On Mon, Nov 11, 2024 at 03:55:53PM +0000, Daniel P. Berrangé wrote: > qdev_new() has a failure scenario where it will assert() if given > an abstract type. Callers which are creating qdevs based on user > input, or unknown/untrusted type names, must manually check the > result of qdev_class_is_abstract() before calling qdev_new() > to propagate an Error, instead of asserting. > > Introduce a qdev_new_dynamic() method which is a counterpart to > qdev_new() that directly returns an Error, instead of asserting. > This new method is to be used where the typename is specified > dynamically by code separate from the immediate caller. > > Do likewise with qdev_try_new_dynamic() as a counterpart to > qdev_try_new().
Since at it, would it make sense to simply replace qdev_try_new() with qdev_new_dynamic(), assuming it plays similar role of "it can fail" version of qdev_new()? Then instead of four helpers, we stick with two helpers, one that asserts the qdev new will succeed (qdev_new()), the other one that allows any kind of errors (qdev_new_dynamic()). Then we can drop qdev_try_new() altogether, and avoid adding one more for it too. The qdev_try_new() four call sites can still pass in errp==NULL, which should be the old behavior, so we don't need to touch isa/usb callers. PS: looks like usb_try_new() only has one caller.. so maybe prone to be dropped altogether.. -- Peter Xu
