[cfe-dev] Objective-C really strong type checking

[David Chisnall]

On 8 Sep 2010, at 19:50, Fariborz Jahanian wrote:

> Problem with this is that this is very common form of assignments in  
> objc and checker will get very noisy.


No it won't.  Assignments to a distinct Objective-C type are very rare.  The issue here is that +new (along with (+alloc, +allocWithZone:, -init, and so on) is declared on NSObject and not overridden.  When you send a +alloc message to almost any class, you are calling the implementation in NSObject, with the class as self.  This implementation then allocates enough space for an instance of the receiver, initalizes the isa pointer, and returns.

The problem, from an analysis point of view, is that the Objective-C type system is not expressive enough to tell you what is really going on here.  The +new method always returns an instance of the receiver (or, in some special cases such as class clusters, a subclass of the receiver).  

Although it would be possible to add a specific hack for +new into the analyser, it would be cleaner to solve this in the general case by providing two annotations, one saying that the return type of a class method is an instance of the receiver and another saying that the return type of an instance method is the receiver.

The latter would also be useful for -retain, -autorelease, and all of the various -initWith{something}: methods in Cocoa.  For example, the initialisers in NSArray return a mutable array when the receiver is an instance of NSMutableArray (or a subclass), while the constructors return a mutable array when the receiver is NSMutableArray.

David

-- Sent from my STANTEC-ZEBRA