build: force correct gcc syntax for attribute_nonnull
Gcc lets you do: int ATTRIBUTE_NONNULL(1) foo(void *param); int foo(void *param) ATTRIBUTE_NONNULL(1); int ATTRIBUTE_NONNULL(1) foo(void *param) { ... } but chokes on: int foo(void *param) ATTRIBUTE_NONNULL(1) { ... } However, since commit eefb881d, we have intentionally been disabling ATTRIBUTE_NONNULL because of lame gcc handling of the attribute (that is, gcc doesn't do decent warning reporting, then compiles code that mysteriously fails if you break the contract of the attribute, which is surprisingly easy to do), leaving it on only for Coverity (which does a much better job of improved static analysis when the attribute is present). But completely eliding the macro makes it too easy to write code that uses the fourth syntax option, if you aren't using Coverity. So this patch forces us to avoid syntax errors, even when not using the attribute under gcc. It also documents WHY we disable the warning under gcc, rather than forcing you to find the commit log. * src/internal.h (ATTRIBUTE_NONNULL): Expand to empty attribute, rather than nothing, when on gcc.
Showing
想要评论请 注册 或 登录