[Swan-dev] pluto: sprinkle const on many struct fd * parameters

[D. Hugh Redelmeier]

| From: Andrew Cagney <andrew.cagney at gmail.com>

| This feels wrong - struct fd is opaque so what more needs to be said?
| Adding the 'const', forces an internal detail onto the clients and an
| artifical limitation on the implementation.  For instance:
| 
| ssize_t fd_read(const struct fd *fd, void *buf, size_t nbytes,
|         where_t where);
| 
| is prevented from modifying the structure it owns.

As I understand it, the reason for introducing this structure was
because we programmers could no longer reliably keep track of whack
file descriptors.  A leak would cause whack commands to never complete.

I don't think that struct fd is used for anything other than whack
file descriptors.  Is it expected to be useful for other file
descriptors?  If not, it should be named to reflect its use.

If one declares all possible struct fd * things const, the absence of
const highlights where references could go wrong.  That seems quite
valuable.  (Another imagineable cause would be a const struct fd *
embedded in a larger data structure that got leaked but I don't think
that there are any cases of such embedding.)

"const" generally helps a reader and a compiler understand a program
better.

It is good that struct fd is an opaque type.

One can imagine a change to fd_read which would involve modifying the
struct fd.  At such time, the const could be removed.  Are you
seriously contemplating a change that requires this?