Improve DBC in isc_mem_free

Unlike standard free(), isc_mem_free() is not a no-op when passed a
NULL pointer. For size accounting purposes it calls sallocx(), which
crashes when passed a NULL pointer. To get more helpful diagnostics,
REQUIRE() that the pointer is not NULL so that when the programmer
makes a mistake they get a backtrace that shows what went wrong.

diff --git a/lib/isc/mem.c b/lib/isc/mem.c
index 767f910c135164cc29650eb5e2be98c2b6c6c494..a68d7d67661a4c4faa765c0886ede64d84f9dca9 100644 (file)
--- a/lib/isc/mem.c
+++ b/lib/isc/mem.c
@@ -981,6 +981,7 @@ isc__mem_free(isc_mem_t *ctx, void *ptr FLARG) {
        size_t size = 0;
 
        REQUIRE(VALID_CONTEXT(ctx));
+       REQUIRE(ptr != NULL);
 
        size = sallocx(ptr, 0);