On Thu, Jul 21, 2022 at 07:20:27PM +0200, Florian Obser wrote:
> Normally I'd ignore false positives, but this one tripped me up a bit.
> I've also seen similar defensive style in the code base so I guess I'm
> not too far off into the weeds with this one?

This is a scan-build issue where it does not look inside a function which
produces an output argument.

By convention in Got, all output arguments will be initialized by functions
which produce them. In the relatively uncommon case where functions pass
output arguments through to another function, functions along the call
chain should ensure initialization takes place when the actual producer
will not be called, be it due to an internal decision or because an error
occurred before the producer was called.
This way, we can usually encode the desired default value in one place (the
producer), rather than requiring every caller to set a default value for
every output argument everywhere.

Seeing this seems to be beyond scan build's abilities, and this is one reason
I stopped looking at scan-build reports when jj@ sent me a bunch of them a
few years ago.

It is great that you found a few bugs with this, but we should not adjust
correct code to please an automated code scanner. But of course, if you notice
something that looks really wrong in your own eyes, we should try to fix it.