Re: [PATCH] drivers/block/ub.c: use list_for_each_entry()

[Roland Dreier <rdreier@cisco.com>]

 > > > The negative is the sheer number of helper functions in list.h. Personally,
 > > > I find it difficult to retain a working knowledge of them. Iterators are
 > > > particularly nasty that way. I'm thinking about dropping all of these
 > > > list_for_each_with_murky_argument_requirements_and_odd_side_effects()
 > > > and use plain for(;;), as a courtesy to someone who has to read the
 > > > code years down the road.
 > > 
 > > I think I disagree with this reasoning.  If I'm reading your code and
 > > I see, say, list_for_each_entry_safe(), I can be pretty confident that
 > > your loop works correctly.  If you write your own for loop, then I
 > > have to check that you actually got the linked list walking right.
 > 
 > You have to check that I used list_for_each_entry_safe correctly too,
 > which is harder. Are you aware that we had (and probably still have)
 > dozens of cases where the use of list_for_each_entry_safe was buggy?
 > Most of them involved IHV programmers being lured into false sense
 > of security by the _safe suffix and getting their locking wrong.
 > 
 > You could not find a better way to blow up your own argument
 > than to mention list_for_each_entry_safe(), which is anything but.
 > Matthias' use of list_for_each_entry() actually IS safe, which is
 > why I am not NAKing it. Andrew has accepted it already. I just
 > think we aren't winning squat here.

Well, actually, I chose list_for_each_entry_safe() quite conscious of
the locking issues.  If I see list_XXX_safe() then I know that I need
to be suspicious when reviewing code -- the same way seeing "atomic_t"
makes me think "is there any reason to use atomic_t??"

If I just see

	for (pos = list_entry((head)->next, typeof(*pos), member),
		n = list_entry(pos->member.next, typeof(*pos), member);
	     &pos->member != (head);
	     pos = n, n = list_entry(n->member.next, typeof(*n), member))

then what am I to think?

 - R.