On 09/12/2015 14:12, Dr. David Alan Gilbert wrote: >> > Even if we don't, we should use &error_abort, not &error_fatal >> > (programmer error---due to laziness---rather than user error). >> > &error_fatal should really be restricted to code that is running very >> > close to main(). > No, we used to have error_abort and changed them out for error_fatal because > we were getting flooded with crash reports due to the aborts of people trying > to run VMs too big for their machine.
That's a different call site, it's memory_region_allocate_system_memory and it currently does a manual error_report_err+exit(1). That one is okay, because it's indeed running "very close to main()" (it's called by machine_class->init, which is called by main). It could be kept open-coded or changed to error_fatal. Paolo
