From owner-svn-src-head@FreeBSD.ORG Fri May 22 09:38:24 2009 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B25C6106564A; Fri, 22 May 2009 09:38:24 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id 828248FC17; Fri, 22 May 2009 09:38:24 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by cyrus.watson.org (Postfix) with ESMTPS id 6E7A346B17; Fri, 22 May 2009 05:38:23 -0400 (EDT) Date: Fri, 22 May 2009 10:38:23 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Attilio Rao In-Reply-To: <3bbf2fe10905211511g53defb6cmac45fc2469cc64f@mail.gmail.com> Message-ID: References: <3bbf2fe10905210629p46c7a204v6863aaba77354462@mail.gmail.com> <20090521.094100.70797067.imp@bsdimp.com> <4A157919.7040103@samsco.org> <200905211211.00168.jhb@freebsd.org> <20090521161535.GQ1927@deviant.kiev.zoral.com.ua> <4A157FF3.8020408@samsco.org> <20090521163846.GT1927@deviant.kiev.zoral.com.ua> <3bbf2fe10905211005m350dc4d1yed6dc1b79f1603d9@mail.gmail.com> <20090521194243.GW1927@deviant.kiev.zoral.com.ua> <3bbf2fe10905211511g53defb6cmac45fc2469cc64f@mail.gmail.com> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: Scott Long , src-committers@freebsd.org, John Baldwin , svn-src-all@freebsd.org, svn-src-head@freebsd.org, Kostik Belousov , "M. Warner Losh" Subject: Re: svn commit: r192535 - head/sys/kern X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 May 2009 09:38:25 -0000 On Fri, 22 May 2009, Attilio Rao wrote: >>> You need to check return values here if it returns NULL. >>> >>> IMHO, having a non-sleepable version of destroy_dev(), create_dev() and >>> such would be ideal. Ideally, we should resolve all the sleeping point and >>> do the conversion. I'm unable to check the code right now. >> >> Sure. Something like this. > > At this point I wonder what's the purpose of maintaining the sleeping > version for such functions? Exceptional case error handling tends to be some of the buggiest code in our kernel, due to a nasty combination of added complexity and infrequent real-world execution. It's what leads to an excess of gotos in the network stack, tricky unwinding of structure allocation, locking, and global variable manipulation, and races due to prematurely exposed partially initialized objects on the intersection of subsystems. Where we can avoid dealing with failure unnecessarily, code is simpler and more likely to be correct. At times, this is false economy, as some failures must happen and be handled gracefully (such as throughout the network stack during operations like m_pullup when driven by ithreads), but in many other cases the win is real. Robert N M Watson Computer Laboratory University of Cambridge