From: Eric Blake <eblake@redhat.com>
To: Markus Armbruster <armbru@redhat.com>, qemu-devel@nongnu.org
Cc: pbonzini@redhat.com, berrange@redhat.com, ehabkost@redhat.com
Subject: Re: [PATCH 13/17] qom: Drop parameter @errp of object_property_add() & friends
Date: Tue, 28 Apr 2020 13:43:49 -0500 [thread overview]
Message-ID: <0646ba28-d14c-a1aa-81bb-56ba232d4c5f@redhat.com> (raw)
In-Reply-To: <20200428163419.4483-14-armbru@redhat.com>
On 4/28/20 11:34 AM, Markus Armbruster wrote:
> The only way object_property_add() can fail is when a property with
> the same name already exists. Since our property names are all
> hardcoded, failure is a programming error, and the appropriate way to
> handle it is passing &error_abort.
>
> Same for its variants, except for object_property_add_child(), which
> additionally fails when the child already has a parent. Parentage is
> also under program control, so this is a programming error, too.
>
> We have a bit over 500 callers. Almost half of them pass
> &error_abort, slightly fewer ignore errors, one test case handles
> errors, and the remaining few callers pass them to their own callers.
>
> The previous few commits demonstrated once again that ignoring
> programming errors is a bad idea.
>
> Of the few ones that pass on errors, several violate the Error API.
> The Error ** argument must be NULL, &error_abort, &error_fatal, or a
> pointer to a variable containing NULL. Passing an argument of the
> latter kind twice without clearing it in between is wrong: if the
> first call sets an error, it no longer points to NULL for the second
> call. ich9_pm_add_properties(), sparc32_ledma_realize(),
> sparc32_dma_realize(), xilinx_axidma_realize(), xilinx_enet_realize()
> are wrong that way.
>
> When the one appropriate choice of argument is &error_abort, letting
> users pick the argument is a bad idea.
>
> Drop parameter @errp and assert the preconditions instead.
>
> There's one exception to "duplicate property name is a programming
> error": the way object_property_add() implements the magic (and
> undocumented) "automatic arrayification". Don't drop @errp there.
> Instead, rename object_property_add() to object_property_try_add(),
> and add the obvious wrapper object_property_add().
Huge. Could this last paragraph be done as a separate patch (ie.
introduce object_property_try_add and adjust its clients), prior to the
bulk mechanical patch that deletes the errp argument for all remaining
instances?
>
> Signed-off-by: Markus Armbruster <armbru@redhat.com>
> ---
> include/qom/object.h | 81 +++-----
> qom/container.c | 2 +-
> qom/object.c | 302 +++++++++-------------------
> qom/object_interfaces.c | 5 +-
The core of the patch lies in these files, but even then it is still
large because of adding a new API at the same time as fixing an existing
one.
> 190 files changed, 643 insertions(+), 987 deletions(-)
>
> +++ b/qom/object.c
> @@ -1129,12 +1123,12 @@ void object_unref(Object *obj)
> }
> }
>
> -ObjectProperty *
> -object_property_add(Object *obj, const char *name, const char *type,
> - ObjectPropertyAccessor *get,
> - ObjectPropertyAccessor *set,
> - ObjectPropertyRelease *release,
> - void *opaque, Error **errp)
> +static ObjectProperty *
> +object_property_try_add(Object *obj, const char *name, const char *type,
> + ObjectPropertyAccessor *get,
> + ObjectPropertyAccessor *set,
> + ObjectPropertyRelease *release,
> + void *opaque, Error **errp)
> {
> ObjectProperty *prop;
> size_t name_len = strlen(name);
> @@ -1148,8 +1142,8 @@ object_property_add(Object *obj, const char *name, const char *type,
> for (i = 0; ; ++i) {
> char *full_name = g_strdup_printf("%s[%d]", name_no_array, i);
>
> - ret = object_property_add(obj, full_name, type, get, set,
> - release, opaque, NULL);
> + ret = object_property_try_add(obj, full_name, type, get, set,
> + release, opaque, NULL);
> g_free(full_name);
Here's the magic in the last paragraph.
> if (ret) {
> break;
> @@ -1179,6 +1173,17 @@ object_property_add(Object *obj, const char *name, const char *type,
> return prop;
> }
>
> +ObjectProperty *
> +object_property_add(Object *obj, const char *name, const char *type,
> + ObjectPropertyAccessor *get,
> + ObjectPropertyAccessor *set,
> + ObjectPropertyRelease *release,
> + void *opaque)
> +{
> + return object_property_try_add(obj, name, type, get, set, release,
> + opaque, &error_abort);
> +}
> +
and if you were to split things into two patches, the first patch would
be adding:
ObjectProperty *
object_property_add(Object *obj, const char *name, const char *type,
ObjectPropertyAccessor *get,
ObjectPropertyAccessor *set,
ObjectPropertyRelease *release,
void *opaque, Error **errp)
{
return object_property_try_add(obj, name, type, get, set, release,
opaque, errp);
}
with the second changing the signature to drop errp and forward
&error_abort.
> ObjectProperty *
> object_class_property_add(ObjectClass *klass,
> const char *name,
> @@ -1186,16 +1191,11 @@ object_class_property_add(ObjectClass *klass,
> ObjectPropertyAccessor *get,
> ObjectPropertyAccessor *set,
> ObjectPropertyRelease *release,
> - void *opaque,
> - Error **errp)
> + void *opaque)
> {
> ObjectProperty *prop;
>
> - if (object_class_property_find(klass, name, NULL) != NULL) {
> - error_setg(errp, "attempt to add duplicate property '%s' to class (type '%s')",
> - name, object_class_get_name(klass));
> - return NULL;
> - }
> + assert(!object_class_property_find(klass, name, NULL));
If you do split, then deciding whether this type of cleanup belongs in
the first patch (by ignoring the errp parameter, before mechanically
dropping it) or the second is a fuzzier answer.
