Re: Must check what?

[Andrew Morton]

On Wed, 4 Oct 2006 13:25:37 -0600
Matthew Wilcox <matthew@xxxxxx> wrote:

> On Wed, Oct 04, 2006 at 12:02:42PM -0700, Andrew Morton wrote:
> > I blame kernel-doc.  It should have a slot for documenting the return value,
> > but it doesn't, so nobody documents return values.
> 
> There's also the question about where the documentation should go.  By
> the function prototype in the header?  That's the easy place for people
> using the function to find it.  By the code?  That's the place where it
> stands the most chance (about 10%) of somebody bothering to update it
> when they change the code.

yes, by the code, if it's C.  In .h if it's C++.

> > It should have a slot for documenting caller-provided locking requirements
> > too.  And for permissible calling-contexts.  They're all part of the
> > caller-provided environment, and these two tend to be a heck of a lot more
> > subtle than the function's formal arguments.
> 
> Indeed.  And reference count assumptions.  It's almost like we want a
> pre-condition assertion ...

We have might_sleep(), assert_spin_locked(), BUG_ON(!irqs_disabled()), etc.

I like assertions personally.  If we had something like:

void foo(args)
{
	locals;

	assert_irqs_enabled();
	assert_spin_locked(some_lock);
	assert_in_atomic();
	assert_mutex_locked(some_mutex);

then we get documentation which is (optionally) checked at runtime - best
of both worlds.  Better than doing it in kernel-doc.  Automatically
self-updating (otherwise kernels go BUG).

But we'd need to sell the idea ;)

And we still need to document those return values in English.

(Or we do

	return assert_zero_or_errno(ret);

which is a bit ug, but gets us there)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/