[libvirt] [PATCH] util: warn when passing a non-pointer to VIR_FREE

Eric Blake eblake at redhat.com
Mon Apr 25 16:38:17 UTC 2011 

On 04/24/2011 04:17 AM, Matthias Bolte wrote:
>> So how about:
>>
>> diff --git i/src/util/memory.h w/src/util/memory.h
>> index 66b4c42..d77a295 100644
>> --- i/src/util/memory.h
>> +++ w/src/util/memory.h
>> @@ -1,7 +1,7 @@
>>  /*
>>  * memory.c: safer memory allocation
>>  *
>> - * Copyright (C) 2010 Red Hat, Inc.
>> + * Copyright (C) 2010-2011 Red Hat, Inc.
>>  * Copyright (C) 2008 Daniel P. Berrange
>>  *
>>  * This library is free software; you can redistribute it and/or
>> @@ -197,7 +197,11 @@ void virFree(void *ptrptr) ATTRIBUTE_NONNULL(1);
>>  * Free the memory stored in 'ptr' and update to point
>>  * to NULL.
>>  */
>> -# define VIR_FREE(ptr) virFree(&(ptr))
>> +/* The ternary ensures that ptr is a pointer and not an integer type,
>> + * while evaluating ptr only once.  For now, we intentionally cast
>> + * away const, since a number of callers safely pass const char *.
>> + */
>> +# define VIR_FREE(ptr) virFree((void *) (1 ? (const void *) &(ptr) :
>> (ptr)))
>>
>>
>>  # if TEST_OOM
>>
> 
> ACK, to your improved version.

Pushed with this commit message:

commit 90d761eeb26c9619571b68a8863b8425a33555d6
Author: Eric Blake <eblake at redhat.com>
Date:   Fri Apr 22 20:15:50 2011 -0600

    build: make VIR_FREE do some type checking

    We can exploit the fact that gcc warns about int-to-pointer conversion
    in ternary cond?(void*):(int) in order to prevent future mistakes of
    calling VIR_FREE on a scalar lvalue.  For example, between commits
    158ba873 and 802e2df, we would have had this warning:

    cc1: warnings being treated as errors
    remote.c: In function 'remoteDispatchListNetworks':
    remote.c:3684:70: error: pointer/integer type mismatch in
conditional expression

    There are still a number of places that malloc into a const char*;
    while it would probably be worth scrubbing them to use char*
    instead, that is a separate patch, so we have to cast away const
    in VIR_FREE for now.

    * src/util/memory.h (VIR_FREE): Make gcc warn about integers.
    Iteratively developed from a patch by Christophe Fergeau.


-- 
Eric Blake   eblake at redhat.com    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110425/52b2224d/attachment-0001.sig>

More information about the libvir-list mailing list