This is the mail archive of the gcc-help@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Missing warning about uninitialized variable.


J.C. Pizarro schrieb:
On 2007/11/29, eschenb@informatik.uni-frankfurt.de
<eschenb@informatik.uni-frankfurt.de> wrote:
If gcc should warn about it being potentially not initialized, and if so,
using which command line options - that's a completely different topic.

Warn no! Error yes!


Why?

Many compilations of projects print many warnings as is they
have not problems! But ...

     For large projects with uninitialized variables, the behaviour
     could be stochasticly flawed as a russian roulette.

With Error instead of Warn, they abort the compilations for later
repairing of theirs bugs and avoiding the scenario of russian roulette.

J.C.Pizarro
Imho, the compiler should at max give a warning, because it is outside the compilers semantic abilities to decide, what the programmer wants. I think, it's not the compiler's task to tell the programmer, what he WANTS to do.

Let's take your example again and imagine the following:

if (argc == 10) gurka=3;
if (argc == 11) gurka=3;

...

at some other point:

switch (gurka){
   case 3:
      printf("gurka is %d, which indicates 10 or 11 params\n, gurka");
      break;
   default:
      printf("Wrong number of paramters, 10 or 11 params expected\n");
     exit (EXIT_FAILURE);
}

Though gurka might be uninitialized it is perfectly okay and as expected.

Let's assume a different scenario:

if (argc%2==0) gurka=0;
else gurka=1;

Here the compiler can detect, that no matter what argc is, gurka is initialied (0 for odd, 1 for even), let's take it a step further:

if(argc%3==0) gurka=0;
if (argc%3==1) gurka=1;

now gurka will be 0 for a multiple of 3, 1 for a multiple of 3+1, otherwise undefined, because it might be absolutely legal that we don't care if argc ist a multipe of 3+2.

Bailing out with an error could be perfectly unreasonable.

Yes, maybe I could as well say gurka=argc%3; then only check for the two possibilities I am interested in, but imho it's not the compiler's job to force me, to do it this way, if the other possibility is semantically legal for the language.

As John(?) said, having a relyable initialization might be a nice extension, but it's just not C, after all you could define gurka as:

int gurka=0;

thus enforcing a default value, but it's up to you to decided this, just bailing out with an error is not the right thing to do (imho).

Regards

-Sven


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]