From: "hemanshu.khilari.foss" <[email protected]>
qdev_get_clocklist() function returns a pointer to the NamedClockList struct. This function is called in qdev_alias_clock() and the returned pointer is immediately dereferenced without a null check. Passing a clock name that doesn't exist to qdev_get_clocklist() is a programming error, and so this change is not fixing a bug, only making the reporting of that programming error a bit more helpful and bringing it in to line with qdev_get_clock_in() and qdev_get_clock_out(). Cc: [email protected] Cc: [email protected] Cc: [email protected] Resolves: https://gitlab.com/qemu-project/qemu/-/work_items/2342 Signed-off-by: hemanshu.khilari.foss <[email protected]> Message-id: [email protected] Reviewed-by: Luc Michel <[email protected]> Reviewed-by: Peter Maydell <[email protected]> Signed-off-by: Peter Maydell <[email protected]> --- hw/core/qdev-clock.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/hw/core/qdev-clock.c b/hw/core/qdev-clock.c index 6e2967e433..861f78f94c 100644 --- a/hw/core/qdev-clock.c +++ b/hw/core/qdev-clock.c @@ -157,7 +157,14 @@ Clock *qdev_alias_clock(DeviceState *dev, const char *name, DeviceState *alias_dev, const char *alias_name) { NamedClockList *ncl = qdev_get_clocklist(dev, name); - Clock *clk = ncl->clock; + Clock *clk; + + if (!ncl) { + error_report("Can not find clock '%s' for device type '%s'", + name, object_get_typename(OBJECT(dev))); + abort(); + } + clk = ncl->clock; ncl = qdev_init_clocklist(alias_dev, alias_name, true, ncl->output, clk); -- 2.43.0
