kvm.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Peter Maydell <peter.maydell@linaro.org>
To: "Philippe Mathieu-Daudé" <f4bug@amsat.org>
Cc: QEMU Developers <qemu-devel@nongnu.org>,
	Paolo Bonzini <pbonzini@redhat.com>,
	kvm-devel <kvm@vger.kernel.org>, qemu-arm <qemu-arm@nongnu.org>,
	Richard Henderson <rth@twiddle.net>
Subject: Re: [RFC PATCH v2 7/7] hw/core/loader: Assert loading ROM regions succeeds at reset
Date: Mon, 18 May 2020 17:12:02 +0100	[thread overview]
Message-ID: <CAFEAcA97bYXyN-GSXUk_OetroaHFExXFwYH1bhexHwRW0+NEVw@mail.gmail.com> (raw)
In-Reply-To: <20200518155308.15851-8-f4bug@amsat.org>

On Mon, 18 May 2020 at 16:53, Philippe Mathieu-Daudé <f4bug@amsat.org> wrote:
>
> If we are unable to load a blob in a ROM region, we should not
> ignore it and let the machine boot.
>
> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
> ---
> RFC: Maybe more polite with user to use hw_error()?
> ---
>  hw/core/loader.c | 8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/hw/core/loader.c b/hw/core/loader.c
> index 8bbb1797a4..4e046388b4 100644
> --- a/hw/core/loader.c
> +++ b/hw/core/loader.c
> @@ -1146,8 +1146,12 @@ static void rom_reset(void *unused)
>              void *host = memory_region_get_ram_ptr(rom->mr);
>              memcpy(host, rom->data, rom->datasize);
>          } else {
> -            address_space_write_rom(rom->as, rom->addr, MEMTXATTRS_UNSPECIFIED,
> -                                    rom->data, rom->datasize);
> +            MemTxResult res;
> +
> +            res = address_space_write_rom(rom->as, rom->addr,
> +                                          MEMTXATTRS_UNSPECIFIED,
> +                                          rom->data, rom->datasize);
> +            assert(res == MEMTX_OK);

We shouln't assert(), because this is easy for a user to trigger
by loading an ELF file that's been linked to the wrong address.
Something helpful that ideally includes the name of the ELF file
and perhaps the address might be nice.

(But overall I'm a bit wary of this and other patches in the series
just because they add checks that were previously not there, and
I'm not sure whether users might be accidentally relying on
the continues-anyway behaviour.)

thanks
-- PMM

  reply	other threads:[~2020-05-18 16:12 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-05-18 15:53 [PATCH v2 0/7] exec/memory: Enforce checking MemTxResult values Philippe Mathieu-Daudé
2020-05-18 15:53 ` [PATCH v2 1/7] exec: Let address_space_read/write_cached() propagate MemTxResult Philippe Mathieu-Daudé
2020-05-18 16:13   ` Peter Maydell
2020-05-18 15:53 ` [PATCH v2 2/7] exec: Propagate cpu_memory_rw_debug() error Philippe Mathieu-Daudé
2020-05-18 15:53 ` [PATCH v2 3/7] disas: Let disas::read_memory() handler return EIO on error Philippe Mathieu-Daudé
2020-05-18 15:53 ` [PATCH v2 4/7] hw/elf_ops: Do not ignore write failures when loading ELF Philippe Mathieu-Daudé
2020-05-19  7:58   ` Stefano Garzarella
2020-05-18 15:53 ` [PATCH v2 5/7] hw/arm/boot: Abort if set_kernel_args() fails Philippe Mathieu-Daudé
2020-05-18 16:08   ` Peter Maydell
2020-05-18 15:53 ` [RFC PATCH v2 6/7] accel/kvm: Let KVM_EXIT_MMIO return error Philippe Mathieu-Daudé
2020-05-18 16:01   ` Peter Maydell
2020-05-18 16:06     ` Philippe Mathieu-Daudé
2020-05-21 15:39     ` Paolo Bonzini
2020-05-21 15:45       ` Peter Maydell
2020-05-18 15:53 ` [RFC PATCH v2 7/7] hw/core/loader: Assert loading ROM regions succeeds at reset Philippe Mathieu-Daudé
2020-05-18 16:12   ` Peter Maydell [this message]
2020-05-18 16:25     ` Philippe Mathieu-Daudé
2020-05-21 15:40 ` [PATCH v2 0/7] exec/memory: Enforce checking MemTxResult values Paolo Bonzini

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAFEAcA97bYXyN-GSXUk_OetroaHFExXFwYH1bhexHwRW0+NEVw@mail.gmail.com \
    --to=peter.maydell@linaro.org \
    --cc=f4bug@amsat.org \
    --cc=kvm@vger.kernel.org \
    --cc=pbonzini@redhat.com \
    --cc=qemu-arm@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    --cc=rth@twiddle.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).