lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <479091B5.4060700@cateee.net>
Date:	Fri, 18 Jan 2008 12:47:01 +0100
From:	"Giacomo A. Catenazzi" <cate@...eee.net>
To:	Jakob Oestergaard <jakob@...hought.net>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	David Schwartz <davids@...master.com>,
	Johannes Weiner <hannes@...urebad.de>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	clameter@....com, penberg@...helsinki.fi
Subject: Re: Why is the kfree() argument const?

Jakob Oestergaard wrote:
> On Thu, Jan 17, 2008 at 01:25:39PM -0800, Linus Torvalds wrote:
> ...
>> Why do you make that mistake, when it is PROVABLY NOT TRUE!
>>
>> Try this trivial program:
>>
>> 	int main(int argc, char **argv)
>> 	{
>> 	        int i;
>> 	        const int *c;
>> 	
>> 	        i = 5;
>> 	        c = &i;
>> 	        i = 10;
>> 	        return *c;
>> 	}
>>
>> and realize that according to the C rules, if it returns anything but 10, 
>> the compiler is *buggy*.
> 
> That's not how this works (as we obviously agree).
> 
> Please consider a rewrite of your example, demonstrating the usefulness and
> proper application of const pointers:
> 
> extern foo(const int *);
> 
> int main(int argc, char **argv)
> {
>  int i;
> 
>  i = 5;
>  foo(&i);
>  return i;
> }
> 
> Now, if the program returns anything else than 5, it means someone cast away
> const, which is generally considered a bad idea in most other software
> projects, for this very reason.
> 
> *That* is the purpose of const pointers.

"restrict" exists for this reason. const is only about lvalue.

You should draw a line, not to make C more complex!

Changing the name of variables in your example:

extern print_int(const int *);

int main(int argc, char **argv)
{
   extern int errno;

   errno = 0;
   print_int(&i);
   return errno;
}

print_int() doesn't know that errno is also the argument.
and this compilation unit doesn't know that print_int() will
modify errno.

Ok, I changed int to extern int, but you see the point?
Do you want complex rules about const, depending on
context (extern, volatile,...) ?

ciao
	cate
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