diff --git a/include/secp256k1.h b/include/secp256k1.h
index 26c19a6011770..576953f49d4aa 100644
--- a/include/secp256k1.h
+++ b/include/secp256k1.h
@@ -247,7 +247,7 @@ SECP256K1_API secp256k1_context* secp256k1_context_clone(
  */
 SECP256K1_API void secp256k1_context_destroy(
     secp256k1_context* ctx
-);
+) SECP256K1_ARG_NONNULL(1);
 
 /** Set a callback function to be called when an illegal argument is passed to
  *  an API call. It will only trigger for violations that are mentioned
diff --git a/include/secp256k1_preallocated.h b/include/secp256k1_preallocated.h
index 1ab8b7d6c7480..d2d9014f02881 100644
--- a/include/secp256k1_preallocated.h
+++ b/include/secp256k1_preallocated.h
@@ -119,7 +119,7 @@ SECP256K1_API secp256k1_context* secp256k1_context_preallocated_clone(
  */
 SECP256K1_API void secp256k1_context_preallocated_destroy(
     secp256k1_context* ctx
-);
+) SECP256K1_ARG_NONNULL(1);
 
 #ifdef __cplusplus
 }
diff --git a/src/modules/recovery/main_impl.h b/src/modules/recovery/main_impl.h
index 9e19f2a2dc9c8..3f29570198cb5 100644
--- a/src/modules/recovery/main_impl.h
+++ b/src/modules/recovery/main_impl.h
@@ -40,7 +40,7 @@ int secp256k1_ecdsa_recoverable_signature_parse_compact(const secp256k1_context*
     int ret = 1;
     int overflow = 0;
 
-    (void)ctx;
+    VERIFY_CHECK(ctx != NULL);
     ARG_CHECK(sig != NULL);
     ARG_CHECK(input64 != NULL);
     ARG_CHECK(recid >= 0 && recid <= 3);
@@ -60,7 +60,7 @@ int secp256k1_ecdsa_recoverable_signature_parse_compact(const secp256k1_context*
 int secp256k1_ecdsa_recoverable_signature_serialize_compact(const secp256k1_context* ctx, unsigned char *output64, int *recid, const secp256k1_ecdsa_recoverable_signature* sig) {
     secp256k1_scalar r, s;
 
-    (void)ctx;
+    VERIFY_CHECK(ctx != NULL);
     ARG_CHECK(output64 != NULL);
     ARG_CHECK(sig != NULL);
     ARG_CHECK(recid != NULL);
@@ -75,7 +75,7 @@ int secp256k1_ecdsa_recoverable_signature_convert(const secp256k1_context* ctx,
     secp256k1_scalar r, s;
     int recid;
 
-    (void)ctx;
+    VERIFY_CHECK(ctx != NULL);
     ARG_CHECK(sig != NULL);
     ARG_CHECK(sigin != NULL);
 
diff --git a/src/secp256k1.c b/src/secp256k1.c
index 9908cab8642a5..adff3ae1be543 100644
--- a/src/secp256k1.c
+++ b/src/secp256k1.c
@@ -771,6 +771,7 @@ int secp256k1_ec_pubkey_combine(const secp256k1_context* ctx, secp256k1_pubkey *
     secp256k1_gej Qj;
     secp256k1_ge Q;
 
+    VERIFY_CHECK(ctx != NULL);
     ARG_CHECK(pubnonce != NULL);
     memset(pubnonce, 0, sizeof(*pubnonce));
     ARG_CHECK(n >= 1);
@@ -779,6 +780,7 @@ int secp256k1_ec_pubkey_combine(const secp256k1_context* ctx, secp256k1_pubkey *
     secp256k1_gej_set_infinity(&Qj);
 
     for (i = 0; i < n; i++) {
+        ARG_CHECK(pubnonces[i] != NULL);
         secp256k1_pubkey_load(ctx, &Q, pubnonces[i]);
         secp256k1_gej_add_ge(&Qj, &Qj, &Q);
     }