Joshua's list

To my students:

• Atomic unlock and deschedule does not mean "atomically unlock... then deschedule".
• Zero-copy does not mean "copy zeroes".
• If you do not have any locking whatsoever in a major module of your kernel, maybe you should rethink that module.
• For God's sake, at least get mutexes right. I don't care if you don't use them right anywhere (well, I do), but if you have a basic concurrency primitive, get the implementation right.
• return -1 just isn't enough. You have to check it somewhere.
• In fact, not only do you have to check it somewhere, you have to check it everywhere.
• Also, before you do that, you better free your shit.
• That means mutexes too.
• "Use after free" is a bug, not an imperative.
• Avoiding the "verify-use" problem is not accomplished by verifying... then using.
• If you name a global variable "init", I will shoot you.
• If you name a global variable "end", you will shoot you.
• malloc failure isn't an exceptional case, in which the system must stop. It happens all the time.
• Not cleaning up some structures when a process tries to exit is not the only way to have a "terminal irony". There are others... and they're just as bad.

(This was meant to be a Carnival post-mortem, but I am drowning in work.)