[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Stable-7.2.14 05/40] hw/cxl/cxl-host: Fix segmentation fault when getti
From: |
Michael Tokarev |
Subject: |
[Stable-7.2.14 05/40] hw/cxl/cxl-host: Fix segmentation fault when getting cxl-fmw property |
Date: |
Fri, 6 Sep 2024 08:15:53 +0300 |
From: Zhao Liu <zhao1.liu@intel.com>
QEMU crashes (Segmentation fault) when getting cxl-fmw property via
qmp:
(QEMU) qom-get path=machine property=cxl-fmw
This issue is caused by accessing wrong callback (opaque) type in
machine_get_cfmw().
cxl_machine_init() sets the callback as `CXLState *` type but
machine_get_cfmw() treats the callback as
`CXLFixedMemoryWindowOptionsList **`.
Fix this error by casting opaque to `CXLState *` type in
machine_get_cfmw().
Fixes: 03b39fcf64bc ("hw/cxl: Make the CXL fixed memory window setup a machine
parameter.")
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Reviewed-by: Li Zhijian <lizhijian@fujitsu.com>
Reviewed-by: Xingtao Yao <yaoxt.fnst@fujitsu.com>
Link:
https://lore.kernel.org/r/20240704093404.1848132-1-zhao1.liu@linux.intel.com
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <20240705113956.941732-2-Jonathan.Cameron@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit a207d5f87d66f7933b50677e047498fc4af63e1f)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
index 0fc3e57138..3253874322 100644
--- a/hw/cxl/cxl-host.c
+++ b/hw/cxl/cxl-host.c
@@ -282,7 +282,8 @@ static void machine_set_cxl(Object *obj, Visitor *v, const
char *name,
static void machine_get_cfmw(Object *obj, Visitor *v, const char *name,
void *opaque, Error **errp)
{
- CXLFixedMemoryWindowOptionsList **list = opaque;
+ CXLState *state = opaque;
+ CXLFixedMemoryWindowOptionsList **list = &state->cfmw_list;
visit_type_CXLFixedMemoryWindowOptionsList(v, name, list, errp);
}
--
2.39.2
- [Stable-7.2.14 00/40] Patch Round-up for stable 7.2.14, freeze on 2024-09-16, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 01/40] qapi/qom: Document feature unstable of @x-vfio-user-server, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 02/40] target/arm: Use float_status copy in sme_fmopa_s, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 07/40] target/i386: do not crash if microvm guest uses SGX CPUID leaves, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 11/40] hw/virtio: Fix the de-initialization of vhost-user devices, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 04/40] hw/nvme: fix memory leak in nvme_dsm, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 06/40] intel_iommu: fix FRCD construction macro, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 03/40] target/arm: Use FPST_F16 for SME FMOPA (widening), Michael Tokarev, 2024/09/06
- [Stable-7.2.14 08/40] chardev/char-win-stdio.c: restore old console mode, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 05/40] hw/cxl/cxl-host: Fix segmentation fault when getting cxl-fmw property,
Michael Tokarev <=
- [Stable-7.2.14 09/40] hw/intc/loongson_ipi: Access memory in little endian, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 10/40] util/async.c: Forbid negative min/max in aio_context_set_thread_pool_params(), Michael Tokarev, 2024/09/06
- [Stable-7.2.14 12/40] target/rx: Use target_ulong for address in LI, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 14/40] hw/misc/bcm2835_property: Fix handling of FRAMEBUFFER_SET_PALETTE, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 13/40] hw/char/bcm2835_aux: Fix assert when receive FIFO fills up, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 16/40] target/arm: Fix UMOPA/UMOPS of 16-bit values, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 15/40] target/arm: Don't assert for 128-bit tile accesses when SVL is 128, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 17/40] target/arm: Avoid shifts by -1 in tszimm_shr() and tszimm_shl(), Michael Tokarev, 2024/09/06
- [Stable-7.2.14 18/40] target/arm: Ignore SMCR_EL2.LEN and SVCR_EL2.LEN if EL2 is not enabled, Michael Tokarev, 2024/09/06
- [Stable-7.2.14 19/40] docs/sphinx/depfile.py: Handle env.doc2path() returning a Path not a str, Michael Tokarev, 2024/09/06