Bug#576501: libc6-dev: Overeager nonnull attributes in function prototypes
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: Bug#576501: libc6-dev: Overeager nonnull attributes in function prototypes
- From: Timo Sirainen <tss@iki.fi>
- Date: Mon, 05 Apr 2010 10:12:02 +0300
- Message-id: <20100405071202.7776.39611.reportbug@hurina>
- Reply-to: Timo Sirainen <tss@iki.fi>, 576501@bugs.debian.org
Package: libc6-dev
Version: 2.10.2-6
Severity: normal
I just started playing with clang's static analyzer. It nicely warns
whenever a function parameter that has been marked with nonnull attribute
gets a NULL as parameter. The problem is that there are several functions
where it's actually valid to give it a NULL pointer, as long as the size
parameter is zero. For example these are valid:
- memcpy(dest, src=NULL, size=0)
- same for memmove()
- qsort(base=NULL, nmemb=0, ..)
- lots of others too, but the above ones are what I mostly care about.
I guess the question is if these nonnulls ever help programmers, or if
they're there just because "it looks nice", but mainly give false positive
warnings.
Here's an example of what type of code triggered it for me:
void foo(const char *src)
{
char *dest;
unsigned int len;
len = src == NULL ? 0 : strlen(src);
dest = malloc(len + 2);
if (dest == NULL) return;
dest[0] = '>';
memcpy(dest + 1, src, len);
dest[len] = '\0';
}
So src=NULL, but len=0 so it doesn't matter. Adding an extra if check there
would just make the code uglier.
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-rc3-00056-g9dc251d-dirty (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libc6-dev depends on:
ii libc-dev-bin 2.10.2-6 Embedded GNU C Library: Developmen
ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib
ii linux-libc-dev 2.6.32-5 Linux support headers for userspac
Versions of packages libc6-dev recommends:
ii bcc [c-compiler] 0.16.17-3 16-bit x86 C compiler
ii gcc [c-compiler] 4:4.4.3-1 The GNU C compiler
ii gcc-3.3 [c-compiler] 1:3.3.6-15 The GNU C compiler
ii gcc-3.4 [c-compiler] 3.4.6-10 The GNU C compiler
ii gcc-4.1 [c-compiler] 4.1.2-27 The GNU C compiler
ii gcc-4.2 [c-compiler] 4.2.4-6 The GNU C compiler
ii gcc-4.3 [c-compiler] 4.3.4-6 The GNU C compiler
ii gcc-4.4 [c-compiler] 4.4.3-5 The GNU C compiler
Versions of packages libc6-dev suggests:
pn glibc-doc <none> (no description available)
ii manpages-dev 3.23-1 Manual pages about using GNU/Linux
-- debconf-show failed
Reply to: