From c364c974d9ab90e25e7887f516da65d2811ba5e3 Mon Sep 17 00:00:00 2001 From: Blue Swirl Date: Sun, 15 Nov 2009 14:30:03 +0000 Subject: [PATCH] PCI: make duplicate devfn allocation fatal Only two callers of pci_create_simple/pci_register_device bothered to check the return value. Other cases were prone to crashing with spurious NULL pointer dereferences. Make QEMU exit with an error message when devfn is attempted to be duplicated, also applies to case when the bus is full. Remove checks. Signed-off-by: Blue Swirl --- hw/openpic.c | 2 -- hw/pci.c | 6 +++--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/hw/openpic.c b/hw/openpic.c index 68af9c1de1..42db59daa7 100644 --- a/hw/openpic.c +++ b/hw/openpic.c @@ -1202,8 +1202,6 @@ qemu_irq *openpic_init (PCIBus *bus, int *pmem_index, int nb_cpus, if (bus) { opp = (openpic_t *)pci_register_device(bus, "OpenPIC", sizeof(openpic_t), -1, NULL, NULL); - if (opp == NULL) - return NULL; pci_conf = opp->pci_dev.config; pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_IBM); pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_IBM_OPENPIC2); diff --git a/hw/pci.c b/hw/pci.c index 6864339c27..5b3461cd66 100644 --- a/hw/pci.c +++ b/hw/pci.c @@ -499,10 +499,11 @@ static PCIDevice *do_pci_register_device(PCIDevice *pci_dev, PCIBus *bus, if (!bus->devices[devfn]) goto found; } - return NULL; + hw_error("PCI: no devfn available for %s, all in use\n", name); found: ; } else if (bus->devices[devfn]) { - return NULL; + hw_error("PCI: devfn %d not available for %s, in use by %s\n", devfn, + name, bus->devices[devfn]->name); } pci_dev->bus = bus; pci_dev->devfn = devfn; @@ -1273,7 +1274,6 @@ static int pci_qdev_init(DeviceState *qdev, DeviceInfo *base) pci_dev = do_pci_register_device(pci_dev, bus, base->name, devfn, info->config_read, info->config_write, info->header_type); - assert(pci_dev); rc = info->init(pci_dev); if (rc != 0) return rc; -- 2.49.0