Date: Fri, 22 May 2009 10:38:23 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: Attilio Rao <attilio@freebsd.org> Cc: Scott Long <scottl@samsco.org>, src-committers@freebsd.org, John Baldwin <jhb@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org, Kostik Belousov <kostikbel@gmail.com>, "M. Warner Losh" <imp@bsdimp.com> Subject: Re: svn commit: r192535 - head/sys/kern Message-ID: <alpine.BSF.2.00.0905221035130.2015@fledge.watson.org> In-Reply-To: <3bbf2fe10905211511g53defb6cmac45fc2469cc64f@mail.gmail.com> References: <3bbf2fe10905210629p46c7a204v6863aaba77354462@mail.gmail.com> <20090521.094100.70797067.imp@bsdimp.com> <4A157919.7040103@samsco.org> <200905211211.00168.jhb@freebsd.org> <20090521161535.GQ1927@deviant.kiev.zoral.com.ua> <4A157FF3.8020408@samsco.org> <20090521163846.GT1927@deviant.kiev.zoral.com.ua> <3bbf2fe10905211005m350dc4d1yed6dc1b79f1603d9@mail.gmail.com> <20090521194243.GW1927@deviant.kiev.zoral.com.ua> <3bbf2fe10905211511g53defb6cmac45fc2469cc64f@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 22 May 2009, Attilio Rao wrote: >>> You need to check return values here if it returns NULL. >>> >>> IMHO, having a non-sleepable version of destroy_dev(), create_dev() and >>> such would be ideal. Ideally, we should resolve all the sleeping point and >>> do the conversion. I'm unable to check the code right now. >> >> Sure. Something like this. > > At this point I wonder what's the purpose of maintaining the sleeping > version for such functions? Exceptional case error handling tends to be some of the buggiest code in our kernel, due to a nasty combination of added complexity and infrequent real-world execution. It's what leads to an excess of gotos in the network stack, tricky unwinding of structure allocation, locking, and global variable manipulation, and races due to prematurely exposed partially initialized objects on the intersection of subsystems. Where we can avoid dealing with failure unnecessarily, code is simpler and more likely to be correct. At times, this is false economy, as some failures must happen and be handled gracefully (such as throughout the network stack during operations like m_pullup when driven by ithreads), but in many other cases the win is real. Robert N M Watson Computer Laboratory University of Cambridge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.0905221035130.2015>