KVM: arm64: Drop 'const' from argument of vq_present()

Message ID	699121e5c938c6f4b7b14a7e2648fa15af590a4a.1559623368.git.viresh.kumar@linaro.org
State	New
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; From: Viresh Kumar <viresh.kumar@linaro.org> To: Dave Martin <Dave.Martin@arm.com>, Marc Zyngier <marc.zyngier@arm.com>, James Morse <james.morse@arm.com>, Julien Thierry <julien.thierry@arm.com>, Suzuki K Pouloze <suzuki.poulose@arm.com>, Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will.deacon@arm.com> Cc: Viresh Kumar <viresh.kumar@linaro.org>, Vincent Guittot <vincent.guittot@linaro.org>, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org Subject: [PATCH] KVM: arm64: Drop 'const' from argument of vq_present() Date: Tue, 4 Jun 2019 10:13:19 +0530 Message-Id: <699121e5c938c6f4b7b14a7e2648fa15af590a4a.1559623368.git.viresh.kumar@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk
Series	KVM: arm64: Drop 'const' from argument of vq_present() \| expand KVM: arm64: Drop 'const' from argument of vq_present()

Viresh Kumar June 4, 2019, 4:43 a.m. UTC

We currently get following compilation warning:

arch/arm64/kvm/guest.c: In function 'set_sve_vls':
arch/arm64/kvm/guest.c:262:18: warning: passing argument 1 of 'vq_present' from incompatible pointer type
arch/arm64/kvm/guest.c:212:13: note: expected 'const u64 (* const)[8]' but argument is of type 'u64 (*)[8]'

The argument can't be const, as it is copied at runtime using
copy_from_user(). Drop const from the prototype of vq_present().

Fixes: 9033bba4b535 ("KVM: arm64/sve: Add pseudo-register for the guest's vector lengths")
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>

---
 arch/arm64/kvm/guest.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.21.0.rc0.269.g1a574e7a288b

Marc Zyngier June 4, 2019, 8:30 a.m. UTC | #1

On 04/06/2019 05:43, Viresh Kumar wrote:
> We currently get following compilation warning:

> 

> arch/arm64/kvm/guest.c: In function 'set_sve_vls':

> arch/arm64/kvm/guest.c:262:18: warning: passing argument 1 of 'vq_present' from incompatible pointer type

> arch/arm64/kvm/guest.c:212:13: note: expected 'const u64 (* const)[8]' but argument is of type 'u64 (*)[8]'


Using which toolchain? My GCC 8.3.0 doesn't say anything.

Thanks,

	M.
-- 
Jazz is not dead. It just smells funny...

Viresh Kumar June 4, 2019, 8:39 a.m. UTC | #2

On 04-06-19, 09:30, Marc Zyngier wrote:
> On 04/06/2019 05:43, Viresh Kumar wrote:

> > We currently get following compilation warning:

> > 

> > arch/arm64/kvm/guest.c: In function 'set_sve_vls':

> > arch/arm64/kvm/guest.c:262:18: warning: passing argument 1 of 'vq_present' from incompatible pointer type

> > arch/arm64/kvm/guest.c:212:13: note: expected 'const u64 (* const)[8]' but argument is of type 'u64 (*)[8]'

> 

> Using which toolchain? My GCC 8.3.0 doesn't say anything.


I haven't updated mine since a long time it seems :)

aarch64-linux-gnu-gcc (Linaro GCC 4.9-2015.05) 4.9.3 20150413 (prerelease)

-- 
viresh

Catalin Marinas June 4, 2019, 8:43 a.m. UTC | #3

On Tue, Jun 04, 2019 at 10:13:19AM +0530, Viresh Kumar wrote:
> We currently get following compilation warning:

> 

> arch/arm64/kvm/guest.c: In function 'set_sve_vls':

> arch/arm64/kvm/guest.c:262:18: warning: passing argument 1 of 'vq_present' from incompatible pointer type

> arch/arm64/kvm/guest.c:212:13: note: expected 'const u64 (* const)[8]' but argument is of type 'u64 (*)[8]'


Since the vq_present() function does not modify the vqs array, I don't
understand why this warning. Compiler bug?

