Re: [PATCH v4 3/4] cleanup: Annotate guard constructors with __nonnull()

Peter Zijlstra Sat, 23 May 2026 01:49:19 -0700

On Thu, May 21, 2026 at 07:18:03AM +0000, Dmitry Ilvokhin wrote:
> Add __nonnull() to unconditional guard constructors so the compiler
> warns when NULL is statically known to be passed:
> 
> - DEFINE_GUARD(): re-declare the constructor with __nonnull().
> - __DEFINE_LOCK_GUARD_1(): annotate the constructor directly.
> 
> DEFINE_LOCK_GUARD_0() needs no annotation: its constructor takes no
> pointer arguments (.lock is hardcoded to (void *)1).
> 
> Define the __nonnull() macro in compiler_attributes.h, following the
> existing convention for attribute wrappers.
> 
> Signed-off-by: Dmitry Ilvokhin <[email protected]>
> Acked-by: Miguel Ojeda <[email protected]>


The build robot found something to hate in this one. I think you're on
Cc there. It looks to me like clang-23 is confused somehow, but who
knows.

> ---
>  include/linux/cleanup.h             | 4 +++-
>  include/linux/compiler_attributes.h | 6 ++++++
>  2 files changed, 9 insertions(+), 1 deletion(-)
> 
> diff --git a/include/linux/cleanup.h b/include/linux/cleanup.h
> index ea95ca4bc11c..8f8d588b5595 100644
> --- a/include/linux/cleanup.h
> +++ b/include/linux/cleanup.h
> @@ -397,6 +397,7 @@ static __maybe_unused const bool 
> class_##_name##_is_conditional = _is_cond
>       __DEFINE_GUARD_LOCK_PTR(_name, _T)
>  
>  #define DEFINE_GUARD(_name, _type, _lock, _unlock) \
> +     static __always_inline __nonnull() _type 
> class_##_name##_constructor(_type _T); \
>       DEFINE_CLASS(_name, _type, if (_T) { _unlock; }, ({ _lock; _T; }), 
> _type _T); \
>       DEFINE_CLASS_IS_GUARD(_name)
>  
> @@ -497,7 +498,8 @@ static __always_inline void 
> class_##_name##_destructor(class_##_name##_t *_T) \
>  __DEFINE_GUARD_LOCK_PTR(_name, &_T->lock)
>  
>  #define __DEFINE_LOCK_GUARD_1(_name, _type, ...)                     \
> -static __always_inline class_##_name##_t class_##_name##_constructor(_type 
> *l) \
> +static __always_inline __nonnull()                                   \
> +class_##_name##_t class_##_name##_constructor(_type *l)                      
> \
>       __no_context_analysis                                           \
>  {                                                                    \
>       class_##_name##_t _t = { .lock = l }, *_T = &_t;                \
> diff --git a/include/linux/compiler_attributes.h 
> b/include/linux/compiler_attributes.h
> index c16d4199bf92..10a1410eb3e2 100644
> --- a/include/linux/compiler_attributes.h
> +++ b/include/linux/compiler_attributes.h
> @@ -230,6 +230,12 @@
>   */
>  #define   noinline                      __attribute__((__noinline__))
>  
> +/*
> + *   gcc: 
> https://gcc.gnu.org/onlinedocs/gcc/Common-Attributes.html#index-nonnull
> + * clang: https://clang.llvm.org/docs/AttributeReference.html#nonnull
> + */
> +#define __nonnull(x...)                      __attribute__((__nonnull__(x)))
> +
>  /*
>   * Optional: only supported since gcc >= 8
>   * Optional: not supported by clang
> -- 
> 2.53.0-Meta
>

Re: [PATCH v4 3/4] cleanup: Annotate guard constructors with __nonnull()

Reply via email to