On Tue, 24 Aug 2021 at 14:58, Eduardo Habkost <ehabk...@redhat.com> wrote: > > On Tue, Aug 24, 2021 at 01:16:40PM +0100, Peter Maydell wrote: > > On Tue, 24 Aug 2021 at 13:05, Markus Armbruster <arm...@redhat.com> wrote: > > > When you know that all callers handle errors like &error_fatal does, use > > > of &error_fatal doesn't produce wrong behavior. It's still kind of > > > wrong, because relying on such a non-local argument without a genuine > > > need is. > > > > Not using error_fatal results in quite a bit of extra boilerplate > > for all those extra explicit "check for failure, print the error > > message and exit" points. > > I don't get it. There's no need for extra boilerplate if the > caller is using &error_fatal.
Yes, that is what I mean: if you do not use error_fatal, then there is extra boilerplate. Markus is suggesting that we should avoid using error_fatal, and my response is "the cost of that would be that we add boilerplate". > > Right now we have nearly a thousand instances of error_fatal > > in the codebase, incidentally. > > It looks like 73 of them are in functions that take an Error** > argument. Those could probably be fairly easily adjusted to pass the error back instead. Still leaves nearly 900 to go :-) -- PMM