| Message ID | 20231020171509.87839-1-philmd@linaro.org |
|---|---|
| Headers | show |
| Series | hw/audio/pcspk: Inline pcspk_init() | expand |
Am 20. Oktober 2023 17:15:04 UTC schrieb "Philippe Mathieu-Daudé" <philmd@linaro.org>: >Unfortunately v2 was merged as commit 40f8214fcd, >so adapt v3 to clean the mess. > >Philippe Mathieu-Daudé (4): > hw/i386/pc: Pass Error** argument to pc_basic_device_init() > hw/i386/pc: Propagate error if HPET device creation failed > hw/i386/pc: Propagate error if PC_SPEAKER device creation failed I'm not sure if I'd do these first three patches. The reason is that machines don't inherit from DeviceState and therefore don't have canonical methods such as realize() to propagate errors. Propagating the errors in the machine init helper methods seem a bit ad-hoc to me. > hw/isa/i82378: Propagate error if PC_SPEAKER device creation failed The reason I suggested use of `errp` here is that it is already a parameter. Best regards, Bernhard > > include/hw/i386/pc.h | 5 +++-- > hw/i386/pc.c | 15 +++++++++++---- > hw/i386/pc_piix.c | 2 +- > hw/i386/pc_q35.c | 2 +- > hw/isa/i82378.c | 4 +++- > 5 files changed, 19 insertions(+), 9 deletions(-) >
Bernhard Beschow <shentey@gmail.com> writes: > Am 20. Oktober 2023 17:15:04 UTC schrieb "Philippe Mathieu-Daudé" <philmd@linaro.org>: >>Unfortunately v2 was merged as commit 40f8214fcd, >>so adapt v3 to clean the mess. >> >>Philippe Mathieu-Daudé (4): >> hw/i386/pc: Pass Error** argument to pc_basic_device_init() >> hw/i386/pc: Propagate error if HPET device creation failed >> hw/i386/pc: Propagate error if PC_SPEAKER device creation failed > > I'm not sure if I'd do these first three patches. The reason is that machines don't inherit from DeviceState and therefore don't have canonical methods such as realize() to propagate errors. Propagating the errors in the machine init helper methods seem a bit ad-hoc to me. The Error interface enables separation of error detection and error handling. On detection, we create an Error object, and handling consumes it. A function that leaves error handling to its callers generally requires its callees to leave it, too. Use of &error_fatal is wrong then. Even when error handling need not be left to callers, leaving it can result in simpler or more robust code. When a function handles errors itself, say by use of &error_fatal or error_report(), it's only usable in contexts where this handling is appropriate. Sometimes the context is obvious enough, and unlikely to change. Handling directly is fine then, and can be simpler. When the context isn't that obvious, leaving error handling to callers liberates you from thinking about the context, and also enables safe reuse of the function in other contexts. I think pc_basic_device_init() doesn't *need* the change, as it's context is obvious enough. But the change is fine, and if we apply it, we never have to think about the context again. Matter of taste. >> hw/isa/i82378: Propagate error if PC_SPEAKER device creation failed > > The reason I suggested use of `errp` here is that it is already a parameter. Use of &error_fatal in a function taking @errp is almost always wrong. The patch fixes an instance of "wrong".
On 3/11/23 09:56, Markus Armbruster wrote: > Bernhard Beschow <shentey@gmail.com> writes: > >> Am 20. Oktober 2023 17:15:04 UTC schrieb "Philippe Mathieu-Daudé" <philmd@linaro.org>: >>> Unfortunately v2 was merged as commit 40f8214fcd, >>> so adapt v3 to clean the mess. >>> >>> Philippe Mathieu-Daudé (4): >>> hw/i386/pc: Pass Error** argument to pc_basic_device_init() >>> hw/i386/pc: Propagate error if HPET device creation failed >>> hw/i386/pc: Propagate error if PC_SPEAKER device creation failed >> >> I'm not sure if I'd do these first three patches. The reason is that machines don't inherit from DeviceState and therefore don't have canonical methods such as realize() to propagate errors. Propagating the errors in the machine init helper methods seem a bit ad-hoc to me. > > The Error interface enables separation of error detection and error > handling. On detection, we create an Error object, and handling > consumes it. > > A function that leaves error handling to its callers generally requires > its callees to leave it, too. Use of &error_fatal is wrong then. > > Even when error handling need not be left to callers, leaving it can > result in simpler or more robust code. > > When a function handles errors itself, say by use of &error_fatal or > error_report(), it's only usable in contexts where this handling is > appropriate. > > Sometimes the context is obvious enough, and unlikely to change. > Handling directly is fine then, and can be simpler. > > When the context isn't that obvious, leaving error handling to callers > liberates you from thinking about the context, and also enables safe > reuse of the function in other contexts. > > I think pc_basic_device_init() doesn't *need* the change, as it's > context is obvious enough. But the change is fine, and if we apply it, > we never have to think about the context again. Matter of taste. I disagree with Bernhard because pc_basic_device_init() could end up refactored and called elsewhere where error can be propagated -- think qdev modules --, and in its current form we'll keep ignoring the caller errp and use &error_fatal (see patch #2 and #3). Also, better to have an unified style rather that trying to "optimize" arguments on a per case basis. Anyhow, my 2 cents. > >>> hw/isa/i82378: Propagate error if PC_SPEAKER device creation failed >> >> The reason I suggested use of `errp` here is that it is already a parameter. > > Use of &error_fatal in a function taking @errp is almost always wrong. > The patch fixes an instance of "wrong". Due to Bernhard concerns, I'm only queuing patch #4. Regards, Phil.