-- 
Catalin

Viresh Kumar June 4, 2019, 8:55 a.m. UTC | #4

On 04-06-19, 09:43, Catalin Marinas wrote:
> On Tue, Jun 04, 2019 at 10:13:19AM +0530, Viresh Kumar wrote:

> > We currently get following compilation warning:

> > 

> > arch/arm64/kvm/guest.c: In function 'set_sve_vls':

> > arch/arm64/kvm/guest.c:262:18: warning: passing argument 1 of 'vq_present' from incompatible pointer type

> > arch/arm64/kvm/guest.c:212:13: note: expected 'const u64 (* const)[8]' but argument is of type 'u64 (*)[8]'

> 

> Since the vq_present() function does not modify the vqs array, I don't

> understand why this warning. Compiler bug?


Probably yes. Also marking array argument to functions as const is a
right thing to do, to declare that the function wouldn't change the
array values.

I tried a recent toolchain and this doesn't happen anymore.

Sorry for the noise.

-- 
viresh

Marc Zyngier June 4, 2019, 9:01 a.m. UTC | #5

On 04/06/2019 09:43, Catalin Marinas wrote:
> On Tue, Jun 04, 2019 at 10:13:19AM +0530, Viresh Kumar wrote:

>> We currently get following compilation warning:

>>

>> arch/arm64/kvm/guest.c: In function 'set_sve_vls':

>> arch/arm64/kvm/guest.c:262:18: warning: passing argument 1 of 'vq_present' from incompatible pointer type

>> arch/arm64/kvm/guest.c:212:13: note: expected 'const u64 (* const)[8]' but argument is of type 'u64 (*)[8]'

> 

> Since the vq_present() function does not modify the vqs array, I don't

> understand why this warning. Compiler bug?


Yeah, I'm a bit puzzled by that one. Also checked with clang, which is
usually much more picky about things, but it didn't complain.

We could drop the const without much harm, but I really wish we weed out
these ancient compilers...

Thanks,

	M.
-- 
Jazz is not dead. It just smells funny...

Dave Martin June 4, 2019, 9:26 a.m. UTC | #6

On Tue, Jun 04, 2019 at 02:25:45PM +0530, Viresh Kumar wrote:
> On 04-06-19, 09:43, Catalin Marinas wrote:

> > On Tue, Jun 04, 2019 at 10:13:19AM +0530, Viresh Kumar wrote:

> > > We currently get following compilation warning:

> > > 

> > > arch/arm64/kvm/guest.c: In function 'set_sve_vls':

> > > arch/arm64/kvm/guest.c:262:18: warning: passing argument 1 of 'vq_present' from incompatible pointer type

> > > arch/arm64/kvm/guest.c:212:13: note: expected 'const u64 (* const)[8]' but argument is of type 'u64 (*)[8]'

> > 

> > Since the vq_present() function does not modify the vqs array, I don't

> > understand why this warning. Compiler bug?

> 

> Probably yes. Also marking array argument to functions as const is a

> right thing to do, to declare that the function wouldn't change the

> array values.

> 

> I tried a recent toolchain and this doesn't happen anymore.

> 

> Sorry for the noise.

Sparse is already warning about this, but I had dismissed it as a false
positive.

I think this is an instance of disallowing implicit conversions of the
form

	T ** -> T const **

because this allows a const pointer to be silently de-consted, e.g.:

static const T bar;

void foo(T const **p)
{
	*p = &bar;
}

T *baz(void)
{
	T *q; 
	foo(&q);
	return q;
}

I _suspect_ that what's going on here is that the compiler is
eliminating a level of indirection during inlining (i.e. converting
pass-by-reference to direct access, which is precisely what I wanted
to happen).  This removes the potentially invalid behaviour as a
side-effect.

This relies on the compiler optimising / analysing the code
aggressively enough though.

So, I don't have a problem with dropping the extra extra const, e.g.:

static bool vq_present(
	u64 (*const vqs)[KVM_ARM64_SVE_VLS_WORDS],
	unsigned int vq)

Since this function is static and only used very locally, I don't see a
big risk: the only reason for the extra const was to check that
vq_present() doesn't modify vqs when it shouldn't.  But it's a trivial
function, and the intent is pretty clear without the extra type
modifier.

