On Wed, Mar 08, 2017 at 03:57:26PM -0300, Eduardo Habkost wrote:
> On Wed, Mar 08, 2017 at 06:22:13PM +0200, Krzysztof Kozlowski wrote:
> > On Mon, Mar 06, 2017 at 09:09:48AM -0300, Eduardo Habkost wrote:
> > > Hi,
> > >
> > >
> > > On Sun, Mar 05, 2017 at 11:46:33PM +0200, Krzysztof Kozlowski wrote:
> > > > In few places the function arguments and local variables are not
> > > > modifying data passed through pointers so this can be made const for
> > > > code safeness.
> > > >
> > > > Signed-off-by: Krzysztof Kozlowski <k...@kernel.org>
> > >
> > > I believe most changes below are misleading to users of the API,
> > > and make the code less safe. Most of the pointers passed as
> > > argument to those functions will be stored at non-const pointer
> > > fields inside the objects.
> > >
> > > > ---
> > > > hw/core/qdev-properties-system.c | 6 +++---
> > > > hw/core/qdev-properties.c | 7 ++++---
> > > > include/hw/qdev-properties.h | 11 +++++++----
> > > > 3 files changed, 14 insertions(+), 10 deletions(-)
> > > >
> > > > diff --git a/hw/core/qdev-properties-system.c
> > > > b/hw/core/qdev-properties-system.c
> > > > index c34be1c1bace..abbf3ef754d8 100644
> > > > --- a/hw/core/qdev-properties-system.c
> > > > +++ b/hw/core/qdev-properties-system.c
> > > > @@ -405,7 +405,7 @@ void qdev_prop_set_drive(DeviceState *dev, const
> > > > char *name,
> > > > if (value) {
> > > > ref = blk_name(value);
> > > > if (!*ref) {
> > > > - BlockDriverState *bs = blk_bs(value);
> > > > + const BlockDriverState *bs = blk_bs(value);
> > > > if (bs) {
> > > > ref = bdrv_get_node_name(bs);
> > > > }
> > >
> > > This part looks safe, but still misleading: the
> > > object_property_set_str() call will end up changing a non-const
> > > pointer field in the object. I'm not sure what's the benefit of
> > > this change.
> >
> > I might be missing something... but I am touching only the 'bs' and it
> > is passed to bdrv_get_node_name() also as const. The
> > bdrv_get_node_name() just accepts pointer to const.
> >
> > I am not sure why are you referring to object_property_set_str(). The
> > value returned by bdrv_get_node_name() is pointer to const.
> > object_property_set_str() also takes pointer to const.
> >
> > So entire path, starting from 'bs' uses pointer to const... thus I
> > find misleading that 'bs' is not pointing to const data. It should.
>
> This code path is correct, yes. That's why I don't mind either
> way. What I find misleading is that the object_property_set_str()
> call will end up setting a pointer inside the object to 'bs', and
> that pointer is not const.
No, I believe it won't. The qstring_from_str() makes a copy of passed
value. That is also the whole idea of pointer to const for input
argument - a commitment that this data will not be stored for later.
>
> >
> > >
> > > > @@ -416,7 +416,7 @@ void qdev_prop_set_drive(DeviceState *dev, const
> > > > char *name,
> > > > }
> > > >
> > > > void qdev_prop_set_chr(DeviceState *dev, const char *name,
> > > > - Chardev *value)
> > > > + const Chardev *value)
> > >
> > > This wrapper will end up storing 'value' in a non-const pointer
> > > in the object (e.g. PL011State::chr). Declaring 'value' as const
> > > is misleading.
> >
> > The object_property_set_str() takes data as pointer to const. If data
> > ends up as being non-const, then this is the mistake -
> > object_property_set_str().
>
> I don't see the mistake. The whole purpose of:
> qdev_prop_set_chr(dev, "some-field", v)
> is to end up doing this assignment internally:
> dev->some_field = v;
> and on most (or all?) cases dev->some_field is not a const
> pointer. The details are hidden behind the
> object_property_set_str() call.
If that would be the case, the object_property_set_str() cannot take a
pinter to const. Not only because of the safety and logic but also C
will prohibit it without a case.
const char *c = "foo bar";
char *v = c;
/home/dev/qemu/qemu/qobject/qstring.c:67:15: error: initialization
discards ‘const’ qualifier from pointer target type
[-Werror=discarded-qualifiers]
char *v = c;
^
Best regards,
Krzysztof
