PTHREAD_COND_INITIALIZER 与 Splint
我有以下代码
static pthread_mutex_t watchdogMutex = PTHREAD_MUTEX_INITIALIZER;
static pthread_cond_t watchdogCond = PTHREAD_COND_INITIALIZER;
,并且在使用 Splint 时收到以下错误/警告
静态 watchdogCond._data._mutex 初始化为 null 值:watchdogCond._data._mutex = (void )0 没有 null 注释的引用被分配或初始化为 NULL。使用 /@null@*/ 将引用声明为可能为空指针。 (使用 -nullassign 禁止警告)
这有什么问题,它是真正的危险吗?
I have the following code
static pthread_mutex_t watchdogMutex = PTHREAD_MUTEX_INITIALIZER;
static pthread_cond_t watchdogCond = PTHREAD_COND_INITIALIZER;
and I get the following errors/warnings when using Splint
Static watchdogCond._data._mutex initialized to null
value: watchdogCond._data._mutex = (void )0
A reference with no null annotation is assigned or initialized to NULL. Use
/@null@*/ to declare the reference as a possibly null pointer. (Use
-nullassign to inhibit warning)
What is the issue with this and is it a real danger?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
听起来 splint 存在将指针显式初始化为 null 的问题,并且需要某种覆盖注释注释来禁用警告。我只需遵循其建议并使用
-nullassign选项来禁用此警告。您的代码正在执行的操作或实现定义初始值设定项宏的方式没有任何不好或有害的地方。这只是夹板有非理性的恐惧。It sounds like splint has an issue with explicit initialization of pointers as null., and wants some kind of override-annotation comment to disable the warning. I would simply follow its advice and use the
-nullassignoption to disable this warning. There is nothing bad or harmful about what your code is doing or the way the implementation has defined the initializer macros. It's just splint having irrational fears.看起来
pthread_mutex_t是一个不透明的指针(你可以跟踪typedef来找出答案)。在 Splint 中,默认情况下指针不可为空。如果你想有一个可为空的指针,你必须用语义注释/*@null@*/来声明它,例如:根据手册,有3个关于空状态的选项:
null可能是空指针。notnull非空指针。relnull放松空值检查。当将 NULL 分配给它或将其用作非空指针时,不会出现错误。使用不可空指针的优点是,您无需在每次获取其中一个指针时都检查它们。例如,您可以将函数参数注释为
/*@notnull@*/,然后您就不需要检查if(pointer == NULL)< /code> 在取消引用它之前。这减少了检查并简化了代码。忽略这些警告的危险是,如果您告诉 Splint 特定指针不可能为空,然后您尝试分配
NULL< /code> 到它,这个空指针最终可能会被解引用,并且程序可能会崩溃。在我看来,您的实际问题是 Splint 的策略,它认为所有指针隐式不可为空。这迫使您注释所有可能为空的指针。
It seems that
pthread_mutex_tis an opaque pointer (you could track thetypedefdown to find out). In Splint, pointers are not-nullable by default. If you want to have a nullable pointer, you must declare it with the semantic annotation/*@null@*/, for example:According to the manual, there are 3 options regarding null state:
nullPossibly null pointer.notnullNon-null pointer.relnullRelax null checking. No errors when NULL is assigned to it, or when it is used as a non-null pointer.The advantage of using not-nullable pointers is that you don't need to check them every time you get one of them. For example, you could annotate a function parameter as
/*@notnull@*/and then you are not required to checkif(pointer == NULL)before you dereference it. This reduces checking and simplifies your code.The danger of ignoring these warnings is that, if you are telling Splint that a specific pointer can't possibly be null and later on you try to assign
NULLto it, this null pointer could end up being derefered and the program could crash.In my opinion, your actual issue is Splint's policy, which considers all pointers implicitly not-nullable. This forces you to annotate all your possibly null pointers.