On Tue, Apr 04, 2017 at 04:10:59PM +0100, Daniel P. Berrange wrote:
On Tue, Mar 28, 2017 at 01:46:31PM +0200, Martin Kletzander wrote:
> The attribute (defined as ATTRIBUTE_NONNULL) was added long time
> ago (2009), but in 2012 (commit eefb881d4683) it was disabled for
> normal build, making it used only when coverity was building libvirt
> or on special request. It was disabled because it was being misused
> and misunderstood -- the attribute is there as an optimization hint
> for the compiler, not to enhance static analysis.
Actually the attribute does both and the primary intention of the attribute
*is* build time warnings and/or static analysis warnings:
Oh, and it is also informally a guide to developers as to whether they
are permited to pass NULL to a method or not. ie if i see ATTRIBUTE_NONNULL,
then I know I must make sure the caller i'm working on doesn't pass NULL.
So if we removed the annotation, we'd want to make sure we document this
in some other way rather than make people read the method impl to try to
figure it out.
Regards,
Daniel
--
|:
http://berrange.com -o-
http://www.flickr.com/photos/dberrange/ :|
|:
http://libvirt.org -o-
http://virt-manager.org :|
|:
http://entangle-photo.org -o-
http://search.cpan.org/~danberr/ :|