|
This will warn if NULL is passed to any nonnull-annotated parameter, and is
also supported by sanitizers which can check for violations at runtime.
Unfortunately, it is currently only supported by clang. GCC has a similar
feature in the nonnull attribute, but this has a different syntax (it's a
function attribute) and is more dangerous since it is used by the optimizer to
assume a null pointer is undefined behavior. This one just warns and still
allows code to handle the situation gracefully, which I think is more
appropriate for a library API.
Note that this optimization behavior is not some unlikely edge case: switching
these attributes to the GCC one will break release builds.
|