I'm in two minds about whether this is worth fixing, but if you want to
post a patch to remove the extra const (or convert vq_present() to a
macro), I'll take a look at it.

Cheers
---Dave

Viresh Kumar June 4, 2019, 9:31 a.m. UTC | #7

On 04-06-19, 10:26, Dave Martin wrote:
> I'm in two minds about whether this is worth fixing, but if you want to

> post a patch to remove the extra const (or convert vq_present() to a

> macro), I'll take a look at it.

This patch already does what you are asking for (remove the extra
const), isn't it ?

I looked at my textbook (The C programming Language, By Brian W.
Kernighan and Dennis M. Ritchie.) and it says:

"
The const declaration can also be used with array arguments, to
indicate that the function does not change that array:

int strlen(const char[]);
"

and so this patch isn't necessary for sure.

-- 
viresh

Dave Martin June 4, 2019, 9:57 a.m. UTC | #8

On Tue, Jun 04, 2019 at 03:01:53PM +0530, Viresh Kumar wrote:
> On 04-06-19, 10:26, Dave Martin wrote:

> > I'm in two minds about whether this is worth fixing, but if you want to

> > post a patch to remove the extra const (or convert vq_present() to a

> > macro), I'll take a look at it.

> 

> This patch already does what you are asking for (remove the extra

> const), isn't it ?


Yes, sorry -- I didn't scroll back far enough.

> I looked at my textbook (The C programming Language, By Brian W.

> Kernighan and Dennis M. Ritchie.) and it says:

> 

> "

> The const declaration can also be used with array arguments, to

> indicate that the function does not change that array:

> 

> int strlen(const char[]);

> "

> 

> and so this patch isn't necessary for sure.


This is an array to which a pointer argument points, not an array
argument.  I think that's how we hit the constified double-indirection
problem.

Cheers
---Dave

Dave Martin June 4, 2019, 9:59 a.m. UTC | #9

On Tue, Jun 04, 2019 at 10:13:19AM +0530, Viresh Kumar wrote:
> We currently get following compilation warning:

> 

> arch/arm64/kvm/guest.c: In function 'set_sve_vls':

> arch/arm64/kvm/guest.c:262:18: warning: passing argument 1 of 'vq_present' from incompatible pointer type

> arch/arm64/kvm/guest.c:212:13: note: expected 'const u64 (* const)[8]' but argument is of type 'u64 (*)[8]'

> 

> The argument can't be const, as it is copied at runtime using

> copy_from_user(). Drop const from the prototype of vq_present().

> 

> Fixes: 9033bba4b535 ("KVM: arm64/sve: Add pseudo-register for the guest's vector lengths")

> Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>

> ---

>  arch/arm64/kvm/guest.c | 2 +-

>  1 file changed, 1 insertion(+), 1 deletion(-)

> 

> diff --git a/arch/arm64/kvm/guest.c b/arch/arm64/kvm/guest.c

> index 3ae2f82fca46..78f5a4f45e0a 100644

> --- a/arch/arm64/kvm/guest.c

> +++ b/arch/arm64/kvm/guest.c

> @@ -209,7 +209,7 @@ static int set_core_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)

>  #define vq_mask(vq) ((u64)1 << ((vq) - SVE_VQ_MIN) % 64)

>  

>  static bool vq_present(

> -	const u64 (*const vqs)[KVM_ARM64_SVE_VLS_WORDS],

> +	u64 (*const vqs)[KVM_ARM64_SVE_VLS_WORDS],

>  	unsigned int vq)

>  {

>  	return (*vqs)[vq_word(vq)] & vq_mask(vq);


Ack, but maybe this should just be converted to a macro?

It already feels a bit like overkill for this to be a function.

