On 3/26/07, Christopher Li <sparse@xxxxxxxxxxx> wrote:
On Mon, Mar 26, 2007 at 11:23:56AM -0400, Russ Cox wrote: > Change prototypes for __chk_user_ptr and __chk_io_ptr > to take const void* instead of void*, so that code can pass > const void* to them. (Right now sparse does not warn > about passing const void* to void* functions, but that > is a separate bug that I believe Josh is working on, > and once sparse does check this, the changed prototypes > will be necessary.) I don't think it is needed. The __user has noderef attribute. Which means it is not allow to dereference the pointer. The const qualifier allow read dereference, only write is not allowed. Adding const here will likely force the caller to do a cast at the pointer arguments. Which defeats the checker.
No, you have it backward. It is valid to pass void* to a const void* function. It is *not* valid to pass const void* to a void* function. Right now __chk_user_ptr is a void* function, meaning that all the places where it gets passed a const void* are technically illegal -- gcc would warn about these, and it is a (separate, as you observed) bug that sparse does not. The patch changes __chk_user_ptr to be a const void* function, meaning that it will be legal to pass either void* or const void* to it. This is the correct semantics. Russ - To unsubscribe from this list: send the line "unsubscribe linux-sparse" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html