From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-arm@nongnu.org, qemu-devel@nongnu.org
Cc: patches@linaro.org, Paolo Bonzini <pbonzini@redhat.com>,
Jean-Christophe DUBOIS <jcd@tribudubois.net>
Subject: [Qemu-devel] [PATCH for-2.7 3/3] memory: Assert that memory_region_init_rom_device() ops aren't NULL
Date: Tue, 28 Jun 2016 14:58:07 +0100 [thread overview]
Message-ID: <1467122287-24974-4-git-send-email-peter.maydell@linaro.org> (raw)
In-Reply-To: <1467122287-24974-1-git-send-email-peter.maydell@linaro.org>
It doesn't make sense to pass a NULL ops argument to
memory_region_init_rom_device(), because the effect will
be that if the guest tries to write to the memory region
then QEMU will segfault. Catch the bug earlier by sanity
checking the arguments to this function, and remove the
misleading documentation that suggests that passing NULL
might be sensible.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/exec/memory.h | 5 +----
memory.c | 1 +
2 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/include/exec/memory.h b/include/exec/memory.h
index 742c52f..0435e79 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -463,12 +463,9 @@ void memory_region_init_rom(MemoryRegion *mr,
* memory_region_init_rom_device: Initialize a ROM memory region. Writes are
* handled via callbacks.
*
- * If NULL callbacks pointer is given, then I/O space is not supposed to be
- * handled by QEMU itself. Any access via the memory API will cause an abort().
- *
* @mr: the #MemoryRegion to be initialized.
* @owner: the object that tracks the region's reference count
- * @ops: callbacks for write access handling.
+ * @ops: callbacks for write access handling (must not be NULL).
* @name: the name of the region.
* @size: size of the region.
* @errp: pointer to Error*, to store an error if it happens.
diff --git a/memory.c b/memory.c
index c18ccc8..de0d4b5 100644
--- a/memory.c
+++ b/memory.c
@@ -1399,6 +1399,7 @@ void memory_region_init_rom_device(MemoryRegion *mr,
uint64_t size,
Error **errp)
{
+ assert(ops);
memory_region_init(mr, owner, name, size);
mr->ops = ops;
mr->opaque = opaque;
--
1.9.1
next prev parent reply other threads:[~2016-06-28 13:58 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-28 13:58 [Qemu-devel] [PATCH for-2.7 0/3] Add memory_region_init_rom() and use to fix imx board crashes Peter Maydell
2016-06-28 13:58 ` [Qemu-devel] [PATCH for-2.7 1/3] memory: Provide memory_region_init_rom() Peter Maydell
2016-06-28 13:58 ` [Qemu-devel] [PATCH for-2.7 2/3] imx: Use memory_region_init_rom() for ROMs Peter Maydell
2016-06-28 13:58 ` Peter Maydell [this message]
2016-06-28 17:53 ` [Qemu-devel] [PATCH for-2.7 0/3] Add memory_region_init_rom() and use to fix imx board crashes Paolo Bonzini
2016-06-28 18:10 ` Cédric Le Goater
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1467122287-24974-4-git-send-email-peter.maydell@linaro.org \
--to=peter.maydell@linaro.org \
--cc=jcd@tribudubois.net \
--cc=patches@linaro.org \
--cc=pbonzini@redhat.com \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).