[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0804111807340.12407@alien.or.mcafeemobile.com>
Date: Fri, 11 Apr 2008 18:15:26 -0700 (PDT)
From: Davide Libenzi <davidel@...ilserver.org>
To: Rusty Russell <rusty@...tcorp.com.au>
cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Arnd Bergmann <arnd@...db.de>, Al Viro <viro@....linux.org.uk>
Subject: Re: [PATCH] anon_inodes.c cleanups.
On Fri, 11 Apr 2008, Rusty Russell wrote:
> Arnd pointed me at anon_inode_getfd(), and the code annoyed me enough
> to send this patch.
>
> Mainly because the init routine carefully checks for errors, then panics
> (because we shouldn't run out of memory at boot). Unfortunately, it's
> actually worse than simply oopsing, where we'd know what had failed.
>
> 1) anon_inode_inode can be read_mostly, same as anon_inode_mnt.
Sure.
> 3) anon_inode_mkinode has one caller, so it's a little confusing.
Hmm? The function groups the code necessary to create the anonfds inode.
If every function that has one call site would be inlined, we'd have
monster long functions. Functions also have the purpose to group some code
that does some task, into a single unit (and the function name hopefully
gives an hint about what's doing). The compiler (not that in this case
really matter, since it's not even a slow-path, is a once-run path) may
take care of inlining, if sees that appropriate.
> 2) The IS_ERR(anon_inode_inode) check is unneeded, since we panic on
> boot if that were true.
> 4) Don't clean up before panic.
> 5) Panic gives less information than an oops would, plus is untested.
I remember we changed the failure-path of anonfds a couple of times along
the way, but I can't find email traces about why we did it.
So, I prefer error-checked code instead of oopses, and given that the
anonfds subsystem is not a required one for most of the components of the
kernel/userspace, I'd rather prefer to drop the panic().
The counter reasoning may be that, as today, if anonfds code fails it's
almost 100% for ENOMEM, so every other following code will likely fail as
well.
I still prefer the report-error way instead of the oops generated by not
checking return codes, and leave to more critical subsystems to nail the
system if necessary.
Anyway, I'll let this handle with Al (cc-ed now). The ananofds interface
has been changed to remove the inode** and file** parameters (noone but
KVM was using them), and Al already has those changes in his vfs tree
(plus fixes for KVM, I think).
- Davide
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists