summary refs log tree commit diff stats
path: root/hw/remote/vfio-user-obj.c
diff options
context:
space:
mode:
authorMarkus Armbruster <armbru@redhat.com>2025-09-23 11:09:52 +0200
committerMarkus Armbruster <armbru@redhat.com>2025-09-30 14:43:53 +0200
commit789f1adefba726d2b0bf4d4254c829b5912e32ee (patch)
treea0bffaf4c83c951ed2ea19dfdd098cab6f3da067 /hw/remote/vfio-user-obj.c
parent897071bb27bfba578af15300973b7a4a1fb65ad2 (diff)
downloadfocaccia-qemu-789f1adefba726d2b0bf4d4254c829b5912e32ee.tar.gz
focaccia-qemu-789f1adefba726d2b0bf4d4254c829b5912e32ee.zip
hw/remote/vfio-user: Clean up error reporting
VFU_OBJECT_ERROR() reports the error with error_setg(&error_abort,
...) when auto-shutdown is enabled, else with error_report().

Issues:

1. The error is serious enough to warrant aborting the process when
auto-shutdown is enabled, yet harmless enough to permit carrying on
when it's disabled.  This makes no sense to me.

2. Like assert(), &error_abort is strictly for programming errors.  Is
this one?  Vladimir Sementsov-Ogievskiy tells me it's not.  Should we
exit(1) instead?

3. qapi/error.h advises "don't error_setg(&error_abort, ...), use
assert()."

This patch addresses just 3.  It adds a FIXME comment for the other
two.

Cc: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20250923091000.3180122-6-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
[FIXME comment added, commit message adjusted accordingly]
Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
Diffstat (limited to 'hw/remote/vfio-user-obj.c')
-rw-r--r--hw/remote/vfio-user-obj.c13
1 files changed, 9 insertions, 4 deletions
diff --git a/hw/remote/vfio-user-obj.c b/hw/remote/vfio-user-obj.c
index ea6165ebdc..216b4876e2 100644
--- a/hw/remote/vfio-user-obj.c
+++ b/hw/remote/vfio-user-obj.c
@@ -75,12 +75,17 @@ OBJECT_DECLARE_TYPE(VfuObject, VfuObjectClass, VFU_OBJECT)
  */
 #define VFU_OBJECT_ERROR(o, fmt, ...)                                     \
     {                                                                     \
+        error_report((fmt), ## __VA_ARGS__);                              \
         if (vfu_object_auto_shutdown()) {                                 \
-            error_setg(&error_abort, (fmt), ## __VA_ARGS__);              \
-        } else {                                                          \
-            error_report((fmt), ## __VA_ARGS__);                          \
+            /*                                                            \
+             * FIXME This looks inappropriate.  The error is serious      \
+             * enough programming error to warrant aborting the process   \
+             * when auto-shutdown is enabled, yet harmless enough to      \
+             * permit carrying on when it's disabled.  Makes no sense.    \
+             */                                                           \
+            abort();                                                      \
         }                                                                 \
-    }                                                                     \
+    }
 
 struct VfuObjectClass {
     ObjectClass parent_class;