| Message ID | 20241115172521.504102-10-berrange@redhat.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | Require error handling for dynamically created objects | expand |
On Fri, Nov 15, 2024 at 05:25:21PM +0000, Daniel P. Berrangé wrote: > Since qdev_new() will assert(), it should only be used in scenarios > where the caller knows exactly what type it is asking to be created, > and can thus be confident in avoiding abstract types. > > Enforce this by using a macro wrapper which types to paste "" to the > type name. This will generate a compile error if not passed a static > const string, forcing callers to use qdev_new_dynamic() instead. > > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Peter Xu <peterx@redhat.com>
diff --git a/hw/core/qdev.c b/hw/core/qdev.c index eceba33222..968fa33a95 100644 --- a/hw/core/qdev.c +++ b/hw/core/qdev.c @@ -144,7 +144,8 @@ bool qdev_set_parent_bus(DeviceState *dev, BusState *bus, Error **errp) return true; } -DeviceState *qdev_new(const char *name) +/* Only to be called via the 'qdev_new' macro */ +DeviceState *qdev_new_internal(const char *name) { return DEVICE(object_new_dynamic(name, &error_abort)); } diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h index 566c5ef277..335dcd31b0 100644 --- a/include/hw/qdev-core.h +++ b/include/hw/qdev-core.h @@ -448,7 +448,17 @@ compat_props_add(GPtrArray *arr, * * Return: a derived DeviceState object with a reference count of 1. */ -DeviceState *qdev_new(const char *name); + +/* + * NB, qdev_new_internal is just an internal helper, wrapped by + * the qdev_new() macro which prevents invokation unless given + * a static, const string. + * + * Code should call qdev_new(), or qdev_new_dynamic(), not + * qdev_new_internal(). + */ +DeviceState *qdev_new_internal(const char *name); +#define qdev_new(name) qdev_new_internal(name "") /** * qdev_new_dynamic: Create a device on the heap
Since qdev_new() will assert(), it should only be used in scenarios where the caller knows exactly what type it is asking to be created, and can thus be confident in avoiding abstract types. Enforce this by using a macro wrapper which types to paste "" to the type name. This will generate a compile error if not passed a static const string, forcing callers to use qdev_new_dynamic() instead. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- hw/core/qdev.c | 3 ++- include/hw/qdev-core.h | 12 +++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-)