On 12/02/2010 05:28 AM, Daniel P. Berrange wrote:
+virThreadPoolPtr virThreadPoolNew(size_t minWorkers, + size_t maxWorkers, + virThreadPoolJobFunc func, + void *opaque) ATTRIBUTE_NONNULL(3) + ATTRIBUTE_RETURN_CHECK;
ATTRIBUTE_RETURN_CHECK doesn't serve any useful purpose when placed on constructors, since the caller will always "use" the return value by assigning the pointer to some variable. The compiler can thus never detect whether you check for null or not, even with this annotation.
Good point. However, in looking through gcc's documentation, maybe it's time we introduce a new attribute for constructors: #define ATTRIBUTE_MALLOC __attribute__((__malloc__)) The `malloc' attribute is used to tell the compiler that a function may be treated as if any non-`NULL' pointer it returns cannot alias any other pointer valid when the function returns. This will often improve optimization. Standard functions with this property include `malloc' and `calloc'. `realloc'-like functions have this property as long as the old pointer is never referred to (including comparing it to the new pointer) after the function returns a non-`NULL' value. I think that tools like clang might also be able to feed off of the malloc attribute to make decisions about whether NULL-checking needs to be performed on the result, and/or provide better leak detection analysis. However, that's a separate idea, and doesn't affect this series. -- Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org