|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Will hap_alloc fail?
On 13/7/07 09:23, "Tim Deegan" <Tim.Deegan@xxxxxxxxxxxxx> wrote: > At 18:19 +0100 on 12 Jul (1184264340), Mats Petersson wrote: >> I would have thought that domain_crash() is the right thing to do - >> there's nothing "better" that can be done elsewhere, as far as I can >> understand, and there's really no point in propagating an error >> unless there's something that can be done about it (or it can be >> ignored, which isn't the case in this instance), as this only leads >> to potential misses of the propagated error, making it harder to debug. > > You need to do both, unfortunately. domain_crash() just marks the > domain as crashed; we still need to survive the rest of the code path > for the action we're taking without following a null pointer or similar. Yes, we pretty much killed off usage of domain_crash_synchronous() because it was being used as the lazy way out at the expense of correctness. These low-level fallible routines often get called in spinlock contexts, for example. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |