[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Proposal: kmem_valloc [was: Re: raspberry pi panic 7.0_BETA after install fs resize]
Maxime Villard <max%M00nBSD.net@localhost> wrote:
> there's something terribly sad with the kmem API: kmem_free takes
> a size argument. It has I think two major drawbacks:
> Here is a patch which implements kmem_valloc.
I object to such addition; others already explained various aspects of
this (it is not the first time we debate kmem(9) either), but one thing
which might be worth to add: the underlying problem is also a lack of
testing or at least double checking the error paths; they have a known
attraction to bugs. You can have a missing mutex_exit() there and it
is not something you can solve with a different API. However, we have
sufficient means to detects these kind of bugs (DIAGNOSTIC, LOCKDEBUG).
Another point: while defensive programming has certain merits, it also
has very important drawback - it breaks the assumptions and decreases
code clarity. Supporting malloc(NULL) or free(NULL) is an example of
that since it introduces the ambiguity about the life cycle or validity
of your pointer/object/whatever. It may also hide such bugs as double
free if the pointer gets set to NULL after the first destruction (or it
may free the wrong object and/or lead to memory corruptions).
Main Index |
Thread Index |