http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54544
--- Comment #4 from Zakhar <jimfr06 at gmail dot com> 2012-09-11 21:09:28 UTC
---
MORE
----
Unfortunately, I don't think the hypothesis of the uninitialized pointed memory
hold. That should prove it if we add:
/*01*/ int fct(volatile int *p);
/*02*/
/*03*/ static int
/*04*/ foo( p )
/*05*/ volatile int * p;
/*06*/ {
/*07*/ volatile int foobar,barfoo;
/*08*/ volatile int flag=0;
/*09*/ volatile int * bar;
/*10*/
/*11*/ do
/*12*/ {
/*13*/ if ( *p )
/*14*/ {
/*15*/ flag= fct( p );
/*16*/ bar = p;
/*17*/ }
/*18*/ if ( fct( p ) ) break;
/*19*/ if ( flag )
/*20*/ {
/*21*/ barfoo = *bar;
/*22*/ if ( bar == (int *)0 ) break;
/*23*/ foobar = *bar;
/*24*/ return foobar + barfoo;
/*25*/ }
/*26*/ }
/*27*/ while ( fct( p ) );
/*28*/
/*29*/ return 0;
/*30*/ }
/*31*/
/*32*/ int
/*33*/ main()
/*34*/ {
/*35*/ int i;
/*35*/
/*37*/ return foo( &i );
/*38*/
/*40*/ }
Here 'main' calls the 'foo' function with a pointer to a variable which for
sure is NOT initialized, and there is no warning whatsoever when we compile
with:
$ gcc -O3 -c uninit.c -o /dev/null -Wall
In this example, if we go to line 23, for sure the result of the returned value
is totally unpredictable as it depends on the value of 'i' in the main
function.
'i' is on the stack, and has not been initialized, so it gets any value that
was there previously on the stack!
If we remove 'static' in front of the function, this time we get our warning
back... but probably a 'false positive' on 'bar', and not related to tracking
down pointed memory.
In this new use-case, if we add 'inline' after static (which -O3 should do by
itself here?) we are for sure doing something wrong.
Shouldn't -WUninitialized output something instead of remaining silent?
