On Mon, Nov 24, 2025 at 3:17 AM Raghavendra Rao Ananta rananta@google.com wrote:
On Fri, Nov 21, 2025 at 11:44 PM David Matlack dmatlack@google.com wrote:
+struct vfio_pci_device *vfio_pci_device_init(const char *bdf, struct iommu *iommu) { struct vfio_pci_device *device;
device = calloc(1, sizeof(*device)); VFIO_ASSERT_NOT_NULL(device);
device->iommu = calloc(1, sizeof(*device->iommu));VFIO_ASSERT_NOT_NULL(device->iommu);INIT_LIST_HEAD(&device->iommu->dma_regions);device->iommu->mode = lookup_iommu_mode(iommu_mode);
device->iommu = iommu;nit: Since we now depend on the caller to follow the right order, should we have a VFIO_ASSERT_NOT_NULL(iommu), or something along the lines of 'Is iommu initialized?" before this function starts using it, and fail with an appropriate error message?
I think the compiler and type system largely enforce the order now. The compiler will complain if a user passes in an uninitialized struct iommu *. And the only way to initialize it is with iommu_init(). I guess someone could pass in NULL, so having an explicit assert for non-null would be easier to debug than a SIGSEGV. I'll add that in v4.
if (device->iommu->mode->container_path)minor nit: if there's a v4, simply use iommu->mode->container_path.
Yes, thanks, will do!