Bug#192474: libc6-dev: error.h is not correctly annotated for splint
reassign 192474 splint
thanks
At 12 May 2003 17:34:02 +0100,
Rich Walker wrote:
> > > However, over time, I find I have modified many of the standard
> > > headers to be splint-able. error.h is a good example. (Note that
> > > popt.h is splint-compliant, so I assume there is some trend to
> > > splint-able headers).
> > >
> > > I *think* the correct declaration for splint in error.h would be:
> > >
> > > #ifdef S_SPLINT_S
> > > extern /*@noreturnwhentrue@*/ void error (int /*@alt bool @*/ status, int errnum, const char *format, ...)
> > > /*__attribute__ ((__format__ (__printf__, 3, 4))) */;
> > > #endif
> >
> > Please show us the test program and the result of splint message.
>
> Test program:
>
> #include <stdlib.h>
> #include <error.h>
>
> int main(void) {
>
> char *p;
> p = malloc(256);
> if (!p) error(1,0,"no memory");
> p[0]='a';
> free(p);
> return EXIT_SUCCESS;
> }
>
> Splint output:
>
> splint error_test.c
> Splint 3.0.1.6 --- 03 Jan 2003
>
> error_test.c: (in function main)
> error_test.c:9:3: Index of possibly null pointer p: p
> A possibly null pointer is dereferenced. Value is either the result of a
> function which may return null (in which case, code should check it is not
> null), or a global, parameter or structure field declared with the null
> qualifier. (Use -nullderef to inhibit warning)
> error_test.c:7:7: Storage p may become null
>
> Finished checking --- 1 code warning
There is no chance to modify glibc. It's "splint" persing issue.
Splint needs to handle this kind of special rule. Moreover, if you
want your program to conform splint rule strictly, then you don't use
error() function. Repeatedly, it's not glibc's business. I reassign
it to splint package. If splint packager think it's not bug, then
please close it.
Regards,
-- gotom
Reply to: