a some -> some. Or "a little" was fine too.

Remove first "The."

I'd suggest: ".Nm is not limited to supporting only .Xr md 4 images."

I'd leave out the RW/RO distinction here. For geom_uzip's purposes, compressed images are always RO so the media characteristics don't really matter.

"The image can also reside on a block device. (For example, a disk, USB flash drive, or DVD-ROM.)"

I'm not sure the examples are necessary, but if you're going to include them, that's how I'd phrase it.

"the appropriate device node will appear with the .Pa .uzip suffix:"

Remove "The"

".Nm allows mounting the root file system from a compressed disk partition by setting the .Dv vfs.root.mountfrom tunable."

"Zero disables logging. Higher values enable more verbose debug logging for .Nm ."

I would remove "key" and "specific."

perhaps add "(0-3)" here

As Adrian points out, this should not be static.

Yeugh.

I'm not sure what this macro gets you. Why not get rid of it?

I'd suggest sizeof(*lzp) instead. And definitely do not cast the result of malloc(9). This is C, not C++.

Why not just:

err = inflate(...);
if (err != Z_STREAM_END) {
  print();
  return (1);
}
return (0);

Don't cast malloc(); suggest sizeof(*zp).

suggest casting type to size_t although I doubt zlib tries to allocate >4GB anyway.

Duplicate definition of this macro... I don't think you need it, anyway.

Unnecessary to explicitly cast between 'const void*' and 'const u_char *'.

Well, I think "little" is too heavy here. How little or not heavily depends on the CPU and algorithm.

haha, this already has been added yesterday.

Huh? Well, it's the only reasonable way to unwind complex object in C, I think it's much better to call g_uzip_softc_free() previously, since it basically needs to be smart enough to decode which sub-objects have been inited and which aren't. That other approach is highly error prone and tends to get out of sync quickly.

I should probably be ashame of that, but I could never really remember how to typedef pointer to a function in C. :( So instead of toorturing myself and never getting it right, I cooked up this little macro and just copy it over. Saves me tons of time.

Well, I prefer explicit size when it's not too obtrusive. Because the size I want might not be really *lzp, I could stick variable size array at the end some way (i.e. data[0]). So if I search my sources by sizeof(struct g_uzip_lzma), this will come out prominently.

I hope if you don't mind if I keep it this way.

Well probably because inflate() may return some werd-o typebeing 3rd party API with lot of historical hairs and in general its error conventions do not match ours. So assigning that could lead to a bug in a future when somebody tweaks the code and that error gets propagated.

See my comment above WRT *zp. I'll remove the casts though.

Well, I just cast always when going from void * to something non-void *. Saves me trouble to remember when it's needed and when not, again I don't mind if I keep it this way.

I think it's better to just initialize pointers to NULL, and free/destroy them conditional on being non-NULL, with a single out: or error: label.

Many error labels tends to result in jumping to the wrong one in some path, because most of the time no errors happen. Especially with numbered labels and not names. Still, just my 2¢. If it works, it's fine to keep it as is.

Why not just use it for reference and not copy it? :/ This is a header, it leaks in to anything that includes it.

You can use + operator on sizeof(*lzp) equally well, so I don't understand the VLA data concern. Still, if you prefer it, it's okay to keep malloc(sizeof(struct g_uzip_lzma)).

Casting the result is not okay though, please fix that.

Well, that's where I respectfully disagree. First, let me reiterate: destructor (i.e. g_uzip_softc_free()) has no business to being used on partially constructed object. Never. End of story, thank you very much. :) I don't think it was your suggestion, but just in the case.

About using single error label, I found that once the number of sub-objects that you need to unwind exceeds 2-3 the approach you are advocating for tends to produce slight differences in ordering and hidden bugs that are only exposed on error conditions rarely seen in practice since those code paths are rarely taken. The problem here is that, once the object is complex, we need to unwind it in a very particular order, since sub-object A might be passed as initial data to object B, so if you unwind it in the opposite order it might blow up. Your NULL-check does not gurantee that. And in fact as I said as the code develops initialization order might swap or shift, so you are basically have two code parts that need to be adjusted.

I find it easier and less error prone to do it this way as long as you adopt some mind discipline on keeping eX list neat, ordered and tidy it works.

Well, because I modify the code. I could not really even read it out back properly, always get confused what is what type-wise. It gets hopeless when function gets more than 5-6 arguments and returns either void or void *. >:-( And my ability to tell what the method API return type and arguments are are quite important in producing maybe better code but also definitely more code per unit of my limited time.

Anyway, as I said, this is not a public api of any kind or sort, so as long as I am only one actively working on this code I'd keep it this way. Thanks!

