riscv_load_firmware(), riscv_load_initrd() and riscv_load_kernel() works under the assumption that a 'filename' parameter is always not NULL.
This is currently the case since all callers of these functions are checking for NULL before calling them. Add an g_assert() to make sure that a NULL value in these cases are to be considered a bug. Suggested-by: Alex Bennée <alex.ben...@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org> Signed-off-by: Daniel Henrique Barboza <dbarb...@ventanamicro.com> --- hw/riscv/boot.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/hw/riscv/boot.c b/hw/riscv/boot.c index 98b80af51b..31aa3385a0 100644 --- a/hw/riscv/boot.c +++ b/hw/riscv/boot.c @@ -153,6 +153,8 @@ target_ulong riscv_load_firmware(const char *firmware_filename, uint64_t firmware_entry, firmware_end; ssize_t firmware_size; + g_assert(firmware_filename != NULL); + if (load_elf_ram_sym(firmware_filename, NULL, NULL, NULL, &firmware_entry, NULL, &firmware_end, NULL, 0, EM_RISCV, 1, 0, NULL, true, sym_cb) > 0) { @@ -177,6 +179,8 @@ target_ulong riscv_load_kernel(const char *kernel_filename, { uint64_t kernel_load_base, kernel_entry; + g_assert(kernel_filename != NULL); + /* * NB: Use low address not ELF entry point to ensure that the fw_dynamic * behaviour when loading an ELF matches the fw_payload, fw_jump and BBL @@ -209,6 +213,8 @@ hwaddr riscv_load_initrd(const char *filename, uint64_t mem_size, { ssize_t size; + g_assert(filename != NULL); + /* * We want to put the initrd far enough into RAM that when the * kernel is uncompressed it will not clobber the initrd. However -- 2.39.0