[cfe-dev] incomplete checking for nullability qualifiers

Richard Smith via cfe-dev cfe-dev at lists.llvm.org
Tue Sep 14 15:44:26 PDT 2021


We appear to perform significantly incomplete checking for assigning a null
pointer value to a _Nonnull pointer. In particular, pointer initialization
and assignment is not checked:

// No warning on static initialization to zero
struct A {
  int *_Nonnull p;
} a;
int *_Nonnull b[3];

void g() {
  // No warning on initialization
  int *_Nonnull p = 0;
  // No warning on assignment
  p = 0;
  // No warning on assignment to member
  a.p = 0;
  // No warning on assignment to array element
  b[0] = 0;

Would it be reasonable to start warning on these cases? Are people relying
on the existing behavior? (Note, I'm not suggesting we start warning on
conversion from a _Nullable or _Null_unspecified pointer to a _Nonnull
pointer, only when initializing or assigning to a _Nonnull pointer from a
null pointer value.)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20210914/49fe2f58/attachment.html>

More information about the cfe-dev mailing list