Bug#576501: libc6-dev: Overeager nonnull attributes in function prototypes

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#576501: libc6-dev: Overeager nonnull attributes in function prototypes
From: Timo Sirainen <tss@iki.fi>
Date: Mon, 05 Apr 2010 10:12:02 +0300
Message-id: <20100405071202.7776.39611.reportbug@hurina>
Reply-to: Timo Sirainen <tss@iki.fi>, 576501@bugs.debian.org

Package: libc6-dev
Version: 2.10.2-6
Severity: normal

I just started playing with clang's static analyzer. It nicely warns
whenever a function parameter that has been marked with nonnull attribute
gets a NULL as parameter. The problem is that there are several functions
where it's actually valid to give it a NULL pointer, as long as the size
parameter is zero. For example these are valid:

 - memcpy(dest, src=NULL, size=0)
 - same for memmove()
 - qsort(base=NULL, nmemb=0, ..)
 - lots of others too, but the above ones are what I mostly care about.

I guess the question is if these nonnulls ever help programmers, or if
they're there just because "it looks nice", but mainly give false positive
warnings.

Here's an example of what type of code triggered it for me:

void foo(const char *src)
{
        char *dest;
        unsigned int len;

        len = src == NULL ? 0 : strlen(src);
        dest = malloc(len + 2);
        if (dest == NULL) return;

        dest[0] = '>';
        memcpy(dest + 1, src, len);
        dest[len] = '\0';
}

So src=NULL, but len=0 so it doesn't matter. Adding an extra if check there
would just make the code uglier.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-rc3-00056-g9dc251d-dirty (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libc6-dev depends on:
ii  libc-dev-bin                  2.10.2-6   Embedded GNU C Library: Developmen
ii  libc6                         2.10.2-6   Embedded GNU C Library: Shared lib
ii  linux-libc-dev                2.6.32-5   Linux support headers for userspac

Versions of packages libc6-dev recommends:
ii  bcc [c-compiler]              0.16.17-3  16-bit x86 C compiler
ii  gcc [c-compiler]              4:4.4.3-1  The GNU C compiler
ii  gcc-3.3 [c-compiler]          1:3.3.6-15 The GNU C compiler
ii  gcc-3.4 [c-compiler]          3.4.6-10   The GNU C compiler
ii  gcc-4.1 [c-compiler]          4.1.2-27   The GNU C compiler
ii  gcc-4.2 [c-compiler]          4.2.4-6    The GNU C compiler
ii  gcc-4.3 [c-compiler]          4.3.4-6    The GNU C compiler
ii  gcc-4.4 [c-compiler]          4.4.3-5    The GNU C compiler

Versions of packages libc6-dev suggests:
pn  glibc-doc                     <none>     (no description available)
ii  manpages-dev                  3.23-1     Manual pages about using GNU/Linux

-- debconf-show failed

Reply to:

Prev by Date: Bug#576484: libc6-prof: segmentation fault when using profiling with pthread.
Next by Date: Processing of tzdata_2010h-1_all.changes
Previous by thread: Bug#576484: libc6-prof: segmentation fault when using profiling with pthread.
Next by thread: Processing of tzdata_2010h-1_all.changes
Index(es):
- Date
- Thread