On 07/13/12 21:11, Paolo Bonzini wrote:
> Il 13/07/2012 19:30, Laszlo Ersek ha scritto:
>>>>>> - if (errp == NULL) {
>>>>>> + if (errp == NULL || *errp != NULL) {
>>>>
>>>> I think we should use assert() here.
>>>>
>>>> If the error is already set, that most probably indicates a bug in the
>>>> caller, as
>>>> it's the caller's responsibility to decide which error to return.
>> I believe we had a good argument against this, but I can't precisely
>> recall (or find) it now. Paolo, do you remember? Can you please both
>> search your respective mailboxen for Message-ID
>> <4fb21b71.7030...@redhat.com>? That's where we started to discuss this.
>>
>> I believe I saw some paths in the code that tripped on this leak, and
>> generally keeping the first error seemed like a good idea.
>> opts_end_struct() originally checked for any pre-existent error
>> explicitly, but then the check was moved to the common code.
>
> The reason to do this for error_propagate was to allow this idiom:
>
> /* Always call end_struct if start_struct succeeded. */
> error_propagate(errp, err);
> err = NULL;
> visit_end_struct(v, &err);
> error_propagate(errp, err);
Right!
> I think doing it for error_set was just for symmetry and to avoid
> introducing excessive complexity.
Correct again. IIRC it was even yours truly who humbly suggested that.
Thanks!
Laszlo
