On Monday 2021-08-09 23:32, Paul Eggert wrote:
On 8/9/21 4:47 AM, Jan Engelhardt via tz wrote:
When building tzcode commit 7f74206b39673b1a110285c6992f70507e211060 with -DALL_STATE, clang reports a loop with a undefined termination condition because sp->charcnt is not set before its use. There should probably be a sp->charcnt=0 in zoneinit.
Thanks for reporting that. Unfortunately, though, this appears to be a false alarm from Clang, as I don't see how sp->charcnt can be used without being set, because If tzload returns zero then sp->charcnt must be set.
Inside tzload, if malloc fails, then, by POSIX standardese, it ought to set errno. However, clang - rightfully, I think - does not make any particular assumptions about malloc and has found and reported the case whereby this malloc returns with NULL _and_ errno is 0. (The malloc(3) page on Linux systems mentions the corner-cases in which errno=0 can happen, namely "private malloc implementations".) tzload then returns errno, which is 0 under these pretenses, thereby signalling to its caller that everything was fine, when it fact it wasn't. This is how clang then arrived at sp->charcnt being used without initialization. Using calloc instead of malloc, or just setting the field to zero, should have little ill effect, even cosmetically.