| commit | f26740c61a57f1a1556f79a49c6863479fe5aa6b | |
| author | Markus Armbruster <armbru@redhat.com> | |
| Wed, 22 Apr 2020 13:48:13 +0000 (22 15:48 +0200) | ||
| committer | Markus Armbruster <armbru@redhat.com> | |
| Wed, 29 Apr 2020 06:01:52 +0000 (29 08:01 +0200) | ||
| tree | 870af0c6b38bda6e7f32e9774fef9b0755c1ec86 | treesnapshot (tar.gz zip) |
| parent | fc0cfc1decb5457058d7cbfeb7ae26ad5d6ecba4 | commitdiff |
smbus: Fix spd_data_generate() error API violation
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
spd_data_generate() can pass @errp to error_setg() more than once when
it adjusts both memory size and type. Harmless, because no caller
passes anything that needs adjusting. Until the previous commit,
sam460ex passed types that needed adjusting, but not sizes.
spd_data_generate()'s contract is rather awkward:
If everything's fine, return non-null and don't set an error.
Else, if memory size or type need adjusting, return non-null and
set an error describing the adjustment.
Else, return null and set an error reporting why no data can be
generated.
Its callers treat the error as a warning even when null is returned.
They don't create the "smbus-eeprom" device then. Suspicious.
Since the previous commit, only "everything's fine" can actually
happen. Drop the unused code and simplify the callers. This gets rid
of the error API violation.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200422134815.1584-3-armbru@redhat.com>
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
spd_data_generate() can pass @errp to error_setg() more than once when
it adjusts both memory size and type. Harmless, because no caller
passes anything that needs adjusting. Until the previous commit,
sam460ex passed types that needed adjusting, but not sizes.
spd_data_generate()'s contract is rather awkward:
If everything's fine, return non-null and don't set an error.
Else, if memory size or type need adjusting, return non-null and
set an error describing the adjustment.
Else, return null and set an error reporting why no data can be
generated.
Its callers treat the error as a warning even when null is returned.
They don't create the "smbus-eeprom" device then. Suspicious.
Since the previous commit, only "everything's fine" can actually
happen. Drop the unused code and simplify the callers. This gets rid
of the error API violation.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200422134815.1584-3-armbru@redhat.com>
| hw/i2c/smbus_eeprom.c | diffblobblamehistory | |
| hw/mips/mips_fulong2e.c | diffblobblamehistory | |
| hw/ppc/sam460ex.c | diffblobblamehistory | |
| include/hw/i2c/smbus_eeprom.h | diffblobblamehistory |