1. Patchew
  2. linux
  3. View series

[PATCH] tools/nolibc: avoid false-positive -Wmaybe-uninitialized through waitpid()

Thomas Weißschuh posted 1 patch 3 months ago 
tools/include/nolibc/sys/wait.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] tools/nolibc: avoid false-positive -Wmaybe-uninitialized through waitpid()
Posted by Thomas Weißschuh 3 months ago 
The compiler does not know that waitid() will only ever return 0 or -1.
If waitid() would return a positive value than waitpid() would return that
same value and *status would not be initialized.
However users calling waitpid() know that the only possible return values
of it are 0 or -1. They therefore might check for errors with
'ret == -1' or 'ret < 0' and use *status otherwise. The compiler will then
warn about the usage of a potentially uninitialized variable.

Example:

	$ cat test.c
	#include <stdio.h>
	#include <unistd.h>

	int main(void)
	{
		int ret, status;

		ret = waitpid(0, &status, 0);
		if (ret == -1)
			return 0;

		printf("status %x\n", status);

		return 0;
	}

	$ gcc --version
	gcc (GCC) 15.1.1 20250425

	$ gcc -Wall -Os -Werror -nostdlib -nostdinc -static -Iusr/include -Itools/include/nolibc/ -o /dev/null test.c
	test.c: In function ‘main’:
	test.c:12:9: error: ‘status’ may be used uninitialized [-Werror=maybe-uninitialized]
	   12 |         printf("status %x\n", status);
	      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	test.c:6:18: note: ‘status’ was declared here
	    6 |         int ret, status;
	      |                  ^~~~~~
	cc1: all warnings being treated as errors

Avoid the warning by normalizing waitid() errors to '-1' in waitpid().

Fixes: 0c89abf5ab3f ("tools/nolibc: implement waitpid() in terms of waitid()")
Signed-off-by: Thomas Weißschuh <thomas.weissschuh@linutronix.de>
---
 tools/include/nolibc/sys/wait.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/include/nolibc/sys/wait.h b/tools/include/nolibc/sys/wait.h
index 4d44e3da0ba814d00368027d893e2eb1155b86f3..56ddb806da7f2466be5523b52fd01480b711daec 100644
--- a/tools/include/nolibc/sys/wait.h
+++ b/tools/include/nolibc/sys/wait.h
@@ -78,7 +78,7 @@ pid_t waitpid(pid_t pid, int *status, int options)
 
 	ret = waitid(idtype, id, &info, options);
 	if (ret)
-		return ret;
+		return -1;
 
 	switch (info.si_code) {
 	case 0:

---
base-commit: 4a40129087a4c32135bb1177a57bbbe6ee646f1a
change-id: 20250707-nolibc-waitpid-uninitialized-c11490c8997a

Best regards,
-- 
Thomas Weißschuh <thomas.weissschuh@linutronix.de>
Re: [PATCH] tools/nolibc: avoid false-positive -Wmaybe-uninitialized through waitpid()
Posted by Willy Tarreau 3 months ago 
Hi Thomas,

On Mon, Jul 07, 2025 at 02:58:11PM +0200, Thomas Weißschuh wrote:
> The compiler does not know that waitid() will only ever return 0 or -1.
> If waitid() would return a positive value than waitpid() would return that
> same value and *status would not be initialized.
> However users calling waitpid() know that the only possible return values
> of it are 0 or -1. They therefore might check for errors with
> 'ret == -1' or 'ret < 0' and use *status otherwise. The compiler will then
> warn about the usage of a potentially uninitialized variable.
(...)

Yeah that sounds reasonable for such use cases.

Acked-by: Willy Tarreau <w@1wt.eu>

FWIW when facing such cases sometimes it's also convenient to use
__builtin_unreachable() to let the compiler know the situation does
not exist. E.g:

     ret = waitpid(...);
     if (ret == -1)
            ...
     if (ret != 0)
            __builtin_unreachable();

But here it's overkill, plus not all compilers used in user land have
it so it quickly becomes a pain to define it depending on the compiler,
and your approach is much better for this case!

Willy

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.