On 07/15/2014 06:38 AM, Michal Privoznik wrote:
Up to now it's possible to do something like this:
const char *ptr;
ptr = strdup("my example string");
VIR_FREE(ptr);
The problem is, const char * pointers should not be modified (and freeing them is kind of modification). We should avoid this. A little trick is used: assigning a const pointer into 'void *' triggers compiler warning about discarding 'const' qualifier from pointer. So the virFree() function gains new dummy argument, that is not touched anyhow, just fulfills the const correctness check duty.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/util/viralloc.c | 6 ++++-- src/util/viralloc.h | 20 ++++++++++++++++---- src/xenapi/xenapi_utils.c | 2 +- 3 files changed, 21 insertions(+), 7 deletions(-)
But if you take my suggestion in 2/4 about merely removing the 'cast-away-const' while still keeping type safety, then a single-argument virFree() should still be noisy on attempts to VIR_FREE a const pointer.
@@ -543,11 +543,23 @@ void virFree(void *ptrptr) ATTRIBUTE_NONNULL(1); * @ptr: pointer holding address to be freed * * Free the memory stored in 'ptr' and update to point - * to NULL. + * to NULL. Moreover, this macro has a side effect in + * form of evaluating passed argument multiple times.
NACK. I think it is possible to use sizeof() to come up with a construct that will only do side effects once, rather than having to weaken the guarantee of VIR_FREE. Please give me some time to propose an alternative. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org