Cheers
---Dave

Viresh Kumar June 7, 2019, 6 a.m. UTC | #10

On 04-06-19, 10:59, Dave Martin wrote:
> On Tue, Jun 04, 2019 at 10:13:19AM +0530, Viresh Kumar wrote:

> > We currently get following compilation warning:

> > 

> > arch/arm64/kvm/guest.c: In function 'set_sve_vls':

> > arch/arm64/kvm/guest.c:262:18: warning: passing argument 1 of 'vq_present' from incompatible pointer type

> > arch/arm64/kvm/guest.c:212:13: note: expected 'const u64 (* const)[8]' but argument is of type 'u64 (*)[8]'

> > 

> > The argument can't be const, as it is copied at runtime using

> > copy_from_user(). Drop const from the prototype of vq_present().

> > 

> > Fixes: 9033bba4b535 ("KVM: arm64/sve: Add pseudo-register for the guest's vector lengths")

> > Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>

> > ---

> >  arch/arm64/kvm/guest.c | 2 +-

> >  1 file changed, 1 insertion(+), 1 deletion(-)

> > 

> > diff --git a/arch/arm64/kvm/guest.c b/arch/arm64/kvm/guest.c

> > index 3ae2f82fca46..78f5a4f45e0a 100644

> > --- a/arch/arm64/kvm/guest.c

> > +++ b/arch/arm64/kvm/guest.c

> > @@ -209,7 +209,7 @@ static int set_core_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)

> >  #define vq_mask(vq) ((u64)1 << ((vq) - SVE_VQ_MIN) % 64)

> >  

> >  static bool vq_present(

> > -	const u64 (*const vqs)[KVM_ARM64_SVE_VLS_WORDS],

> > +	u64 (*const vqs)[KVM_ARM64_SVE_VLS_WORDS],

> >  	unsigned int vq)

> >  {

> >  	return (*vqs)[vq_word(vq)] & vq_mask(vq);

> 

> Ack, but maybe this should just be converted to a macro?


I will send a patch with that if that's what you want.

Thanks.

-- 
viresh

Dave Martin June 7, 2019, 2:42 p.m. UTC | #11

On Fri, Jun 07, 2019 at 11:30:37AM +0530, Viresh Kumar wrote:
> On 04-06-19, 10:59, Dave Martin wrote:

> > On Tue, Jun 04, 2019 at 10:13:19AM +0530, Viresh Kumar wrote:

> > > We currently get following compilation warning:

> > > 

> > > arch/arm64/kvm/guest.c: In function 'set_sve_vls':

> > > arch/arm64/kvm/guest.c:262:18: warning: passing argument 1 of 'vq_present' from incompatible pointer type

> > > arch/arm64/kvm/guest.c:212:13: note: expected 'const u64 (* const)[8]' but argument is of type 'u64 (*)[8]'

> > > 

> > > The argument can't be const, as it is copied at runtime using

> > > copy_from_user(). Drop const from the prototype of vq_present().

> > > 

> > > Fixes: 9033bba4b535 ("KVM: arm64/sve: Add pseudo-register for the guest's vector lengths")

> > > Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>

> > > ---

> > >  arch/arm64/kvm/guest.c | 2 +-

> > >  1 file changed, 1 insertion(+), 1 deletion(-)

> > > 

> > > diff --git a/arch/arm64/kvm/guest.c b/arch/arm64/kvm/guest.c

> > > index 3ae2f82fca46..78f5a4f45e0a 100644

> > > --- a/arch/arm64/kvm/guest.c

> > > +++ b/arch/arm64/kvm/guest.c

> > > @@ -209,7 +209,7 @@ static int set_core_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)

> > >  #define vq_mask(vq) ((u64)1 << ((vq) - SVE_VQ_MIN) % 64)

> > >  

> > >  static bool vq_present(

> > > -	const u64 (*const vqs)[KVM_ARM64_SVE_VLS_WORDS],

> > > +	u64 (*const vqs)[KVM_ARM64_SVE_VLS_WORDS],

> > >  	unsigned int vq)

> > >  {

> > >  	return (*vqs)[vq_word(vq)] & vq_mask(vq);

> > 

> > Ack, but maybe this should just be converted to a macro?

> 

> I will send a patch with that if that's what you want.


I think this would solve the problem and simplify the code a bit at the
same time.

So go for it.

Cheers
---Dave

KVM: arm64: Drop 'const' from argument of vq_present()

Commit Message

Comments

Patch