From patchwork Mon Jul 4 12:22:36 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 71356 Delivered-To: patch@linaro.org Received: by 10.140.28.4 with SMTP id 4csp1535935qgy; Mon, 4 Jul 2016 05:49:11 -0700 (PDT) X-Received: by 10.55.12.1 with SMTP id 1mr15246599qkm.136.1467636551706; Mon, 04 Jul 2016 05:49:11 -0700 (PDT) Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id r21si1886637qkl.310.2016.07.04.05.49.11 for (version=TLS1 cipher=AES128-SHA bits=128/128); Mon, 04 Jul 2016 05:49:11 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:47320 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bK3JH-00088m-3q for patch@linaro.org; Mon, 04 Jul 2016 08:49:11 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43445) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bK2u4-00034x-58 for qemu-devel@nongnu.org; Mon, 04 Jul 2016 08:23:09 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bK2u1-0004RJ-DN for qemu-devel@nongnu.org; Mon, 04 Jul 2016 08:23:07 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:58074) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bK2u1-0004Km-45 for qemu-devel@nongnu.org; Mon, 04 Jul 2016 08:23:05 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.84_2) (envelope-from ) id 1bK2tt-00017h-Io for qemu-devel@nongnu.org; Mon, 04 Jul 2016 13:22:57 +0100 From: Peter Maydell To: qemu-devel@nongnu.org Date: Mon, 4 Jul 2016 13:22:36 +0100 Message-Id: <1467634974-32638-6-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1467634974-32638-1-git-send-email-peter.maydell@linaro.org> References: <1467634974-32638-1-git-send-email-peter.maydell@linaro.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PULL 05/23] memory: Assert that memory_region_init_rom_device() ops aren't NULL X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" It doesn't make sense to pass a NULL ops argument to memory_region_init_rom_device(), because the effect will be that if the guest tries to write to the memory region then QEMU will segfault. Catch the bug earlier by sanity checking the arguments to this function, and remove the misleading documentation that suggests that passing NULL might be sensible. Signed-off-by: Peter Maydell Message-id: 1467122287-24974-4-git-send-email-peter.maydell@linaro.org --- include/exec/memory.h | 5 +---- memory.c | 1 + 2 files changed, 2 insertions(+), 4 deletions(-) -- 1.9.1 diff --git a/include/exec/memory.h b/include/exec/memory.h index 2d9ea3c..3e4d416 100644 --- a/include/exec/memory.h +++ b/include/exec/memory.h @@ -467,12 +467,9 @@ void memory_region_init_rom(MemoryRegion *mr, * memory_region_init_rom_device: Initialize a ROM memory region. Writes are * handled via callbacks. * - * If NULL callbacks pointer is given, then I/O space is not supposed to be - * handled by QEMU itself. Any access via the memory API will cause an abort(). - * * @mr: the #MemoryRegion to be initialized. * @owner: the object that tracks the region's reference count - * @ops: callbacks for write access handling. + * @ops: callbacks for write access handling (must not be NULL). * @name: the name of the region. * @size: size of the region. * @errp: pointer to Error*, to store an error if it happens. diff --git a/memory.c b/memory.c index ecb565e..0eb6895 100644 --- a/memory.c +++ b/memory.c @@ -1399,6 +1399,7 @@ void memory_region_init_rom_device(MemoryRegion *mr, uint64_t size, Error **errp) { + assert(ops); memory_region_init(mr, owner, name, size); mr->ops = ops; mr->opaque = opaque;