[PULL 038/115] hw/i386/vmport: Assert vmport initialized before registering commands

From: Liran Alon <liran.alon@oracle.com>

vmport_register() is also called from other modules such as vmmouse.
Therefore, these modules rely that vmport is realized before those call
sites. If this is violated, vmport_register() will NULL-deref.

To make such issues easier to debug, assert in vmport_register() that
vmport is already realized.

Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Message-Id: <20200312165431.82118-17-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 hw/i386/vmport.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/hw/i386/vmport.c b/hw/i386/vmport.c
index 309cfd105b..79ef25d223 100644
--- a/hw/i386/vmport.c
+++ b/hw/i386/vmport.c
@@ -81,6 +81,8 @@ static VMPortState *port_state;
 void vmport_register(VMPortCommand command, VMPortReadFunc *func, void *opaque)
 {
     assert(command < VMPORT_ENTRIES);
+    assert(port_state);
+
     trace_vmport_register(command, func, opaque);
     port_state->func[command] = func;
     port_state->opaque[command] = opaque;
-- 
2.26.2

• [PULL 001/115] docker.py/build: support -t and -f arguments
• [PULL 002/115] docker.py/build: support binary files in --extra-files
• [PULL 003/115] run-coverity-scan: get Coverity token and email from special git config section
• [PULL 004/115] run-coverity-scan: use docker.py
• [PULL 005/115] run-coverity-scan: add --no-update-tools option
• [PULL 006/115] run-coverity-scan: use --no-update-tools in docker run
• [PULL 007/115] run-coverity-scan: download tools outside the container
• [PULL 008/115] run-coverity-scan: support --update-tools-only --docker
• [PULL 009/115] vl.c: run preconfig loop before creating default RAM backend
• [PULL 010/115] numa: prevent usage of -M memory-backend and -numa memdev at the same time
• [PULL 011/115] icount: fix shift=auto for record/replay
• [PULL 012/115] qom/object: Fix object_child_foreach_recursive() return value
• [PULL 013/115] target/i386: Fix OUTL debug output
• [PULL 014/115] qom/object: Move Object typedef to 'qemu/typedefs.h'
• [PULL 015/115] io/task: Move 'qom/object.h' header to source
• [PULL 016/115] Makefile: Let the 'help' target list the helper targets
• [PULL 017/115] hyperv: expose API to determine if synic is enabled
• [PULL 018/115] vmbus: add vmbus protocol definitions
• [PULL 019/115] vmbus: vmbus implementation
• [PULL 020/115] i386:pc: whitelist dynamic vmbus-bridge
• [PULL 021/115] i386: Hyper-V VMBus ACPI DSDT entry
• [PULL 022/115] vmbus: add infrastructure to save/load vmbus requests
• [PULL 023/115] target/i386: Fix the CPUID leaf CPUID_Fn80000008
• [PULL 024/115] target/i386: fix phadd* with identical destination and source register
• [PULL 025/115] hw/i386/vmport: Add reference to VMware open-vm-tools
• [PULL 026/115] hw/i386/vmport: Add device properties
• [PULL 027/115] hw/i386/vmport: Propagate IOPort read to vCPU EAX register
• [PULL 028/115] hw/i386/vmport: Set EAX to -1 on failed and unsupported commands
• [PULL 029/115] hw/i386/vmport: Introduce vmware-vmx-version property
• [PULL 030/115] hw/i386/vmport: Report vmware-vmx-type in CMD_GETVERSION
• [PULL 031/115] hw/i386/vmport: Introduce vmport.h
• [PULL 032/115] hw/i386/vmport: Define enum for all commands
• [PULL 033/115] hw/i386/vmport: Add support for CMD_GETBIOSUUID
• [PULL 034/115] hw/i386/vmport: Add support for CMD_GET_VCPU_INFO
• [PULL 035/115] hw/i386/vmport: Allow x2apic without IR
• [PULL 036/115] i386/cpu: Store LAPIC bus frequency in CPU structure
• [PULL 037/115] hw/i386/vmport: Add support for CMD_GETHZ
• [PULL 038/115] hw/i386/vmport: Assert vmport initialized before registering commands
• [PULL 039/115] accel: Move Xen accelerator code under accel/xen/
• [PULL 040/115] qom: remove index from object_resolve_abs_path()
• [PULL 041/115] qom/object: factor out the initialization of hash table of properties
• [PULL 042/115] qom/object: simplify type_initialize_interface()
• [PULL 043/115] qom/object: pass (Object *) to object_initialize_with_type()
• [PULL 044/115] qom/container: remove .instance_size initializer from container_info
• [PULL 045/115] cpus: Fix botched configure_icount() error API violation fix
• [PULL 046/115] hax: Dynamic allocate vcpu state structure
• [PULL 047/115] i386/kvm: fix a use-after-free when vcpu plug/unplug
• [PULL 048/115] megasas: use unsigned type for reply_queue_head and check index
• [PULL 049/115] megasas: avoid NULL pointer dereference
