From patchwork Fri Aug 23 13:38:56 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 19476 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-yh0-f71.google.com (mail-yh0-f71.google.com [209.85.213.71]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 0187825BDE for ; Fri, 23 Aug 2013 13:39:02 +0000 (UTC) Received: by mail-yh0-f71.google.com with SMTP id c41sf478164yho.10 for ; Fri, 23 Aug 2013 06:39:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-gm-message-state:delivered-to:from:to:cc:subject :date:message-id:in-reply-to:references:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :list-post:list-help:list-archive:list-unsubscribe; bh=v22Mdv7wNbz6SXFJ2UpTRcZpDmRvdyjGTGov9lXNj9o=; b=Clba9CuH//gF8oBns2QANcikSS4x0oHqdM+dU7Fz098uSuYmwF4XCNsPNA/1vl5rC3 5YUd2EB7ygs0dqxA+lwRJxXfMUe3be+xR52i7hu/vUKizgO6kFR7x63oQkXkn+sq8HsK IeEmq8TOp8KtgQaQAkgjUpTqYgKjoqWPtqmXbbz6gp9gPLXbSGsBResivVycbNljvt24 GhRN+eYRLisSrAVJfil70CQJM7EDcTht8a3y0vRpf9LSiN1nbkfyIl8Uxvyp9iMOlB9W HeqZO3zqZCGsh7cZN0meOwWmOFwUxCqgd/ZhkpZa93R8nxAcfHhanu7YQPn12tYvYpoR tPpw== X-Received: by 10.236.68.193 with SMTP id l41mr6473293yhd.19.1377265142493; Fri, 23 Aug 2013 06:39:02 -0700 (PDT) MIME-Version: 1.0 X-BeenThere: patchwork-forward@linaro.org Received: by 10.49.107.200 with SMTP id he8ls1510009qeb.70.gmail; Fri, 23 Aug 2013 06:39:02 -0700 (PDT) X-Received: by 10.52.117.44 with SMTP id kb12mr4830370vdb.8.1377265142406; Fri, 23 Aug 2013 06:39:02 -0700 (PDT) Received: from mail-vc0-f176.google.com (mail-vc0-f176.google.com [209.85.220.176]) by mx.google.com with ESMTPS id z1si5540808vck.144.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 23 Aug 2013 06:39:02 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.176 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) client-ip=209.85.220.176; Received: by mail-vc0-f176.google.com with SMTP id ha11so421587vcb.35 for ; Fri, 23 Aug 2013 06:39:02 -0700 (PDT) X-Gm-Message-State: ALoCoQkJmNXiVgtg5YeAlyr3Yp7HLUYL5Rf/1QdhVjqQn5jIgHLc0BE7l1YmqPnfhMow2wgLaAiE X-Received: by 10.52.165.45 with SMTP id yv13mr14081607vdb.1.1377265142314; Fri, 23 Aug 2013 06:39:02 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patches@linaro.org Received: by 10.220.174.196 with SMTP id u4csp93774vcz; Fri, 23 Aug 2013 06:39:01 -0700 (PDT) X-Received: by 10.205.24.131 with SMTP id re3mr15341585bkb.8.1377265139801; Fri, 23 Aug 2013 06:38:59 -0700 (PDT) Received: from mnementh.archaic.org.uk (1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.1.0.0.b.8.0.1.0.0.2.ip6.arpa. [2001:8b0:1d0::1]) by mx.google.com with ESMTPS id yk4si3163903bkb.196.1969.12.31.16.00.00 (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Fri, 23 Aug 2013 06:38:59 -0700 (PDT) Received-SPF: neutral (google.com: 2001:8b0:1d0::1 is neither permitted nor denied by best guess record for domain of pm215@archaic.org.uk) client-ip=2001:8b0:1d0::1; Received: from pm215 by mnementh.archaic.org.uk with local (Exim 4.80) (envelope-from ) id 1VCrZo-0002Ee-Lf; Fri, 23 Aug 2013 14:38:56 +0100 From: Peter Maydell To: qemu-devel@nongnu.org Cc: patches@linaro.org, Alexander Graf , Cornelia Huck , Anthony Liguori , =?UTF-8?q?Andreas=20F=C3=A4rber?= Subject: [PATCH 2/2] qom: Make object_initialize and object_initialize_with_type check size Date: Fri, 23 Aug 2013 14:38:56 +0100 Message-Id: <1377265136-8559-3-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1377265136-8559-1-git-send-email-peter.maydell@linaro.org> References: <1377265136-8559-1-git-send-email-peter.maydell@linaro.org> X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: peter.maydell@linaro.org X-Original-Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.220.176 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Precedence: list Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org List-ID: X-Google-Group-Id: 836684582541 List-Post: , List-Help: , List-Archive: List-Unsubscribe: , Replace object_initialize and object_initialize_with_type with macro wrappers which pass the size of the type pointed at by their data argument, so that we can assert that there is enough memory passed in to instantiate the object. We add _unchecked variants of each function for the special cases where the check is not desired, and change the handful of callsites that require