diff mbox series

[ovs-dev,v5] util: Annotate function that will never return NULL.

Message ID 35c3d2ea4cdef51b9b1787e6e8719e8b797da076.1705392494.git.echaudro@redhat.com
State Accepted
Commit ed738eca39ef308f207f83463dc215df215bdf09
Headers show
Series [ovs-dev,v5] util: Annotate function that will never return NULL. | expand

Checks

Context Check Description
ovsrobot/apply-robot success apply and check: success
ovsrobot/github-robot-_Build_and_Test success github build: passed
ovsrobot/intel-ovs-compilation fail test: fail

Commit Message

Eelco Chaudron Jan. 16, 2024, 8:08 a.m. UTC 
The make clang-analyze target reports an 'Dereference of null
pointer' and an 'Uninitialized argument value' issue due to
it assumes some function can return NULL.

This patch annotates these functions, so the static analyzer
is aware of this.

Acked-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: Simon Horman <horms@ovn.org>
Signed-off-by: Eelco Chaudron <echaudro@redhat.com>
---
v2: Accidentally added nullable_xstrdup(), removed it.
v3: Added missing x2nrealloc(), xasprintf() and xvasprintf() functions.
v4/5: Fixed line length issues.

 include/openvswitch/compiler.h |  6 ++++++
 lib/util.h                     | 38 ++++++++++++++++++----------------
 2 files changed, 26 insertions(+), 18 deletions(-)

Comments

Dumitru Ceara Jan. 16, 2024, 8:35 a.m. UTC | #1 
On 1/16/24 09:08, Eelco Chaudron wrote:
> The make clang-analyze target reports an 'Dereference of null
> pointer' and an 'Uninitialized argument value' issue due to
> it assumes some function can return NULL.
> 
> This patch annotates these functions, so the static analyzer
> is aware of this.
> 
> Acked-by: Dumitru Ceara <dceara@redhat.com>
> Acked-by: Simon Horman <horms@ovn.org>
> Signed-off-by: Eelco Chaudron <echaudro@redhat.com>
> ---
> v2: Accidentally added nullable_xstrdup(), removed it.
> v3: Added missing x2nrealloc(), xasprintf() and xvasprintf() functions.
> v4/5: Fixed line length issues.
> 

This version looks ready to go to me.

Regards,
Dumitru
Simon Horman Jan. 17, 2024, 7:17 p.m. UTC | #2 
On Tue, Jan 16, 2024 at 09:35:00AM +0100, Dumitru Ceara wrote:
> On 1/16/24 09:08, Eelco Chaudron wrote:
> > The make clang-analyze target reports an 'Dereference of null
> > pointer' and an 'Uninitialized argument value' issue due to
> > it assumes some function can return NULL.
> > 
> > This patch annotates these functions, so the static analyzer
> > is aware of this.
> > 
> > Acked-by: Dumitru Ceara <dceara@redhat.com>
> > Acked-by: Simon Horman <horms@ovn.org>
> > Signed-off-by: Eelco Chaudron <echaudro@redhat.com>
> > ---
> > v2: Accidentally added nullable_xstrdup(), removed it.
> > v3: Added missing x2nrealloc(), xasprintf() and xvasprintf() functions.
> > v4/5: Fixed line length issues.
> > 
> 
> This version looks ready to go to me.

For the record, Eelco applied this as:
- util: Annotate function that will never return NULL.
  https://github.com/openvswitch/ovs/commit/ed738eca39ef
Eelco Chaudron Jan. 18, 2024, 7:59 a.m. UTC | #3 
On 17 Jan 2024, at 20:17, Simon Horman wrote:

> On Tue, Jan 16, 2024 at 09:35:00AM +0100, Dumitru Ceara wrote:
>> On 1/16/24 09:08, Eelco Chaudron wrote:
>>> The make clang-analyze target reports an 'Dereference of null
>>> pointer' and an 'Uninitialized argument value' issue due to
>>> it assumes some function can return NULL.
>>>
>>> This patch annotates these functions, so the static analyzer
>>> is aware of this.
>>>
>>> Acked-by: Dumitru Ceara <dceara@redhat.com>
>>> Acked-by: Simon Horman <horms@ovn.org>
>>> Signed-off-by: Eelco Chaudron <echaudro@redhat.com>
>>> ---
>>> v2: Accidentally added nullable_xstrdup(), removed it.
>>> v3: Added missing x2nrealloc(), xasprintf() and xvasprintf() functions.
>>> v4/5: Fixed line length issues.
>>>
>>
>> This version looks ready to go to me.
>
> For the record, Eelco applied this as:
> - util: Annotate function that will never return NULL.
>  https://github.com/openvswitch/ovs/commit/ed738eca39ef

