On 07/13/12 21:11, Paolo Bonzini wrote:
> Il 13/07/2012 19:30, Laszlo Ersek ha scritto:
>>>>>> -    if (errp == NULL) {
>>>>>> +    if (errp == NULL || *errp != NULL) {
>>>>
>>>> I think we should use assert() here.
>>>>
>>>> If the error is already set, that most probably indicates a bug in the 
>>>> caller, as
>>>> it's the caller's responsibility to decide which error to return.
>> I believe we had a good argument against this, but I can't precisely
>> recall (or find) it now. Paolo, do you remember? Can you please both
>> search your respective mailboxen for Message-ID
>> <4fb21b71.7030...@redhat.com>? That's where we started to discuss this.
>>
>> I believe I saw some paths in the code that tripped on this leak, and
>> generally keeping the first error seemed like a good idea.
>> opts_end_struct() originally checked for any pre-existent error
>> explicitly, but then the check was moved to the common code.
> 
> The reason to do this for error_propagate was to allow this idiom:
> 
>           /* Always call end_struct if start_struct succeeded.  */
>           error_propagate(errp, err);
>           err = NULL;
>           visit_end_struct(v, &err);
>           error_propagate(errp, err);

Right!

> I think doing it for error_set was just for symmetry and to avoid
> introducing excessive complexity.

Correct again. IIRC it was even yours truly who humbly suggested that.

Thanks!
Laszlo

Reply via email to