the _unchecked variant. Signed-off-by: Peter Maydell --- hw/core/qdev.c | 2 +- include/qom/object.h | 36 ++++++++++++++++++++++++++++++++++-- qom/object.c | 9 +++++---- 3 files changed, 40 insertions(+), 7 deletions(-) diff --git a/hw/core/qdev.c b/hw/core/qdev.c index 758de9f..89e4aa9 100644 --- a/hw/core/qdev.c +++ b/hw/core/qdev.c @@ -473,7 +473,7 @@ static void bus_unparent(Object *obj) void qbus_create_inplace(void *bus, const char *typename, DeviceState *parent, const char *name) { - object_initialize(bus, typename); + object_initialize_unchecked(bus, typename); qbus_realize(bus, parent, name); } diff --git a/include/qom/object.h b/include/qom/object.h index 9b69065..0b451c5 100644 --- a/include/qom/object.h +++ b/include/qom/object.h @@ -591,8 +591,24 @@ Object *object_new_with_type(Type type); * This function will initialize an object. The memory for the object should * have already been allocated. The returned object has a reference count of 1, * and will be finalized when the last reference is dropped. + * The obj pointer should be a pointer to a type whose size is sufficient + * for the object; this will be checked. */ -void object_initialize_with_type(void *data, Type type); +#define object_initialize_with_type(PTR, TYPE) \ + do_object_initialize_with_type(PTR, TYPE, sizeof(*(PTR))) + +/** + * object_initialize_with_type_unchecked: + * @obj: A pointer to the memory to be used for the object. + * @type: The type of the object to instantiate. + * + * Variant of object_initialize_with_type which does not check that the + * type which obj is a pointer to has enough space for the object. + */ +#define object_initialize_with_type_unchecked(PTR, TYPE) \ + do_object_initialize_with_type(PTR, TYPE, 0) + +void do_object_initialize_with_type(void *data, Type type, size_t datasize); /** * object_initialize: @@ -602,8 +618,24 @@ void object_initialize_with_type(void *data, Type type); * This function will initialize an object. The memory for the object should * have already been allocated. The returned object has a reference count of 1, * and will be finalized when the last reference is dropped. + * The obj pointer should be a pointer to a type whose size is sufficient + * for the object; this will be checked. */ -void object_initialize(void *obj, const char *typename); +#define object_initialize(PTR, TYPE) \ + do_object_initialize(PTR, TYPE, sizeof(*(PTR))) + +/** + * object_initialize_unchecked: + * @obj: A pointer to the memory to be used for the object. + * @typename: The name of the type of the object to instantiate. + * + * Variant of object_initialize which does not check that the + * type which obj is a pointer to has enough space for the object. + */ +#define object_initialize_unchecked(PTR, TYPE) \ + do_object_initialize(PTR, TYPE, 0) + +void do_object_initialize(void *obj, const char *typename, size_t datasize); /** * object_dynamic_cast: diff --git a/qom/object.c b/qom/object.c index 74fd241..46f0685 100644 --- a/qom/object.c +++ b/qom/object.c @@ -311,7 +311,7 @@ static void object_post_init_with_type(Object *obj, TypeImpl *ti) } } -void object_initialize_with_type(void *data, TypeImpl *type) +void do_object_initialize_with_type(void *data, TypeImpl *type, size_t datasize) { Object *obj = data; @@ -320,6 +320,7 @@ void object_initialize_with_type(void *data, TypeImpl *type) g_assert(type->instance_size >= sizeof(Object)); g_assert(type->abstract == false); + g_assert(datasize == 0 || datasize >= type->instance_size); memset(obj, 0, type->instance_size); obj->class = type->class; @@ -329,11 +330,11 @@ void object_initialize_with_type(void *data, TypeImpl *type) object_post_init_with_type(obj, type); } -void object_initialize(void *data, const char *typename) +void do_object_initialize(void *data, const char *typename, size_t datasize) { TypeImpl *type = type_get_by_name(typename); - object_initialize_with_type(data, type); + do_object_initialize_with_type(data, type, datasize); } static inline bool object_property_is_child(ObjectProperty *prop) @@ -424,7 +425,7 @@ Object *object_new_with_type(Type type) type_initialize(type); obj = g_malloc(type->instance_size); - object_initialize_with_type(obj, type); + object_initialize_with_type_unchecked(obj, type); obj->free = g_free; return obj;