------------------
False positives because cppcheck doesn't correctly handle constructs of
the form "case MACRO:" or other cases where macros have specific syntax:
vim hurd/hurdexec.c +361 # (error) Analysis failed. If the code is valid then please report this failure.
False positive: This looks valid, but depends on value of a macro.
vim hurd/intr-msg.c +258 # (error) syntax error
vim hurd/intr-msg.c +168 # (error) syntax error
vim hurd/intr-msg.c +165 # (error) syntax error
Presumed false positive: Depends on value of a macro.
vim mach/msg-destroy.c +86 # (error) syntax error
Presumed false positive: Depends on value of a macro.
vim nptl/sockperf.c +561 # (error) syntax error
Presumed false positive: Depends on value of a macro.
vim nss/nss_files/files-ethers.c +38 # (error) syntax error
Presumed false positive: Depends on value of a macro.
vim ports/sysdeps/hppa/dl-fptr.c +108 # (error) Uninitialized variable: l
Presumed false positive: Depends on value of a macro.
vim posix/glob.c +503 # (error) Analysis failed. If the code is valid then please report this failure.
Presumed valid: Depends on value of a macro.
vim stdio-common/printf_fp.c +269 # (error) Null pointer dereference
vim stdio-common/printf_fp.c +278 # (error) Null pointer dereference
Presumed valid: Depends on value of a macro.
vim stdio-common/printf_fp.c +1175 # (error) Null pointer dereference
Presumed valid: Depends on value of a macro.
vim stdio-common/psiginfo.c +161 # (error) syntax error
vim stdio-common/psiginfo.c +173 # (error) syntax error
vim stdio-common/psiginfo.c +167 # (error) syntax error
vim stdio-common/psiginfo.c +156 # (error) syntax error
Presumed valid: Depends on value of a macro.
vim string/memcmp.c +111 # (error) syntax error
vim string/memcmp.c +89 # (error) syntax error
Presumed valid: Depends on value of a macro.
vim sysdeps/mach/msync.c +42 # (error) Analysis failed. If the code is valid then please report this failure.
Presumed valid: Depends on value of a macro.
vim sysdeps/posix/sigvec.c +80 # (error) Analysis failed. If the code is valid then please report this failure.
vim sysdeps/posix/sigvec.c +87 # (error) Analysis failed. If the code is valid then please report this failure.
vim sysdeps/posix/sigvec.c +83 # (error) Analysis failed. If the code is valid then please report this failure.
Presumed valid: Depends on value of a macro.
vim time/strftime_l.c +400 # (error) syntax error
Presumed valid: Depends on value of a macro.
----------------------------------------------------------------------
A useless style warning:
vim sysdeps/ieee754/dbl-64/e_log.c +82 # (style) Using NaN/Inf in a computation.
Bogus style warning; Inf is required result.
----------------------------------------------------------------------
False positives and probable false positives because of
overly-aggressive assumptions about the arguments to realloc:
vim malloc/mcheck.c +320 # (error) Common realloc mistake: 'hdr' nulled but not freed upon failure
False positive(?): âhdrâ does not appear to point to allocated memory
that needs to be freed.
vim misc/err.c +64 # (error) Common realloc mistake: 'wformat' nulled but not freed upon failure
False positive: Input wformat is allocaâed and does not need to be freed.
----------------------------------------------------------------------
False positives because cppcheck is confused between accessing the value
of an uninitialized variable and accessing its address:
vim login/openpty.c +94 # (error) Uninitialized variable: _buf
False positive: cppcheck doesnât realize that âchar _buf[512]â defines
_buf (as an address).
vim resolv/ns_ttl.c +156 # (error) Uninitialized variable: tmp
False positive: cppcheck doesnât realize that âchar tmp[50]â defines tmp
(as an address).
vim sysdeps/unix/grantpt.c +108 # (error) Uninitialized variable: _buf
False positive: cppcheck doesnât realize that âchar _buf[512]â defines
_buf (as an address).
vim sysdeps/ieee754/support.c +196 # (error) Uninitialized variable: dp
vim sysdeps/ieee754/support.c +197 # (error) Uninitialized variable: tmp
False positive: dp and tmp are uninitialized, but their address is still
defined, and all we are looking at is their address.
