On Mon, Nov 24, 2025 at 3:17 AM Raghavendra Rao Ananta <[email protected]> wrote: > On Fri, Nov 21, 2025 at 11:44 PM David Matlack <[email protected]> wrote: > > +struct vfio_pci_device *vfio_pci_device_init(const char *bdf, struct iommu > > *iommu) > > { > > struct vfio_pci_device *device; > > > > device = calloc(1, sizeof(*device)); > > VFIO_ASSERT_NOT_NULL(device); > > > > - device->iommu = calloc(1, sizeof(*device->iommu)); > > - VFIO_ASSERT_NOT_NULL(device->iommu); > > - > > - INIT_LIST_HEAD(&device->iommu->dma_regions); > > - > > - device->iommu->mode = lookup_iommu_mode(iommu_mode); > > + device->iommu = iommu; > nit: Since we now depend on the caller to follow the right order, > should we have a VFIO_ASSERT_NOT_NULL(iommu), or something along the > lines of 'Is iommu initialized?" before this function starts using it, > and fail with an appropriate error message?
I think the compiler and type system largely enforce the order now. The compiler will complain if a user passes in an uninitialized struct iommu *. And the only way to initialize it is with iommu_init(). I guess someone could pass in NULL, so having an explicit assert for non-null would be easier to debug than a SIGSEGV. I'll add that in v4. > > > > > if (device->iommu->mode->container_path) > minor nit: if there's a v4, simply use iommu->mode->container_path. Yes, thanks, will do!
