LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

const structures

const structures

Posted Oct 7, 2011 6:26 UTC (Fri) by Lionel_Debroux (subscriber, #30014)
In reply to: const structures by PaXTeam
Parent article: Better kernels with GCC plugins

The constification part of the PaX patch used to represent more than 700 KB, i.e. more than one third of the raw size of the patch, which was below 2 MB. For many files touched by the patch, constification was the only type of change involved in the file.
Some constifications performed by the PaX patch were possible only due to other changes in PaX - for example, ata_port_operation, which is one of the most widely used function pointer structs in the kernel.

I myself gave up trying to push upstream the constification of snd_pcm_ops, which represented ~10% of the size of the constification part of the PaX patch, because there were so many instances to check...

Could the plugin be modified to print warnings about pointers to non-const instances being passed to functions that take pointers to const instances ? (if enabled by some argument to the plugin, because upon introduction of that feature and for quite some time afterwards, there will be thousands of occurrences...)
For instance, this could have helped against addition of mutable instances of backlight_ops being added after backlight_device_register() was modified to take a "const struct backlight_ops *ops" argument...

Finding functions that take pointers to mutable instances while they could take pointers to const instances would be harder, wouldn't it be ?

(Log in to post comments)

const structures

Posted Oct 7, 2011 8:22 UTC (Fri) by PaXTeam (subscriber, #24616) [Link]

> Could the plugin be modified to print warnings about pointers to non-const
> instances being passed to functions that take pointers to const instances ?

it's surely possible but i'm not sure this is what you really want as such typecasts are allowed by C and extensively used everywhere. now i assume you'd really want this detection for ops structures only in which case the problem is how the plugin would know of them (i assume you wouldn't want to use the current 'constify by default' approach). you could make use of the do_const attribute (without calling constify_type) then in the FINISH_TYPE callback you can check whether the pointed to structure is already const or not (and has the do_const attr, although on second thought, i forget now whether attrs are carried with types or have to be acted upon in the attr callback).

with all that said, i would not go the 'check the pointer' route but rather i'd constify the variable instances instead (but not function arguments) and then rely on gcc's existing warning system (if you take the address of a const object to initialize a ptr to the non-const type then you'll get a warning).

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds