[libvirt] [PATCH v2] util: forbid freeing const pointers

Ján Tomko jtomko at redhat.com
Wed Jul 16 09:06:09 UTC 2014 

On 07/15/2014 10:04 PM, Eric Blake wrote:
> Now that we've finally fixed all the violators, it's time to
> enforce that any pointer to a const object is never freed (it
> is aliasing some other memory, where the non-const original
> should be freed instead).  Alas, the code still needs a normal
> vs. Coverity version, but at least we are still guaranteeing
> that the macro call evaluates its argument exactly once.
> 
> I verified that we still get the following compiler warnings,
> which in turn halts the build thanks to -Werror on gcc (hmm,
> gcc 4.8.3's placement of the ^ for ?: type mismatch is a bit
> off, but that's not our problem):
> 
>     int oops1 = 0;
>     VIR_FREE(oops1);
>     const char *oops2 = NULL;
>     VIR_FREE(oops2);
>     struct blah { int dummy; } oops3;
>     VIR_FREE(oops3);
> 
> util/virauthconfig.c:159:35: error: pointer/integer type mismatch in conditional expression [-Werror]
>      VIR_FREE(oops1);
>                                    ^
> util/virauthconfig.c:161:5: error: passing argument 1 of 'virFree' discards 'const' qualifier from pointer target type [-Werror]
>      VIR_FREE(oops2);
>      ^
> In file included from util/virauthconfig.c:28:0:
> util/viralloc.h:79:6: note: expected 'void *' but argument is of type 'const void *'
>  void virFree(void *ptrptr) ATTRIBUTE_NONNULL(1);
>       ^
> util/virauthconfig.c:163:35: error: type mismatch in conditional expression
>      VIR_FREE(oops3);
>                                    ^
> 
> * src/util/viralloc.h (VIR_FREE): No longer cast away const.
> * src/xenapi/xenapi_utils.c (xenSessionFree): Work around bogus
> header.
> 
> Signed-off-by: Eric Blake <eblake at redhat.com>
> ---
> 
> v2: this depends on the existing 1/4, while being a replacement
> to all of 2-4/4 at once.
> https://www.redhat.com/archives/libvir-list/2014-July/msg00716.html
> 
>  src/util/viralloc.h       | 11 +++++------
>  src/xenapi/xenapi_utils.c |  4 +++-
>  2 files changed, 8 insertions(+), 7 deletions(-)
> 

This patch compiles for me with clang 3.4.1 and all the three VIR_FREEs above
cause a warning.

ACK

Jan


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140716/1a822a66/attachment-0001.sig>

More information about the libvir-list mailing list