At any rate, my quick glance over the mechanical changes, and focused
glance at these points of interest, sees nothing wrong. So even if you
do not split the patch, I can live with:
Reviewed-by: Eric Blake <eblake@redhat.com>
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
next prev parent reply other threads:[~2020-04-28 18:45 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-28 16:34 [PATCH 00/17] qom: Spring cleaning Markus Armbruster
2020-04-28 16:34 ` [PATCH 01/17] qom: Clearer reference counting in object_initialize_childv() Markus Armbruster
2020-04-28 17:38 ` Eric Blake
2020-04-28 16:34 ` [PATCH 02/17] qom: Clean up inconsistent use of gchar * vs. char * Markus Armbruster
2020-04-28 17:41 ` Eric Blake
2020-05-02 5:06 ` Markus Armbruster
2020-05-04 9:32 ` Daniel P. Berrangé
2020-05-04 15:27 ` Markus Armbruster
2020-04-28 16:34 ` [PATCH 03/17] qom: Drop object_property_del_child()'s unused parameter @errp Markus Armbruster
2020-04-28 17:42 ` Eric Blake
2020-04-28 16:34 ` [PATCH 04/17] qom: Change object_property_get_uint16List() to match its doc Markus Armbruster
2020-04-28 17:46 ` Eric Blake
2020-05-02 5:06 ` Markus Armbruster
2020-04-28 16:34 ` [PATCH 05/17] qom: Make all the object_property_add_FOO() return the property Markus Armbruster
2020-04-28 17:51 ` Eric Blake
2020-04-28 16:34 ` [PATCH 06/17] qom: Drop object_property_set_description() parameter @errp Markus Armbruster
2020-04-28 18:00 ` Eric Blake
2020-04-28 16:34 ` [PATCH 07/17] tests/check-qom-proplist: Improve iterator coverage Markus Armbruster
2020-04-28 18:27 ` Eric Blake
2020-04-28 16:34 ` [PATCH 08/17] s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes, eaes}-256 Markus Armbruster
2020-04-28 17:13 ` [PATCH 08/17] s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes,eaes}-256 David Hildenbrand
2020-04-29 8:54 ` Christian Borntraeger
2020-04-30 18:47 ` Christian Borntraeger
2020-05-02 5:15 ` [PATCH 08/17] s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes, eaes}-256 Markus Armbruster
2020-05-04 8:33 ` [PATCH 08/17] s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes,eaes}-256 Christian Borntraeger
2020-04-30 18:22 ` [PATCH 08/17] s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes, eaes}-256 Markus Armbruster
2020-05-01 9:06 ` [PATCH 08/17] s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes,eaes}-256 David Hildenbrand
2020-05-02 6:26 ` [PATCH 08/17] s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes, eaes}-256 Markus Armbruster
2020-05-02 8:39 ` [PATCH 08/17] s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes,eaes}-256 David Hildenbrand
2020-05-05 14:23 ` [PATCH 08/17] s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes, eaes}-256 Markus Armbruster
2020-05-05 14:46 ` [PATCH 08/17] s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes,eaes}-256 David Hildenbrand
2020-05-05 15:23 ` [PATCH 08/17] s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes, eaes}-256 Markus Armbruster
2020-04-28 16:34 ` [PATCH 09/17] hw/isa/superio: Make the components QOM children Markus Armbruster
2020-05-04 16:21 ` Philippe Mathieu-Daudé
2020-04-28 16:34 ` [PATCH 10/17] e1000: Don't run e1000_instance_init() twice Markus Armbruster
2020-04-29 8:55 ` Jason Wang
2020-04-28 16:34 ` [PATCH 11/17] hw/arm/bcm2835: Drop futile attempts at QOM-adopting memory Markus Armbruster
2020-04-28 17:27 ` Philippe Mathieu-Daudé
2020-04-28 16:34 ` [PATCH 12/17] qdev: Clean up qdev_connect_gpio_out_named() Markus Armbruster
2020-05-05 14:40 ` Philippe Mathieu-Daudé
2020-05-05 15:25 ` Markus Armbruster
2020-04-28 16:34 ` [PATCH 13/17] qom: Drop parameter @errp of object_property_add() & friends Markus Armbruster
2020-04-28 18:43 ` Eric Blake [this message]
2020-05-02 5:09 ` Markus Armbruster
2020-04-28 16:34 ` [PATCH 14/17] Drop more @errp parameters after previous commit Markus Armbruster
2020-04-28 18:44 ` Eric Blake
2020-04-28 16:34 ` [PATCH 15/17] qdev: Unrealize must not fail Markus Armbruster
2020-05-04 16:28 ` Philippe Mathieu-Daudé
2020-04-28 16:34 ` [PATCH 16/17] spapr_pci: Drop some dead error handling Markus Armbruster
2020-04-29 1:22 ` David Gibson
2020-04-29 7:03 ` Greg Kurz
2020-04-29 7:35 ` Philippe Mathieu-Daudé
2020-04-28 16:34 ` [PATCH 17/17] qom: Drop @errp parameter of object_property_del() Markus Armbruster
2020-04-28 18:50 ` Eric Blake
2020-05-02 5:09 ` Markus Armbruster
2020-04-28 23:24 ` [PATCH 00/17] qom: Spring cleaning no-reply
2020-05-04 12:48 ` Paolo Bonzini
2020-05-04 15:28 ` Markus Armbruster
2020-05-04 15:57 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0646ba28-d14c-a1aa-81bb-56ba232d4c5f@redhat.com \
--to=eblake@redhat.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=ehabkost@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.