Xen project Mailing List

Re: [PATCH 00/14] Use const whether we point to literal strings (take 1)

From: Elliott Mitchell <ehem+xen@xxxxxxx>

Date: Mon, 5 Apr 2021 10:01:01 -0700

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Julien Grall <jgrall@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Dario Faggioli <dfaggioli@xxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Roger Pau Monn?? <roger.pau@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>

Delivery-date: Mon, 05 Apr 2021 17:01:30 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon, Apr 05, 2021 at 04:56:59PM +0100, Julien Grall wrote: > I am not aware of code trying to modify literal strings in Xen. > However, there is a frequent use of non-const char * to point to > literal strings. Given the size of the codebase, there is a risk > to involuntarily introduce code that will modify literal strings. > > Therefore it would be better to enforce using const when pointing > to such strings. Both GCC and Clang provide an option to warn > for such case (see -Wwrite-strings) and therefore could be used > by Xen. > > This series doesn't yet make use of -Wwrite-strings because > the tree is not fully converted. Instead, it contains some easy > and likely non-controversial use const in the code. > > The major blockers to enable -Wwrite-strings are the following: > - xen/common/efi: union string is used in both const and > non-const situation. It doesn't feel right to specific one member > const and the other non-const. > - libxl: the major block is the flexarray framework as we would use > it with string (now const char*). I thought it would be possible to > make the interface const, but it looks like there are a couple of > places where we need to modify the content (such as in > libxl_json.c). > > Ideally, I would like to have -Wwrite-strings unconditionally used > tree-wide. But, some of the area may required some heavy refactoring. > > One solution would be to enable it tree-wide but turned it off at a > directroy/file level. > > Any opinions? I think doing such is a Good Idea(tm). Adding consts adds opportunities for greater optimization. Both by compilers which can avoid extra copies, and developers who then know they don't need to generate extra copies to sacrific them to an API. In particular the consts also function as documentation. So you're certainly not the only person who thinks additional consts would be a good thing: https://lists.xenproject.org/archives/html/xen-devel/2021-01/msg00132.html Alas merely getting the two const patches into the latest release apparently wasn't even worthy of response: https://lists.xenproject.org/archives/html/xen-devel/2021-02/msg01040.html I agree this should be done, though I'm aware many developers hate bothering with constants. -- (\___(\___(\______ --=> 8-) EHM <=-- ______/)___/)___/) \BS ( | ehem+sigmsg@xxxxxxx PGP 87145445 | ) / \_CS\ | _____ -O #include <stddisclaimer.h> O- _____ | / _/ 8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.