On Thu, 20 Feb 2020 at 17:00, D. Hugh Redelmeier <[email protected]> wrote: > > | From: Andrew Cagney <[email protected]> > > | On Thu, 20 Feb 2020 at 15:59, D. Hugh Redelmeier <[email protected]> wrote: > | > > | > | From: Andrew Cagney <[email protected]> > | > | > If one declares all possible struct fd * things const, the absence of > | > const highlights where references could go wrong. > | > | Why? > > Those are the only places that can (directly or indirectly) change a > reference count.
I don't follow. I attribute the bugs in the old code to it trying to be too clever by minimising the number of places that a reference needed to be taken. This resulted in code never being sure if it needed to take a reference, or free the reference because it had encountered an error. The new code takes a reference when ever the pointer is copied to/from the heap (or heap to heap). If the object is made const and we make adding references harder we just encourage code that incorrectly copies the actual pointer. > > | > "const" generally helps a reader and a compiler understand a program > | > better. > | > | It says don't write to these non-opaque contents. > > It says: I (directly or indirectly) use the thing but don't change it. > _______________________________________________ > Swan-dev mailing list > [email protected] > https://lists.libreswan.org/mailman/listinfo/swan-dev _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
