On Fri, Apr 26, 2024 at 3:40 PM Peter Maydell <peter.mayd...@linaro.org> wrote: > > + addr = memory_region_get_ram_ptr(mr) + section.offset_within_region; > > + rb = qemu_ram_block_from_host(addr, false, &offset); > > ...and this call to qemu_ram_block_from_host() will only initialize > offset if it does not fail (i.e. doesn't return NULL)... > > I think this code should either handle the case where > qemu_ram_block_from_host() fails, or, if it is impossible > for it to fail in this situation, add an assert() and a > comment about why we know it can't fail.
The assertion is in memory_region_get_ram_ptr(), but Coverity understandably cannot see it. Similar to other code in hw/virtio/virtio-balloon.c, this code is using memory_region_get_ram_ptr() as a roundabout way to go from MemoryRegion (in this case MemoryRegionSection) to RAMBlock. The right fix is to introduce memory_region_get_ram_block() and use it. Paolo
