1

I am trying to get rid of violation rule 9.1 from my code.

Rule 9.1: The value of an object with automatic storage duration shall not be read before it has been set

Sample code:

#include <stdint.h>
#include <stdbool.h>
#define VAL 0xABCDEFABU

int32_t main(void);
static int32_t do_test(bool k);
static void func(uint64_t *var3, const uint64_t *var5);

int32_t 
main (void)
{
    bool b = false;

    int32_t y = do_test(b);

    return y;
}

static int32_t
do_test(bool k)
{
    uint64_t i = 0, var4[10];

    int32_t result = 0;

    for(i = 0U; i < 10U; i++) {
      var4[i] = VAL + i;
    }

    if(k == false) {
      uint64_t var2[10];
      func(var2, var4);

      if(var2[9] == var4[9]) {
        result = 1;
      }

    }

      return result;
}


static void
func(uint64_t *var3, const uint64_t *var5)
{
    int32_t i;
    for(i = 0; i < 10; i++) {
      var3[i] = var5[i];
    }

}

I am initializing var2 in the function do_test by calling another function "func" where var4 is copied to var2.

It is compiling fine and I am getting y value = 1.

Is it the violation due to parameters in func as pointers and the function do_test is not getting aware about the value assignment through pointers in func

Is there anyway to fix this issue ?

Improve this question
6
  • Is var3 or var5 initialized ? Is var5[i] initialized ? Obviously no, so this doesn't violate the rule. Commented Dec 14, 2017 at 10:43
  • 1
    Out of curiousity, which tool gave the warning? I think I have yet to find one which doesn't have this bug. Commented Dec 14, 2017 at 10:49
  • the function: main() is special in C, do not prototype it. use a return type of int, Commented Dec 14, 2017 at 11:23
  • read rule sets to learn about 'rule sets' and how to manipulate them. Commented Dec 14, 2017 at 11:34
  • 1
    Detail: "I am initializing var2 in ... function "func" ". C describes this as assigning the elements of var2. To initialize var2, use uint64_t var4[10] = { something }; Anything after that is assignment. Commented Dec 14, 2017 at 15:47

1 Answer 1

Reset to default
5

This is a common tool bug in many static analysers. Your static analyser can apparently not understand that the function func initializes all the items of var2, and therefore you get the false positive on the line var2[9] == var4[9].

On many static analysers, code such as int my_array[10]; initialize(my_array); gives frustrating false positives. "You try to initialize the array before it has been initialized!!!" Oh really... thank you, most helpful static analyser.

Your code is fine. File a bug report with your tool vendor.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

@LundinI got the same violation for a switch statement: switch (val) { case 0: result = 1; break; case 1: result = 2; break; case 2: if(temp == 1) { result = 2; } int32_t a = 10; a += 5; result = a; break; case 3: result = 4; break; default: result = 0; break; } . when I introduced curly braces for case 2 the issue got resolved. What could be the reason ?
@Salim Tool bugs.
' I am facing another scenario where rule 9.1 getting violated. I want to read an auto variable(having garbage value while declaring) before initialization and to assign null if it is not null. If it is null, then with different value. Sample code: { int8_t reg_num; uint64_t var1[NUM]; for (reg_num = 0; reg_num < NUM; reg_num++) { if (var1[reg_num] != VAR_NULL) { var1 [reg_num] = VAR_NULL; } else { var1[reg_num] = func1(); } } }
@Salim Reading an automatic storage duration variable (which does not have its address taken) before initialization is always undefined behavior. Thus your code has a bug: the loop doesn't make sense. Simply initialize uint64_t var1[NUM] = { 0 };. Bug fixed. As a bonus your code turned much faster and more readable.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.