On Tue, Aug 05, 2025 at 01:55:59PM +0200, Christian Brauner wrote:
The calling conventions of do_dup2() are terrible. The only reason it drops file_lock itself instead of leaving it to the two callers that have to acquire it anyway is because it wants to call filp_close() if there's already a file on that fd.
Alternative calling conventions end up being nastier - I've tried.
And really the side-effect of dropping a lock implicitly is nasty especially when the function doesn't even indicate that it does that in it's name.
And guards are great.
They do no allow to express things like "foo() consumes lock X". From time to time, we *do* need that, and when that happens guards become a menace.
Another case is lock if (lock-dependent condition) some work unlock work that can't be under that lock else some other work unlock more work that can't be under that lock
Fairly common, especially when that's a spinlock and "can't be under that lock" includes blocking operations. Can't be expressed with guards, not without a massage that often ends up with bloody awful results.