infra: tighten NULL pointer checking

2025-04-18 13:15:33 +00:00 · 2022-07-11 14:34:55 +02:00 · 2022-07-11 14:34:55 +02:00 · 58618cc29d
commit 58618cc29d
parent 1f4f044914
2 changed files with 16 additions and 1 deletions
--- a/kernel/brick.h
+++ b/kernel/brick.h
@ -639,7 +639,8 @@ INLINE struct OBJTYPE##_object *BRITYPE##_alloc_##OBJTYPE(struct BRITYPE##_brick
 									\
 INLINE void BRITYPE##_free_##OBJTYPE(struct OBJTYPE##_object *object)   \
 {									\
-	generic_free((struct generic_object*)object);			\
+	generic_free((struct generic_object *)object);			\
+	SET_PTR_NULL(object);						\
 }									\
 									\
 INLINE struct BRITYPE##_##OBJTYPE##_aspect *BRITYPE##_##OBJTYPE##_get_aspect(struct BRITYPE##_brick *brick, struct OBJTYPE##_object *obj) \
--- a/kernel/brick_checking.h
+++ b/kernel/brick_checking.h
@ -71,6 +71,20 @@ do {									\
 #define CHECK_PTR_DEAD(ptr,label) /*empty*/
 #endif

+/* Counterpart of CHECK_PTR_NULL().
+ * Most of the consequences should be caught by the compiler,
+ * without producing code (potentially except some debugging code).
+ * Otherwise, or when dump_stack()ing at runtime, code inspection should be
+ * tightened.
+ * So this is essentially a self-check against common bugs, often introduced
+ * during reorgs.
+ */
+#ifdef BRICK_CHECKING
+#define SET_PTR_NULL(ptr) (ptr) = NULL
+#else
+#define SET_PTR_NULL(ptr) /* empty */
+#endif
+
 #define CHECK_PTR_NULL(ptr,label)					\
 do {									\
 	CHECK_PTR_DEAD(ptr, label);					\