On 07/15/2014 06:38 AM, Michal Privoznik wrote:
> Up to now it's possible to do something like this:
>
> const char *ptr;
>
> ptr = strdup("my example string");
>
> VIR_FREE(ptr);
>
> The problem is, const char * pointers should not be modified (and
> freeing them is kind of modification). We should avoid this. A little
> trick is used: assigning a const pointer into 'void *' triggers
> compiler warning about discarding 'const' qualifier from pointer. So
> the virFree() function gains new dummy argument, that is not touched
> anyhow, just fulfills the const correctness check duty.
>
> Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
> ---
> src/util/viralloc.c | 6 ++++--
> src/util/viralloc.h | 20 ++++++++++++++++----
> src/xenapi/xenapi_utils.c | 2 +-
> 3 files changed, 21 insertions(+), 7 deletions(-)
But if you take my suggestion in 2/4 about merely removing the
'cast-away-const' while still keeping type safety, then a
single-argument virFree() should still be noisy on attempts to VIR_FREE
a const pointer.
> @@ -543,11 +543,23 @@ void virFree(void *ptrptr) ATTRIBUTE_NONNULL(1);
> * @ptr: pointer holding address to be freed
> *
> * Free the memory stored in 'ptr' and update to point
> - * to NULL.
> + * to NULL. Moreover, this macro has a side effect in
> + * form of evaluating passed argument multiple times.
NACK. I think it is possible to use sizeof() to come up with a
construct that will only do side effects once, rather than having to
weaken the guarantee of VIR_FREE. Please give me some time to propose
an alternative.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list