The functions that append a write statement to the bulk (e.g. mongoc_bulk_operation_insert(), mongoc_bulk_operation_replace_one()) inconsistently handle error reporting.

If we look at mongoc_bulk_operation_insert(), _mongoc_validate_new_document() is only called if a document is being appended to a newly initialized insert command, and even then the validation function's boolean return value is ignored and a potentially invalid document is still added to the command. Validation is never performed at all before appending to an existing insert command (i.e. _mongoc_write_command_insert_append()).

mongoc_bulk_operation_replace_one() delegates to _mongoc_bulk_operation_replace_one_with_opts(), which starts with the following logic:

if (bulk->result.error.domain) {
   /* already failed e.g. a bad call to mongoc_bulk_operation_insert */
   RETURN (true);
}

This logic prevents a later _mongoc_validate_replace() call from overwriting a previous error, which is good, but it effectively makes mongoc_bulk_operation_replace_one() a NOP with no way to indicate that to the user. It would be better to return false if there is a pre-existing error. Also, the insert and update paths are missing equivalent logic (i.e. NOP on a pre-existing error) entirely, which means they may overwrite a previous error.