>> * Why was the function "rbd_dev_probe_parent" implemented in the way >> that it relies on a sanity check in the function "rbd_dev_destroy" then? > > Because it's not a bad thing? There are different opinions about this implementation detail. > What's wrong with an init to NULL, a possible assignment, in this case > from rbd_dev_create(), and an unconditional rbd_dev_destroy()? Does this approach look like it is affected by a "one error jump label bug" symptom? > The NULL check in rbd_dev_destroy() is not a sanity check, > it's a feature. I have got an other impression here. > It's not there to "fixup" callers that pass NULL It seems that the explanations on the detail why a function tolerates passed null pointers can also be different. > - it's there because it is _expected_ that some callers will pass NULL. I find it still unnecessary to let a called function like "rbd_dev_destroy" to repeat the check when you know already that the passed variable contains a null pointer. > As I said in my reply to Dan, the problem with rbd_dev_probe_parent() > is the calling code which expects it to call unparent if ->parent_spec. > This makes it stand out and confuses people, but can't be fixed without > refactoring a bunch of other code. I would appreciate if the discussed function could be also improved by itself. More refactoring might follow at other source code places later. > The extra function call is *not* a problem. How many software developers and reviewers will care if corresponding error handling can also become a bit more efficient? Regards, Markus -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
