[PATCH] D11948: Add some macros to abstract marking of parameters as "not null", and use them in <cstring>
Joerg Sonnenberger via cfe-commits
cfe-commits at lists.llvm.org
Tue Aug 11 12:32:00 PDT 2015
joerg added a comment.
No, it doesn't. It tells the compiler that it is free to make such assumptions. Take a step back from the standard. Can you think of any reasonable and efficient implementation of memcpy and friends, which fails for size 0? Adding the annotations (whether here or in string.h) effectively changes the behavior of the program. It is behavior people have been expecting for two decades, even when C90 said something else. This is completely different from the warning annotations. I'm just waiting for some of the bigger projects like PostgreSQL to start getting annoyed enough to introduce sane_memcpy for this.
I can't speak for Linux distributions using glibc, but I find this kind of smoking gun completely unacceptable to force unconditionally on everyone.
http://reviews.llvm.org/D11948
More information about the cfe-commits
mailing list