From: Markus Armbruster <armbru@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: kwolf@redhat.com, qemu-devel@nongnu.org, dgilbert@redhat.com
Subject: Re: [Qemu-devel] [PATCH v2 1/3] error: don't rely on pointer comparisons
Date: Thu, 18 Jun 2015 18:10:27 +0200 [thread overview]
Message-ID: <87fv5pro98.fsf@blackfin.pond.sub.org> (raw)
In-Reply-To: <1434525861-21768-2-git-send-email-mst@redhat.com> (Michael S. Tsirkin's message of "Wed, 17 Jun 2015 09:24:43 +0200")
"Michael S. Tsirkin" <mst@redhat.com> writes:
> makes it possible to copy error_abort pointers,
> not just pass them on directly.
Humor me, and start your sentences with a capital letter :)
> This is needed because follow-up patches add support for
> Error *local_err = ...;
> as a way to set an abort-on-error pointer, which requires that we have
> more than just a global error_abort abort-on-error pointer, but that any
> number of pointers all resolve to something specific.
>
> Add an assert statement when class is retrieved, to make sure we still
> get a core-dump if we (somehow) attempt to output the abort errp by
> mistake.
Description could be clearer, but let's discuss the actual patches
first.
>
> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
> Reviewed-by: Eric Blake <eblake@redhat.com>
> ---
> util/error.c | 17 ++++++++++++-----
> 1 file changed, 12 insertions(+), 5 deletions(-)
>
> diff --git a/util/error.c b/util/error.c
> index 14f4351..e10cb34 100644
> --- a/util/error.c
> +++ b/util/error.c
> @@ -20,7 +20,13 @@ struct Error
> ErrorClass err_class;
> };
>
> -Error *error_abort;
> +static Error error_abort_st = { .err_class = ERROR_CLASS_MAX };
> +Error *error_abort = &error_abort_st;
> +
> +static bool error_is_abort(Error **errp)
> +{
> + return errp && *errp == error_abort;
> +}
If anything changes the value of error_abort, we're now screwed.
>
> void error_set(Error **errp, ErrorClass err_class, const char *fmt, ...)
> {
> @@ -40,7 +46,7 @@ void error_set(Error **errp, ErrorClass err_class, const char *fmt, ...)
> va_end(ap);
> err->err_class = err_class;
>
> - if (errp == &error_abort) {
> + if (error_is_abort(errp)) {
> error_report_err(err);
> abort();
> }
> @@ -76,7 +82,7 @@ void error_set_errno(Error **errp, int os_errno, ErrorClass err_class,
> va_end(ap);
> err->err_class = err_class;
>
> - if (errp == &error_abort) {
> + if (error_is_abort(errp)) {
> error_report_err(err);
> abort();
> }
> @@ -121,7 +127,7 @@ void error_set_win32(Error **errp, int win32_err, ErrorClass err_class,
> va_end(ap);
> err->err_class = err_class;
>
> - if (errp == &error_abort) {
> + if (error_is_abort(errp)) {
> error_report_err(err);
> abort();
> }
> @@ -144,6 +150,7 @@ Error *error_copy(const Error *err)
>
> ErrorClass error_get_class(const Error *err)
> {
> + assert(err->err_class < ERROR_CLASS_MAX);
The assertion makes some sense independent of the rest of this series.
It's not as tight as it could be when the compiler makes ErrorClass
signed.
> return err->err_class;
> }
>
> @@ -168,7 +175,7 @@ void error_free(Error *err)
>
> void error_propagate(Error **dst_errp, Error *local_err)
> {
> - if (local_err && dst_errp == &error_abort) {
> + if (local_err && error_is_abort(dst_errp)) {
> error_report_err(local_err);
> abort();
> } else if (dst_errp && !*dst_errp) {
As Eric pointed out, this isn't quite right.
Your use of ERROR_CLASS_MAX is unobvious, and needs an explanatory
comment somewhere. I'd put it right next to its definition if it wasn't
defined implicitly.
next prev parent reply other threads:[~2015-06-18 16:10 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-17 7:24 [Qemu-devel] [PATCH v2 0/3] error: allow local errors to trigger abort Michael S. Tsirkin
2015-06-17 7:24 ` [Qemu-devel] [PATCH v2 1/3] error: don't rely on pointer comparisons Michael S. Tsirkin
2015-06-17 15:21 ` Eric Blake
2015-06-17 15:41 ` Eric Blake
2015-06-18 15:36 ` Markus Armbruster
2015-06-18 16:10 ` Markus Armbruster [this message]
2015-06-17 7:24 ` [Qemu-devel] [PATCH v2 2/3] error: allow local errors to trigger abort Michael S. Tsirkin
2015-06-17 7:24 ` [Qemu-devel] [PATCH v2 3/3] block/nfs: switch to error_init_local Michael S. Tsirkin
2015-06-17 15:32 ` Eric Blake
2015-06-23 9:03 ` Michael S. Tsirkin
2015-06-18 16:34 ` [Qemu-devel] [PATCH v2 0/3] error: allow local errors to trigger abort Markus Armbruster
2015-06-18 16:49 ` Paolo Bonzini
2015-06-22 11:31 ` Markus Armbruster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87fv5pro98.fsf@blackfin.pond.sub.org \
--to=armbru@redhat.com \
--cc=dgilbert@redhat.com \
--cc=kwolf@redhat.com \
--cc=mst@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.