• [PULL 050/115] megasas: use unsigned type for positive numeric fields
• [PULL 051/115] target/i386: implement special cases for fxtract
• [PULL 052/115] target/i386: fix fscale handling of signaling NaN
• [PULL 053/115] target/i386: fix fscale handling of invalid exponent encodings
• [PULL 054/115] target/i386: fix fscale handling of infinite exponents
• [PULL 055/115] target/i386: fix fscale handling of rounding precision
• [PULL 056/115] exec: Let address_space_read/write_cached() propagate MemTxResult
• [PULL 057/115] exec: Propagate cpu_memory_rw_debug() error
• [PULL 058/115] disas: Let disas::read_memory() handler return EIO on error
• [PULL 059/115] hw/elf_ops: Do not ignore write failures when loading ELF
• [PULL 060/115] target/i386: fix floating-point load-constant rounding
• [PULL 061/115] target/i386: fix fxam handling of invalid encodings
• [PULL 062/115] target/i386: fix fbstp handling of negative zero
• [PULL 063/115] target/i386: fix fbstp handling of out-of-range values
• [PULL 064/115] target/i386: fix fisttpl, fisttpll handling of out-of-range values
• [PULL 065/115] hw/i386/vmport: Allow QTest use without crashing
• [PULL 066/115] x86/cpu: Enable AVX512_VP2INTERSECT cpu feature
• [PULL 067/115] vfio/pci: Use kvm_irqchip_add_irqfd_notifier_gsi() for irqfds
• [PULL 068/115] KVM: Pass EventNotifier into kvm_irqchip_assign_irqfd
• [PULL 069/115] KVM: Kick resamplefd for split kernel irqchip
• [PULL 070/115] chardev/char-socket: Properly make qio connections non blocking
• [PULL 071/115] tests: machine-none-test: Enable MicroBlaze testing
• [PULL 072/115] hw/i386/amd_iommu: Fix the reserved bits definition of IOMMU commands
• [PULL 073/115] replay: implement fair mutex
• [PULL 074/115] i386: Remove unused define's from hax and hvf
• [PULL 075/115] target/i386: define a new MSR based feature word - FEAT_PERF_CAPABILITIES
• [PULL 076/115] util/oslib: Returns the real thread identifier on FreeBSD and NetBSD
• [PULL 077/115] memory: Make 'info mtree' not display disabled regions by default
• [PULL 078/115] qemu/thread: Mark qemu_thread_exit() with 'noreturn' attribute
• [PULL 079/115] configure: Do not ignore malloc value
• [PULL 080/115] exec: set map length to zero when returning NULL
• [PULL 081/115] target/i386: fix IEEE x87 floating-point exception raising
• [PULL 082/115] target/i386: correct fix for pcmpxstrx substring search
• [PULL 083/115] sysemu/accel: Restrict machine methods to system-mode
• [PULL 084/115] sysemu/tcg: Only declare tcg_allowed when TCG is available
• [PULL 085/115] sysemu/hvf: Only declare hvf_allowed when HVF is available
• [PULL 086/115] target/ppc: Restrict PPCVirtualHypervisorClass to system-mode
• [PULL 087/115] i386: hvf: Move HVFState definition into hvf
• [PULL 088/115] i386: hvf: Drop useless declarations in sysemu
• [PULL 089/115] i386: hvf: Drop unused variable
• [PULL 090/115] i386: hvf: Use ins_len to advance IP
• [PULL 091/115] i386: hvf: Use IP from CPUX86State
• [PULL 092/115] i386: hvf: Drop fetch_rip from HVFX86EmulatorState
• [PULL 093/115] i386: hvf: Drop rflags from HVFX86EmulatorState
• [PULL 094/115] i386: hvf: Drop copy of RFLAGS defines
• [PULL 095/115] i386: hvf: Drop regs in HVFX86EmulatorState
• [PULL 096/115] i386: hvf: Move lazy_flags into CPUX86State
• [PULL 097/115] i386: hvf: Move mmio_buf into CPUX86State
• [PULL 098/115] i386: hvf: Drop HVFX86EmulatorState
• [PULL 099/115] xen: fix build without pci passthrough
• [PULL 100/115] target/i386: sev: Remove unused QSevGuestInfoClass
• [PULL 101/115] target/i386: sev: Move local structure definitions into .c file
• [PULL 102/115] target/i386: sev: Rename QSevGuestInfo
• [PULL 103/115] target/i386: sev: Embed SEVState in SevGuestState
• [PULL 104/115] target/i386: sev: Partial cleanup to sev_state global
• [PULL 105/115] target/i386: sev: Remove redundant cbitpos and reduced_phys_bits fields
• [PULL 106/115] target/i386: sev: Remove redundant policy field
• [PULL 107/115] target/i386: sev: Remove redundant handle field
• [PULL 108/115] target/i386: sev: Unify SEVState and SevGuestState
• [PULL 109/115] checkpatch: reversed logic with acpi test checks
• [PULL 110/115] exec/memory: Remove unused MemoryRegionMmio type
• [PULL 111/115] hw/usb: Move device-specific declarations to new 'hcd-musb.h' header
• [PULL 112/115] exec/cpu-common: Move MUSB specific typedefs to 'hw/usb/hcd-musb.h'
• [PULL 113/115] replay: fix replay shutdown for console mode
• [PULL 114/115] stubs: move Xen stubs to accel/
• [PULL 115/115] target/i386: Remove obsolete TODO file