On 04/24/2011 04:17 AM, Matthias Bolte wrote:
So how about:
diff --git i/src/util/memory.h w/src/util/memory.h index 66b4c42..d77a295 100644 --- i/src/util/memory.h +++ w/src/util/memory.h @@ -1,7 +1,7 @@ /* * memory.c: safer memory allocation * - * Copyright (C) 2010 Red Hat, Inc. + * Copyright (C) 2010-2011 Red Hat, Inc. * Copyright (C) 2008 Daniel P. Berrange * * This library is free software; you can redistribute it and/or @@ -197,7 +197,11 @@ void virFree(void *ptrptr) ATTRIBUTE_NONNULL(1); * Free the memory stored in 'ptr' and update to point * to NULL. */ -# define VIR_FREE(ptr) virFree(&(ptr)) +/* The ternary ensures that ptr is a pointer and not an integer type, + * while evaluating ptr only once. For now, we intentionally cast + * away const, since a number of callers safely pass const char *. + */ +# define VIR_FREE(ptr) virFree((void *) (1 ? (const void *) &(ptr) : (ptr)))
# if TEST_OOM
ACK, to your improved version.
Pushed with this commit message: commit 90d761eeb26c9619571b68a8863b8425a33555d6 Author: Eric Blake <eblake@redhat.com> Date: Fri Apr 22 20:15:50 2011 -0600 build: make VIR_FREE do some type checking We can exploit the fact that gcc warns about int-to-pointer conversion in ternary cond?(void*):(int) in order to prevent future mistakes of calling VIR_FREE on a scalar lvalue. For example, between commits 158ba873 and 802e2df, we would have had this warning: cc1: warnings being treated as errors remote.c: In function 'remoteDispatchListNetworks': remote.c:3684:70: error: pointer/integer type mismatch in conditional expression There are still a number of places that malloc into a const char*; while it would probably be worth scrubbing them to use char* instead, that is a separate patch, so we have to cast away const in VIR_FREE for now. * src/util/memory.h (VIR_FREE): Make gcc warn about integers. Iteratively developed from a patch by Christophe Fergeau. -- Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org