Re: [PATCH] KVM: arm64: Drop 'const' from argument of vq_present()

From: Dave Martin
Date: Tue Jun 04 2019 - 05:30:37 EST

Next message: Mika Westerberg: "Re: [RFC PATCH 22/57] drivers: i2c: Use generic helper to match device by acpi_dev"
Previous message: Sachin Sant: "[PowerPC][next-20190603] WARNING: at kernel/fork.c:721"
In reply to: Viresh Kumar: "Re: [PATCH] KVM: arm64: Drop 'const' from argument of vq_present()"
Next in thread: Viresh Kumar: "Re: [PATCH] KVM: arm64: Drop 'const' from argument of vq_present()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jun 04, 2019 at 02:25:45PM +0530, Viresh Kumar wrote:
> On 04-06-19, 09:43, Catalin Marinas wrote:
> > On Tue, Jun 04, 2019 at 10:13:19AM +0530, Viresh Kumar wrote:
> > > We currently get following compilation warning:
> > >
> > > arch/arm64/kvm/guest.c: In function 'set_sve_vls':
> > > arch/arm64/kvm/guest.c:262:18: warning: passing argument 1 of 'vq_present' from incompatible pointer type
> > > arch/arm64/kvm/guest.c:212:13: note: expected 'const u64 (* const)[8]' but argument is of type 'u64 (*)[8]'
> >
> > Since the vq_present() function does not modify the vqs array, I don't
> > understand why this warning. Compiler bug?
>
> Probably yes. Also marking array argument to functions as const is a
> right thing to do, to declare that the function wouldn't change the
> array values.
>
> I tried a recent toolchain and this doesn't happen anymore.
>
> Sorry for the noise.

Sparse is already warning about this, but I had dismissed it as a false
positive.

I think this is an instance of disallowing implicit conversions of the
form

T ** -> T const **

because this allows a const pointer to be silently de-consted, e.g.:

static const T bar;

void foo(T const **p)
{
*p = &bar;
}

T *baz(void)
{
T *q;
foo(&q);
return q;
}

I _suspect_ that what's going on here is that the compiler is
eliminating a level of indirection during inlining (i.e. converting
pass-by-reference to direct access, which is precisely what I wanted
to happen). This removes the potentially invalid behaviour as a
side-effect.

This relies on the compiler optimising / analysing the code
aggressively enough though.

So, I don't have a problem with dropping the extra extra const, e.g.:

static bool vq_present(
u64 (*const vqs)[KVM_ARM64_SVE_VLS_WORDS],
unsigned int vq)

Since this function is static and only used very locally, I don't see a
big risk: the only reason for the extra const was to check that
vq_present() doesn't modify vqs when it shouldn't. But it's a trivial
function, and the intent is pretty clear without the extra type
modifier.

I'm in two minds about whether this is worth fixing, but if you want to
post a patch to remove the extra const (or convert vq_present() to a
macro), I'll take a look at it.

Cheers
---Dave

Next message: Mika Westerberg: "Re: [RFC PATCH 22/57] drivers: i2c: Use generic helper to match device by acpi_dev"
Previous message: Sachin Sant: "[PowerPC][next-20190603] WARNING: at kernel/fork.c:721"
In reply to: Viresh Kumar: "Re: [PATCH] KVM: arm64: Drop 'const' from argument of vq_present()"
Next in thread: Viresh Kumar: "Re: [PATCH] KVM: arm64: Drop 'const' from argument of vq_present()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]