I don't mind if I keep it this way -> I hope you don't mind if I keep it this way

To make it more concrete, let's say you have the following code:

D_init(void)
{
   A = B = C = NULL;
   A = A_init();
   B = B_init(A);
   C = C_init();
   if (C == NULL)
        goto error;
 [...]
 error:
    if (A != NULL)
        A_free(A);
    if (B != NULL)
        B_free(B);
    return (whatever)
}

Now, obviously in this 3-line example you can spot the issue easily, but how about more realistic softc function that has 100 lines and 10 sub-objects for example? It's all further amplified by the fact that C_init() could be something that is failing extremely rarely in practice. Like that very little used function malloc() for example. Then you got yourself a nice sleeping bug that may lay dormant and unnoticed for ages, but it can bite somebody badly one day.

I am not saying my approach is a silver bullet, you can obviously mix the order just as well or start hiting the wrong label after moving the code block around. However, I found that chances that you would leave some traces like dangling memory or hit a null pointer are much higher. In contrast your approach would produce seemingly working code that might pass both visual inspection and unit/functional tests until that C_init fails on somebody one day. In my view, if ordering is violated, it's better to leave either A or B unfreed, that is likely to get noticed and fixed sooner, rather than free everything but in the wrong order.

No, it's not duplicate. Note, this is userland part. We are not using any headers from the g_uzip(4) here, don't need to.

That is a straw man version of my proposal. Either you don't understand it, or just don't like it. That's fine. I don't appreciate the tone, though. I'll take myself off the review.

Thanks for doing the geom_uzip + geom_uncompress unifying work.

@ceri, sorry about the tone, was not my intent really. English is not my native tongue, so sometimes what I am writing may read too heavy for a native speaker. Just wanted to explain my point in more detail. I hope you'd reconsider.

The key here, is that I am trying to make sure order of unwind matches order of init in reverse. That's all is to it. With NULL checks and single label that's not very difficult to do right when you just make function for the first time and you know what's done when. But as the code evolves it tends to diverge and keeping it in sync becomes somewhat of a pain, since at least I cannot keep 100 lines of the code in my poor little head, so every time code is moved from one place to another you need to re-create that order, possible long time after initial work. Jumping to the wrong label is minor issue because unless the code is too complicated (and init rarely is, in my experience it's usually just long boring list of things to initialize and join together) order in which those exit labels are used in the main body of the function should be non-decreasing, while monotonically decreasing in the exit path. Can be easily checked by just doing single pass through the code looking for "goto e[0-9]". All this strictly IMHO based on my own experience writing OO-like C code.

Anyway, thank you for your constructive comments and suggestions, I'll definitely integrate most of it into the final version!

@cem sorry about the tone, was not my intent really. English is not my native tongue, so sometimes what I am writing may read too heavy for a native speaker. Just wanted to explain my point in more detail. I hope you'd reconsider.

The key here, is that I am trying to make sure order of unwind matches order of init in reverse. That's all is to it. With NULL checks and single label that's not very difficult to do right when you just make function for the first time and you know what's done when. But as the code evolves it tends to diverge and keeping it in sync becomes somewhat of a pain, since at least I cannot keep 100 lines of the code in my poor little head, so every time code is moved from one place to another you need to re-create that order, possible long time after initial work. Jumping to the wrong label is minor issue because unless the code is too complicated (and init rarely is, in my experience it's usually just long boring list of things to initialize and join together) order in which those exit labels are used in the main body of the function should be non-decreasing, while monotonically decreasing in the exit path. Can be easily checked by just doing single pass through the code looking for "goto e[0-9]". All this strictly IMHO based on my own experience writing OO-like C code.

Anyway, thank you for your constructive comments and suggestions, I'll definitely integrate most of it into the final version!

There's no #ifdef guard here.

MALLOC_DEFINE needs to be moed /after/ the include section, or we get a double define error from gcc-4.2

cc1: warnings being treated as errors
In file included from /usr/home/adrian/work/freebsd/head-embedded/src/sys/geom/uzip/g_uzip.c:48:
/usr/home/adrian/work/freebsd/head-embedded/src/sys/geom/uzip/g_uzip.h:29: warning: redundant redeclaration of 'M_GEOM_UZIP' [-Wredundant-decls]
/usr/home/adrian/work/freebsd/head-embedded/src/sys/geom/uzip/g_uzip.c:46: warning: previous definition of 'M_GEOM_UZIP' was here

• g_uzip.o ---
• [g_uzip.o] Error code 1

That comment seems to be misplaced. I've located the sentence and fixed it in the next update.

@cem done, I've added etc to suggest that the list is not complete.

Fixed in the g_uzip.h. Thanks!

There is one now. Thanks!

Cast(s) removed in the upcoming version, thanks. In fact now that I am thinking about it I never used cast with malloc with my own C code before, so I don't know what made me stick that one in there in one place and then it got copied to another.