From: "demerphq at gmail dot com" <sourceware-bugzilla@sourceware.org>
To: bzip2-devel@sourceware.org
Subject: [Bug bzip2/28904] New: libbzip2: ‘cost[3]’ may be used uninitialized in this function [-Wmaybe-uninitialized]
Date: Fri, 18 Feb 2022 03:18:52 +0000 [thread overview]
Message-ID: <bug-28904-11876@http.sourceware.org/bugzilla/> (raw)
https://sourceware.org/bugzilla/show_bug.cgi?id=28904
Bug ID: 28904
Summary: libbzip2: ‘cost[3]’ may be used uninitialized in this
function [-Wmaybe-uninitialized]
Product: bzip2
Version: unspecified
Status: UNCONFIRMED
Severity: enhancement
Priority: P2
Component: bzip2
Assignee: nobody at sourceware dot org
Reporter: demerphq at gmail dot com
CC: bzip2-devel at sourceware dot org
Target Milestone: ---
Hi,
I am a contributor to the Perl project. https://github.com/Perl/perl5
We bundle your library libbzip2 via the perl Module Compress-Raw-Bzip2, which
is hosted at:
https://github.com/pmqs/Compress-Raw-Bzip2
We are trying to ensure our builds are warning clean, however when building
this package your library produces "may be used uninitialized" warnings on some
compilers, you can see these warnings below.
While this is almost certainly a false positive warning, it is also trivial to
silence the warnings with essentially no performance hit by initializing the
cost structure with 0's at the start.
We have an open bug report for this for perl here:
https://github.com/Perl/perl5/issues/19432
And an open bug report for this for the module here:
https://github.com/pmqs/Compress-Raw-Bzip2/issues/4
And a patch for it here:
https://github.com/pmqs/Compress-Raw-Bzip2/pull/5/commits/641a440ec6229c1d368b9ead48f4968b955c0115
The maintainer of Compress-Raw-Bzip2 (on CC) is known to prefer not to apply
changes to this library code that are not upstream. (A reasonable policy.)
I was wondering if you could apply this patch, or something equivalent that
would fix this so that the perl project could have warning free builds. Your
library is the last module we ship that produces warnings during the build
process. We target a wide range of compilers and try to keep our code as clean
as possible, and while again I accept that your code likely is not buggy as you
initialize it in a loop at line 357,
357: for (t = 0; t < nGroups; t++) cost[t] = 0;
as far as I can tell nGroups is not a constant, and the compiler reasonably
cannot be certain that all BZ_N_GROUPS entries in the array are initialized
before use.
We in the perl development community would appreciate it if you would release a
patch that would silence these warnings for us. Then Paul could roll a new
release of his module, and we in the Perl could then use that and be happy with
a completely warning free build.
gcc -c -I. -D_REENTRANT -D_GNU_SOURCE -fwrapv -fno-strict-aliasing -pipe
-fstack-protector-strong -I/usr/local/include -D_LARGEFILE_SOURCE
-D_FILE_OFFSET_BITS=64 -Wall -Werror=pointer-arith -Werror=vla -Wextra
-Wno-long-long -Wno-declaration-after-statement -Wc++-compat -Wwrite-strings
-O3 -DVERSION=\"2.101\" -DXS_VERSION=\"2.101\" -fPIC "-I../.." -Wall
-Wno-comment -DBZ_NO_STDIO compress.c
compress.c: In function ‘BZ2_compressBlock’:
compress.c:392:54: warning: ‘cost[5]’ may be used uninitialized in this
function [-Wmaybe-uninitialized]
for (t = 0; t < nGroups; t++) cost[t] += s->len[t][icv];
^~
compress.c:256:11: note: ‘cost[5]’ was declared here
UInt16 cost[BZ_N_GROUPS];
^~~~
compress.c:402:21: warning: ‘cost[3]’ may be used uninitialized in this
function [-Wmaybe-uninitialized]
if (cost[t] < bc) { bc = cost[t]; bt = t; };
~~~~^~~
compress.c:256:11: note: ‘cost[3]’ was declared here
UInt16 cost[BZ_N_GROUPS];
^~~~
compress.c:402:21: warning: ‘cost[2]’ may be used uninitialized in this
function [-Wmaybe-uninitialized]
if (cost[t] < bc) { bc = cost[t]; bt = t; };
~~~~^~~
compress.c:256:11: note: ‘cost[2]’ was declared here
UInt16 cost[BZ_N_GROUPS];
^~~~
Your consideration on this matter would be much appreciated.
Thank you very much for your time in producing this library, I personally have
made use of it many times in my career.
cheers,
Yves
--
You are receiving this mail because:
You are on the CC list for the bug.
next reply other threads:[~2022-02-18 3:18 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-18 3:18 demerphq at gmail dot com [this message]
2022-04-19 22:04 ` [Bug bzip2/28904] " mark at klomp dot org
2022-04-19 22:23 ` mark at klomp dot org
2022-04-20 1:57 ` demerphq at gmail dot com
2022-05-26 20:53 ` mark at klomp dot org
2022-05-31 19:06 ` email at arsoftware dot net.br
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-28904-11876@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=bzip2-devel@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).