tech-toolchain: Re: toolchain/22118: make won't compile with -Wcast-qual -Wstrict-prototypes and more

Subject: Re: toolchain/22118: make won't compile with -Wcast-qual -Wstrict-prototypes and more
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Greg A. Woods <woods@weird.com>
List: tech-toolchain
Date: 07/16/2003 02:41:28
[ On Tuesday, July 15, 2003 at 13:11:23 (-0400), der Mouse wrote: ]
> Subject: Re: toolchain/22118: make won't compile with -Wcast-qual -Wstrict-prototypes and more
>
> No, of course not.  I'm not trying to make the string constant's data
> writable.  I am suppressing a warning that I know is noise; that is all
> I am trying to do, and I believe that is all I'm doing.

If you're not willing to go to the trouble of copying your read-only
string constants into writable storage before you attempt to pass
pointers to them to functions that do not accept pointers to
const-qualified storage then either do not enable the warning in the
first place, or else tell the compiler generate storage allocations for
for your strings such that they are not const-qualified (or both).

> What is standard-violating about the deconst() I quoted?

It cannot possibly ever be standards compliant!

>  (Attempting
> to write through the resulting non-consted pointer would be a
> violation, of course, as it attempts to write into storage that may not
> be writable.  That's not relevant to what I asked.)

What's totally not relevant to the issue is whether your code ever does
try to actually write to storage originally declared to be const
qualified.  The whole point of "const" is to allow the compiler to warn
you at the point when you've told it to do something that _could_ allow
some code somewhere to write to const qualified storage.  The compiler
is not clairvoiant -- it cannot tell whether or not a given process
executing a given chunk of code will ever follow the path which does
pass a pointer to free() or whatever.  Regardless of the path taken when
such code is executed, the parameter which the pointer is passed to that
code through MUST NOT be declared as pointing to const-qualified storage
and as a result any attempt to pass a pointer that is declared as
pointing to const-qualified storage.  You can choose to always copy
const-qualified storage to non-qualified storage before you pass a
pointer to the latter to such a function, or you can choose to be
smarter than the compiler and simply ignore the warning, or you can
choose to disable the warning, or you can choose to use a non-portable
compiler feature that gives string constants writable storage to live
in.  However what you cannot safely do in portable Standard C compliant
code is ever alias a pointer that is declared as pointing to
const-qualified storage such that you end up with a non-qualified
pointer pointing to the same storage address.  If you want to write
truly portable Standard C compliant code then you MUST always copy
const-qualified storage to non-const-qualified storage before you pass a
pointer to the latter to any function which does not accept pointers
pointing to const-qualified storage.  The whole purpose of 'const' is to
give you warnings when your code might end up trying to write to
non-writable storage.  In most situations string constants may be
allocated in read-only storage.

-- 
						Greg A. Woods

+1 416 218-0098                  VE3TCP            RoboHack <woods@robohack.ca>
Planix, Inc. <woods@planix.com>          Secrets of the Weird <woods@weird.com>