[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: __nonnull__ declarations

From: Bruno Haible
Subject: Re: __nonnull__ declarations
Date: Thu, 10 Dec 2009 14:54:11 +0100
User-agent: KMail/1.9.9

Jim Meyering wrote:
> > Arguments for doing it:
> >   - Allows GCC to produce its warning when passed a literal NULL value.
> >   - An added piece of documentation (but only when done completely,
> >     throughout gnulib).
>     - Allows tools like the clang static analyzer to avoid warning about
>         what it would otherwise call a potential NULL dereference.

Good point. The analysis is not very capable at this point, but it can
improve in the future. For example, in this code, I get a warning only
about the first function. The static analysis done by the Eclipse Java
compiler would also warn about a redundant 'if' in the second function.

=========================== foo.c ==============================
#include <stddef.h>

extern int func1 (char *);
extern int func2 (char *) __attribute__ ((__nonnull__ (1)));

foo1 (char *s)
  int n = func1 (s);
  if (s == NULL)
    n += func2 (s);
  return n;

foo2 (char *s)
  int n = func2 (s);
  if (s != NULL)
  return n;
$ scan-build gcc -c -O foo.c
ANALYZE: foo.c foo1
foo.c:11:10: warning: Null pointer passed as an argument to a 'nonnull' 
    n += func2 (s);
         ^      ~
ANALYZE: foo.c foo2
1 diagnostic generated.

I'll post a proposal for __nonnull__ declarations.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]