Thanks for reminding me, I forgot to reply that patch was committed :(
diff mbox series

Patch

diff --git a/include/openvswitch/compiler.h b/include/openvswitch/compiler.h
index 52614a5ac..878c5c6a7 100644
--- a/include/openvswitch/compiler.h
+++ b/include/openvswitch/compiler.h
@@ -37,6 +37,12 @@ 
 #define OVS_NO_RETURN
 #endif
 
+#if __GNUC__ && !__CHECKER__
+#define OVS_RETURNS_NONNULL __attribute__((returns_nonnull))
+#else
+#define OVS_RETURNS_NONNULL
+#endif
+
 #ifndef typeof
 #define typeof __typeof__
 #endif
diff --git a/lib/util.h b/lib/util.h
index 62801e85f..f2d45bcac 100644
--- a/lib/util.h
+++ b/lib/util.h
@@ -162,28 +162,30 @@  bool memory_locked(void);
 OVS_NO_RETURN void out_of_memory(void);
 
 /* Allocation wrappers that abort if memory is exhausted. */
-void *xmalloc(size_t) MALLOC_LIKE;
-void *xcalloc(size_t, size_t) MALLOC_LIKE;
-void *xzalloc(size_t) MALLOC_LIKE;
-void *xrealloc(void *, size_t);
-void *xmemdup(const void *, size_t) MALLOC_LIKE;
-char *xmemdup0(const char *, size_t) MALLOC_LIKE;
-char *xstrdup(const char *) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *xmalloc(size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *xcalloc(size_t, size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *xzalloc(size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *xrealloc(void *, size_t);
+OVS_RETURNS_NONNULL void *xmemdup(const void *, size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL char *xmemdup0(const char *, size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL char *xstrdup(const char *) MALLOC_LIKE;
 char *nullable_xstrdup(const char *) MALLOC_LIKE;
 bool nullable_string_is_equal(const char *a, const char *b);
-char *xasprintf(const char *format, ...) OVS_PRINTF_FORMAT(1, 2) MALLOC_LIKE;
-char *xvasprintf(const char *format, va_list) OVS_PRINTF_FORMAT(1, 0) MALLOC_LIKE;
-void *x2nrealloc(void *p, size_t *n, size_t s);
+OVS_RETURNS_NONNULL char *xasprintf(const char *format, ...)
+    OVS_PRINTF_FORMAT(1, 2) MALLOC_LIKE;
+OVS_RETURNS_NONNULL char *xvasprintf(const char *format, va_list)
+    OVS_PRINTF_FORMAT(1, 0) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *x2nrealloc(void *p, size_t *n, size_t s);
 
 /* Allocation wrappers for specialized situations where coverage counters
  * cannot be used. */
-void *xmalloc__(size_t) MALLOC_LIKE;
-void *xcalloc__(size_t, size_t) MALLOC_LIKE;
-void *xzalloc__(size_t) MALLOC_LIKE;
-void *xrealloc__(void *, size_t);
+OVS_RETURNS_NONNULL void *xmalloc__(size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *xcalloc__(size_t, size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *xzalloc__(size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *xrealloc__(void *, size_t);
 
-void *xmalloc_cacheline(size_t) MALLOC_LIKE;
-void *xzalloc_cacheline(size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *xmalloc_cacheline(size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *xzalloc_cacheline(size_t) MALLOC_LIKE;
 void free_cacheline(void *);
 
 void ovs_strlcpy(char *dst, const char *src, size_t size);
@@ -191,9 +193,9 @@  void ovs_strzcpy(char *dst, const char *src, size_t size);
 
 int string_ends_with(const char *str, const char *suffix);
 
-void *xmalloc_pagealign(size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *xmalloc_pagealign(size_t) MALLOC_LIKE;
 void free_pagealign(void *);
-void *xmalloc_size_align(size_t, size_t) MALLOC_LIKE;
+OVS_RETURNS_NONNULL void *xmalloc_size_align(size_t, size_t) MALLOC_LIKE;
 void free_size_align(void *);
 
 /* The C standards say that neither the 'dst' nor 'src' argument to