[Swan-dev] pluto: sprinkle const on many struct fd * parameters
Andrew Cagney
andrew.cagney at gmail.com
Fri Feb 21 02:10:32 UTC 2020
On Thu, 20 Feb 2020 at 17:00, D. Hugh Redelmeier <hugh at mimosa.com> wrote:
>
> | From: Andrew Cagney <andrew.cagney at gmail.com>
>
> | On Thu, 20 Feb 2020 at 15:59, D. Hugh Redelmeier <hugh at mimosa.com> wrote:
> | >
> | > | From: Andrew Cagney <andrew.cagney at gmail.com>
> |
> | > If one declares all possible struct fd * things const, the absence of
> | > const highlights where references could go wrong.
> |
> | Why?
>
> Those are the only places that can (directly or indirectly) change a
> reference count.
I don't follow.
I attribute the bugs in the old code to it trying to be too clever by
minimising the number of places that a reference needed to be taken.
This resulted in code never being sure if it needed to take a
reference, or free the reference because it had encountered an error.
The new code takes a reference when ever the pointer is copied to/from
the heap (or heap to heap).
If the object is made const and we make adding references harder we
just encourage code that incorrectly copies the actual pointer.
>
> | > "const" generally helps a reader and a compiler understand a program
> | > better.
> |
> | It says don't write to these non-opaque contents.
>
> It says: I (directly or indirectly) use the thing but don't change it.
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
More information about the Swan-dev
mailing list