tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Proposal: kmem_valloc [was: Re: raspberry pi panic 7.0_BETA after install fs resize]

Maxime Villard <> wrote:
> Hi,
> there's something terribly sad with the kmem API: kmem_free takes
> a size argument. It has I think two major drawbacks:
> <...>
> Here is a patch which implements kmem_valloc.
> Comments?

I object to such addition; others already explained various aspects of
this (it is not the first time we debate kmem(9) either), but one thing
which might be worth to add: the underlying problem is also a lack of
testing or at least double checking the error paths; they have a known
attraction to bugs.  You can have a missing mutex_exit() there and it
is not something you can solve with a different API.  However, we have
sufficient means to detects these kind of bugs (DIAGNOSTIC, LOCKDEBUG).

Another point: while defensive programming has certain merits, it also
has very important drawback - it breaks the assumptions and decreases
code clarity.  Supporting malloc(NULL) or free(NULL) is an example of
that since it introduces the ambiguity about the life cycle or validity
of your pointer/object/whatever.  It may also hide such bugs as double
free if the pointer gets set to NULL after the first destruction (or it
may free the wrong object and/or lead to memory corruptions).


Home | Main Index | Thread Index | Old Index