[Bug c/40635] New: bogus name and location in 'may be used uninitialized' warning

[Bug c/40635] New: bogus name and location in 'may be used uninitialized' warning

[mikpe at it dot uu dot se]

The following test case produces a 'may be used uninitialized' warning that
refers to a variable that isn't in scope at the point of the warning:

> cat nntpinit.c
struct hostent {
    char **h_addr_list;
};
struct hostent *gethostbyname(const char*);
int socket(void);
int close(int);
int connect(int, const char*);
void foo(void);

static int get_tcp_socket(const char *machine)
{
    struct hostent *hp;
    int s42, x;
    char **addr;

    hp = gethostbyname(machine);
    x = 0;
    for (addr = hp->h_addr_list; *addr; addr++) {
        s42 = socket();
        if (s42 < 0)
            return -1;
        x = connect(s42, *addr);
        if (x == 0)
            break;
        close(s42);
    }
    if (x < 0)
        return -1;
    return s42;
}

int server_init(const char *machine)
{
    int sockt_rd;

    sockt_rd = get_tcp_socket(machine);
    foo();
    if (sockt_rd < 0)
        return -1;
    return 0;
}
> gcc -O2 -Wall -c nntpinit.c
nntpinit.c: In function 'server_init':
nntpinit.c:38: warning: 's42' may be used uninitialized in this function

There is indeed a 'may be used uninitialized' issue in this code, but it's
actually in get_tcp_socket(), not in server_init() because there every use is
trivially preceeded by a def.

I guess that automatic inlining is messing up name and context information.

The test case is distilled down from some ancient nntp client code I'm tidying
up, and the bogus data in the warning did cause some headscratching before the
warning could be analysed and fixed (set x = -1 in get_tcp_socket()).


-- 
           Summary: bogus name and location in 'may be used uninitialized'
                    warning
           Product: gcc
           Version: 4.4.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: mikpe at it dot uu dot se
  GCC host triplet: i686-pc-linux-gnu


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=40635

[Bug c/40635] bogus name and location in 'may be used uninitialized' warning

[antonio dot weber at stud dot fh-regensburg dot de]

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 781 bytes --]



------- Comment #1 from antonio dot weber at stud dot fh-regensburg dot de  2009-07-05 10:29 -------
I only wanted to confirm this report. The same behaviour with gcc 4.3.2 and a
build from yesterdays svn

%> gcc -O2 -Wall -c ~/test.c
~/test.c: In function »server_init«:
~/test.c:38: warning: 's42' may be used uninitialized in this function

%> gcc --version
gcc (Gentoo 4.3.2-r3 p1.6, pie-10.1.5) 4.3.2
Copyright (C) 2008 Free Software Foundation, Inc.

%> ./bin/gcc -O2 -Wall -c ~/test.c
~/test.c: In function »server_init«:
~/test.c:38:8: warning: 's42' may be used uninitialized in this function

%> ./bin/gcc --version
gcc (GCC) 4.5.0 20090704 (experimental)
Copyright (C) 2009 Free Software Foundation, Inc.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=40635

[Bug c/40635] bogus name and location in 'may be used uninitialized' warning

[manu at gcc dot gnu dot org]

------- Comment #2 from manu at gcc dot gnu dot org  2009-07-06 13:19 -------
The root cause is a combination of inline and copy-rename. Copy rename has the
following code:

  /* Never attempt to coalesce 2 user variables unless one is an inline
     variable.  */
  if (!ign1 && !ign2)
    {
      if (DECL_FROM_INLINE (root2))
        ign2 = true;
      else if (DECL_FROM_INLINE (root1))
        ign1 = true;
      else
        {
          if (debug)
            fprintf (debug, " : 2 different USER vars. No coalesce.\n");
          return false;
        }
    }

  /* If both values have default defs, we can't coalesce.  If only one has a
     tag, make sure that variable is the new root partition.  */
  if (gimple_default_def (cfun, root1))
    {
      if (gimple_default_def (cfun, root2))
        {
          if (debug)
            fprintf (debug, " : 2 default defs. No coalesce.\n");
          return false;
        }
      else
        {
          ign2 = true;
          ign1 = false;
        }
    }
  else if (gimple_default_def (cfun, root2))
    {
      ign1 = true;
      ign2 = false;
    }

The net result is that when it combines sockt_rd with s42, it favours s42. This
is the reason it prints s42. However, the location printed corresponds to the
statement:

 if (sockt_rd < 0)
        return -1;



Then, warn_uninit is not able to detect that this comes from some inlined
thing. If we do this:

-  location = (context != NULL && gimple_has_location (context))
+  location = (!DECL_FROM_INLINE (var) && context != NULL
+             && gimple_has_location (context))
             ? gimple_location (context)
-            : DECL_SOURCE_LOCATION (var);
+            : DECL_SOURCE_LOCATION (DECL_ORIGIN (var));

Then we get the right location (line, column) but still the wrong function. I
am not sure how to force the diagnostics machinery to display the correct
function.


-- 

manu at gcc dot gnu dot org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |manu at gcc dot gnu dot org
             Status|UNCONFIRMED                 |NEW
     Ever Confirmed|0                           |1
   Last reconfirmed|0000-00-00 00:00:00         |2009-07-06 13:19:06
               date|                            |


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=40635