From: Robert Dewar <dewar@adacore.com>
To: Dmitry Antipov <antipov@dev.rtsoft.ru>
Cc: gcc@gcc.gnu.org
Subject: Re: Dubious "'foo' might be used uninitialized in this function" message
Date: Wed, 15 Dec 2004 12:06:00 -0000 [thread overview]
Message-ID: <41C0289C.2000209@adacore.com> (raw)
In-Reply-To: <41C009AA.4020700@dev.rtsoft.ru>
Dmitry Antipov wrote:
>> it gets as complex as the halting problem :)
> Really ? Why ?
Because the general evaluation of compile time contants
is clearly in this territory. Your example:
1 #include <unistd.h>
2
3 int f (int x, int y)
4 {
5 int z;
6
7 if (x)
8 z = getppid ();
9 y = getpid ();
10 if (x)
11 y += z;
12 return x + y;
13 }
requires the compiler to do symbolic evaluation of the
tests in lines 7 and 10 and determine that they always
have the same truth value. Then you expect the compiler
to do an analysis of the flow of the program for the two
cases, and determine that everything is OK in both cases.
Yes, it is conceivable, though really *quite* difficult
to do this in a simple case like this, but obviously
impractical/impossible in more complex cases.
The compiler is complaining about line 11, because as far
as it is concerned, z has not been unconditionally assigned
previously. It is simply not in the business of saying "ah,
but it's OK, we would never have got to line 11 unless the
condition in line 10 was true, in which case the condition
in line 7 would have been true, which means that z would
have been assigned at line 8".
Warnings are warnings, not errors. Usually they are warnings
precisely because it is impossible to precisely separate the
bad cases from the good cases. The art of warning design is
to give as many useful warnings as possible without giving
too many false positives, and without requiring any extensive
analysis that the compiler is not doing anyway.
Here is an example from Ada:
1. generic
2. type R is private;
|
>>> warning: type "R" is not referenced
3. package Q is
4. X : Integer;
5. end Q;
One of our customers recently complained that this was a false
positive, because there might be a child unit of Q that references
R. This is true. However, after quite a bit of dicussion, we
decided that it was useful to retain the warning, since it is
rather unusual (though certainly legal) to have entities that
are referenced ONLY in a child unit, and if we removed the
warning on this basis, we would lose a lot of useful warnings.
child unit
next prev parent reply other threads:[~2004-12-15 12:06 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-12-14 15:23 Dmitry Antipov
2004-12-14 16:40 ` E. Weddington
2004-12-14 17:00 ` Nathan Sidwell
2004-12-15 9:00 ` Dmitry Antipov
2004-12-15 10:02 ` Nathan Sidwell
2004-12-15 12:06 ` Robert Dewar [this message]
2004-12-15 17:33 ` Joe Buck
2004-12-15 18:03 ` Dave Korn
2004-12-15 18:09 ` Robert Dewar
2004-12-15 17:33 ` Florian Weimer
2004-12-15 17:34 ` Robert Dewar
2004-12-15 17:52 ` Florian Weimer
2004-12-15 18:00 ` Robert Dewar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41C0289C.2000209@adacore.com \
--to=dewar@adacore.com \
--cc=antipov@dev.rtsoft.ru \
--cc=gcc@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).