----------------------------------------------------------------------
False positives because cppcheck isn't correctly handling values that
are set in clauses of conditionals after "&&" and "||" operators:
vim grp/fgetgrent_r.c +97 # (error) Uninitialized variable: parse_result
False positive: parse_result is set in a clause of a complex conditional
that must be evaluated to leave the preceding while loop.
vim nis/nss_compat/compat-pwd.c +564 # (error) Uninitialized variable: parse_res
vim nis/nss_compat/compat-pwd.c +764 # (error) Uninitialized variable: parse_res
vim nis/nss_compat/compat-pwd.c +970 # (error) Uninitialized variable: parse_res
vim nis/nss_compat/compat-spwd.c +721 # (error) Uninitialized variable: parse_res
False positive: parse_res is set in a clause of a complex conditional
that must be evaluated to leave the preceding while loop.
vim nss/nss_files/files-XXX.c +232 # (error) Uninitialized variable: parse_result
False positive: parse_result is set in a clause of a complex conditional
that must be evaluated to leave the preceding while loop.
vim sysdeps/posix/getaddrinfo.c +1436 # (error) Uninitialized variable: scope
False positive: This is only uninitialized if we exit from an infinite
loop, which of course never happens. (There's a conditional return in
the middle of the loop, which happens instead.)
vim sunrpc/rpc_cout.c +638 # (error) Uninitialized variable: ptr
False positive: ptr is initialized in part of the containing "if" clause.
----------------------------------------------------------------------
And some general false positives due to cppcheck not understanding the
control flow:
vim csu/libc-tls.c +178 # (error) Possible null pointer dereference: initimage
False positive(?): We may indeed call memcpy with a NULL input pointer,
but only with a length of zero so the pointer isn't dereferenced.
vim elf/dl-error.c +187 # (error) Uninitialized struct member: c.objname
vim elf/dl-error.c +189 # (error) Uninitialized struct member: c.malloced
False positive: cppcheck doesnât understand setjmp control paths.
vim hurd/hurdstartup.c +101 # (error) Uninitialized struct member: data.flags
False positive: data.flags is only used if the previous conditional was
entered, which would define it.
vim stdio-common/printf-prs.c +73 # (error) Uninitialized struct member: spec.next_fmt
False positive: cppcheck doesnât realize third clause of for(;;)
construct is only evaluated after the loop body.
vim sysdeps/ieee754/ldbl-128/e_asinl.c +204 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +205 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +206 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +207 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +208 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +209 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +210 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +211 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +212 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +213 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +215 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +216 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +217 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +218 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +219 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +220 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +221 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +222 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128/e_asinl.c +223 # (error) Uninitialized variable: t
False positive: If we donât return from the middle of the previous âifâ
nest, t is defined.
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +197 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +198 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +199 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +200 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +201 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +202 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +203 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +204 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +205 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +206 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +208 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +209 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +210 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +211 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +212 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +213 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +214 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +215 # (error) Uninitialized variable: t
vim sysdeps/ieee754/ldbl-128ibm/e_asinl.c +216 # (error) Uninitialized variable: t
False positive: If we donât return from the middle of the previous âifâ
nest, t is defined.
vim nptl/sysdeps/s390/pthread_spin_trylock.c +32 # (error)
Uninitialized variable: old
False positive: Defined in __asm block.
----------------------------------------------------------------------
Cppcheck doesn't understand nested functions either:
vim sysdeps/mach/hurd/getpriority.c +35 # (error) Uninitialized variable: pip
False positive: cppcheck doesnât understand nested function definitions.
vim sysdeps/mach/hurd/sigwait.c +39 # (error) Uninitialized variable: ss
False positive: cppcheck doesnât understand nested function definitions.
----------------------------------------------------------------------
Some cases where the output from cppcheck was entirely incomprehensible:
vim sysdeps/ieee754/flt-32/s_sinf.c +54 # (error) Array 'y[1]' accessed at index 1, which is out of bounds.
vim sysdeps/ieee754/flt-32/s_sinf.c +56 # (error) Array 'y[1]' accessed at index 1, which is out of bounds.
False positive: This looks totally bogus; y is declared as y[2].
vim sysdeps/mach/hurd/i386/sigreturn.c +131 # (error) Invalid number of character (() when these macros are defined: ''.
False positive: It is not even clear what cppcheck is thinking is
happening here.
----------------------------------------------------------------------
And, finally, the only false positive in the whole lot that is actually
completely defensible:
vim sysdeps/mach/hurd/_exit.c +43 # (error) Division by zero.
False positive: Yes, it's invalid, but we meant to do that. It's a
last-ditch attempt to crash a program that otherwise will not exit.